001: /**
002: * Copyright (c) 2000-2008 Liferay, Inc. All rights reserved.
003: *
004: * Permission is hereby granted, free of charge, to any person obtaining a copy
005: * of this software and associated documentation files (the "Software"), to deal
006: * in the Software without restriction, including without limitation the rights
007: * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
008: * copies of the Software, and to permit persons to whom the Software is
009: * furnished to do so, subject to the following conditions:
010: *
011: * The above copyright notice and this permission notice shall be included in
012: * all copies or substantial portions of the Software.
013: *
014: * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
015: * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
016: * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
017: * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
018: * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
019: * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
020: * SOFTWARE.
021: */package com.liferay.portal.util;
022:
023: import com.liferay.portal.CookieNotSupportedException;
024: import com.liferay.portal.kernel.util.StringPool;
025: import com.liferay.portal.kernel.util.Validator;
026: import com.liferay.util.CookieUtil;
027:
028: import javax.servlet.http.Cookie;
029: import javax.servlet.http.HttpServletRequest;
030: import javax.servlet.http.HttpServletResponse;
031:
032: import org.apache.commons.codec.binary.Hex;
033: import org.apache.commons.logging.Log;
034: import org.apache.commons.logging.LogFactory;
035:
036: /**
037: * <a href="CookieKeys.java.html"><b><i>View Source</i></b></a>
038: *
039: * @author Brian Wing Shun Chan
040: * @author Minhchau Dang
041: *
042: */
043: public class CookieKeys {
044:
045: public static final String COOKIE_SUPPORT = "COOKIE_SUPPORT";
046:
047: public static final String COMPANY_ID = "COMPANY_ID";
048:
049: public static final String GUEST_LANGUAGE_ID = "GUEST_LANGUAGE_ID";
050:
051: public static final String ID = "ID";
052:
053: public static final String JSESSIONID = "jsessionid";
054:
055: public static final String LOGIN = "LOGIN";
056:
057: public static final String PASSWORD = "PASSWORD";
058:
059: public static final String REMEMBER_ME = "REMEMBER_ME";
060:
061: public static final String SCREEN_NAME = "SCREEN_NAME";
062:
063: public static final int MAX_AGE = 31536000;
064:
065: public static final int VERSION = 0;
066:
067: public static void addCookie(HttpServletResponse res, Cookie cookie) {
068: if (PropsValues.SESSION_ENABLE_PERSISTENT_COOKIES) {
069: if (!PropsValues.TCK_URL) {
070:
071: // LEP-5175
072:
073: String name = cookie.getName();
074:
075: String originalValue = cookie.getValue();
076: String encodedValue = originalValue;
077:
078: if (isEncodedCookie(name)) {
079: encodedValue = new String(Hex
080: .encodeHex(originalValue.getBytes()));
081:
082: if (_log.isDebugEnabled()) {
083: _log.debug("Add encoded cookie " + name);
084: _log.debug("Original value " + originalValue);
085: _log.debug("Hex encoded value " + encodedValue);
086: }
087: }
088:
089: cookie.setValue(encodedValue);
090: cookie.setVersion(VERSION);
091:
092: // Setting a cookie will cause the TCK to lose its ability
093: // to track sessions
094:
095: res.addCookie(cookie);
096: }
097: }
098: }
099:
100: public static void addSupportCookie(HttpServletResponse res) {
101: Cookie cookieSupportCookie = new Cookie(COOKIE_SUPPORT, "true");
102:
103: cookieSupportCookie.setPath(StringPool.SLASH);
104: cookieSupportCookie.setMaxAge(MAX_AGE);
105:
106: addCookie(res, cookieSupportCookie);
107: }
108:
109: public static String getCookie(HttpServletRequest req, String name) {
110: String value = CookieUtil.get(req, name);
111:
112: if ((value != null) && isEncodedCookie(name)) {
113: try {
114: String encodedValue = value;
115: String originalValue = new String(Hex
116: .decodeHex(encodedValue.toCharArray()));
117:
118: if (_log.isDebugEnabled()) {
119: _log.debug("Get encoded cookie " + name);
120: _log.debug("Hex encoded value " + encodedValue);
121: _log.debug("Original value " + originalValue);
122: }
123:
124: return originalValue;
125: } catch (Exception e) {
126: if (_log.isWarnEnabled()) {
127: _log.warn(e.getMessage());
128: }
129:
130: return value;
131: }
132: }
133:
134: return value;
135: }
136:
137: public static String getDomain(HttpServletRequest req) {
138:
139: // See LEP-4602 and LEP-4618.
140:
141: if (Validator.isNotNull(PropsValues.SESSION_COOKIE_DOMAIN)) {
142: return PropsValues.SESSION_COOKIE_DOMAIN;
143: }
144:
145: String host = req.getServerName();
146:
147: return getDomain(host);
148: }
149:
150: public static String getDomain(String host) {
151:
152: // See LEP-4602 and LEP-4645.
153:
154: if (host == null) {
155: return null;
156: }
157:
158: int x = host.lastIndexOf(StringPool.PERIOD);
159:
160: if (x <= 0) {
161: return null;
162: }
163:
164: int y = host.lastIndexOf(StringPool.PERIOD, x - 1);
165:
166: if (y <= 0) {
167: return StringPool.PERIOD + host;
168: }
169:
170: int z = host.lastIndexOf(StringPool.PERIOD, y - 1);
171:
172: String domain = null;
173:
174: if (z <= 0) {
175: domain = host.substring(y);
176: } else {
177: domain = host.substring(z);
178: }
179:
180: return domain;
181: }
182:
183: public static boolean hasSessionId(HttpServletRequest req) {
184: String jsessionid = getCookie(req, JSESSIONID);
185:
186: if (jsessionid != null) {
187: return true;
188: } else {
189: return false;
190: }
191: }
192:
193: public static boolean isEncodedCookie(String name) {
194: if (name.equals(ID) || name.equals(LOGIN)
195: || name.equals(PASSWORD) || name.equals(SCREEN_NAME)) {
196:
197: return true;
198: } else {
199: return false;
200: }
201: }
202:
203: public static void validateSupportCookie(HttpServletRequest req)
204: throws CookieNotSupportedException {
205:
206: if (PropsValues.SESSION_ENABLE_PERSISTENT_COOKIES
207: && PropsValues.SESSION_TEST_COOKIE_SUPPORT) {
208:
209: String cookieSupport = getCookie(req, COOKIE_SUPPORT);
210:
211: if (Validator.isNull(cookieSupport)) {
212: throw new CookieNotSupportedException();
213: }
214: }
215: }
216:
217: private static Log _log = LogFactory.getLog(CookieKeys.class);
218:
219: }
|