📄 launchreverseproxyaction.java
字号:
/*
* SSL-Explorer
*
* Copyright (C) 2003-2006 3SP LTD. All Rights Reserved
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2 of
* the License, or (at your option) any later version.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public
* License along with this program; if not, write to the Free Software
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
package com.sslexplorer.reverseproxy.actions;
import java.net.URL;
import java.net.URLEncoder;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.StringTokenizer;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;
import com.sslexplorer.boot.HostService;
import com.sslexplorer.boot.Util;
import com.sslexplorer.core.CoreAttributeConstants;
import com.sslexplorer.core.CoreEvent;
import com.sslexplorer.core.CoreEventConstants;
import com.sslexplorer.core.CoreServlet;
import com.sslexplorer.core.actions.AuthenticatedAction;
import com.sslexplorer.policyframework.Policy;
import com.sslexplorer.policyframework.ResourceAccessEvent;
import com.sslexplorer.policyframework.ResourceUtil;
import com.sslexplorer.security.Constants;
import com.sslexplorer.security.SessionInfo;
import com.sslexplorer.util.TicketGenerator;
import com.sslexplorer.webforwards.ReverseProxyWebForward;
import com.sslexplorer.webforwards.WebForwardTypeItem;
import com.sslexplorer.webforwards.WebForwardTypes;
/**
* Implementation of {@link com.sslexplorer.core.actions.AuthenticatedAction}
* that launches a <i>Reverse Proxy Web Forward</i>.
* <p>
*
*
* @author Brett Smith <a href="mailto: brett@3sp.com"><brett@3sp.com></a>
* @version $Revision: 1.23 $
*/
public class LaunchReverseProxyAction extends AuthenticatedAction {
/**
* Constructor.
*
*/
public LaunchReverseProxyAction() {
}
/*
* (non-Javadoc)
*
* @see com.sslexplorer.core.actions.AuthenticatedAction#isIgnoreSessionLock()
*/
protected boolean isIgnoreSessionLock() {
return true;
}
public ActionForward onExecute(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response)
throws Exception {
// Get the web forward
String id = request.getParameter("id");
if (id.equals("")) {
throw new Exception("No web forward ID supplied.");
}
ReverseProxyWebForward wf = (ReverseProxyWebForward) CoreServlet.getServlet().getSystemDatabase().getWebForward(
Integer.parseInt(id));
if (wf.getActiveDNS() && !isValidForActiveDNS(request.getServerName()))
throw new Exception("Invalid host '" + request.getServerName() + "'; only FQDNs are valid for Active DNS forwarding");
// Check permission
SessionInfo session = CoreServlet.getServlet().getLogonController().getSessionInfo(request);
ResourceUtil.checkResourceAccessRights(wf, session);
/*
* Place the web forward in the session. This should be picked up by the
* reverse proxy handler and used to validate that the user is allowed
* to use the web forward.
*/
HashMap usersWebForwards = (HashMap) request.getSession().getAttribute(Constants.WEB_FORWARDS);
if (usersWebForwards == null) {
usersWebForwards = new HashMap();
request.getSession().setAttribute(Constants.WEB_FORWARDS, usersWebForwards);
}
usersWebForwards.put(String.valueOf(wf.getResourceId()), wf);
// Get the URL to redirect to
String path;
if (wf.getActiveDNS()) {
HashMap activeDNSForwards = (HashMap) request.getSession().getAttribute(Constants.ACTIVEDNS_FORWARDS);
if (activeDNSForwards == null) {
activeDNSForwards = new HashMap();
request.getSession().setAttribute(Constants.ACTIVEDNS_FORWARDS, activeDNSForwards);
}
String hostField = request.getHeader("Host");
HostService hostService = hostField == null ? null : new HostService(hostField);
URL u = new URL(wf.getDestinationURL());
String uniqueId = null;
if (activeDNSForwards.containsValue(String.valueOf(wf.getResourceId()))) {
for (Iterator it = activeDNSForwards.entrySet().iterator(); it.hasNext();) {
Map.Entry e = (Map.Entry) it.next();
if (e.getValue().equals(String.valueOf(wf.getResourceId()))) {
uniqueId = (String) e.getKey();
break;
}
}
} else {
// Rich and Lee though activeproxy sounded better!
uniqueId = TicketGenerator.getInstance().generateUniqueTicket("activeproxy", 20);
activeDNSForwards.put(uniqueId, String.valueOf(wf.getResourceId()));
}
URL adu = new URL("https", uniqueId + "." + hostService.getHost(), hostService.getPort() == 0 ? -1 : hostService
.getPort(), u.getFile());
usersWebForwards.put(String.valueOf(wf.getResourceId()), wf);
path = adu.toExternalForm();
if (!wf.getFormType().equals(WebForwardTypes.FORM_SUBMIT_NONE)) {
if (adu.getQuery() == null || adu.getQuery().equals("")) {
path += "?launched=true=";
} else {
path += "&launched=true";
}
}
} else if (wf.getHostHeader() != null && !wf.getHostHeader().equals("")) {
String hostField = request.getHeader("Host");
HostService hostService = hostField == null ? null : new HostService(hostField);
URL u = new URL(wf.getDestinationURL());
URL adu = new URL("https", wf.getHostHeader(), hostService.getPort() == 0 ? -1 : hostService.getPort(), u.getFile());
usersWebForwards.put(String.valueOf(wf.getResourceId()), wf);
path = adu.toExternalForm();
if (adu.getQuery() == null || adu.getQuery().equals("")) {
path += "?reverseProxyTicket=" + this.getSessionInfo().getLogonTicket();
} else {
path += "&reverseProxyTicket=" + this.getSessionInfo().getLogonTicket();
}
if (!wf.getFormType().equals(WebForwardTypes.FORM_SUBMIT_NONE)) {
path += "&launched=true";
}
/**
* Why do we need to use a JSP redirect? Because the new host will
* be created in a new session and we need the JSESSIONID which is
* only set once the first response has been returned to the
* browser. This redirect allows the browser to load a page on the
* new host and set the session cookie before an automatic redirect
* takes the user to the correct reverse proxy page.
*/
URL adu2 = new URL("https", hostService.getHost(), hostService.getPort() == 0 ? -1 : hostService.getPort(),
"/reverseProxyRedirect.jsp?redirectURL=" + Util.urlEncode(path));
return new ActionForward(adu2.toExternalForm(), true);
} else {
usersWebForwards.put(String.valueOf(wf.getResourceId()), wf);
URL u = new URL(wf.getDestinationURL());
path = u.getPath()
+ (u.getQuery() == null ? (!wf.getFormType().equals(WebForwardTypes.FORM_SUBMIT_NONE) ? "?launched=true"
: "")
: ("?" + u.getQuery() + (!wf.getFormType().equals(WebForwardTypes.FORM_SUBMIT_NONE) ? "&launched=true"
: "")));
}
return new ActionForward(path, true);
} /*
* (non-Javadoc)
*
* @see com.sslexplorer.core.actions.CoreAction#getNavigationContext(org.apache.struts.action.ActionMapping,
* org.apache.struts.action.ActionForm,
* javax.servlet.http.HttpServletRequest,
* javax.servlet.http.HttpServletResponse)
*/
public int getNavigationContext(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) {
return SessionInfo.MANAGEMENT_CONSOLE_CONTEXT | SessionInfo.USER_CONSOLE_CONTEXT;
}
private boolean isValidForActiveDNS(String host) {
StringTokenizer tokens = new StringTokenizer(host, ".");
if (tokens.countTokens() == 1)
return false;
boolean numerical = true;
while (tokens.hasMoreTokens()) {
String token = tokens.nextToken();
try {
int val = Integer.parseInt(token);
if (val > 255) {
numerical = false;
break;
}
} catch (NumberFormatException ex) {
numerical = false;
break;
}
}
return !numerical;
}
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -