| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199 |
- /*
- * Copyright 2009 by primedata Corporation. Address:TianChuang Technology Building, CaiHeFang
- * Road,Haidian District, Beijing
- *
- * All rights reserved.
- *
- * This software is the confidential and proprietary information of primedata
- * Corporation ("Confidential Information"). You shall not disclose such
- * Confidential Information and shall use it only in accordance with the terms
- * of the license agreement you entered into with primedata.
- */
- package com.primeton.dgs.kernel.core.web;
- import java.io.IOException;
- import java.util.HashSet;
- import java.util.Set;
- import javax.servlet.ServletException;
- import javax.servlet.http.HttpServlet;
- import javax.servlet.http.HttpServletRequest;
- import javax.servlet.http.HttpServletResponse;
- import net.sf.json.JSONArray;
- import com.eos.data.datacontext.UserObject;
- import com.primeton.dgs.kernel.core.common.ActionHelper;
- import com.primeton.dgs.kernel.core.common.ActionResult;
- import com.primeton.dgs.kernel.core.util.ExUtils;
- import com.primeton.licensemanager.checklicense.VerifyHLicenseException;
- import org.apache.commons.lang.StringUtils;
- import org.slf4j.Logger;
- import org.slf4j.LoggerFactory;
- import org.springframework.util.AntPathMatcher;
- import org.springframework.util.PathMatcher;
- /**
- * mvc主控 Servlet
- *
- * @author user
- * @version 1.0 2006-9-18
- */
- public class MainServlet extends HttpServlet {
- private static final long serialVersionUID = 1L;
- private Logger log = LoggerFactory.getLogger(MainServlet.class);
- public static final String ENCODE = "UTF-8";
- String loginPath = "/login.do";
- /**
- * 无需认证即可访问的白名单
- */
- protected Set<String> authWriteList = new HashSet<>();
- /**
- * Initialize global variables
- */
- public void init() throws ServletException {
- log.info("MainServlet init.");
- }
- /**
- * Process the HTTP Get request
- */
- public void doGet(HttpServletRequest request, HttpServletResponse response)
- throws IOException, ServletException {
- perform(request, response);
- }
- /**
- * Process the HTTP Post request
- */
- public void doPost(HttpServletRequest request, HttpServletResponse response)
- throws IOException, ServletException {
- perform(request, response);
- }
- /**
- * Process the HTTP request
- */
- public void perform(HttpServletRequest request, HttpServletResponse response)
- throws ServletException, IOException {
- response.setCharacterEncoding(ENCODE);
- String next = "";
- try {
- String path = request.getServletPath();
- String name = request.getParameter("invoke");
- // 获取登录信息
- Object userObject = request.getSession().getAttribute("userObject");
- // 登录动作,不要拦截
- //解决当session失效时,请求报错,后台报空指针,页面跳转到非登录页面
- Object userProfile = request.getSession().getAttribute("com.primeton.dgs.workspace.system.common.UserProfile");
- // 检查是否已经登录
- if ((null == userObject && null == userProfile) || name == null) {
- // 未登录,是否在白名单
- String resourcePath = request.getRequestURI().replaceAll(request.getContextPath(), "");
- boolean cross = false;
- PathMatcher matcher = new AntPathMatcher();
- for (String s : authWriteList) {
- cross = matcher.match(s, resourcePath);
- if(cross) {
- // 一旦通过一个,则进行下一步校验
- break;
- }
- }
- // name is null 或者 不通过
- if(name == null || !cross) {
- dispatch(request, response, WebViewer.LONGIN_PAGE);
- return;
- }
- }
- request.setAttribute("invoke", name);
- AbstractCommand cmd = CommandFactory.getInstance().getCommand(path);
- cmd.init(request, response, getServletConfig());
- next = cmd.execute();
- if (null != next) {
- dispatch(request, response, next);
- }
- } catch (VerifyHLicenseException e) {
- if (isExt(request)) {
- performOnError(request, response, e);
- return;
- }
- request.setAttribute("javax.servlet.jspException", e);
- dispatch(request, response, WebViewer.LICENSE_PAGE);
- } catch (Exception e) {
- log.error("MainServlet catch an error:", e);
- if (isExt(request)) {
- performOnError(request, response, e);
- return;
- }
- request.setAttribute("_CommandExecuteException_",
- ExUtils.getMessage(request, e));
- request.setAttribute("javax.servlet.jspException", e);
- dispatch(request, response, WebViewer.VIEW_ERROR);
- }
- }
- public void performOnError(HttpServletRequest request,
- HttpServletResponse response, Exception e) throws ServletException,
- IOException {
- String msg = ExUtils.getMessage(request, e);
- ActionResult rs = new ActionResult(false, msg);
- rs.put("list", new JSONArray());
- try {
- if (isReturnXml(request)) {
- ActionHelper.outputXmlList(response, null, 0, rs);
- } else {
- ActionHelper.output(response, rs);
- }
- } catch (Exception er) {
- throw new ServletException(er);
- }
- }
- public void dispatch(HttpServletRequest request,
- HttpServletResponse response, String page) throws ServletException,
- IOException {
- log.info("Command dispath request to: " + page);
- if (page.toLowerCase().startsWith("http:")
- || page.toLowerCase().startsWith("https:")) {
- response.sendRedirect(page);
- } else {
- request.getRequestDispatcher(page).forward(request, response);
- }
- }
- /**
- * 添加排除
- * @param s
- * @return
- */
- public boolean addExclude(String s) {
- if(StringUtils.isBlank(s)) {
- return false;
- }
- return authWriteList.add(StringUtils.trim(s));
- }
- public static boolean isExt(HttpServletRequest request) {
- return "Ext".equalsIgnoreCase(request.getHeader("Request-By"));
- }
- public static boolean isReturnXml(HttpServletRequest request) {
- return "XML".equalsIgnoreCase(request.getHeader("Response-By"));
- }
- }
|
