01: /******************************************************************************
02: * ResponderAdmin.java
03: * ****************************************************************************/package org.openlaszlo.servlets.responders;
04:
05: import java.io.*;
06: import java.util.Properties;
07: import javax.servlet.ServletConfig;
08: import javax.servlet.ServletException;
09: import javax.servlet.http.HttpServletRequest;
10: import javax.servlet.http.HttpServletResponse;
11: import org.apache.log4j.Logger;
12:
13: public abstract class ResponderAdmin extends Responder {
14: private static boolean mIsInitialized = false;
15: private static Object mIsInitializedLock = new Object();
16: private static String mAdminPassword = null;
17:
18: private static Logger mLogger = Logger
19: .getLogger(ResponderAdmin.class);
20:
21: /** Set default property for allowRequest to false for admin requests. */
22: protected ResponderAdmin() {
23: super ();
24: mAllowRequestDefaultProperty = "false";
25: }
26:
27: abstract protected void respondAdmin(HttpServletRequest req,
28: HttpServletResponse res) throws IOException;
29:
30: synchronized public void init(String reqName, ServletConfig config,
31: Properties prop) throws ServletException, IOException {
32: super .init(reqName, config, prop);
33:
34: if (!mIsInitialized) {
35: mAdminPassword = prop.getProperty("adminPassword", null);
36: mIsInitialized = true;
37: }
38: }
39:
40: protected final void respondImpl(HttpServletRequest req,
41: HttpServletResponse res) throws IOException {
42: String pwd = req.getParameter("pwd");
43: if (mAdminPassword != null) {
44: if (pwd == null || !pwd.equals(mAdminPassword)) {
45: String lzt = req.getParameter("lzt");
46: respondWithError(res, "Forbidden: " + lzt,
47: HttpServletResponse.SC_FORBIDDEN);
48: mLogger.info("Forbidden: " + lzt);
49: return;
50: }
51: }
52: respondAdmin(req, res);
53: }
54: }
|