/* * Copyright 2009 by primedata Corporation. Address:TianChuang Technology Building, CaiHeFang * Road,Haidian District, Beijing * * All rights reserved. * * This software is the confidential and proprietary information of primedata * Corporation ("Confidential Information"). You shall not disclose such * Confidential Information and shall use it only in accordance with the terms * of the license agreement you entered into with primedata. */ package com.primeton.dgs.kernel.core.web; import com.primeton.dgs.kernel.core.util.ExUtils; import com.primeton.licensemanager.checklicense.VerifyHLicenseException; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.util.AntPathMatcher; import org.springframework.util.PathMatcher; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.util.Map; /** * mvc主控 Servlet, REstFull Api 支持 * * @author zhaopx * @version 7.1.0 2020-9-10 */ public class RestMainServlet extends MainServlet { private static final long serialVersionUID = 1L; private Logger log = LoggerFactory.getLogger(RestMainServlet.class); /** * Process the HTTP request */ public void perform(HttpServletRequest request, HttpServletResponse response, Map payload) throws ServletException, IOException { response.setCharacterEncoding(ENCODE); String next = ""; try { String path = payload.get("servletPath") + ".do"; String name = (String) payload.get("invoke"); // 获取登录信息 Object userObject = request.getSession().getAttribute("userObject"); //解决当session失效时,请求报错,后台报空指针,页面跳转到非登录页面 Object userProfile = request.getSession().getAttribute("com.primeton.dgs.workspace.system.common.UserProfile"); // 检查是否已经登录 if ((null == userObject && null == userProfile) || name == null) { // 未登录,是否在白名单 String resourcePath = request.getRequestURI().replaceAll(request.getContextPath(), ""); boolean cross = false; PathMatcher matcher = new AntPathMatcher(); for (String s : authWriteList) { cross = matcher.match(s, resourcePath); if(cross) { // 一旦通过一个,则进行下一步校验 break; } } // name is null 或者 不通过 if(name == null || !cross) { dispatch(request, response, WebViewer.LONGIN_PAGE); return; } } // 要执行的函数 request.setAttribute("invoke", name); // 合并参数 MetaCubeHttpServletRequestWrapper requestWrapper = new MetaCubeHttpServletRequestWrapper(request, payload); //获取 bean AbstractCommand cmd = CommandFactory.getInstance().getCommand(path); cmd.init(requestWrapper, response, getServletConfig()); next = cmd.execute(); if (null != next) { dispatch(requestWrapper, response, next); } } catch (VerifyHLicenseException e) { if (isExt(request)) { performOnError(request, response, e); return; } request.setAttribute("javax.servlet.jspException", e); dispatch(request, response, WebViewer.LICENSE_PAGE); } catch (Exception e) { log.error("MainServlet catch an error:", e); if (isExt(request)) { performOnError(request, response, e); return; } request.setAttribute("_CommandExecuteException_", ExUtils.getMessage(request, e)); request.setAttribute("javax.servlet.jspException", e); dispatch(request, response, WebViewer.VIEW_ERROR); } } }