]> WPIA git - gigi.git/blobdiff - src/org/cacert/gigi/Gigi.java
projects / gigi.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
upd: move logout button to toplevel
[gigi.git] / src / org / cacert / gigi / Gigi.java
diff --git a/src/org/cacert/gigi/Gigi.java b/src/org/cacert/gigi/Gigi.java
index b80f9c7596808c63cdfe92213ea51897d14f72ba..41e504f8fbb29b2a99ebf6c0354bd11a5f0c93b6 100644 (file)
--- a/src/org/cacert/gigi/Gigi.java
+++ b/src/org/cacert/gigi/Gigi.java
@@ -21,7 +21,9 @@ import javax.servlet.http.HttpServletResponse;
 import javax.servlet.http.HttpSession;
 
 import org.cacert.gigi.database.DatabaseConnection;
+import org.cacert.gigi.database.DatabaseConnection.Link;
 import org.cacert.gigi.dbObjects.CACertificate;
+import org.cacert.gigi.dbObjects.CATS.CATSType;
 import org.cacert.gigi.dbObjects.CertificateProfile;
 import org.cacert.gigi.dbObjects.DomainPingConfiguration;
 import org.cacert.gigi.localisation.Language;
@@ -29,13 +31,16 @@ import org.cacert.gigi.output.Menu;
 import org.cacert.gigi.output.MenuCollector;
 import org.cacert.gigi.output.PageMenuItem;
 import org.cacert.gigi.output.SimpleMenuItem;
+import org.cacert.gigi.output.template.Form;
 import org.cacert.gigi.output.template.Form.CSRFException;
 import org.cacert.gigi.output.template.Outputable;
 import org.cacert.gigi.output.template.Template;
+import org.cacert.gigi.pages.AboutPage;
 import org.cacert.gigi.pages.HandlesMixedRequest;
 import org.cacert.gigi.pages.LoginPage;
 import org.cacert.gigi.pages.LogoutPage;
 import org.cacert.gigi.pages.MainPage;
+import org.cacert.gigi.pages.OneFormPage;
 import org.cacert.gigi.pages.Page;
 import org.cacert.gigi.pages.PasswordResetPage;
 import org.cacert.gigi.pages.RootCertPage;
@@ -43,6 +48,7 @@ import org.cacert.gigi.pages.StaticPage;
 import org.cacert.gigi.pages.TestSecure;
 import org.cacert.gigi.pages.Verify;
 import org.cacert.gigi.pages.account.ChangePasswordPage;
+import org.cacert.gigi.pages.account.FindAgentAccess;
 import org.cacert.gigi.pages.account.History;
 import org.cacert.gigi.pages.account.MyDetails;
 import org.cacert.gigi.pages.account.UserTrainings;
@@ -61,11 +67,11 @@ import org.cacert.gigi.pages.main.RegisterPage;
 import org.cacert.gigi.pages.orga.CreateOrgPage;
 import org.cacert.gigi.pages.orga.ViewOrgPage;
 import org.cacert.gigi.pages.wot.AssurePage;
-import org.cacert.gigi.pages.wot.MyListingPage;
 import org.cacert.gigi.pages.wot.MyPoints;
 import org.cacert.gigi.pages.wot.RequestTTPPage;
 import org.cacert.gigi.ping.PingerDaemon;
 import org.cacert.gigi.util.AuthorizationContext;
+import org.cacert.gigi.util.DomainAssessment;
 import org.cacert.gigi.util.ServerConstants;
 
 public final class Gigi extends HttpServlet {
@@ -125,6 +131,7 @@ public final class Gigi extends HttpServlet {
             });
             putPage("/", new MainPage(), null);
             putPage("/roots", new RootCertPage(truststore), "SomeCA.org");
+            putPage("/about", new AboutPage(), "SomeCA.org");
 
             putPage("/secure", new TestSecure(), null);
             putPage(Verify.PATH, new Verify(), null);
@@ -136,7 +143,6 @@ public final class Gigi extends HttpServlet {
 
             putPage(AssurePage.PATH + "/*", new AssurePage(), "Web of Trust");
             putPage(MyPoints.PATH, new MyPoints(), "Web of Trust");
-            putPage(MyListingPage.PATH, new MyListingPage(), "Web of Trust");
             putPage(RequestTTPPage.PATH, new RequestTTPPage(), "Web of Trust");
 
             putPage(TTPAdminPage.PATH + "/*", new TTPAdminPage(), "Admin");
@@ -149,14 +155,21 @@ public final class Gigi extends HttpServlet {
 
             putPage(SupportUserDetailsPage.PATH + "*", new SupportUserDetailsPage(), null);
             putPage(ChangePasswordPage.PATH, new ChangePasswordPage(), "My Account");
-            putPage(LogoutPage.PATH, new LogoutPage(), "My Account");
             putPage(History.PATH, new History(false), "My Account");
+            putPage(FindAgentAccess.PATH, new OneFormPage("Access to Find Agent", FindAgentAccess.class) {
+
+                @Override
+                public String getSuccessPath(Form f) {
+                    return FindAgentAccess.PATH;
+                }
+            }, "My Account");
             putPage(History.SUPPORT_PATH, new History(true), null);
             putPage(UserTrainings.PATH, new UserTrainings(false), "My Account");
             putPage(MyDetails.PATH, new MyDetails(), "My Account");
             putPage(UserTrainings.SUPPORT_PATH, new UserTrainings(true), null);
 
             putPage(PasswordResetPage.PATH, new PasswordResetPage(), null);
+            putPage(LogoutPage.PATH, new LogoutPage(), null);
 
             if (testing) {
                 try {
@@ -174,10 +187,9 @@ public final class Gigi extends HttpServlet {
             } catch (UnsupportedEncodingException e) {
                 throw new ServletException(e);
             }
-            baseTemplate = new Template(Gigi.class.getResource("Gigi.templ"));
             rootMenu = new MenuCollector();
 
-            Menu languages = new Menu("Translations");
+            Menu languages = new Menu("Language");
             for (Locale l : Language.getSupportedLocales()) {
                 languages.addItem(new SimpleMenuItem("?lang=" + l.toString(), l.getDisplayName(l)));
             }
@@ -210,7 +222,7 @@ public final class Gigi extends HttpServlet {
 
     private static Gigi instance;
 
-    private Template baseTemplate;
+    private static final Template baseTemplate = new Template(Gigi.class.getResource("Gigi.templ"));;
 
     private PingerDaemon pinger;
 
@@ -231,6 +243,7 @@ public final class Gigi extends HttpServlet {
             }
             testing = conf.getProperty("testing") != null;
             instance = this;
+            DomainAssessment.init(conf);
             DatabaseConnection.init(conf);
             this.truststore = truststore;
             pinger = new PingerDaemon(truststore);
@@ -245,8 +258,13 @@ public final class Gigi extends HttpServlet {
             return;
         }
         // ensure those static initializers are finished
-        CACertificate.getById(1);
-        CertificateProfile.getById(1);
+        try (Link l = DatabaseConnection.newLink(false)) {
+            CACertificate.getById(1);
+            CertificateProfile.getById(1);
+            CATSType.ASSURER_CHALLENGE.getDisplayName();
+        } catch (InterruptedException e) {
+            throw new Error(e);
+        }
 
         MenuBuilder mb = new MenuBuilder();
         rootMenu = mb.generateMenu();
@@ -301,16 +319,29 @@ public final class Gigi extends HttpServlet {
 
     @Override
     protected void service(final HttpServletRequest req, final HttpServletResponse resp) throws ServletException, IOException {
+        if ("/error".equals(req.getPathInfo()) || "/denied".equals(req.getPathInfo())) {
+            if (DatabaseConnection.hasInstance()) {
+                serviceWithConnection(req, resp);
+                return;
+            }
+        }
+        try (DatabaseConnection.Link l = DatabaseConnection.newLink( !req.getMethod().equals("POST"))) {
+            serviceWithConnection(req, resp);
+        } catch (InterruptedException e) {
+            e.printStackTrace();
+        }
+    }
+
+    protected void serviceWithConnection(final HttpServletRequest req, final HttpServletResponse resp) throws ServletException, IOException {
         boolean isSecure = req.isSecure();
         addXSSHeaders(resp, isSecure);
         // Firefox only sends this, if it's a cross domain access; safari sends
         // it always
         String originHeader = req.getHeader("Origin");
         if (originHeader != null //
-                &&
-                !(originHeader.matches("^" + Pattern.quote("https://" + ServerConstants.getWwwHostNamePortSecure()) + "(/.*|)") || //
+                && !(originHeader.matches("^" + Pattern.quote("https://" + ServerConstants.getWwwHostNamePortSecure()) + "(/.*|)") || //
                         originHeader.matches("^" + Pattern.quote("http://" + ServerConstants.getWwwHostNamePort()) + "(/.*|)") || //
-                originHeader.matches("^" + Pattern.quote("https://" + ServerConstants.getSecureHostNamePort()) + "(/.*|)"))) {
+                        originHeader.matches("^" + Pattern.quote("https://" + ServerConstants.getSecureHostNamePort()) + "(/.*|)"))) {
             resp.setContentType("text/html; charset=utf-8");
             resp.getWriter().println("<html><head><title>Alert</title></head><body>No cross domain access allowed.<br/><b>If you don't know why you're seeing this you may have been fished! Please change your password immediately!</b></body></html>");
             return;
WPIA Certificate Web Issuance Platform