src/org/cacert/gigi/Gigi.java

   1 package org.cacert.gigi;
   2
   3 import java.io.BufferedReader;
   4 import java.io.File;
   5 import java.io.FileInputStream;
   6 import java.io.IOException;
   7 import java.io.InputStreamReader;
   8 import java.security.cert.X509Certificate;
   9 import java.util.HashMap;
  10
  11 import javax.servlet.ServletException;
  12 import javax.servlet.http.HttpServlet;
  13 import javax.servlet.http.HttpServletRequest;
  14 import javax.servlet.http.HttpServletResponse;
  15 import javax.servlet.http.HttpSession;
  16
  17 import org.cacert.gigi.pages.LoginPage;
  18 import org.cacert.gigi.pages.MainPage;
  19 import org.cacert.gigi.pages.Page;
  20 import org.eclipse.jetty.util.log.Log;
  21
  22 public class Gigi extends HttpServlet {
  23         private static final long serialVersionUID = -6386785421902852904L;
  24         private String[] baseTemplate;
  25         private HashMap<String, Page> pages = new HashMap<String, Page>();
  26
  27         @Override
  28         public void init() throws ServletException {
  29                 pages.put("/login", new LoginPage("CACert - Login"));
  30                 pages.put("/", new MainPage("CACert - Home"));
  31                 String templ = "";
  32                 try {
  33                         BufferedReader reader = new BufferedReader(new InputStreamReader(
  34                                         new FileInputStream(new File("templates/base.html"))));
  35                         String tmp;
  36                         while ((tmp = reader.readLine()) != null) {
  37                                 templ += tmp;
  38                         }
  39                         baseTemplate = templ.split("\\$content\\$");
  40                 } catch (Exception e) {
  41                         Log.getLogger(Gigi.class).warn("Error loading template!", e);
  42                 }
  43                 super.init();
  44
  45         }
  46
  47         @Override
  48         protected void service(HttpServletRequest req, HttpServletResponse resp)
  49                         throws ServletException, IOException {
  50                 X509Certificate[] cert = (X509Certificate[]) req
  51                                 .getAttribute("javax.servlet.request.X509Certificate");
  52                 HttpSession hs = req.getSession(false);
  53                 if (hs == null || !((Boolean) hs.getAttribute("loggedin"))) {
  54                         if (cert != null) {
  55                                 tryAuthWithCertificate(req, cert[0]);
  56                                 hs = req.getSession(false);
  57                         }
  58                 }
  59                 if (hs != null && ((Boolean) hs.getAttribute("loggedin"))
  60                                 && req.getPathInfo().equals("/login")) {
  61                         resp.sendRedirect("/");
  62                         return;
  63                 }
  64                 if (req.getMethod().equals("POST") && req.getPathInfo() != null
  65                                 && req.getPathInfo().equals("/login")) {
  66                         authWithUnpw(req);
  67                         resp.sendRedirect("/");
  68                         return;
  69                 }
  70                 if (req.getPathInfo() != null && req.getPathInfo().equals("/logout")) {
  71                         if (hs != null) {
  72                                 hs.setAttribute("loggedin", false);
  73                                 hs.invalidate();
  74                         }
  75                         resp.sendRedirect("/");
  76                         return;
  77                 }
  78
  79                 if ((hs == null || !((Boolean) hs.getAttribute("loggedin")))
  80                                 && !"/login".equals(req.getPathInfo())) {
  81                         System.out.println(req.getPathInfo());
  82                         resp.sendRedirect("/login");
  83                         return;
  84                 }
  85                 if (pages.containsKey(req.getPathInfo())) {
  86                         String b0 = baseTemplate[0];
  87                         Page p = pages.get(req.getPathInfo());
  88                         b0 = b0.replaceAll("\\$title\\$", p.getTitle());
  89                         resp.getWriter().print(b0);
  90                         p.doGet(req, resp);
  91                         String b1 = baseTemplate[1];
  92                         b1 = b1.replaceAll("\\$title\\$", p.getTitle());
  93                         resp.getWriter().print(b1);
  94                 } else {
  95                         resp.sendError(404, "Page not found.");
  96                 }
  97
  98         }
  99
 100         private void authWithUnpw(HttpServletRequest req) {
 101                 String un = req.getParameter("username");
 102                 String pw = req.getParameter("password");
 103                 // TODO dummy password check if (un.equals(pw)) {
 104                 HttpSession hs = req.getSession();
 105                 hs.setAttribute("loggedin", true);
 106         }
 107
 108         private void tryAuthWithCertificate(HttpServletRequest req,
 109                         X509Certificate x509Certificate) {
 110                 // TODO ckeck if certificate is valid
 111                 HttpSession hs = req.getSession();
 112                 hs.setAttribute("loggedin", true);
 113         }
 114 }