View Javadoc

1   //========================================================================
2   //Copyright 2007 CSC - Scientific Computing Ltd.
3   //------------------------------------------------------------------------
4   //Licensed under the Apache License, Version 2.0 (the "License");
5   //you may not use this file except in compliance with the License.
6   //You may obtain a copy of the License at 
7   //http://www.apache.org/licenses/LICENSE-2.0
8   //Unless required by applicable law or agreed to in writing, software
9   //distributed under the License is distributed on an "AS IS" BASIS,
10  //WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
11  //See the License for the specific language governing permissions and
12  //limitations under the License.
13  //========================================================================
14  
15  package org.mortbay.servlet; // was fi.csc.microarray.proto
16  
17  import java.io.File;
18  import java.io.FileOutputStream;
19  import java.io.IOException;
20  
21  import javax.servlet.Filter;
22  import javax.servlet.FilterChain;
23  import javax.servlet.FilterConfig;
24  import javax.servlet.ServletException;
25  import javax.servlet.ServletRequest;
26  import javax.servlet.ServletResponse;
27  import javax.servlet.UnavailableException;
28  import javax.servlet.http.HttpServletRequest;
29  import javax.servlet.http.HttpServletResponse;
30  
31  import org.mortbay.util.IO;
32  import org.mortbay.util.URIUtil;
33  
34  
35  /**
36   * <p>
37   * Support for HTTP PUT and DELETE methods.
38   * </p>
39   * <p><b>
40   * THIS FILTER SHOULD ONLY BE USED WITH VERY GOOD SECURITY CONSTRAINTS!
41   * </b></p>
42   * 
43   * <p>
44   * If the filter init parameter maxPutSize is set to a positive integer, then
45   * only puts of known size less than maxPutSize will be accepted.
46   * </p>
47   * 
48   * @author Aleksi Kallio
49   * @
50   * 
51   */
52  public class RestFilter implements Filter
53  {
54      private static final String HTTP_METHOD_PUT="PUT";
55      private static final String HTTP_METHOD_GET="GET";
56      private static final String HTTP_METHOD_DELETE="DELETE";
57  
58      private FilterConfig filterConfig;
59      private long _maxPutSize;
60  
61      /* ------------------------------------------------------------ */
62      /* (non-Javadoc)
63       * @see javax.servlet.Filter#init(javax.servlet.FilterConfig)
64       */
65      public void init(FilterConfig filterConfig) throws UnavailableException
66      {
67          this.filterConfig=filterConfig;
68          String tmp = filterConfig.getInitParameter("maxPutSize");
69          if (tmp!=null)
70              _maxPutSize=Long.parseLong(tmp);
71      }
72  
73      /* ------------------------------------------------------------ */
74      /**
75       * @param request
76       * @return
77       */
78      private File locateFile(HttpServletRequest request)
79      {
80          return new File(filterConfig.getServletContext().getRealPath(URIUtil.addPaths(request.getServletPath(),request.getPathInfo())));
81      }
82  
83      /* ------------------------------------------------------------ */
84      /* (non-Javadoc)
85       * @see javax.servlet.Filter#doFilter(javax.servlet.ServletRequest, javax.servlet.ServletResponse, javax.servlet.FilterChain)
86       */
87      public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException
88      {
89          if (!(request instanceof HttpServletRequest&&response instanceof HttpServletResponse))
90          {
91              chain.doFilter(request,response);
92              return;
93          }
94  
95          HttpServletRequest httpRequest=(HttpServletRequest)request;
96          HttpServletResponse httpResponse=(HttpServletResponse)response;
97  
98          if (httpRequest.getMethod().equals(HTTP_METHOD_GET))
99          {
100             chain.doFilter(httpRequest,httpResponse);
101         }
102         else if (httpRequest.getMethod().equals(HTTP_METHOD_PUT))
103         {
104             doPut(httpRequest,httpResponse);
105         }
106         else if (httpRequest.getMethod().equals(HTTP_METHOD_DELETE))
107         {
108             doDelete(httpRequest,httpResponse);
109         }
110         else
111         {
112             chain.doFilter(httpRequest,httpResponse);
113         }
114     }
115     /* ------------------------------------------------------------ */
116     /**
117      * @param request
118      * @param response
119      * @throws ServletException
120      * @throws IOException
121      */
122     protected void doPut(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException
123     {
124         File file=locateFile(request);
125 
126         if (file.exists())
127         {
128             boolean success=file.delete(); // replace file if it exists
129             if (!success)
130             {
131                 response.sendError(HttpServletResponse.SC_FORBIDDEN); 
132                 return;
133             }
134         }
135 
136         FileOutputStream out=new FileOutputStream(file);
137         try
138         {
139             if (_maxPutSize>0)
140             {
141                 int length=request.getContentLength();
142                 if (length>_maxPutSize)
143                 {
144                     response.sendError(HttpServletResponse.SC_FORBIDDEN); 
145                     return;
146                 }
147                 IO.copy(request.getInputStream(),out,_maxPutSize);
148             }
149             else
150                 IO.copy(request.getInputStream(),out);
151         }
152         finally
153         {
154             out.close();
155         }
156 
157         response.setStatus(HttpServletResponse.SC_NO_CONTENT); 
158     }
159 
160     /* ------------------------------------------------------------ */
161     /**
162      * @param request
163      * @param response
164      * @throws ServletException
165      * @throws IOException
166      */
167     protected void doDelete(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException
168     {
169         File file=locateFile(request);
170 
171         if (!file.exists())
172         {
173             response.sendError(HttpServletResponse.SC_NOT_FOUND); 
174             return;
175         }
176 
177         boolean success=IO.delete(file); // actual delete operation
178 
179         if (success)
180         {
181             response.setStatus(HttpServletResponse.SC_NO_CONTENT);
182         }
183         else
184         {
185             response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); 
186         }
187     }
188 
189     public void destroy()
190     {
191         // nothing to destroy
192     }
193 }