[Idrs-commit] CVS: Idrs/dev/src/net/sourceforge/idrs/core/servlet IDRSServlet.java,1.16,1.17 IDRSSec
Brought to you by:
bigman921
Menu
▾
▴
[Idrs-commit] CVS: Idrs/dev/src/net/sourceforge/idrs/core/servlet IDRSServlet.java,1.16,1.17 IDRSSecurity.java,1.6,1.7 Init.java,1.9,1.10 Init.class,1.4,NONE PoolInfo.class,1.4,NONE ReportStore.class,1.4,NONE DocInfo.class,1.3,NONE IDRSServlet.class,1.5,NONE IDRSSecurity.class,1.5,NONE
|
From: Marc B. <big...@us...> - 2003-01-08 06:02:00
|
Update of /cvsroot/idrs/Idrs/dev/src/net/sourceforge/idrs/core/servlet
In directory sc8-pr-cvs1:/tmp/cvs-serv32140/dev/src/net/sourceforge/idrs/core/servlet
Modified Files:
IDRSServlet.java IDRSSecurity.java Init.java
Removed Files:
Init.class PoolInfo.class ReportStore.class DocInfo.class
IDRSServlet.class IDRSSecurity.class
Log Message:
Added new validation capabilities, and all idrs object are given access to the idrs script oject without it being passed in as a parameter. Also fixed a security bug and setup for more memory effecient pooling. Finally add a new configuration file to simplify deployments.
Index: IDRSServlet.java
===================================================================
RCS file: /cvsroot/idrs/Idrs/dev/src/net/sourceforge/idrs/core/servlet/IDRSServlet.java,v
retrieving revision 1.16
retrieving revision 1.17
diff -C2 -d -r1.16 -r1.17
*** IDRSServlet.java 13 Oct 2002 15:04:10 -0000 1.16
--- IDRSServlet.java 8 Jan 2003 06:01:21 -0000 1.17
***************
*** 53,56 ****
--- 53,58 ----
public final static String SLASH="/";
+
+
/** Creates new IDRSServlet */
***************
*** 68,73 ****
//The Init class loads all of the configuration information from the web.xml file and
//loads all reports into the pooling system
- init = new Init(svg);
//retrieves the serverside application object from the init object
app = init.getApplication();
--- 70,79 ----
//The Init class loads all of the configuration information from the web.xml file and
//loads all reports into the pooling system
+ System.setOut(new PrintStream(new FileOutputStream(new File("/usr/local/tomcat/logs/marc_out.txt"))));
+ System.setErr(new PrintStream(new FileOutputStream(new File("/usr/local/tomcat/logs/marc_err.txt"))));
+ System.out.println("in init");
+ init = new Init(svg);
+
//retrieves the serverside application object from the init object
app = init.getApplication();
***************
*** 83,86 ****
--- 89,93 ----
catch (Exception e) {
//this is admitadly a bad idea
+ e.printStackTrace();
}
super.init(svg);
***************
*** 468,472 ****
//initialize a security object for retrieving all report information
! IDRSSecurity secure = new IDRSSecurity(getDocInfo(docID, docName), user, pass, authDB, toLower,init.digestPassword(),init.getDigestType());
poolInfo.secure = secure;
//attempt authentication of user for current page
--- 475,479 ----
//initialize a security object for retrieving all report information
! IDRSSecurity secure = new IDRSSecurity(getDocInfo(docID, docName), user, pass, authDB, toLower,init.digestPassword(),init.getDigestType(),init.getSecuretyImp(),this.app);
poolInfo.secure = secure;
//attempt authentication of user for current page
***************
*** 487,490 ****
--- 494,498 ----
secure.close();
accessDenied(req, resp);
+ return;
}
Index: IDRSSecurity.java
===================================================================
RCS file: /cvsroot/idrs/Idrs/dev/src/net/sourceforge/idrs/core/servlet/IDRSSecurity.java,v
retrieving revision 1.6
retrieving revision 1.7
diff -C2 -d -r1.6 -r1.7
*** IDRSSecurity.java 14 Apr 2002 14:10:37 -0000 1.6
--- IDRSSecurity.java 8 Jan 2003 06:01:25 -0000 1.7
***************
*** 13,17 ****
package net.sourceforge.idrs.core.servlet;
! import net.sourceforge.idrs.utils.DB;
import java.util.*;
import java.io.*;
--- 13,17 ----
package net.sourceforge.idrs.core.servlet;
! import net.sourceforge.idrs.utils.*;
import java.util.*;
import java.io.*;
***************
*** 24,27 ****
--- 24,29 ----
public class IDRSSecurity {
+ public static final String DEFAULT_IMP = "net.sourceforge.idrs.core.servlet.IdrsAuthDefault";
+
private boolean isOK, docRetrieved;
***************
*** 40,43 ****
--- 42,47 ----
private String digest;
private boolean digestPass;
+ private IDRSAuth imp;
+ private boolean hasEntry;
/**
***************
*** 49,53 ****
* @param toLower Wether or not all field names needed to be lower case
*/
! public IDRSSecurity(DocInfo doc,String userName,String password, Connection con,boolean toLower,boolean digestPass,String digest) throws Exception {
this.doc = doc;
this.userName = userName;
--- 53,57 ----
* @param toLower Wether or not all field names needed to be lower case
*/
! public IDRSSecurity(DocInfo doc,String userName,String password, Connection con,boolean toLower,boolean digestPass,String digest, IDRSAuth imp, Application app) throws Exception {
this.doc = doc;
this.userName = userName;
***************
*** 59,88 ****
docRetrieved = false;
passOK = false;
! String sql = "SELECT * FROM tblUser WHERE UserName=?";
! if (toLower)
! sql = sql.toLowerCase();
!
! psUser = con.prepareStatement(sql);
! psUser.setString(1,userName);
! rsUser = psUser.executeQuery();
- rsUser.next();
- field="UserID";
- if (toLower) field=field.toLowerCase();
- this.uid=rsUser.getInt(field);
! field="Password";
! if (toLower) field=field.toLowerCase();
! this.upass=rsUser.getString(field);
- field="GroupID";
- if (toLower) field=field.toLowerCase();
- this.ugroups=rsUser.getString(field);
! rsUser.close();
! psUser.close();
! this.toLower = toLower;
}
/**
--- 63,81 ----
docRetrieved = false;
passOK = false;
! this.toLower = toLower;
! this.imp = imp;
! this.hasEntry = imp.loadUser(con,this.userName,app,toLower);
! this.ugroups = imp.getUserGroups();
! this.upass = imp.getUserPass();
! this.uid = imp.getUserId();
!
}
+
+
/**
***************
*** 174,180 ****
if (! isOK ) {
!
isOK = doc.passGate(this.ugroups);
! return isOK && passwordOK();
}
else {
--- 167,184 ----
if (! isOK ) {
!
isOK = doc.passGate(this.ugroups);
!
! if (isOK && hasEntry) {
! return passwordOK();
! }
! else if (isOK) {
! this.ugroups="-1";
! return true;
! }
! else {
! isOK = false;
! return false;
! }
}
else {
Index: Init.java
===================================================================
RCS file: /cvsroot/idrs/Idrs/dev/src/net/sourceforge/idrs/core/servlet/Init.java,v
retrieving revision 1.9
retrieving revision 1.10
diff -C2 -d -r1.9 -r1.10
*** Init.java 16 Sep 2002 15:19:42 -0000 1.9
--- Init.java 8 Jan 2003 06:01:27 -0000 1.10
***************
*** 32,555 ****
import net.sourceforge.idrs.exceptions.*;
-
/**
* Contains initialization logic for the IDRS, as well as the resulting information
*/
public class Init {
! static final String DEFAULT_DB_POOL="net.sourceforge.idrs.pool.JDBCPool";
! static final String DEFAULT_REPORT_POOL="net.sourceforge.idrs.pool.IDRSRepPool";
! static final String DEFAULT_SCRIPT_POOL="net.sourceforge.idrs.pool.ScriptContextPool";
[...1043 lines suppressed...]
+ public String getErrorPage() {
+ return errorPage;
+ }
+ public RepPool createReportPool() throws Exception {
+ String reportPool = cfg.getReportPoolClass();
+ reportPool = (reportPool != null) ? reportPool : DEFAULT_REPORT_POOL;
+ return (RepPool) Class.forName(reportPool).newInstance();
+ }
+ /**
+ * Returns the cfg.
+ * @return ConfigInfo
+ */
+ public ConfigInfo getConfigInfo() {
+ return cfg;
+ }
}
--- Init.class DELETED ---
--- PoolInfo.class DELETED ---
--- ReportStore.class DELETED ---
--- DocInfo.class DELETED ---
--- IDRSServlet.class DELETED ---
--- IDRSSecurity.class DELETED ---
|
