001: /*
002: * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/core/StandardContextValve.java,v 1.16 2002/03/14 20:58:24 remm Exp $
003: * $Revision: 1.16 $
004: * $Date: 2002/03/14 20:58:24 $
005: *
006: * ====================================================================
007: *
008: * The Apache Software License, Version 1.1
009: *
010: * Copyright (c) 1999-2001 The Apache Software Foundation. All rights
011: * reserved.
012: *
013: * Redistribution and use in source and binary forms, with or without
014: * modification, are permitted provided that the following conditions
015: * are met:
016: *
017: * 1. Redistributions of source code must retain the above copyright
018: * notice, this list of conditions and the following disclaimer.
019: *
020: * 2. Redistributions in binary form must reproduce the above copyright
021: * notice, this list of conditions and the following disclaimer in
022: * the documentation and/or other materials provided with the
023: * distribution.
024: *
025: * 3. The end-user documentation included with the redistribution, if
026: * any, must include the following acknowlegement:
027: * "This product includes software developed by the
028: * Apache Software Foundation (http://www.apache.org/)."
029: * Alternately, this acknowlegement may appear in the software itself,
030: * if and wherever such third-party acknowlegements normally appear.
031: *
032: * 4. The names "The Jakarta Project", "Tomcat", and "Apache Software
033: * Foundation" must not be used to endorse or promote products derived
034: * from this software without prior written permission. For written
035: * permission, please contact apache@apache.org.
036: *
037: * 5. Products derived from this software may not be called "Apache"
038: * nor may "Apache" appear in their names without prior written
039: * permission of the Apache Group.
040: *
041: * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
042: * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
043: * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
044: * DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
045: * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
046: * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
047: * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
048: * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
049: * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
050: * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
051: * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
052: * SUCH DAMAGE.
053: * ====================================================================
054: *
055: * This software consists of voluntary contributions made by many
056: * individuals on behalf of the Apache Software Foundation. For more
057: * information on the Apache Software Foundation, please see
058: * <http://www.apache.org/>.
059: *
060: * [Additional notices, if required by prior licensing conditions]
061: *
062: */
063:
064: package org.apache.catalina.core;
065:
066: import java.io.IOException;
067: import java.io.PrintWriter;
068: import javax.servlet.ServletException;
069: import javax.servlet.http.HttpServletRequest;
070: import javax.servlet.http.HttpServletResponse;
071: import javax.naming.NamingException;
072: import org.apache.naming.ContextBindings;
073: import org.apache.naming.resources.DirContextURLStreamHandler;
074: import org.apache.catalina.Container;
075: import org.apache.catalina.Context;
076: import org.apache.catalina.HttpRequest;
077: import org.apache.catalina.Request;
078: import org.apache.catalina.Response;
079: import org.apache.catalina.ValveContext;
080: import org.apache.catalina.Wrapper;
081: import org.apache.catalina.util.RequestUtil;
082: import org.apache.catalina.util.StringManager;
083: import org.apache.catalina.valves.ValveBase;
084:
085: /**
086: * Valve that implements the default basic behavior for the
087: * <code>StandardContext</code> container implementation.
088: * <p>
089: * <b>USAGE CONSTRAINT</b>: This implementation is likely to be useful only
090: * when processing HTTP requests.
091: *
092: * @author Craig R. McClanahan
093: * @version $Revision: 1.16 $ $Date: 2002/03/14 20:58:24 $
094: */
095:
096: final class StandardContextValve extends ValveBase {
097:
098: // ----------------------------------------------------- Instance Variables
099:
100: /**
101: * The descriptive information related to this implementation.
102: */
103: private static final String info = "org.apache.catalina.core.StandardContextValve/1.0";
104:
105: /**
106: * The string manager for this package.
107: */
108: private static final StringManager sm = StringManager
109: .getManager(Constants.Package);
110:
111: // ------------------------------------------------------------- Properties
112:
113: /**
114: * Return descriptive information about this Valve implementation.
115: */
116: public String getInfo() {
117:
118: return (info);
119:
120: }
121:
122: // --------------------------------------------------------- Public Methods
123:
124: /**
125: * Select the appropriate child Wrapper to process this request,
126: * based on the specified request URI. If no matching Wrapper can
127: * be found, return an appropriate HTTP error.
128: *
129: * @param request Request to be processed
130: * @param response Response to be produced
131: * @param valveContext Valve context used to forward to the next Valve
132: *
133: * @exception IOException if an input/output error occurred
134: * @exception ServletException if a servlet error occurred
135: */
136: public void invoke(Request request, Response response,
137: ValveContext valveContext) throws IOException,
138: ServletException {
139:
140: // Validate the request and response object types
141: if (!(request.getRequest() instanceof HttpServletRequest)
142: || !(response.getResponse() instanceof HttpServletResponse)) {
143: return; // NOTE - Not much else we can do generically
144: }
145:
146: // Disallow any direct access to resources under WEB-INF or META-INF
147: HttpServletRequest hreq = (HttpServletRequest) request
148: .getRequest();
149: String contextPath = hreq.getContextPath();
150: String requestURI = ((HttpRequest) request)
151: .getDecodedRequestURI();
152: String relativeURI = requestURI.substring(contextPath.length())
153: .toUpperCase();
154: if (relativeURI.equals("/META-INF")
155: || relativeURI.equals("/WEB-INF")
156: || relativeURI.startsWith("/META-INF/")
157: || relativeURI.startsWith("/WEB-INF/")) {
158: notFound(requestURI, (HttpServletResponse) response
159: .getResponse());
160: return;
161: }
162:
163: Context context = (Context) getContainer();
164:
165: // Select the Wrapper to be used for this Request
166: Wrapper wrapper = null;
167: try {
168: wrapper = (Wrapper) context.map(request, true);
169: } catch (IllegalArgumentException e) {
170: badRequest(requestURI, (HttpServletResponse) response
171: .getResponse());
172: return;
173: }
174: if (wrapper == null) {
175: notFound(requestURI, (HttpServletResponse) response
176: .getResponse());
177: return;
178: }
179:
180: // Ask this Wrapper to process this Request
181: response.setContext(context);
182:
183: wrapper.invoke(request, response);
184:
185: }
186:
187: // -------------------------------------------------------- Private Methods
188:
189: /**
190: * Report a "bad request" error for the specified resource. FIXME: We
191: * should really be using the error reporting settings for this web
192: * application, but currently that code runs at the wrapper level rather
193: * than the context level.
194: *
195: * @param requestURI The request URI for the requested resource
196: * @param response The response we are creating
197: */
198: private void badRequest(String requestURI,
199: HttpServletResponse response) {
200:
201: try {
202: response.sendError(HttpServletResponse.SC_BAD_REQUEST,
203: requestURI);
204: } catch (IllegalStateException e) {
205: ;
206: } catch (IOException e) {
207: ;
208: }
209:
210: }
211:
212: /**
213: * Report a "not found" error for the specified resource. FIXME: We
214: * should really be using the error reporting settings for this web
215: * application, but currently that code runs at the wrapper level rather
216: * than the context level.
217: *
218: * @param requestURI The request URI for the requested resource
219: * @param response The response we are creating
220: */
221: private void notFound(String requestURI,
222: HttpServletResponse response) {
223:
224: try {
225: response.sendError(HttpServletResponse.SC_NOT_FOUND,
226: requestURI);
227: } catch (IllegalStateException e) {
228: ;
229: } catch (IOException e) {
230: ;
231: }
232:
233: }
234:
235: }
|