/*
* This software and supporting documentation were developed by
*
* Siemens Corporate Technology
* Competence Center Knowledge Management and Business Transformation
* D-81730 Munich, Germany
*
* Authors (representing a really great team ;-) )
* Stefan B. Augustin, Thorbj�rn Hansen, Manfred Langen
*
* This software is Open Source under GNU General Public License (GPL).
* Read the text of this license in LICENSE.TXT
* or look at www.opensource.org/licenses/
*
* Once more we emphasize, that:
* THIS SOFTWARE IS MADE AVAILABLE, AS IS, WITHOUT ANY WARRANTY
* REGARDING THE SOFTWARE, ITS PERFORMANCE OR
* FITNESS FOR ANY PARTICULAR USE, FREEDOM FROM ANY COMPUTER DISEASES OR
* ITS CONFORMITY TO ANY SPECIFICATION. THE ENTIRE RISK AS TO QUALITY AND
* PERFORMANCE OF THE SOFTWARE IS WITH THE USER.
*
*/
// AM_Servlet
// ************ package ******************************************************
package appl.Portal.AuthMapping.Servlet;
// ************ imports ******************************************************
// This application/module packages
import appl.Portal.AuthMapping.Servlet.AM_Props;
import appl.Portal.AuthMapping.GUI.*;
// Other application/module packages
// KFM packages
import KFM.Exceptions.KFMException;
import KFM.ServletFramework.*;
import KFM.Language;
import KFM.Servlet.KFM_Servlet2;
// Library classes (JHDK, JSDK, RegExp, ...)
import javax.servlet.*;
import javax.servlet.http.*;
// Java packages
import java.io.*;
import javax.crypto.*;
import javax.crypto.spec.*;
import java.security.*;
import com.sun.crypto.provider.*;
/** Servlet for mapping between tcgid and application authentication
* parameter like username and password.
* @version 0.1 (02.07.22)
*/
public class AM_Servlet extends KFM_PropertyServlet2
{
// ************************************************************
// Variables
// ************************************************************
/** The servlet properties.
*
* Shadows `super.mProps�, which is OK, as both refer to the same object.
*/
protected AM_Props mProps = null;
// ************************************************************
// Methods
// ************************************************************
/** Called by the web server when the servlet is just loaded, and
* after a destroy.
*/
public void init (ServletConfig aConfig)
throws ServletException
{
super.init(aConfig, mProps = new AM_Props() /*sic*/);
}
/**
* Exception handling will be done by the calling father class (currently
* KFM_PropertyServlet2).
*/
public void doInit(ServletConfig aConfig)
throws ServletException, NoSuchServletPropertyException, KFMException
{
// * Read the required and optional properties of `AM_Props�, which see.
mProps.PersonalizeURL = mServletProps.getRequired("PersonalizeURL");
mProps.TemplateDir = mServletProps.getRequired("TemplateDir");
mProps.DefaultStylesheet = mServletProps.getRequired("DefaultStylesheet");
mProps.SSOPort = mServletProps.getOptional("SSOPort");
mProps.PathToAuthMapKey = mServletProps.getRequired("PathToAuthMapKey");
// install provider for JCE
Provider tSunJCEProvider = new com.sun.crypto.provider.SunJCE();
Security.addProvider(tSunJCEProvider);
try {
// read key from serialized file and generate SecretKey
FileInputStream tInputStream = new FileInputStream(mProps.PathToAuthMapKey);
ObjectInputStream tIn = new ObjectInputStream(tInputStream);
byte[] tKey =(byte[])tIn.readObject();
mProps.AuthMapKey=new SecretKeySpec(tKey, "Blowfish");
} catch (FileNotFoundException fe){
mLog.error("AM_Servlet cannot find key file", fe);
} catch (ClassNotFoundException ce){
mLog.error("AM_Servlet cannot install security provider", ce);
} catch (IOException ie){
mLog.error("AM_Servlet cannot parse key file", ie);
}
}
/** Handle all HTTP request (escpecially `doGet� and `doPost�).
*
* This method is called for each HTTP requerst.
* It Creates an applicationpage for each request and calls its `write�.
* When we get user states etc. we cannot create a new applicationpage each time,
* but don't worry about that yet.
*
* @param aReq The POST or GET request information.
* @param aRes The HTTP response object.
*
* @exception ServletException
* @exception IOException
*/
public void processRequest2 (
HttpServletRequest aReq,
HttpServletResponse aRes)
throws ServletException, IOException, KFMException
{
// Create a new ApplicationPage for each request. Really.
AM_ApplicationPage tAM = new AM_ApplicationPage(mProps, aReq);
tAM.setServletName(this);
// try {
tAM.write(/*user state*/ null, aReq, aRes);
aRes.getWriter().close();
// } catch(Exception e) {
// PrintWriter tWriter = aRes.getWriter();
// tWriter.print(e.toString());
// tWriter.close();
// }
// Note that the ApplicationPage is thrown away. Really.
}
}