Menu
▾
▴
tolven-cvs-commit — Tolven CVS Commit
You can subscribe to this list here.
| 2006 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
(141) |
Sep
(184) |
Oct
(159) |
Nov
(77) |
Dec
(114) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2007 |
Jan
(212) |
Feb
(302) |
Mar
(323) |
Apr
(360) |
May
(302) |
Jun
(392) |
Jul
(299) |
Aug
(858) |
Sep
(499) |
Oct
(489) |
Nov
(324) |
Dec
(438) |
| 2008 |
Jan
(449) |
Feb
(388) |
Mar
(811) |
Apr
(583) |
May
(949) |
Jun
(1431) |
Jul
(943) |
Aug
(527) |
Sep
(576) |
Oct
(440) |
Nov
(1046) |
Dec
(658) |
| 2009 |
Jan
(259) |
Feb
(192) |
Mar
(495) |
Apr
(2322) |
May
(2023) |
Jun
(1387) |
Jul
(722) |
Aug
(771) |
Sep
(167) |
Oct
(142) |
Nov
(384) |
Dec
(884) |
| 2010 |
Jan
(344) |
Feb
(82) |
Mar
(248) |
Apr
(341) |
May
(389) |
Jun
(289) |
Jul
(19) |
Aug
(478) |
Sep
(274) |
Oct
(431) |
Nov
(322) |
Dec
(207) |
| 2011 |
Jan
(125) |
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
|
From: Joseph I. <jos...@us...> - 2007-02-25 06:43:29
|
Update of /cvsroot/tolven/tolvenWEB/src/org/tolven/web/security In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv7106/src/org/tolven/web/security Modified Files: Tag: P_JI_Security VestibuleSecurityFilter.java Log Message: BRANCH COMMIT: If accountUserId in request is not a number, then hanlde the number format exception as though this as no accountUser being selected. Index: VestibuleSecurityFilter.java =================================================================== RCS file: /cvsroot/tolven/tolvenWEB/src/org/tolven/web/security/VestibuleSecurityFilter.java,v retrieving revision 1.12 retrieving revision 1.12.2.1 diff -C2 -d -r1.12 -r1.12.2.1 *** VestibuleSecurityFilter.java 17 Feb 2007 23:07:33 -0000 1.12 --- VestibuleSecurityFilter.java 25 Feb 2007 06:43:28 -0000 1.12.2.1 *************** *** 182,207 **** String accountUserIdString = request.getParameter(ACCOUNTUSER_ID); if (accountUserIdString != null && accountUserIdString.trim().length() > 0) { ! // User has selected an account home page, identify the page and let them through ! AccountUser accountUser = activation.findAccountUser(Long.parseLong(accountUserIdString.trim())); ! if (accountUser == null) { ! logout("ACCOUNTUSER IS NULL", request, response); ! return; } ! // SAFETY CHECK HERE - Don't trust the accountUserId alone, it must match user. ! if (accountUser.getUser().getId() != user.getId()) { ! logout("ACCOUNTUSER DOES NOT BELONG TO USER", request, response); return; } - // Give TolvenUser the AccountPrivateKey for the selected account - if (accountUser.getAccountPrivateKey() == null) { - //For backward compatibility with accounts which didn't originally have keys, we add them here - accountBean.setupAccountKeys(accountUser.getAccount(), accountUser, null, user); - } - privateKeyRing.setAccountPrivateKey(accountUser.getAccountPrivateKey()); - session.removeAttribute(VESTIBULE_PASS); - session.setAttribute(ACCOUNT_ID, accountUser.getAccount().getId()); - session.setAttribute(ACCOUNTUSER_ID, accountUser.getId()); - ((HttpServletResponse) servletResponse).sendRedirect("../private/" + accountUser.getAccount().getAccountType().getHomePage()); - return; } // If user has not been sent on there way by here, remove all account related information...they are in the vestibule --- 182,218 ---- String accountUserIdString = request.getParameter(ACCOUNTUSER_ID); if (accountUserIdString != null && accountUserIdString.trim().length() > 0) { ! long accountUserId = 0; ! boolean validAccountUserId = true; ! try { ! accountUserId = Long.parseLong(accountUserIdString.trim()); ! } catch (NumberFormatException ex) { ! // A failure to find the account due to a number format exception occurs in IE (a "null" string value turns up) but not in FF ! // Either way it's not a valid accountUserId ! validAccountUserId = false; } ! if (validAccountUserId) { ! // User has selected an account home page, identify the page and let them through ! AccountUser accountUser = activation.findAccountUser(accountUserId); ! if (accountUser == null) { ! logout("ACCOUNTUSER IS NULL", request, response); ! return; ! } ! // SAFETY CHECK HERE - Don't trust the accountUserId alone, it must match user. ! if (accountUser.getUser().getId() != user.getId()) { ! logout("ACCOUNTUSER DOES NOT BELONG TO USER", request, response); ! return; ! } ! // Give TolvenUser the AccountPrivateKey for the selected account ! if (accountUser.getAccountPrivateKey() == null) { ! //For backward compatibility with accounts which didn't originally have keys, we add them here ! accountBean.setupAccountKeys(accountUser.getAccount(), accountUser, null, user); ! } ! privateKeyRing.setAccountPrivateKey(accountUser.getAccountPrivateKey()); ! session.removeAttribute(VESTIBULE_PASS); ! session.setAttribute(ACCOUNT_ID, accountUser.getAccount().getId()); ! session.setAttribute(ACCOUNTUSER_ID, accountUser.getId()); ! ((HttpServletResponse) servletResponse).sendRedirect("../private/" + accountUser.getAccount().getAccountType().getHomePage()); return; } } // If user has not been sent on there way by here, remove all account related information...they are in the vestibule |
|
From: John C. <jc...@us...> - 2007-02-25 00:55:31
|
Update of /cvsroot/tolven/tolvenWEB/web/five In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv4315/web/five Modified Files: login.xhtml Log Message: Update static text Index: login.xhtml =================================================================== RCS file: /cvsroot/tolven/tolvenWEB/web/five/login.xhtml,v retrieving revision 1.10 retrieving revision 1.11 diff -C2 -d -r1.10 -r1.11 *** login.xhtml 24 Feb 2007 23:52:24 -0000 1.10 --- login.xhtml 25 Feb 2007 00:55:27 -0000 1.11 *************** *** 40,45 **** <p><strong>Update: February 24, 2007</strong></p> <p>Tolven is providing “open access” to this implementation of its open source healthcare solutions, which are available for download under the Lesser General Public License from <a title="http://sourceforge.net/projects/tolven" href="http://sourceforge.net/projects/tolven">http://sourceforge.net/projects/tolven</a>. The purpose of this demonstration system is to enable individuals, organizations and academic institutes to review the usability, system performance and example functionality that the Tolven electronic Personal Health Record and electronic Clinician Health Record without the need to install the software locally.</p> ! <p>Instructions for using the demonstration system and for installing and using the Palm Treo 680 smartphone version of the solution can be found at <a title="http://www.tolven.org/" href="http://www.tolven.org/">www.tolven.org</a>. </p> ! <p>Although secure, this demonstration system should not be used for storing personal data or secretes. The system is regularly updated and Tolven reserves the right to re-build the system at anytime and in doing so may delete user accounts, system and user generated data.</p> <p>Please report issues with the demonstration system or enhancement request on the open source forums at <a title="http://sourceforge.net/projects/tolven" href="http://sourceforge.net/projects/tolven">http://sourceforge.net/projects/tolven</a>.</p> <p>For further information regarding the Tolven open source solutions and services please visit <a title="http://www.tolvenhealth.com/" href="http://www.tolvenhealth.com/">www.tolvenhealth.com</a> or <a title="http://www.tolven.org/" href="http://www.tolven.org/">www.tolven.org</a>. </p> --- 40,45 ---- <p><strong>Update: February 24, 2007</strong></p> <p>Tolven is providing “open access” to this implementation of its open source healthcare solutions, which are available for download under the Lesser General Public License from <a title="http://sourceforge.net/projects/tolven" href="http://sourceforge.net/projects/tolven">http://sourceforge.net/projects/tolven</a>. The purpose of this demonstration system is to enable individuals, organizations and academic institutes to review the usability, system performance and example functionality that the Tolven electronic Personal Health Record and electronic Clinician Health Record without the need to install the software locally.</p> ! <p>Instructions for using the demonstration system and for installing and using the Palm Treo 680 smartphone version of the solution can be found at <a title="http://tolven.org/downloads.html" href="http://tolven.org/downloads.html">http://tolven.org/downloads.html</a>. </p> ! <p>Although secure, this demonstration system should not be used for storing personal data or secrets. The system is regularly updated and Tolven reserves the right to re-build the system at anytime and in doing so may delete user accounts, system and user generated data.</p> <p>Please report issues with the demonstration system or enhancement request on the open source forums at <a title="http://sourceforge.net/projects/tolven" href="http://sourceforge.net/projects/tolven">http://sourceforge.net/projects/tolven</a>.</p> <p>For further information regarding the Tolven open source solutions and services please visit <a title="http://www.tolvenhealth.com/" href="http://www.tolvenhealth.com/">www.tolvenhealth.com</a> or <a title="http://www.tolven.org/" href="http://www.tolven.org/">www.tolven.org</a>. </p> |
|
From: Joseph I. <jos...@us...> - 2007-02-24 23:59:12
|
Update of /cvsroot/tolven/tolven/installer/izpack-8.1 In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv11186/installer/izpack-8.1 Modified Files: tolven-install.xml Log Message: Updates for the new tolvenMobile and tolvenBrowse modules Index: tolven-install.xml =================================================================== RCS file: /cvsroot/tolven/tolven/installer/izpack-8.1/tolven-install.xml,v retrieving revision 1.15 retrieving revision 1.16 diff -C2 -d -r1.15 -r1.16 *** tolven-install.xml 21 Oct 2006 00:13:04 -0000 1.15 --- tolven-install.xml 24 Feb 2007 23:59:09 -0000 1.16 *************** *** 209,212 **** --- 209,218 ---- includes="tolvenWEB/**" excludes="tolvenWEB/bin/**,tolvenWEB/build/**" /> + <fileset dir="../../.." targetdir="$INSTALL_PATH" + includes="tolvenMobileServer/**" + excludes="tolvenMobileServer/bin/**,tolvenMobileServer/build/**" /> + <fileset dir="../../.." targetdir="$INSTALL_PATH" + includes="tolvenBrowse/**" + excludes="tolvenBrowse/bin/**,tolvenBrowse/build/**" /> <depends packname="base" /> </pack> |
|
From: Joseph I. <jos...@us...> - 2007-02-24 23:59:12
|
Update of /cvsroot/tolven/tolven/installer/template In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv11186/installer/template Modified Files: ant-build.template Log Message: Updates for the new tolvenMobile and tolvenBrowse modules Index: ant-build.template =================================================================== RCS file: /cvsroot/tolven/tolven/installer/template/ant-build.template,v retrieving revision 1.4 retrieving revision 1.5 diff -C2 -d -r1.4 -r1.5 *** ant-build.template 16 Jan 2007 08:27:25 -0000 1.4 --- ant-build.template 24 Feb 2007 23:59:09 -0000 1.5 *************** *** 76,79 **** --- 76,81 ---- tolvenEJB.location=${tolven.home}/tolvenEJB tolvenWEB.location=${tolven.home}/tolvenWEB + tolvenBrowse.location=${tolven.home}/tolvenBrowse + tolvenMobileServer.location=${tolven.home}/tolvenMobileServer jboss-rules.location=${tolven.location}/lib/jboss-rules |
|
From: Joseph I. <jos...@us...> - 2007-02-24 23:57:37
|
Update of /cvsroot/tolven/tolvenBrowse In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv10280 Added Files: .cvsignore Log Message: .cvsignore files for new modules --- NEW FILE: .cvsignore --- .project |
|
From: Joseph I. <jos...@us...> - 2007-02-24 23:57:35
|
Update of /cvsroot/tolven/tolvenMobileServer In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv10267 Added Files: .cvsignore Log Message: .cvsignore files for new modules --- NEW FILE: .cvsignore --- .project |
|
From: John C. <jc...@us...> - 2007-02-24 23:52:28
|
Update of /cvsroot/tolven/tolvenWEB/web/five In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv7809/web/five Modified Files: login.xhtml Log Message: Update static text Index: login.xhtml =================================================================== RCS file: /cvsroot/tolven/tolvenWEB/web/five/login.xhtml,v retrieving revision 1.9 retrieving revision 1.10 diff -C2 -d -r1.9 -r1.10 *** login.xhtml 16 Jan 2007 06:41:54 -0000 1.9 --- login.xhtml 24 Feb 2007 23:52:24 -0000 1.10 *************** *** 38,59 **** </div> <div style="padding:10px;margin:5px;width:600px;clear:both"> ! <h3>January 15, 2007</h3> ! <p>Returning users: Changes in the demo data generator require that you create a new account which you can ! do right after you login by selecting the link at the bottom of the Select Account page. ! Previous accounts may work with some errors. The generator now runs in the background so requests ! to generate data will return immediately.</p> ! <p>We are testing the document encryption mechanism on this site. Please report errors relating to private keys or encryption.</p> ! <h3>New Users</h3> ! <p>After creating your login, you may want to generate some artificial patient data. ! To do so, click the checkbox on the Create Account page which you can access after logging in.</p> ! <h3>Important Privacy Notice</h3> ! <p>You are logging into a demo database. While Tolven makes every effort to protect ! data, this installation has not been certified as secure. Do not enter real patient ! medical data or any secrets. </p> ! <hr/> ! <p>This application is still under development. You should expect changes ! frequently and without warning. Some pages don't work at all. ! Please feel free to drop us a line at ! <a href="mailto:in...@to...">in...@to...</a> with your thoughts.</p> </div> </div> --- 38,47 ---- </div> <div style="padding:10px;margin:5px;width:600px;clear:both"> ! <p><strong>Update: February 24, 2007</strong></p> ! <p>Tolven is providing “open access” to this implementation of its open source healthcare solutions, which are available for download under the Lesser General Public License from <a title="http://sourceforge.net/projects/tolven" href="http://sourceforge.net/projects/tolven">http://sourceforge.net/projects/tolven</a>. The purpose of this demonstration system is to enable individuals, organizations and academic institutes to review the usability, system performance and example functionality that the Tolven electronic Personal Health Record and electronic Clinician Health Record without the need to install the software locally.</p> ! <p>Instructions for using the demonstration system and for installing and using the Palm Treo 680 smartphone version of the solution can be found at <a title="http://www.tolven.org/" href="http://www.tolven.org/">www.tolven.org</a>. </p> ! <p>Although secure, this demonstration system should not be used for storing personal data or secretes. The system is regularly updated and Tolven reserves the right to re-build the system at anytime and in doing so may delete user accounts, system and user generated data.</p> ! <p>Please report issues with the demonstration system or enhancement request on the open source forums at <a title="http://sourceforge.net/projects/tolven" href="http://sourceforge.net/projects/tolven">http://sourceforge.net/projects/tolven</a>.</p> ! <p>For further information regarding the Tolven open source solutions and services please visit <a title="http://www.tolvenhealth.com/" href="http://www.tolvenhealth.com/">www.tolvenhealth.com</a> or <a title="http://www.tolven.org/" href="http://www.tolven.org/">www.tolven.org</a>. </p> </div> </div> |
|
From: John C. <jc...@us...> - 2007-02-24 22:44:56
|
Update of /cvsroot/tolven/tolvenMobileServer/web In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv6743/web Modified Files: tolven.jar tolven.jad Log Message: mobile client Index: tolven.jad =================================================================== RCS file: /cvsroot/tolven/tolvenMobileServer/web/tolven.jad,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** tolven.jad 24 Feb 2007 20:15:52 -0000 1.1 --- tolven.jad 24 Feb 2007 22:44:55 -0000 1.2 *************** *** 2,6 **** MIDlet-Description: Tolven Applications MIDlet-Icon: /img/ePHR.png ! MIDlet-Jar-Size: 117877 MIDlet-Jar-URL: tolven.jar MIDlet-Name: Tolven --- 2,6 ---- MIDlet-Description: Tolven Applications MIDlet-Icon: /img/ePHR.png ! MIDlet-Jar-Size: 117864 MIDlet-Jar-URL: tolven.jar MIDlet-Name: Tolven Index: tolven.jar =================================================================== RCS file: /cvsroot/tolven/tolvenMobileServer/web/tolven.jar,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 Binary files /tmp/cvswp14aA and /tmp/cvssv3BtU differ |
|
From: John C. <jc...@us...> - 2007-02-24 21:59:19
|
Update of /cvsroot/tolven/tolvenBrowse/web In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv16999/web Added Files: fail_login.html Log Message: moved from main app --- NEW FILE: fail_login.html --- <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title></title> </head> <body> Invalid username or password! <a href="../private/dispatch.jsf">Try Again</a> </body> </html> |
|
From: John C. <jc...@us...> - 2007-02-24 21:59:19
|
Update of /cvsroot/tolven/tolvenBrowse/web/WEB-INF In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv16999/web/WEB-INF Added Files: jboss-web.xml web.xml Log Message: moved from main app --- NEW FILE: jboss-web.xml --- <?xml version="1.0" encoding="UTF-8"?> <jboss-web> <security-domain>java:/jaas/tolvenLDAP</security-domain> </jboss-web> --- NEW FILE: web.xml --- <?xml version="1.0" encoding="UTF-8"?> <web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"> <servlet> <servlet-name>Browse Index Servlet</servlet-name> <servlet-class>org.tolven.index.Browse</servlet-class> <load-on-startup>8</load-on-startup> </servlet> <servlet-mapping> <servlet-name>Browse Index Servlet</servlet-name> <url-pattern>*.browse</url-pattern> </servlet-mapping> <filter> <filter-name>BrowseTransactionFilter</filter-name> <filter-class>org.tolven.index.BrowseTransactionFilter</filter-class> </filter> <filter-mapping> <filter-name>BrowseTransactionFilter</filter-name> <servlet-name>Browse Index Servlet</servlet-name> </filter-mapping> <filter> <filter-name>BrowseSecurityFilter</filter-name> <filter-class>org.tolven.index.BrowseSecurityFilter</filter-class> </filter> <filter-mapping> <filter-name>BrowseSecurityFilter</filter-name> <servlet-name>Browse Index Servlet</servlet-name> </filter-mapping> <session-config><session-timeout> 300 </session-timeout> </session-config> <welcome-file-list> <welcome-file>view.browse</welcome-file> </welcome-file-list> <security-constraint> <web-resource-collection> <web-resource-name>Protected Area</web-resource-name> <!-- Define the context-relative URL(s) to be protected --> <!-- All resources protected unless otherwise listed in previous security-constraints --> <url-pattern>*.browse</url-pattern> </web-resource-collection> <auth-constraint> <!-- Anyone with one of the listed roles may access this area --> <role-name>*</role-name> </auth-constraint> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint> <login-config> <auth-method>FORM</auth-method> <form-login-config> <form-login-page>/login.browse</form-login-page> <form-error-page>/fail_login.html</form-error-page> </form-login-config> </login-config> <security-role> <role-name>*</role-name> </security-role> </web-app> |
|
From: John C. <jc...@us...> - 2007-02-24 21:59:15
|
Update of /cvsroot/tolven/tolvenBrowse/web In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv16959/web Log Message: Directory /cvsroot/tolven/tolvenBrowse/web added to the repository |
|
From: John C. <jc...@us...> - 2007-02-24 21:59:15
|
Update of /cvsroot/tolven/tolvenBrowse/web/WEB-INF In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv16959/web/WEB-INF Log Message: Directory /cvsroot/tolven/tolvenBrowse/web/WEB-INF added to the repository |
|
From: John C. <jc...@us...> - 2007-02-24 21:58:32
|
Update of /cvsroot/tolven/tolvenBrowse In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv16537 Added Files: build.xml Log Message: moved from main app --- NEW FILE: build.xml --- <?xml version="1.0" encoding="UTF-8"?> <project basedir="." default="packaging" name="tolvenBrowse"> <property file="../tolven/resources/ant-build.properties"/> <path id="project.classpath"> <fileset dir="${tolvenEJB.location}/build"> <include name="*.jar"/> </fileset> <fileset dir="${jboss.location}"> <include name="client/*.jar"/> </fileset> <pathelement location="${junit.location}/junit.jar"/> </path> <target name="init"> <mkdir dir="${tolvenBrowse.location}/build/bin"/> <mkdir dir="${tolvenBrowse.location}/build/doc"/> </target> <target name="clean"> <delete dir="${tolvenBrowse.location}/build"/> </target> <target depends="init" name="compile"> <echo message="${ant.project.name}: ${ant.file}"/> <javac destdir="${tolvenBrowse.location}/build/bin" debug="true" > <src path="${tolvenBrowse.location}/src"/> <classpath refid="project.classpath"/> </javac> </target> <target name="packaging" depends="compile" description="tolvenBrowse.war"> <jar destfile="${tolvenBrowse.location}/build/tolvenBrowse.war"> <zipfileset dir="${tolvenBrowse.location}/build/bin" prefix="WEB-INF/classes" includes="**/*.class"/> <zipfileset dir="${tolvenBrowse.location}/web"/> </jar> </target> <target name="javadoc" description="Generate Javadoc"> <javadoc access="public" author="true" destdir="${tolvenBrowse.location}/build/doc" doctitle="Tolven WEB" packagenames="*" classpathref="project.classpath" source="1.5" sourcepath="${tolvenBrowse.location}/src" splitindex="true" use="true" version="true"/> </target> </project> |
|
From: John C. <jc...@us...> - 2007-02-24 21:58:07
|
Update of /cvsroot/tolven/tolvenBrowse/src/org/tolven/index In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv16158/src/org/tolven/index Added Files: BrowseTransactionFilter.java BrowseSecurityFilter.java Browse.java BrowseBase.java Log Message: moved from main app --- NEW FILE: BrowseSecurityFilter.java --- package org.tolven.index; import java.io.IOException; import java.io.Writer; import java.security.Principal; import java.security.acl.Group; import java.util.Date; import java.util.List; import java.util.Set; import javax.annotation.EJB; import javax.naming.InitialContext; import javax.naming.NamingException; import javax.security.auth.Subject; import javax.security.auth.login.LoginContext; import javax.security.jacc.PolicyContext; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.tolven.core.ActivationLocal; import org.tolven.core.entity.AccountUser; import org.tolven.core.entity.TolvenUser; import org.tolven.security.auth.UsernamePasswordAccountUserIdCallbackHandler; import org.tolven.security.key.PrivateKeyRing; /** * In our simple servlet sample application we still need to satisfy security requirements we'll * create a LoginContext so that credentials needed by the application are available. * We willl not use the usual built-in formAuthenticator so as to make this part of the * process explicit. * We need username, password, and account number (we assume the user knows the account * number they want to log into for this simple application). If we don't have that information * yet, we turn the user to the login form. * But username, password, and account can also be supplied proactively. If so supplied, * we save the information in the session. * @author John Churin * */ public class BrowseSecurityFilter implements Filter { @EJB protected ActivationLocal activateLocal; void loginForm(Writer writer) throws IOException { writer.write("<form method=\"get\" action=\"login.browse\" >"); writer.write("User Id<br/>"); writer.write("<input type=\"text\" name=\"username\" size=\"30\" />"); writer.write("<br/>"); writer.write("Password<br/><input name=\"password\" type=\"password\" value=\"\" size=\"20\" />"); writer.write("<br/>"); writer.write("Account<br/><input name=\"account\" type=\"text\" value=\"\" size=\"8\" />"); writer.write("<input type=\"submit\" name=\"Submit\" value=\"Login\" /><br/>"); writer.write("</form>"); } public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws IOException, ServletException { System.out.println(getClass() + " : doFilter"); HttpServletRequest request = (HttpServletRequest) req; HttpServletResponse response = (HttpServletResponse) resp; Subject subject = null; Principal principal = null; try { subject = (Subject) PolicyContext.getContext("javax.security.auth.Subject.container"); if (subject == null) throw new ServletException("No Subject in PolicyContext - Not logged In"); principal = null; Object obj = null; for (java.util.Iterator iter = subject.getPrincipals().iterator(); iter.hasNext();) { obj = iter.next(); if (obj instanceof Principal && !(obj instanceof Group)) { principal = (Principal) obj; break; } } } catch (Exception ex) { throw new ServletException("Problem with Subject in PolicyContext"); } try { String uri = request.getRequestURI(); if (!uri.endsWith("accounts.browse")) { if (request.getParameter("account") == null && request.getSession().getAttribute("accountUserId") == null) { response.sendRedirect("accounts.browse"); return; } if (request.getSession().getAttribute("accountUserId") == null) { TolvenUser user = activateLocal.loginUser(principal.getName(), new Date()); // This simulates the SelectAccount page List<AccountUser> accountUsers = activateLocal.findUserAccounts(user); long accountId = Long.parseLong((String) request.getParameter("account")); AccountUser accountUser = null; // Select the most recent AccountUser and use that account for (AccountUser au : accountUsers) { if (accountId == au.getAccount().getId()) { accountUser = au; accountId = au.getAccount().getId(); break; } } if (accountUser == null) throw new ServletException("Account not valid for this user"); System.out.println("Account id " + Long.toString(accountId) + " accepted"); long accountUserId = new Long(accountUser.getId()); Set<PrivateKeyRing> privateCredentials = subject.getPrivateCredentials(PrivateKeyRing.class); if (privateCredentials.isEmpty()) throw new ServletException("No PrivateKeyRing"); PrivateKeyRing privateKeyRing = (PrivateKeyRing) privateCredentials.iterator().next(); privateKeyRing.setAccountPrivateKey(accountUser.getAccountPrivateKey()); request.getSession().setAttribute("accountUserId", accountUserId); response.sendRedirect("view.browse"); return; } } chain.doFilter(request, response); } catch (Exception e) { throw new ServletException("Error in BrowseSecurityFilter", e); // response.sendRedirect("login.browse"); } } public void init(FilterConfig config) throws ServletException { try { InitialContext ctx = new InitialContext(); activateLocal = (ActivationLocal) ctx.lookup("tolven/ActivationBean/local"); } catch (NamingException e) { throw new RuntimeException(e); } } public void destroy() { // TODO Auto-generated method stub } } --- NEW FILE: BrowseTransactionFilter.java --- package org.tolven.index; import java.io.IOException; import java.util.Date; import javax.naming.InitialContext; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.transaction.UserTransaction; /** * A stripped-down transaction filter for our sample application * @author John Churin */ public class BrowseTransactionFilter implements Filter { public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { UserTransaction ut = null; try { InitialContext ctx = new InitialContext(); ut = (UserTransaction) ctx.lookup("UserTransaction"); ut.begin(); // Establish a consistent "Now" time for the duration of the transaction request.setAttribute( "tolvenNow", new Date() ); chain.doFilter(request, response); } catch (Exception e) { throw new ServletException( "Exception thrown in BrowseTransactionFilter: ", e); } finally { try { ut.commit(); } catch (Exception e) { e.printStackTrace(); } } } public void init(FilterConfig config) throws ServletException { } public void destroy() { } } --- NEW FILE: BrowseBase.java --- package org.tolven.index; import java.io.IOException; import java.io.Writer; import java.security.Principal; import java.security.acl.Group; import javax.annotation.EJB; import javax.naming.InitialContext; import javax.naming.NamingException; import javax.security.auth.Subject; import javax.security.auth.login.LoginContext; import javax.security.jacc.PolicyContext; import javax.servlet.ServletConfig; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.tolven.app.CreatorLocal; import org.tolven.app.MenuLocal; import org.tolven.core.ActivationLocal; import org.tolven.core.entity.AccountUser; import org.tolven.doc.DocumentLocal; import org.tolven.doc.XMLProtectedLocal; /** * The base class for sample HTTP functions. We supply page header and footer functions here. * @author John Churin * */ public class BrowseBase extends HttpServlet{ private static final long serialVersionUID = 1L; // private ServletContext context = null; @EJB protected MenuLocal menuLocal; @EJB protected CreatorLocal creatorLocal; @EJB protected DocumentLocal documentLocal; @EJB protected XMLProtectedLocal xmlProtectedBean; @EJB protected ActivationLocal activationLocal; @Override public void init(ServletConfig config) throws ServletException { // context = config.getServletContext(); try { InitialContext ctx = new InitialContext(); menuLocal = (MenuLocal) ctx.lookup("tolven/MenuBean/local"); creatorLocal = (CreatorLocal) ctx.lookup("tolven/CreatorBean/local"); documentLocal = (DocumentLocal) ctx.lookup("tolven/DocumentBean/local"); xmlProtectedBean = (XMLProtectedLocal) ctx.lookup("tolven/XMLProtectedBean/local"); activationLocal = (ActivationLocal) ctx.lookup("tolven/ActivationBean/local"); } catch (NamingException e) { throw new RuntimeException(e); } super.init(config); } protected Writer openPage( HttpServletRequest request, HttpServletResponse response ) throws IOException { response.setContentType("text/html"); response.setHeader("Expires", "Sat, 6 May 1995 12:00:00 GMT"); // Set standard HTTP/1.1 no-cache headers. response.setHeader("Cache-Control", "no-store, no-cache, must-revalidate"); // Set IE extended HTTP/1.1 no-cache headers (use addHeader). response.addHeader("Cache-Control", "post-check=0, pre-check=0"); // Set standard HTTP/1.0 no-cache header. response.setHeader("Pragma", "no-cache"); Writer writer=response.getWriter(); writer.write( "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\" >"); writer.write( "<html>\n" ); writer.write( "<head>\n"); writer.write( "</head>\n"); writer.write( "<body>\n"); // If logged in, show a few things and allow the user to log out if (null!=request.getSession().getAttribute("accountUserId")) { Subject subject = null; try { subject = (Subject) PolicyContext.getContext("javax.security.auth.Subject.container"); if (subject == null) throw new IllegalStateException("No Subject found in PolicyContext"); } catch(Exception ex) { //TODO: This should be thrown ex.printStackTrace(); } //TODO: Assume one Principal at this time. Should the Principal be identified in the Subject or via ejbContext? Principal principal = null; Object obj = null; for (java.util.Iterator iter = subject.getPrincipals().iterator(); iter.hasNext();) { obj = iter.next(); if (obj instanceof Principal && !(obj instanceof Group)) { principal = (Principal) obj; break; } } if (principal == null) throw new IllegalStateException("No Principal found in Subject"); writer.write( "<p>"); writer.write( " Username: <em>" ); writer.write( principal.getName()); writer.write( "</em> Account: <em>"); String accountUserIdString = ""; obj = request.getSession().getAttribute("accountUserId"); if (obj == null) throw new RuntimeException("No accountUser found in session"); AccountUser accountUser = (AccountUser) activationLocal.findAccountUser((Long)obj); if (accountUser != null) accountUserIdString = String.valueOf(accountUser.getAccount().getId()); writer.write( accountUserIdString); writer.write( "</em><br/>"); writer.write( " <a href='logout.browse'>Logout</a>"); writer.write( " | <a href='view.browse'>Instance Data Viewer</a>"); writer.write( " | <a href='metadata.browse'>View All Metadata</a>"); writer.write( " | <a href='testGCS.browse'>Test GCS</a>"); writer.write( "</p>\n"); } return writer; } /** * Write preformatted text to the output surrounded by <pre></pre> and with special characters substituted. * @param str * @param writer * @throws IOException */ static void writePreformatted( String str, Writer writer) throws IOException { if (null==str) return; writer.write( "<pre>"); for ( int x = 0; x < str.length(); x++ ) { char c = str.charAt(x); switch ( c ) { case '<' : writer.write( "<");break; case '>' : writer.write( ">");break; case '&' : writer.write( "&");break; case '"' : writer.write( """);break; default : writer.write(c); } } writer.write( "</pre><br/>"); } void closePage( Writer writer ) throws IOException { writer.write( "</body>\n"); writer.write( "</html>\n"); writer.close(); } @Override protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { // TODO Auto-generated method stub super.doGet(request, response); } @Override public void destroy() { // TODO Auto-generated method stub super.destroy(); } } --- NEW FILE: Browse.java --- package org.tolven.index; import java.io.IOException; import java.io.Writer; import java.util.Date; import java.util.Enumeration; import java.util.HashMap; import java.util.LinkedList; import java.util.List; import java.util.Map; import javax.security.auth.login.LoginContext; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.xml.bind.JAXBException; import org.tolven.app.bean.MenuPath; import org.tolven.app.bean.MenuQueryControl; import org.tolven.app.entity.MSColumn; import org.tolven.app.entity.MenuData; import org.tolven.app.entity.MenuStructure; import org.tolven.core.entity.AccountUser; import org.tolven.doc.entity.DocBase; import org.tolven.doc.entity.DocXML; import org.tolven.trim.util.TRIMException; /** * <p>This servlet provides a moderately straightforward way to browse through all MenuData * for an account. * Only useful for development, primarily for testing and viewing metadata and as a way to understand how * the application works without the burden of AJAX, Faces, Facelets, context management, etc.</p> * <p>This module also handles its own login and logout in order to make those processes explicit. It is still uses * JAAS-based LDAP authentication but not the usual FormAuthenticator (j_security_check). * </p> * <p>Security warning: This servlet, and it's associated filters should be disabled for production.</p> * The MenuData output has several sections: * <ol> * <li>A list of all MenuStructure data applicable to the currently selected item. If nothing is selected, then those * MenuStructures applicable without context such as patient list.</li> * <li>The query elements of the current query, including defaults supplied in this module.</li> * <li>If the current item is a list, then the actual data in that list is displayed.</li> * <li>The current item, if any, is displayed in full.</li> * <li>If the current item refers to a document, then the document is decrypted and displayed.</li> * </ol> * <p>The main MenuData query itself can be found in the showMenuData method. Look for the call to findMenuData. Just * about all of the data shown in the real application comes from this type of query.</p> * * @author John Churin * */ public class Browse extends BrowseBase { private static final long serialVersionUID = 1L; @Override protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { try { String uri = request.getRequestURI(); // User asked for the login form (or security filter forced it) if( uri.endsWith("login.browse")) { Writer writer = openPage( request, response ); loginForm( writer ); closePage( writer ); return; } if (uri.endsWith("accounts.browse")) { Writer writer = openPage(request, response); this.accountsForm(writer); closePage(writer); return; } // See if we have an account user id. Can't go on without it. Object obj = request.getSession().getAttribute("accountUserId"); if (obj == null) throw new RuntimeException("No accountUser found in session"); AccountUser accountUser = (AccountUser) activationLocal.findAccountUser((Long)obj); if (null==accountUser) { response.sendRedirect("login.browse"); return; } if( uri.endsWith("testGCS.browse")) { // Map<String, String> context = new HashMap<String, String>( 2); // context.put("echr:patient", "echr:patient-658609"); // DocXML doc = creatorLocal.instantiate(11800, "echr:gcs", context); // creatorLocal.submit( doc, doc.getContent() ); return; } if( uri.endsWith("view.browse")) { // Prepare response back to client Writer writer = openPage( request, response ); // Get key parameters from the request String element = request.getParameter( "element"); showAvailableLists( accountUser, writer, element); // Display the requested memu data, if any if (element!=null) { // System.out.println( "Showing: " + element); MenuQueryControl ctrl = setupControl( request, accountUser ); if ("placeholder".equals(ctrl.getMenuStructure().getRole())) { // System.out.println( "Showing detail"); showMenuDataDetail( accountUser, writer, ctrl ); } if ("list".equals(ctrl.getMenuStructure().getRole())) { // System.out.println( "Showing lists"); showMenuDataList( accountUser, writer, ctrl); } } closePage(writer); return; } if( uri.endsWith("metadata.browse")) { // Prepare response back to client Writer writer = openPage( request, response ); showAllMenuStructure( accountUser, writer); closePage(writer); return; } if( uri.endsWith("logout.browse")) { request.getSession(false).invalidate(); // Prepare response back to client Writer writer = openPage( request, response ); writer.write( "<p>Logged out</p>\n"); writer.write( "<p><a href='accounts.browse?client=mobile'>Login</a></p>\n"); closePage(writer); } // This module is all about read-only so rollback in all cases // ut.rollback(); } catch (Exception e) { throw new ServletException( "[BrowseServlet] Exception", e ); } } /** * Construct a complete list of all menustructure items (for the current account). * @throws IOException */ void showAllMenuStructure( AccountUser au, Writer writer) throws IOException { // Output results in an HTML table writer.write( "<p><em>All MenuStructure (Metadata) "); writer.write( Long.toString(au.getAccount().getId()) ); writer.write( "</em></p>\n"); writer.write( "<table border=\"1\" cellspacing=\"0\" cellpadding=\"2\">\n"); writer.write( "<tr>" ); writer.write( "<th><em>Id</em></th>"); writer.write( "<th><em>Path</em></th>"); writer.write( "<th><em>Type</em></th>"); writer.write( "<th><em>Title</em></th>"); writer.write( "<th><em>Repeating</em></th>"); writer.write( "</tr>\n"); // Get all metadata (for this account) List<MenuStructure> menus = menuLocal.findFullMenuStructure( au.getAccount().getId()); for (MenuStructure ms : menus) { writer.write( "<tr>" ); writer.write( "<td>" + ms.getId() + "</td>"); writer.write( "<td>" + ms.getPath() + "</td>"); writer.write( "<td>" + ms.getRole() + "</td>"); writer.write( "<td>" + ms.getText() + "</td>"); writer.write( "<td>"); if (ms.getRepeating()!=null) writer.write(ms.getRepeating()); else writer.write(" "); writer.write( "</td>" ); writer.write( "</tr>\n"); } writer.write( "</table>\n"); } /** * Look for any lists that could be queried based on the element we have (or lack thereof). As we select * elements that have more or different embedded ids, this list changes. However, this list is not influenced * by instance data. For example, If the echr:patient:results:lab list is applicable because a patient has been selected, * it doesn't mean that there are necessarily any results in the list. * @param top * @param writer * @param id When non-zero, the id of the menudata item we can use to narrow the list of choices * @throws IOException */ void showAvailableLists( AccountUser au, Writer writer, String element ) throws IOException { // Output results in an HTML table writer.write( "<p><em>Available Lists from MenuStructure (Metadata) for element="); if (null==element) writer.write("[none]"); else writer.write( element ); writer.write( "</em></p>\n"); writer.write( "<table border=\"1\" cellspacing=\"0\" cellpadding=\"2\">\n"); writer.write( "<tr>" ); writer.write( "<th><em>Id</em></th>"); writer.write( "<th><em>Path</em></th>"); writer.write( "<th><em>Title</em></th>"); writer.write( "<th><em>Entity</em></th>"); writer.write( "</tr>\n"); MenuPath elementPath = new MenuPath( element ); // Get all metadata (for this account) List<MenuStructure> menus = menuLocal.findFullMenuStructure( au.getAccount().getId()); // System.out.println( "found menus for account: " + au.getAccount().getId()); for (MenuStructure ms : menus) { if ("list".equals(ms.getRole()) ) { String rslt = getPlaceholders( elementPath, ms ); // System.out.println( "found placeholders for: " + ms.getPath()); // We filter the list of lists to only those that could yield a result. if (rslt!=null ) { writer.write( "<tr>" ); writer.write( "<td>" + getMSRef(ms, elementPath ) + "</td>"); writer.write( "<td>" + ms.getPath() + "</td>"); writer.write( "<td>" + ms.getText() + "</td>"); writer.write( "<td>"); writer.write(rslt); writer.write( "</td>" ); writer.write( "</tr>\n"); } } } writer.write( "</table>\n"); } /** * Show Column Metatdata for one MenuStructure item * @throws IOException */ void showColumnMetadata( MenuStructure ms, Writer writer) throws IOException { writer.write( "<p><em>Column Metadata </em></p>\n"); writer.write( "<table border=\"1\" cellspacing=\"0\" cellpadding=\"2\">\n"); writer.write( "<tr>" ); writer.write( "<th><em>Id</em></th>"); writer.write( "<th><em>Heading</em></th>"); writer.write( "<th><em>Internal</em></th>"); writer.write( "<th><em>DisplayFunctionarguments</em></th>"); writer.write( "<th><em>Sequence</em></th>"); writer.write( "</tr>\n"); for (MSColumn col : ms.getColumns()) { writer.write( "<tr>\n"); writer.write( "<td>" + col.getId() + "</td>"); writer.write( "<td>" + col.getHeading() + "</td>"); writer.write( "<td>" + col.getInternal() + "</td>"); writer.write( "<td>" + col.getDisplayFunctionArguments() + "</td>"); writer.write( "<td>" + col.getSequence() + "</td>"); writer.write( "</tr>\n"); } writer.write( "</table>\n"); writer.write( "<p>Add filter criteria in the URL as &<em>Heading</em>Filter=<em>value</em></p>\n"); } /** * Collect several parameters and setup the MenuData Query. * @param request The HTTP request * @param top Provide access to the logged in context * @return */ MenuQueryControl setupControl( HttpServletRequest request, AccountUser au) { MenuQueryControl ctrl = new MenuQueryControl(); String element = request.getParameter( "element"); MenuPath path = new MenuPath( element ); // Based on the path we get in the element parameter, get the corresponding menuStructure (metadata) MenuStructure ms = menuLocal.findMenuStructure( au.getAccount().getId(), path.getPath() ); ctrl.setMenuStructure( ms ); ctrl.setNow( (Date) request.getAttribute("tolvenNow") ); if (request.getParameter( "offset")!=null) { ctrl.setOffset( Integer.parseInt( request.getParameter( "offset")) ); } else { ctrl.setOffset( 0 ); } if (request.getParameter( "page_size" )!=null) { ctrl.setLimit( Integer.parseInt( request.getParameter( "page_size" )) ); } else { ctrl.setLimit( 100 ); } ctrl.setOriginalTargetPath( path ); ctrl.setRequestedPath( path ); if (request.getParameter( "sort_dir")!=null) { ctrl.setSortDirection( request.getParameter( "sort_dir") ); } else { ctrl.setSortDirection( "asc"); } ctrl.setSortOrder( request.getParameter( "sort_col") ); // Any attribute name that ends with "Filter" (exactly) is taken as a filter parameter (but we don't store the 'filter suffix') Enumeration<String> params = request.getParameterNames(); while (params.hasMoreElements() ) { String param = params.nextElement(); if (param.endsWith("Filter")) { ctrl.getFilters().put(param.substring(0, param.length()-6), request.getParameter(param)); } } return ctrl; } /** * Display the contents of the list specified in the query criterie * @param top * @param writer * @param ctrl * @throws IOException */ void showMenuDataList( AccountUser au, Writer writer, MenuQueryControl ctrl ) throws IOException { List<MenuData> rows = menuLocal.findMenuData( ctrl ); showQueryInfo(writer, ctrl); // Output results in an HTML table writer.write( "<p><em>MenuData (instance data) for " + ctrl.getRequestedPath()+ "</em></p>\n"); writer.write( "<table border=\"1\" cellspacing=\"0\" cellpadding=\"2\">\n"); writer.write( "<tr>" ); writer.write( "<th><em>Id</em></th>"); writer.write( "<th><em>String01</em></th>"); writer.write( "<th><em>String02</em></th>"); writer.write( "<th><em>String03</em></th>"); writer.write( "<th><em>String04</em></th>"); writer.write( "<th><em>Date01</em></th>"); writer.write( "<th><em>Date02</em></th>"); writer.write( "<th><em>Date03</em></th>"); writer.write( "<th><em>Date04</em></th>"); writer.write( "</tr>\n"); for (MenuData md : rows) { writer.write( "<tr>" ); writer.write( "<td>" + getMDRef( md) + "</td>"); writer.write( "<td>" + md.getString01() + "</td>"); writer.write( "<td>" + md.getString02() + "</td>"); writer.write( "<td>" + md.getString03() + "</td>"); writer.write( "<td>" + md.getString04() + "</td>"); writer.write( "<td>" + md.getDate01() + "</td>"); writer.write( "<td>" + md.getDate02() + "</td>"); writer.write( "<td>" + md.getDate03() + "</td>"); writer.write( "<td>" + md.getDate04() + "</td>"); writer.write( "</tr>\n"); } writer.write( "</table>\n"); showColumnMetadata( ctrl.getMenuStructure(), writer); } /** * Show the document associated with this menu data item, if there is one * @param md * @param writer * @throws IOException */ void showDocument( MenuData md, Writer writer) throws IOException { long docId = md.getDocumentId(); if (0==docId) return; writer.write( "<p><em>Document referenced by this menuData item: " + docId + "</em></p>"); DocBase doc = documentLocal.findDocument(docId); writePreformatted( doc.getContentString(), writer ); } /** * Display the detail for a single menu data item * @param top * @param writer * @param ctrl * @throws IOException */ void showMenuDataDetail( AccountUser au, Writer writer, MenuQueryControl ctrl ) throws IOException { MenuData md = menuLocal.findMenuDataItem( ctrl ); showQueryInfo(writer, ctrl); // Output results in an HTML table writer.write( "<p><em>Menu data (detail) for " + ctrl.getRequestedPath()+ "</em></p>\n"); writer.write( "<table border=\"1\" cellspacing=\"0\" cellpadding=\"2\">\n"); writer.write( "<tr>" ); writer.write( "<th><em>FieldName</em></th>"); writer.write( "<th><em>Value</em></th>"); writer.write( "</tr>\n"); if (null!=md.getString01()) writer.write( "<tr><td>String01</td><td>" + md.getString01() + "</td></tr>\n"); if (null!=md.getString02()) writer.write( "<tr><td>String02</td><td>" + md.getString02() + "</td></tr>\n"); if (null!=md.getString03()) writer.write( "<tr><td>String03</td><td>" + md.getString03() + "</td></tr>\n"); if (null!=md.getString04()) writer.write( "<tr><td>String04</td><td>" + md.getString04() + "</td></tr>\n"); if (null!=md.getDate01()) writer.write( "<tr><td>Date01</td><td>" + md.getDate01() + "</td></tr>\n"); if (null!=md.getDate02()) writer.write( "<tr><td>Date02</td><td>" + md.getDate02() + "</td></tr>\n"); if (null!=md.getDate03()) writer.write( "<tr><td>Date03</td><td>" + md.getDate03() + "</td></tr>\n"); if (null!=md.getDate04()) writer.write( "<tr><td>Date04</td><td>" + md.getDate04() + "</td></tr>\n"); if (0!=md.getLong01()) writer.write( "<tr><td>Long01</td><td>" + md.getLong01() + "</td></tr>\n"); if (0!=md.getLong02()) writer.write( "<tr><td>Long02</td><td>" + md.getLong02() + "</td></tr>\n"); if (0!=md.getLong03()) writer.write( "<tr><td>Long03</td><td>" + md.getLong03() + "</td></tr>\n"); if (0!=md.getLong04()) writer.write( "<tr><td>Long04</td><td>" + md.getLong04() + "</td></tr>\n"); if (null!=md.getPqStringVal01()) writer.write( "<tr><td>PQ01</td><td>" + md.getPqStringVal01() + " " + md.getPqUnits01() + "</td></tr>\n"); if (null!=md.getPqStringVal02()) writer.write( "<tr><td>PQ02</td><td>" + md.getPqStringVal02() + " " + md.getPqUnits02() + "</td></tr>\n"); if (null!=md.getPqStringVal03()) writer.write( "<tr><td>PQ03</td><td>" + md.getPqStringVal03() + " " + md.getPqUnits03() + "</td></tr>\n"); if (null!=md.getPqStringVal04()) writer.write( "<tr><td>PQ04</td><td>" + md.getPqStringVal04() + " " + md.getPqUnits04() + "</td></tr>\n"); if (null!=md.getParentPath01()) writer.write( "<tr><td>Parent01</td><td>" + md.getParentPath01() + "</td></tr>\n"); if (null!=md.getParentPath02()) writer.write( "<tr><td>Parent02</td><td>" + md.getParentPath03() + "</td></tr>\n"); if (null!=md.getParentPath03()) writer.write( "<tr><td>Parent03</td><td>" + md.getParentPath03() + "</td></tr>\n"); if (null!=md.getParentPath04()) writer.write( "<tr><td>Parent04</td><td>" + md.getParentPath04() + "</td></tr>\n"); if (0!=md.getDocumentId()) writer.write( "<tr><td>DocumentId</td><td>" + md.getDocumentId() + "</td></tr>\n"); if (null!=md.getReference()) writer.write( "<tr><td>Reference</td><td>" + md.getReference().getPath() + "</td></tr>\n"); writer.write( "</table>\n"); showDocument( md, writer); } void showQueryInfo(Writer writer, MenuQueryControl ctrl ) throws IOException { writer.write( "<p><em>Query Criteria</em></p>" ); writer.write( "<table border=\"1\" cellspacing=\"0\" cellpadding=\"2\">\n"); writer.write( "<tr>" ); writer.write( "<th><em>Account</em></th>"); writer.write( "<th><em>Path</em></th>"); writer.write( "<th><em>element</em></th>"); writer.write( "<th><em>offset</em></th>"); writer.write( "<th><em>page_size</em></th>"); writer.write( "</tr>\n"); writer.write( "<tr>" ); writer.write( "<td>" + ctrl.getMenuStructure().getAccount().getId() + "</td>"); writer.write( "<td>" + ctrl.getMenuStructure().getPath() + "</td>"); writer.write( "<td>" + ctrl.requestedPath.getPathString() + "</td>"); writer.write( "<td>" + ctrl.getOffset() + "</td>"); writer.write( "<td>" + ctrl.getLimit() + "</td>"); writer.write( "</tr>\n"); writer.write( "</table>\n"); } /** * Create a URL to the menu data for this MenuStructure item. In other words, a drilldown. * @param md * @return */ String getMSRef( MenuStructure ms, MenuPath element) { StringBuffer sb = new StringBuffer(); // Must be a list if (!"list".equals(ms.getRole())) return Long.toString(ms.getId()); // Attempt to construct a path MenuPath path = new MenuPath( ms.getPath(), element ); sb.append("<a href='"); sb.append("?element=" ); sb.append(path.getPathString()); sb.append( "'>"); sb.append(ms.getId()); sb.append("</a>"); return sb.toString(); } /** * Selecting a menu data item sends that item back so that we can display other lists * available from that item. * @param md * @return */ String getMDRef( MenuData md) { StringBuffer sb = new StringBuffer(); MenuData reference = md.getReference(); if (null==reference) return Long.toString(md.getId()); // Let the user drill down on this item sb.append("<a href='"); sb.append("?element=" ); sb.append(reference.getPath()); sb.append( "'>"); sb.append(md.getId()); sb.append("</a>"); return sb.toString(); } /** * Find out where this item is in the hierarchy of entities (placeholders) * @param ms * @return A string such as echr:patient-1234 */ String getPlaceholders( MenuPath element, MenuStructure ms ) { LinkedList<MenuStructure> placeholders = new LinkedList<MenuStructure>(); // Metadata tells us the kind of repeating data in this list String placeholderPath = ms.getRepeating(); if (placeholderPath==null) { // System.out.println( "list " + ms.getPath()+ " has no repeating placeholder " ); return null; } // System.out.println( "Element: " + element.getPathString() ); MenuStructure msPlaceholder = menuLocal.findMenuStructure( ms.getAccount().getId(), placeholderPath); // System.out.println( "Placeholder: " + msPlaceholder.getPath() ); MenuPath path = new MenuPath( msPlaceholder.getPath(), element ); // System.out.println( "Path: " + path ); // Get a preordered list of placeholders while ( null!=msPlaceholder ) { placeholders.addFirst(msPlaceholder); msPlaceholder = msPlaceholder.getParent(); } int missing = 0; Map<String, Long> nodeValues = path.getNodeValues(); // Figure out how many of the placeholder nodes would be satisfied by the current element MenuPath for (MenuStructure msp : placeholders) { if ("placeholder".equals(msp.getRole()) && nodeValues.get(msp.getNode()) == 0) { missing++; } } // System.out.println( "Missing node value count: " + missing ); if (missing > 1) return null; if (missing == 1) return path.getPathString(); return placeholderPath; } /** * For a given list, display the placeholders (entities) involved in that list * @param top * @param writer * @param msList * @throws IOException */ void showPlaceholders( List<MenuStructure> msList, Writer writer ) throws IOException { boolean firstTime = true; for ( MenuStructure ms : msList ) { if (firstTime) firstTime = false; else writer.write( ", "); writer.write( ms.getNode()); } } /** * A simple login form needed to collect username, password, and account * @param writer * @throws IOException */ void loginForm( Writer writer ) throws IOException { writer.write( "<form method=\"post\" action=\"j_security_check\" >" ); writer.write( "User Id<br/>"); writer.write( "<input type=\"text\" name=\"j_username\" size=\"30\" />"); writer.write( "<br/>"); writer.write( "Password<br/><input name=\"j_password\" type=\"password\" value=\"\" size=\"20\" />"); writer.write( " Don't count on this sample app being secure<br/>"); writer.write( "<input type=\"submit\" name=\"Submit\" value=\"Login\" /><br/>"); writer.write( "</form>"); } /** * A simple login form needed to collect username, password, and account * @param writer * @throws IOException */ void accountsForm( Writer writer ) throws IOException { writer.write( "<form method=\"post\" action=\"view.browse\" >" ); writer.write( "Account<br/><input name=\"account\" type=\"text\" value=\"\" size=\"8\" />"); writer.write( "<input type=\"submit\" name=\"Submit\" value=\"Login\" /><br/>"); writer.write( "</form>"); } /** * A simple form needed to collect a new problem * @param writer * @throws IOException */ void problemForm( Writer writer ) throws IOException { writer.write( "<form method=\"post\" action=\"addproblem.browse\" >" ); writer.write( "PatientId<br/>"); writer.write( "<input type=\"text\" name=\"patientId\" size=\"10\" />"); writer.write( "<br/>"); writer.write( "<input type=\"text\" name=\"problem\" size=\"20\" />"); writer.write( "<br/>"); writer.write( "<input type=\"submit\" name=\"Submit\" value=\"Submit\" /><br/>"); writer.write( "</form>"); } } |
|
From: John C. <jc...@us...> - 2007-02-24 21:58:07
|
Update of /cvsroot/tolven/tolvenBrowse/src/org/tolven/web/security In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv16158/src/org/tolven/web/security Added Files: SecurityFilter.java VestibuleSecurityFilter.java GeneralSecurityFilter.java Log Message: moved from main app --- NEW FILE: VestibuleSecurityFilter.java --- /* * Copyright (C) 2006 Tolven Inc * * This library is free software; you can redistribute it and/or modify it under the terms of * the GNU Lesser General Public License as published by the Free Software Foundation; either * version 2.1 of the License, or (at your option) any later version. * * This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; * without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * See the GNU Lesser General Public License for more details. * * Contact: in...@to... */ package org.tolven.web.security; import java.io.IOException; import java.security.GeneralSecurityException; import java.security.Principal; import java.security.acl.Group; import java.util.Date; import java.util.Set; import javax.naming.InitialContext; import javax.naming.NamingException; import javax.security.auth.Subject; import javax.security.jacc.PolicyContext; import javax.security.jacc.PolicyContextException; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import javax.xml.bind.JAXBException; import org.tolven.core.AccountDAOLocal; import org.tolven.core.ActivationLocal; import org.tolven.core.InvitationLocal; import org.tolven.core.bean.InvitationException; import org.tolven.core.entity.AccountUser; import org.tolven.core.entity.Status; import org.tolven.core.entity.TolvenUser; import org.tolven.security.LoginLocal; import org.tolven.security.key.PrivateKeyRing; import org.tolven.security.key.UserPrivateKey; import org.tolven.security.key.UserPublicKey; /** * The original post-login code, which was located in the class TopAction (author John Churin), has been copied to this * location in order to use filters to provide greater flexibility in controlling access to accounts after login * * @author Joseph Isaac */ public class VestibuleSecurityFilter extends SecurityFilter implements Filter { private static String INVITATION_ID = "invitationId"; private static String TOLVEN_NOW = "tolvenNow"; public static String ACCOUNT_ID = "accountId"; public static String ACCOUNTUSER_ID = "accountUserId"; public static String TOLVENUSER_ID = "TolvenUserId"; public static String VESTIBULE_PASS = "vestibulePass"; private ActivationLocal activation; private LoginLocal loginBean; private InvitationLocal invitationBean; private AccountDAOLocal accountBean; public void init(FilterConfig config) throws ServletException { try { InitialContext ctx = new InitialContext(); activation = (ActivationLocal) ctx.lookup("tolven/ActivationBean/local"); loginBean = (LoginLocal) ctx.lookup("tolven/LoginBean/local"); invitationBean = (InvitationLocal) ctx.lookup("tolven/InvitationBean/local"); accountBean = (AccountDAOLocal) ctx.lookup("tolven/AccountDAOBean/local"); //TODO: This needs to be done once per deployment and thus may need to be moved } catch (NamingException e) { throw new ServletException(e); } } public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain chain) throws IOException, ServletException { try { HttpServletRequest request = (HttpServletRequest) servletRequest; HttpServletResponse response = (HttpServletResponse) servletResponse; //System.out.println(getClass() + " :REQUEST=" + request.getRequestURL()); if (!request.isRequestedSessionIdValid()) { logout("INVALID SESSION", request, response); return; } Subject subject = (Subject) PolicyContext.getContext("javax.security.auth.Subject.container"); if (subject == null) { logout("NO SUBJECT", request, response); return; } Principal principal = null; Object obj = null; for (java.util.Iterator iter = subject.getPrincipals().iterator(); iter.hasNext();) { obj = iter.next(); if (obj instanceof Principal && !(obj instanceof Group)) { principal = (Principal) obj; break; } } if (principal == null) { logout("NO PRINCIPAL", request, response); return; } String principalName = principal.getName(); Set<PrivateKeyRing> privateCredentials = subject.getPrivateCredentials(PrivateKeyRing.class); if (privateCredentials.isEmpty()) { logout("NO PRIVATE KEY RING", request, response); return; } PrivateKeyRing privateKeyRing = (PrivateKeyRing) privateCredentials.iterator().next(); // PHASE ONE: User Authentication HttpSession session = request.getSession(); TolvenUser user = null; obj = session.getAttribute(TOLVENUSER_ID); boolean justLoggedIn = obj == null; if (justLoggedIn) { user = activation.loginUser(principalName, (Date) request.getAttribute(TOLVEN_NOW)); // top.setUser(user); session.setAttribute(VESTIBULE_PASS, "true"); } else { user = activation.findTolvenUser(((Long) obj).longValue()); } if ((user == null || Status.NEW_LOGIN.value().equalsIgnoreCase(user.getStatus())) && request.getParameter(INVITATION_ID) != null) { // Since we have no user yet, we'll try executing an activation invitation (if it works) long invitationId = Long.parseLong(request.getParameter(INVITATION_ID)); Date now = (Date) request.getAttribute(TOLVEN_NOW); if (!loginBean.activate(principalName, invitationId, now)) { logout("COULD NOT ACTIVATE INVITATION", request, response); return; } // try TolvenUser again user = activation.loginUser(principalName, now); if (user == null) { logout("COULD NOT COMPLETE ACTIVATION", request, response); return; } else { // top.setUser(user); } invitationBean.executeInvitation(invitationId, now); } if (user == null) { logout("USER IS NULL", request, response); return; } session.setAttribute(TOLVENUSER_ID, user.getId()); if (!user.hasUserPrivateKey()) { addKeysToUser(user, subject); } //If the user has a pass, they don't need to supply a password again if ("true".equals(session.getAttribute(VESTIBULE_PASS)) || request.getRequestURL().indexOf("password.jsf") != -1) { // Let the user have the request } else { ((HttpServletResponse) servletResponse).sendRedirect("password.jsf"); return; } // PHASE TWO: Account Authentication String accountUserIdString = request.getParameter(ACCOUNTUSER_ID); if (accountUserIdString != null && accountUserIdString.trim().length() > 0) { // User has selected an account home page, identify the page and let them through AccountUser accountUser = activation.findAccountUser(Long.parseLong(accountUserIdString.trim())); if (accountUser == null) { logout("ACCOUNTUSER IS NULL", request, response); return; } // SAFETY CHECK HERE - Don't trust the accountUserId alone, it must match user. if (accountUser.getUser().getId() != user.getId()) { logout("ACCOUNTUSER DOES NOT BELONG TO USER", request, response); return; } // Give TolvenUser the AccountPrivateKey for the selected account if (accountUser.getAccountPrivateKey() == null) { //For backward compatibility with accounts which didn't originally have keys, we add them here accountBean.setupAccountKeys(accountUser.getAccount(), accountUser, null, user); } privateKeyRing.setAccountPrivateKey(accountUser.getAccountPrivateKey()); session.removeAttribute(VESTIBULE_PASS); session.setAttribute(ACCOUNT_ID, accountUser.getAccount().getId()); session.setAttribute(ACCOUNTUSER_ID, accountUser.getId()); ((HttpServletResponse) servletResponse).sendRedirect("../private/" + accountUser.getAccount().getAccountType().getHomePage()); return; } // If user has not been sent on there way by here, remove all account related information...they are in the vestibule privateKeyRing.setAccountPrivateKey(null); // top.setAccountUser(null); session.removeAttribute(ACCOUNT_ID); session.removeAttribute(ACCOUNTUSER_ID); } catch (PolicyContextException ex) { ex.printStackTrace(); throw new ServletException(ex); } catch (NamingException ex) { ex.printStackTrace(); throw new ServletException(ex); } catch (InvitationException ex) { ex.printStackTrace(); throw new ServletException(ex); } catch (JAXBException ex) { ex.printStackTrace(); throw new ServletException(ex); } catch (GeneralSecurityException ex) { ex.printStackTrace(); throw new ServletException(ex); } chain.doFilter(servletRequest, servletResponse); } /** * Add Keys from the Subject to what should be a new TolvenUser who is logging in * @throws PolicyContextException * @throws GeneralSecurityException */ private void addKeysToUser(TolvenUser aTolvenUser, Subject subject) throws GeneralSecurityException { Set<PrivateKeyRing> privateCredentials = subject.getPrivateCredentials(PrivateKeyRing.class); if (privateCredentials.isEmpty()) throw new GeneralSecurityException(getClass() + " :No PrivateKeyRing found for " + aTolvenUser.getLdapUID()); UserPrivateKey userPrivateKey = privateCredentials.iterator().next().getUserPrivateKey(); if (userPrivateKey == null) throw new GeneralSecurityException(getClass() + " :No UserPrivateKey found for " + aTolvenUser.getLdapUID()); Set<UserPublicKey> publicCredentials = subject.getPublicCredentials(UserPublicKey.class); if (publicCredentials.isEmpty()) throw new GeneralSecurityException(getClass() + " :No UserPublicKey found for " + aTolvenUser.getLdapUID()); if (!aTolvenUser.hasUserPrivateKey()) { aTolvenUser.setUserPrivateKey(userPrivateKey); aTolvenUser.setUserPublicKey(publicCredentials.iterator().next()); } } public void destroy() { } } --- NEW FILE: GeneralSecurityFilter.java --- /* * Copyright (C) 2006 Tolven Inc * * This library is free software; you can redistribute it and/or modify it under the terms of * the GNU Lesser General Public License as published by the Free Software Foundation; either * version 2.1 of the License, or (at your option) any later version. * * This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; * without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * See the GNU Lesser General Public License for more details. * * Contact: in...@to... */ package org.tolven.web.security; import java.io.IOException; import java.security.Principal; import java.security.acl.Group; import java.util.Set; import javax.naming.InitialContext; import javax.naming.NamingException; import javax.security.auth.Subject; import javax.security.jacc.PolicyContext; import javax.security.jacc.PolicyContextException; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import org.tolven.core.ActivationLocal; import org.tolven.core.entity.AccountUser; import org.tolven.security.key.PrivateKeyRing; /** * This class guards the /private area, checking that users are logged into both Tolven and restricted to an Account * * @author Joseph Isaac */ public class GeneralSecurityFilter extends SecurityFilter implements Filter { private ActivationLocal activation; public void init(FilterConfig config) throws ServletException { try { InitialContext ctx = new InitialContext(); activation = (ActivationLocal) ctx.lookup("tolven/ActivationBean/local"); } catch (NamingException e) { throw new ServletException(e); } } public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain chain) throws IOException, ServletException { HttpServletRequest request = (HttpServletRequest) servletRequest; HttpServletResponse response = (HttpServletResponse) servletResponse; try { //System.out.println(getClass() + " :REQUEST=" + request.getRequestURL()); if (!request.isRequestedSessionIdValid()) { logout("INVALID SESSION", request, response); return; } Subject subject = (Subject) PolicyContext.getContext("javax.security.auth.Subject.container"); if (subject == null) { logout("NO SUBJECT", request, response); return; } Principal principal = null; Object obj = null; for (java.util.Iterator iter = subject.getPrincipals().iterator(); iter.hasNext();) { obj = iter.next(); if (obj instanceof Principal && !(obj instanceof Group)) { principal = (Principal) obj; break; } } if (principal == null) { logout("NO PRINCIPAL", request, response); return; } Set<PrivateKeyRing> privateCredentials = subject.getPrivateCredentials(PrivateKeyRing.class); if (privateCredentials.isEmpty()) { logout("NO PRIVATE KEY RING", request, response); return; } PrivateKeyRing privateKeyRing = (PrivateKeyRing) privateCredentials.iterator().next(); if (privateKeyRing.getAccountPrivateKey() == null) { response.sendRedirect("../vestibule/selectAccount.jsf?" + request.getQueryString()); return; } if (request.getRequestURL().indexOf("dispatch.jsf") != -1) { HttpSession session = request.getSession(); Object accountUserIdObj = session.getAttribute(VestibuleSecurityFilter.ACCOUNTUSER_ID); if (accountUserIdObj == null) { response.sendRedirect("../vestibule/selectAccount.jsf"); return; } AccountUser accountUser = activation.findAccountUser(((Long) accountUserIdObj).longValue()); if (accountUser == null) { response.sendRedirect("../vestibule/selectAccount.jsf"); return; } // Make absolutely certain the user owns this account if(!principal.getName().equals(accountUser.getUser().getLdapUID())) { logout(principal.getName() + " DOES NOT MATCH ACCOUNTUSER", request, response); } ((HttpServletResponse) servletResponse).sendRedirect("../private/" + accountUser.getAccount().getAccountType().getHomePage()); return; } HttpSession session = request.getSession(); // If we don't have an accountUserId, we have no business being here Long accountUserId = (Long) session.getAttribute(VestibuleSecurityFilter.ACCOUNTUSER_ID); // Set accountUser in request for the duration of this request request.setAttribute("accountUser", activation.findAccountUser( accountUserId )); chain.doFilter(servletRequest, servletResponse); } catch (PolicyContextException ex) { ex.printStackTrace(); throw new ServletException(ex); } } public void destroy() { } } --- NEW FILE: SecurityFilter.java --- /* * Copyright (C) 2006 Tolven Inc * * This library is free software; you can redistribute it and/or modify it under the terms of * the GNU Lesser General Public License as published by the Free Software Foundation; either * version 2.1 of the License, or (at your option) any later version. * * This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; * without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * See the GNU Lesser General Public License for more details. * * Contact: in...@to... */ package org.tolven.web.security; import java.io.IOException; import javax.servlet.Filter; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; /** * An abstract class to handle common security filtering operations * * @author Joseph Isaac */ public abstract class SecurityFilter implements Filter { protected static String TOP = "top"; public void logout(String reason, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException { System.out.println(getClass() + ":INVALIDATE SESSION: " + reason + " : LOGOUT"); request.getSession().invalidate(); response.sendRedirect("../vestibule/loggedOut.jsf"); } } |
|
From: John C. <jc...@us...> - 2007-02-24 21:58:07
|
Update of /cvsroot/tolven/tolvenBrowse/src/org/tolven/web/security/auth In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv16158/src/org/tolven/web/security/auth Added Files: KeyLdapCallbackHandler.java Log Message: moved from main app --- NEW FILE: KeyLdapCallbackHandler.java --- package org.tolven.web.security.auth; import java.io.IOException; import javax.security.auth.callback.Callback; import javax.security.auth.callback.CallbackHandler; import javax.security.auth.callback.NameCallback; import javax.security.auth.callback.PasswordCallback; import javax.security.auth.callback.UnsupportedCallbackException; /** * This class, in conjuction with the tolvenLDAP security domain to provides a way to verify a user's identity. * * @author Joseph Isaac * */ public class KeyLdapCallbackHandler implements CallbackHandler { private String username; private char[] password; public KeyLdapCallbackHandler(String username, char[] password) { this.username = username; this.password = password; } public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { for (int i = 0; i < callbacks.length; i++) { if (callbacks[i] instanceof NameCallback) { NameCallback nc = (NameCallback) callbacks[i]; nc.setName(username); } else if (callbacks[i] instanceof PasswordCallback) { PasswordCallback pc = (PasswordCallback) callbacks[i]; pc.setPassword(password); } else { throw new UnsupportedCallbackException(callbacks[i], "Unsupported Callback"); } } } } |
|
From: John C. <jc...@us...> - 2007-02-24 21:58:00
|
Update of /cvsroot/tolven/tolvenBrowse/src/org In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv16058/src/org Log Message: Directory /cvsroot/tolven/tolvenBrowse/src/org added to the repository |
|
From: John C. <jc...@us...> - 2007-02-24 21:58:00
|
Update of /cvsroot/tolven/tolvenBrowse/src/org/tolven In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv16058/src/org/tolven Log Message: Directory /cvsroot/tolven/tolvenBrowse/src/org/tolven added to the repository |
|
From: John C. <jc...@us...> - 2007-02-24 21:58:00
|
Update of /cvsroot/tolven/tolvenBrowse/src/org/tolven/web/security In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv16058/src/org/tolven/web/security Log Message: Directory /cvsroot/tolven/tolvenBrowse/src/org/tolven/web/security added to the repository |
|
From: John C. <jc...@us...> - 2007-02-24 21:58:00
|
Update of /cvsroot/tolven/tolvenBrowse/src/org/tolven/web/security/auth In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv16058/src/org/tolven/web/security/auth Log Message: Directory /cvsroot/tolven/tolvenBrowse/src/org/tolven/web/security/auth added to the repository |
|
From: John C. <jc...@us...> - 2007-02-24 21:58:00
|
Update of /cvsroot/tolven/tolvenBrowse/src/org/tolven/web In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv16058/src/org/tolven/web Log Message: Directory /cvsroot/tolven/tolvenBrowse/src/org/tolven/web added to the repository |
|
From: John C. <jc...@us...> - 2007-02-24 21:58:00
|
Update of /cvsroot/tolven/tolvenBrowse/src/org/tolven/index In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv16058/src/org/tolven/index Log Message: Directory /cvsroot/tolven/tolvenBrowse/src/org/tolven/index added to the repository |
|
From: John C. <jc...@us...> - 2007-02-24 21:58:00
|
Update of /cvsroot/tolven/tolvenBrowse/src In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv16058/src Log Message: Directory /cvsroot/tolven/tolvenBrowse/src added to the repository |
|
From: John C. <jc...@us...> - 2007-02-24 21:55:52
|
Update of /cvsroot/tolven/tolvenBrowse In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv15097/tolvenBrowse Log Message: Directory /cvsroot/tolven/tolvenBrowse added to the repository |
|
From: John C. <jc...@us...> - 2007-02-24 21:30:50
|
Update of /cvsroot/tolven/tolvenWEB/src/org/tolven/index In directory sc8-pr-cvs10.sourceforge.net:/tmp/cvs-serv2962/src/org/tolven/index Removed Files: BrowseSecurityFilter.java Browse.java BrowseBase.java BrowseTransactionFilter.java Log Message: move browse to browse project --- BrowseSecurityFilter.java DELETED --- --- BrowseTransactionFilter.java DELETED --- --- BrowseBase.java DELETED --- --- Browse.java DELETED --- |
3 messages has been excluded from this view by a project administrator.
