Source Code of org.apache.geronimo.jetty6.JettyEJBWebServiceContext$ResponseAdapter

/**
 *  Licensed to the Apache Software Foundation (ASF) under one or more
 *  contributor license agreements.  See the NOTICE file distributed with
 *  this work for additional information regarding copyright ownership.
 *  The ASF licenses this file to You under the Apache License, Version 2.0
 *  (the "License"); you may not use this file except in compliance with
 *  the License.  You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 *  Unless required by applicable law or agreed to in writing, software
 *  distributed under the License is distributed on an "AS IS" BASIS,
 *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 *  See the License for the specific language governing permissions and
 *  limitations under the License.
 */
package org.apache.geronimo.jetty6;

import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.net.URI;
import java.net.URISyntaxException;
import java.security.AccessControlContext;
import java.security.AccessControlException;
import java.util.HashMap;
import java.util.Map;

import javax.security.auth.Subject;
import javax.security.jacc.PolicyContext;
import javax.security.jacc.WebUserDataPermission;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.geronimo.security.ContextManager;
import org.apache.geronimo.security.jacc.PolicyContextHandlerHttpServletRequest;
import org.apache.geronimo.webservices.WebServiceContainer;
import org.mortbay.jetty.HttpException;
import org.mortbay.jetty.Request;
import org.mortbay.jetty.Response;
import org.mortbay.jetty.handler.ContextHandler;
import org.mortbay.jetty.security.Authenticator;
import org.mortbay.jetty.security.BasicAuthenticator;
import org.mortbay.jetty.security.ClientCertAuthenticator;
import org.mortbay.jetty.security.DigestAuthenticator;

/**
 * Delegates requests to a WebServiceContainer which is presumably for an EJB WebService.
 * <p/>
 * WebServiceContainer delegates to an EJBContainer that will ultimately provide the JNDI,
 * TX, and Security services for this web service.
 * <p/>
 * Nothing stopping us from using this for POJOs or other types of webservices if shared
 * Context (JNDI, tx, security) wasn't required to be supplied by the web context.
 * <p/>
 * From a 10,000 foot view the Jetty architecture has:
 * Container -> Context -> Holder -> Servlet
 * <p/>
 * A Container has multiple Contexts, typically webapps
 * A Context provides the JNDI, TX, and Security for the webapp and has many Holders
 * A Holder simply wraps each Servlet
 * <p/>
 * The POJO Web Service architecture on Jetty looks like this:
 * Container -> WebApp Context -> JettyPOJOWebServiceHolder -> POJOWebServiceServlet
 * <p/>
 * The EJB Web Service architecure, on the other hand, creates one Context for each EJB:
 * Container -> JettyEJBWebServiceContext
 *
 * @version $Rev: 803799 $ $Date: 2009-08-13 15:31:27 +0800 (Thu, 13 Aug 2009) $
 */
public class JettyEJBWebServiceContext extends ContextHandler {

    private final String contextPath;
    private final WebServiceContainer webServiceContainer;
    private final Authenticator authenticator;
    private final JAASJettyRealm realm;
    private final ClassLoader classLoader;
    private final AccessControlContext defaultAcc;
    private final String policyContextID;

    public JettyEJBWebServiceContext(String contextPath, WebServiceContainer webServiceContainer, InternalJAASJettyRealm internalJAASJettyRealm, String realmName, String authMethod, ClassLoader classLoader, Subject defaultSubject, String policyContextID) {
        this.contextPath = contextPath;
        this.webServiceContainer = webServiceContainer;
        this.setContextPath(contextPath);

        if (internalJAASJettyRealm != null) {
            realm = new JAASJettyRealm(realmName, internalJAASJettyRealm);
            if ("BASIC".equals(authMethod)) {
                authenticator = new BasicAuthenticator();
            } else if ("DIGEST".equals(authMethod)) {
                authenticator = new DigestAuthenticator();
            } else if ("CLIENT-CERT".equals(authMethod)) {
                authenticator = new ClientCertAuthenticator();
            } else if ("NONE".equals(authMethod)) {
                authenticator = null;
            } else {
                throw new IllegalArgumentException("Invalid authMethod: " + authMethod);
            }
        } else {
            realm = null;
            authenticator = null;
        }
        this.classLoader = classLoader;
        if (defaultSubject == null) {
            defaultSubject = ContextManager.EMPTY;
        }
        defaultAcc = ContextManager.registerSubjectShort(defaultSubject, null, null);
        this.policyContextID = policyContextID;
    }

    public String getName() {
        //need a better name
        return contextPath;
    }

    public void handle(String target, HttpServletRequest req, HttpServletResponse res, int dispatch)
            throws IOException, ServletException {
        //TODO
        //do we need to check that this request should be handled by this handler?
        if (!target.startsWith(contextPath)) {
            return;
        }

        Thread currentThread = Thread.currentThread();
        ClassLoader oldClassLoader = currentThread.getContextClassLoader();
        currentThread.setContextClassLoader(classLoader);
        String oldPolicyContextID = PolicyContext.getContextID();
        PolicyContext.setContextID(policyContextID);
        HttpServletRequest oldRequest = PolicyContextHandlerHttpServletRequest.pushContextData(req);
        try {
            handle(req, res);
        } finally {
            PolicyContextHandlerHttpServletRequest.popContextData(oldRequest);
            PolicyContext.setContextID(oldPolicyContextID);
            currentThread.setContextClassLoader(oldClassLoader);
        }
    }

    private void handle(HttpServletRequest req, HttpServletResponse res) throws IOException, ServletException {
        Request jettyRequest = (Request) req;
        Response jettyResponse = (Response) res;
        res.setContentType("text/xml");
        RequestAdapter request = new RequestAdapter(jettyRequest);
        ResponseAdapter response = new ResponseAdapter(jettyResponse);

        request.setAttribute(WebServiceContainer.SERVLET_REQUEST, req);
        request.setAttribute(WebServiceContainer.SERVLET_RESPONSE, res);
        // TODO: add support for context
        request.setAttribute(WebServiceContainer.SERVLET_CONTEXT, null);

        WebUserDataPermission udp = new WebUserDataPermission(req);
        if (realm != null) {
            try {
                defaultAcc.checkPermission(udp);
            } catch (AccessControlException e) {
                throw new HttpException(HttpServletResponse.SC_FORBIDDEN);
            }
            if (authenticator != null) {
                String pathInContext = org.mortbay.util.URIUtil.canonicalPath(req.getContextPath());
                if (authenticator.authenticate(realm, pathInContext, jettyRequest, jettyResponse) == null) {
                    throw new HttpException(HttpServletResponse.SC_FORBIDDEN, null);
                }
            } else {
                //EJB will figure out correct defaultSubject shortly
                //TODO consider replacing the GenericEJBContainer.DefaultSubjectInterceptor with this line
                //setting the defaultSubject.
                ContextManager.popCallers(null);
            }
        }
        if (isWSDLRequest(req)) {
            try {
                webServiceContainer.getWsdl(request, response);
                jettyRequest.setHandled(true);
            } catch (IOException e) {
                throw e;
            } catch (Exception e) {
                throw (HttpException) new HttpException(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "Could not fetch wsdl!").initCause(e);
            }
        } else {
            try {
                webServiceContainer.invoke(request, response);
                jettyRequest.setHandled(true);
            } catch (IOException e) {
                throw e;
            } catch (Exception e) {
                throw (HttpException) new HttpException(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "Could not process message!").initCause(e);
            }
        }
    }

    private boolean isWSDLRequest(HttpServletRequest req) {
        return ("GET".equals(req.getMethod()) && (req.getParameter("wsdl") != null || req.getParameter("xsd") != null));
    }

    public String getContextPath() {
        return contextPath;
    }

    public static class RequestAdapter implements WebServiceContainer.Request {
        private final Request request;
        private URI uri;

        public RequestAdapter(Request request) {
            this.request = request;
        }

        public String getHeader(String name) {
            return request.getHeader(name);
        }

        public java.net.URI getURI() {
            if (uri == null) {
                try {
                    //String uriString = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort() + request.getRequestURI();
                    //return new java.net.URI(uri.getScheme(),uri.getHost(),uri.getPath(),uri.);
                    uri = new java.net.URI(request.getScheme(), null, request.getServerName(), request.getServerPort(), request.getRequestURI(), request.getQueryString(), null);
                } catch (URISyntaxException e) {
                    throw new IllegalStateException(e.getMessage(), e);
                }
            }
            return uri;
        }

        public int getContentLength() {
            return request.getContentLength();
        }

        public String getContentType() {
            return request.getContentType();
        }

        public InputStream getInputStream() throws IOException {
            return request.getInputStream();
        }

        public int getMethod() {
            Integer method = methods.get(request.getMethod());
            return method == null ? UNSUPPORTED : method;
        }

        public String getParameter(String name) {
            return request.getParameter(name);
        }

        public Map getParameters() {
            return request.getParameterMap();
        }

        public Object getAttribute(String name) {
            return request.getAttribute(name);
        }

        public void setAttribute(String name, Object value) {
            request.setAttribute(name, value);
        }

        public String getRemoteAddr() {
            return request.getRemoteAddr();
        }

        public String getContextPath() {
            //request.getContextPath() isn't working correctly and returned null.
            //use getRequestURI() for now before it is fixed.
            //return request.getContextPath();
            return request.getRequestURI();
        }

        private static final Map<String, Integer> methods = new HashMap<String, Integer>();

        static {
            methods.put("OPTIONS", OPTIONS);
            methods.put("GET", GET);
            methods.put("HEAD", HEAD);
            methods.put("POST", POST);
            methods.put("PUT", PUT);
            methods.put("DELETE", DELETE);
            methods.put("TRACE", TRACE);
            methods.put("CONNECT", CONNECT);
        }

    }

    public static class ResponseAdapter implements WebServiceContainer.Response {
        private final Response response;

        public ResponseAdapter(Response response) {
            this.response = response;
        }

        public void setHeader(String name, String value) {
            response.setHeader(name, value);
        }

        public String getHeader(String name) {
            return response.getHeader(name);
        }

        public OutputStream getOutputStream() {
            try {
                return response.getOutputStream();
            } catch (IOException e) {
                throw new IllegalStateException(e.getMessage(), e);
            }
        }

        public void setStatusCode(int code) {
            response.setStatus(code);
        }

        public int getStatusCode() {
            return response.getStatus();
        }

        public void setContentType(String type) {
            response.setContentType(type);
        }

        public String getContentType() {
            return response.getContentType();
        }

        public void setStatusMessage(String responseString) {
            response.setStatus(response.getStatus(), responseString);
        }

        public void flushBuffer() throws java.io.IOException {
            response.flushBuffer();
        }
    }

}