logger.error("Servlets are not HttpServlets!");
throw new ServletException("Servlets are not HttpServlets!");
}
ServletOutputStream out = null;
ParameterRequestWrapper req = null;
HttpServletResponse res = (HttpServletResponse)response;
// the request and response context
RequestCtx reqCtx = null;
ResponseCtx resCtx = null;
String uri = ((HttpServletRequest) request).getRequestURI();
String servletPath = ((HttpServletRequest) request).getServletPath();
if (logger.isDebugEnabled()) {
logger.debug("Incoming URI: {}", uri);
logger.debug("Incoming servletPath: {}", servletPath);
}
// Fix-up for direct web.xml servlet mappings for:
// /objects/nextPID and /objects/nextPID.xml
// (so servlet path will be different in these cases)
// FIXME: we don't support .xml any more? but included as the servlet mapping is still specified
if (uri.endsWith("/nextPID") || uri.endsWith("/nextPID.xml")) {
servletPath = "/objects";
}
// get the filter (or null if no filter)
RESTFilter filter = m_filters.get(servletPath);
if (filter != null && logger.isDebugEnabled())
logger.debug("obtaining filter: {}", filter.getClass().getName());
if(ObjectsFilter.class.isInstance(filter)) { // go find the ObjectHandler
HttpServletRequest httpRequest = (HttpServletRequest)request;
filter = this.m_objectsRESTFilterMatcher.getObjectsHandler(httpRequest);
if (filter == null) {
logger.error("No FeSL REST objects handler found for \"{}\"", httpRequest.getPathInfo());
throw new ServletException(new PEPException("No FeSL REST objects handler found for " + servletPath));
}
}
try {
// handle the request if we have a filter
if (filter != null) {
// substitute our own request object that manages parameters
try {
req = new ParameterRequestWrapper((HttpServletRequest) request);
} catch (Exception e) {
throw new PEPException(e);
}
logger.debug("Filtering URI: [{}] with: [{}]" , req.getRequestURI(), filter.getClass().getName());
if(ResponseHandlingRESTFilter.class.isInstance(filter)) {
// substitute our own response object that captures the data
res = new DataResponseWrapper(((HttpServletResponse) response));
// get a handle for the original OutputStream
out = response.getOutputStream();
logger.debug("Filtering will include post-processing the response");
}
reqCtx = filter.handleRequest(req, res);
if (reqCtx != null) {
resCtx = m_ctxHandler.evaluate(reqCtx);
enforce(resCtx);
}
// pass the request along to the next chain...
chain.doFilter(req, res);
} else {
// there must always be a filter, even if it is a NOOP
logger.error("No FeSL REST filter found for \"{}\"", servletPath);
throw new PEPException("No FeSL REST filter found for " + servletPath);
}
if(ResponseHandlingRESTFilter.class.isInstance(filter)) {
// handle the response if we have a non-null response handling filter
reqCtx = ((ResponseHandlingRESTFilter)filter).handleResponse(req, res);
if (reqCtx != null) {
resCtx = m_ctxHandler.evaluate(reqCtx);
enforce(resCtx);
}
out.write(((DataResponseWrapper)res).getData());
out.flush();
out.close();
}
} catch (AuthzDeniedException ae) {
if (!res.isCommitted()
&& (req.getRemoteUser() == null || "".equals(req
.getRemoteUser().trim()))) {
loginForm(res);
} else {
denyAccess((HttpServletResponse) response, ae.getMessage());
}