001/* 002 * (C) Copyright 2006-2012 Nuxeo SA (http://nuxeo.com/) and contributors. 003 * 004 * All rights reserved. This program and the accompanying materials 005 * are made available under the terms of the GNU Lesser General Public License 006 * (LGPL) version 2.1 which accompanies this distribution, and is available at 007 * http://www.gnu.org/licenses/lgpl.html 008 * 009 * This library is distributed in the hope that it will be useful, 010 * but WITHOUT ANY WARRANTY; without even the implied warranty of 011 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 012 * Lesser General Public License for more details. 013 * 014 * Contributors: 015 * Bogdan Stefanescu 016 * Florent Guillaume 017 */ 018package org.nuxeo.ecm.webengine.app; 019 020import java.io.IOException; 021import java.io.UnsupportedEncodingException; 022 023import javax.servlet.Filter; 024import javax.servlet.FilterChain; 025import javax.servlet.FilterConfig; 026import javax.servlet.ServletException; 027import javax.servlet.ServletRequest; 028import javax.servlet.ServletResponse; 029import javax.servlet.http.HttpServletRequest; 030import javax.servlet.http.HttpServletResponse; 031 032import org.apache.commons.logging.Log; 033import org.apache.commons.logging.LogFactory; 034import org.nuxeo.ecm.platform.web.common.ServletHelper; 035import org.nuxeo.ecm.platform.web.common.requestcontroller.filter.BufferingHttpServletResponse; 036import org.nuxeo.ecm.webengine.PathDescriptor; 037import org.nuxeo.ecm.webengine.WebEngine; 038import org.nuxeo.ecm.webengine.model.WebContext; 039import org.nuxeo.ecm.webengine.model.impl.AbstractWebContext; 040import org.nuxeo.runtime.api.Framework; 041import org.nuxeo.runtime.transaction.TransactionHelper; 042import org.nuxeo.runtime.transaction.TransactionRuntimeException; 043 044/** 045 * This filter must be declared after the nuxeo authentication filter since it needs an authentication info. The session 046 * synchronization is done only if NuxeoRequestControllerFilter was not already done it and stateful flag for the 047 * request path is true. 048 */ 049public class WebEngineFilter implements Filter { 050 051 protected WebEngine engine; 052 053 protected boolean isAutoTxEnabled; 054 055 protected boolean isStatefull; 056 057 protected static Log log = LogFactory.getLog(WebEngineFilter.class); 058 059 @Override 060 public void init(FilterConfig filterConfig) throws ServletException { 061 initIfNeeded(); 062 } 063 064 protected void initIfNeeded() { 065 if (engine != null || Framework.getRuntime() == null) { 066 return; 067 } 068 engine = Framework.getLocalService(WebEngine.class); 069 } 070 071 @Override 072 public void destroy() { 073 engine = null; 074 } 075 076 @Override 077 public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, 078 ServletException { 079 initIfNeeded(); 080 if (request instanceof HttpServletRequest) { 081 HttpServletRequest req = (HttpServletRequest) request; 082 HttpServletResponse resp = (HttpServletResponse) response; 083 PathDescriptor pd = engine.getRequestConfiguration().getMatchingConfiguration(req); 084 Config config = new Config(req, pd); 085 AbstractWebContext ctx = initRequest(config, req, resp); 086 if (config.txStarted) { 087 resp = new BufferingHttpServletResponse(resp); 088 } 089 boolean completedAbruptly = true; 090 try { 091 preRequest(req, resp); 092 chain.doFilter(request, resp); 093 postRequest(req, resp); 094 completedAbruptly = false; 095 } finally { 096 if (completedAbruptly) { 097 TransactionHelper.setTransactionRollbackOnly(); 098 } 099 try { 100 cleanup(config, ctx, req, resp); 101 } catch (TransactionRuntimeException e) { 102 // commit failed, report this to the client before stopping buffering 103 resp.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.getMessage()); 104 throw e; 105 } finally { 106 if (config.txStarted) { 107 ((BufferingHttpServletResponse) resp).stopBuffering(); 108 } 109 } 110 } 111 } else { 112 chain.doFilter(request, response); 113 } 114 } 115 116 public void preRequest(HttpServletRequest request, HttpServletResponse response) { 117 // need to set the encoding of characters manually 118 if (request.getCharacterEncoding() == null) { 119 try { 120 request.setCharacterEncoding("UTF-8"); 121 } catch (UnsupportedEncodingException e) { 122 throw new RuntimeException(e); 123 } 124 } 125 } 126 127 public void postRequest(HttpServletRequest request, HttpServletResponse response) { 128 // check if the target resource don't want automatic headers to be 129 // inserted 130 if (null != request.getAttribute("org.nuxeo.webengine.DisableAutoHeaders")) { 131 // insert automatic headers 132 response.addHeader("Pragma", "no-cache"); 133 response.addHeader("Cache-Control", "no-cache"); 134 response.addHeader("Cache-Control", "no-store"); 135 response.addHeader("Cache-Control", "must-revalidate"); 136 response.addHeader("Expires", "0"); 137 response.setDateHeader("Expires", 0); // prevents caching 138 } 139 } 140 141 public AbstractWebContext initRequest(Config config, HttpServletRequest request, HttpServletResponse response) { 142 initTx(config, request); 143 // user session is registered even for static resources - because some 144 // static resources are served by JAX-RS resources that needs a user 145 // session 146 DefaultContext ctx = new DefaultContext((HttpServletRequest) request); 147 request.setAttribute(WebContext.class.getName(), ctx); 148 return ctx; 149 } 150 151 public void cleanup(Config config, AbstractWebContext ctx, HttpServletRequest request, HttpServletResponse response) { 152 try { 153 closeTx(config, request); 154 } finally { 155 request.removeAttribute(WebContext.class.getName()); 156 } 157 } 158 159 public void initTx(Config config, HttpServletRequest req) { 160 if (!config.isStatic && config.autoTx && !TransactionHelper.isTransactionActive()) { 161 config.txStarted = ServletHelper.startTransaction(req); 162 } 163 } 164 165 public void closeTx(Config config, HttpServletRequest req) { 166 if (config.txStarted) { 167 TransactionHelper.commitOrRollbackTransaction(); 168 } 169 } 170 171 protected static class Config { 172 boolean autoTx; 173 174 boolean txStarted; 175 176 boolean locked; 177 178 boolean isStatic; 179 180 String pathInfo; 181 182 public Config(HttpServletRequest req, PathDescriptor pd) { 183 autoTx = pd == null ? true : pd.isAutoTx(true); 184 pathInfo = req.getPathInfo(); 185 if (pathInfo == null || pathInfo.length() == 0) { 186 pathInfo = "/"; 187 } 188 String spath = req.getServletPath(); 189 isStatic = spath.contains("/skin") || pathInfo.contains("/skin/"); 190 } 191 192 @Override 193 public String toString() { 194 StringBuffer sb = new StringBuffer(); 195 sb.append("WebEngineFilter&Confi:"); 196 sb.append("\nPath Info:"); 197 sb.append(pathInfo); 198 sb.append("\nAuto TX:"); 199 sb.append(autoTx); 200 sb.append("\nStatic:"); 201 sb.append(isStatic); 202 return sb.toString(); 203 } 204 } 205}