Subversion Repositories bacoAlunos

Compare Revisions

Ignore whitespace Rev 2060 → Rev 2061

/es2018/17210/conf/contexto.xml
New file
0,0 → 1,11
 
<Context path="/project" docBase="/workspace/bacoAlunos/es2018/jmachado/build/ant/war"
debug="0">
<!-- Link to the user database we will get roles from -->
<ResourceLink name="users" global="UserDatabase"
type="org.apache.catalina.UserDatabase"/>
 
<Logger className="org.apache.catalina.logger.FileLogger"
prefix="estgweb_log." suffix=".txt"
timestamp="true"/>
</Context>
/es2018/17210/conf/plugins.properties
New file
0,0 → 1,0
pt.estgp.es.exemplos.hibernate.web.pluginSession.RegisterSession=@pt.estgp.es.exemplos.hibernate.web.pluginSession.RegisterSession@
/es2018/17210/lib/json/genson-1.4.jar
Cannot display: file marked as a binary type.
svn:mime-type = application/octet-stream
Property changes:
Added: svn:mime-type
+ application/octet-stream
/es2018/17210/lib/json/org.json-20120521.jar
Cannot display: file marked as a binary type.
svn:mime-type = application/octet-stream
Property changes:
Added: svn:mime-type
+ application/octet-stream
/es2018/17210/lib/junit/hamcrest-core-2.1-rc3.zip
Cannot display: file marked as a binary type.
svn:mime-type = application/octet-stream
Property changes:
Added: svn:mime-type
+ application/octet-stream
/es2018/17210/lib/junit/junit-4.13-beta-1.jar
Cannot display: file marked as a binary type.
svn:mime-type = application/octet-stream
Property changes:
Added: svn:mime-type
+ application/octet-stream
/es2018/17210/src/java/pt/estgp/es/Teste.java
New file
0,0 → 1,10
package pt.estgp.es;
 
 
public class Teste {
 
public String hello()
{
return "Hello Student";
}
}
/es2018/17210/src/java/pt/estgp/es/exemplos/hibernate/services/ServicoSessoes.java
New file
0,0 → 1,44
package pt.estgp.es.exemplos.hibernate.services;
 
import pt.estgp.es.exemplos.hibernate.HibernateUtils;
import pt.estgp.es.exemplos.hibernate.User;
import pt.estgp.es.exemplos.hibernate.UserSession;
import pt.estgp.es.exemplos.hibernate.UserSessionImpl;
import pt.estgp.es.exemplos.hibernate.security.SecurityContextProvider;
import pt.estgp.es.exemplos.hibernate.security.logic.Transaction;
 
import javax.servlet.http.HttpServletRequest;
 
public class ServicoSessoes {
 
/**
* Regista-se o contexto de segurança no monitor e cria-se uma sessão na base de dados
* se não existir
* @param requester
* @return UserSession registada para o Requester
*/
@Transaction
public UserSession registerUserSession(String requester) {
 
SecurityContextProvider.getInstance().registerSessionContext(requester);
UserSession session;
try {
session = (UserSession) HibernateUtils.getCurrentSession().get(UserSession.class, requester);
if(session == null)
{
session = new UserSessionImpl();
session.setCookie(requester);
HibernateUtils.getCurrentSession().save(session);
}
}
catch(Exception e)
{
 
session = new UserSessionImpl();
session.setCookie(requester);
HibernateUtils.getCurrentSession().save(session);
}
session = (UserSession) HibernateUtils.narrow(session);
return session;
}
}
/es2018/17210/src/java/pt/estgp/es/exemplos/hibernate/utils/StreamsUtils.java
New file
0,0 → 1,140
package pt.estgp.es.exemplos.hibernate.utils;
 
import java.io.*;
import java.security.DigestInputStream;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
 
/**
* @author Jorge Machado
* @date 27/Mai/2008
* @see jomm.utils
*/
public class StreamsUtils
{
public static byte[] readBytes(InputStream stream) throws IOException
{
ByteArrayOutputStream b = new ByteArrayOutputStream();
int readedBytes;
byte[] buf = new byte[1024];
while ((readedBytes = stream.read(buf)) > 0)
{
b.write(buf, 0, readedBytes);
}
b.close();
return b.toByteArray();
}
 
public static String readString(InputStream stream) throws IOException
{
ByteArrayOutputStream b = new ByteArrayOutputStream();
int readedBytes;
byte[] buf = new byte[1024];
while ((readedBytes = stream.read(buf)) > 0)
{
b.write(buf, 0, readedBytes);
}
b.close();
return b.toString();
}
 
public static void inputStream2File(InputStream stream, File f) throws IOException
{
f.getParentFile().mkdirs();
FileOutputStream out = new FileOutputStream(f);
inputStream2OutputStream(stream,out);
}
 
/**
* ATENTION this method does not close the given stream
* @param stream
* @param f
* @return
* @throws IOException
*/
public static String inputStream2FileGetMd5(InputStream stream, File f) throws IOException
{
f.getParentFile().mkdirs();
FileOutputStream out = new FileOutputStream(f);
return inputStream2OutputStreamGetMd5(stream, out);
}
 
public static void inputStream2OutputStream(InputStream stream, OutputStream out) throws IOException
{
inputStream2OutputStream(stream,out,true,true);
}
 
public static void inputStream2OutputStream(InputStream stream, OutputStream out,boolean closeOut,boolean closeIn) throws IOException
{
int readedBytes;
byte[] buf = new byte[1024];
while ((readedBytes = stream.read(buf)) > 0)
{
out.write(buf, 0, readedBytes);
}
if(closeIn)
stream.close();
if(closeOut)
out.close();
}
 
/**
* Return digest Md5 from consumed bytes
* * ATENTION this method does not close the given stream
* @param stream
* @param out
* @return Md5 HEX
* @throws IOException
*/
public static String inputStream2OutputStreamGetMd5(InputStream stream, OutputStream out) throws IOException
{
MessageDigest messageDigest = null;
try {
messageDigest = MessageDigest.getInstance("MD5");
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
 
DigestInputStream digestInputStream = new DigestInputStream(stream, messageDigest);
int readedBytes;
byte[] buf = new byte[1024];
while ((readedBytes = digestInputStream.read(buf)) > 0)
{
out.write(buf, 0, readedBytes);
}
messageDigest = digestInputStream.getMessageDigest();
String md5 = BytesUtils.toHex(messageDigest.digest());
out.close();
return md5;
}
 
/**
* Return digest Md5 from consumed bytes
* * ATENTION this method does not close the given stream
* @param stream
* @param out
* @return Md5 HEX
* @throws IOException
*/
public static String getFileMd5(File f) throws IOException
{
MessageDigest messageDigest = null;
try {
messageDigest = MessageDigest.getInstance("MD5");
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
 
DigestInputStream digestInputStream = new DigestInputStream(new FileInputStream(f), messageDigest);
int readedBytes;
byte[] buf = new byte[1024];
while ((readedBytes = digestInputStream.read(buf)) > 0)
{
//nottinhg to do only calculate nd5
}
messageDigest = digestInputStream.getMessageDigest();
String md5 = BytesUtils.toHex(messageDigest.digest());
digestInputStream.close();
return md5;
}
}
/es2018/17210/src/java/pt/estgp/es/exemplos/hibernate/utils/BytesUtils.java
New file
0,0 → 1,268
package pt.estgp.es.exemplos.hibernate.utils;
 
 
import org.apache.commons.lang.RandomStringUtils;
import org.apache.log4j.Logger;
 
import java.io.*;
import java.math.BigInteger;
import java.rmi.dgc.VMID;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Random;
 
/**
*
* @author Jorge Machado
*/
 
public class BytesUtils {
private static int counter = 0;
private static Random random = new Random();
private static VMID vmid = new VMID();
private static Logger logger = Logger.getLogger(BytesUtils.class);
 
/** Private Constructor */
 
private BytesUtils () {}
 
 
public static String getMd5FromFile(String filepath)
{
return getMD5(getBytes(filepath));
}
 
public static byte[] getBytes(String fileName)
{
 
byte[] data = null;
try{
 
FileInputStream r = new FileInputStream(fileName);
 
File f = new File(fileName);
 
//this value is never bigger than a integer
int len =(int) f.length();
 
data = new byte[len];
 
int bytesRead = 0;
 
bytesRead = r.read(data);
 
r.close();
 
if(bytesRead == -1)
return null;
 
 
}
catch(FileNotFoundException e)
{
logger.error("Files getBytes()",e);
return null;
}
catch(IOException e)
{
logger.error("Files getData()",e);
return null;
}
return data;
}
 
public static String getMD5(String data)
{
return getMD5(data.getBytes());
}
 
public static String getMD5(byte[] data)
{
return toHex(getMD5Bytes(data));
}
 
public static String getDigestMD5Hex(String str){
byte[] digest = getDigestMD5(str.getBytes());
if(digest != null)
return toHex(digest);
 
return null;
}
public static byte[] getDigestMD5(byte[] data)
{
byte[] result = null;
try{
MessageDigest md5 = MessageDigest.getInstance("MD5");
 
md5.update(data);
 
result = md5.digest();
 
}
catch(NoSuchAlgorithmException e)
{
//this never hapens beacause MD5 is a correct algoritm
logger.fatal("MD5 function does not exists",e);
}
 
return result;
}
/*********************************************************
*Returns true if the two digests are equal
*
*******************************************************/
public static boolean isDigestEqual(byte[] b1,byte[] b2)
{
 
try{
MessageDigest md5 = MessageDigest.getInstance("MD5");
 
return md5.isEqual(b1,b2);
 
}
catch(NoSuchAlgorithmException e)
{
//this never hapens beacause MD5 is a correct algoritm
logger.fatal("MD5 function does not exists",e);
}
 
return false;
 
}
 
public static byte[] getMD5Bytes(byte[] data)
{
try
{
MessageDigest digest = MessageDigest.getInstance("MD5");
 
return digest.digest(data);
}
catch (NoSuchAlgorithmException e)
{
logger.fatal("MD5 function does not exists",e);
}
return null;
}
 
/**
* Return a hex representation of the byte array
*
* @param data The data to transform.
* @return A hex representation of the data.
*/
public static String toHex(byte[] data)
{
if ((data == null) || (data.length == 0))
return null;
 
StringBuffer result = new StringBuffer();
 
// This is far from the most efficient way to do things...
for (int i = 0; i < data.length; i++)
{
int low = (int) (data[i] & 0x0F);
int high = (int) (data[i] & 0xF0);
 
result.append(Integer.toHexString(high).substring(0, 1));
result.append(Integer.toHexString(low));
}
 
return result.toString();
}
 
/**
* Generate a unique key.
* The key is a long (length 38 to 40) sequence of digits.
*
* @return A unique key as a long sequence of base-10 digits.
*/
public static String generateKey()
{
return new BigInteger(generateBytesKey()).abs().toString();
}
 
/**
* Generate a unique key.
* The key is a 32-character long sequence of hex digits.
*
* @return A unique key as a long sequence of hex digits.
*/
public static String generateHexKey()
{
return toHex(generateBytesKey());
}
 
/**
* Generate a unique key as a byte array.
*
* @return A unique key as a byte array.
*/
public static synchronized byte[] generateBytesKey()
{
byte[] junk = new byte[16];
 
random.nextBytes(junk);
 
String input = new StringBuffer().append(vmid).append(new java.util.Date()).append(junk).append(counter++).toString();
 
return getMD5Bytes(input.getBytes());
}
 
// The following two methods are taken from the Jakarta IOUtil class.
 
/**
* Copy stream-data from source to destination. This method does not
* buffer, flush or close the streams, as to do so would require making
* non-portable assumptions about the streams' origin and further use. If
* you wish to perform a buffered copy, use {@link #bufferedCopy}.
*
* @param input The InputStream to obtain data from.
* @param output The OutputStream to copy data to.
*/
public static void copy( final InputStream input, final OutputStream output )
throws IOException
{
final int BUFFER_SIZE = 1024 * 4;
final byte[] buffer = new byte[ BUFFER_SIZE ];
 
while( true )
{
final int count = input.read( buffer, 0, BUFFER_SIZE );
if( -1 == count ) break;
 
// write out those same bytes
output.write( buffer, 0, count );
}
 
//needed to flush cache
//output.flush();
}
 
 
public static void bufferedCopy( final InputStream source, final OutputStream destination )
throws IOException
{
final BufferedInputStream input = new BufferedInputStream( source );
final BufferedOutputStream output = new BufferedOutputStream( destination );
copy( input, output );
output.flush();
}
 
public static int gen5DigitsKey() {
Random r = new Random( System.currentTimeMillis() );
return 10000 + r.nextInt(20000);
}
 
public static String genCharsDigitsKey(int number) {
String characters = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789~`!@#$%^&*()-_=+[{]},<.>?";
return RandomStringUtils.random(number, characters);
}
 
public static void main(String[] args)
{
System.out.println(gen5DigitsKey());
}
 
 
}
/es2018/17210/src/java/pt/estgp/es/exemplos/hibernate/security/example/ServiceExample.java
New file
0,0 → 1,26
package pt.estgp.es.exemplos.hibernate.security.example;
 
import pt.estgp.es.exemplos.hibernate.security.logic.HasRole;
import pt.estgp.es.exemplos.hibernate.security.logic.IsAuthenticated;
import pt.estgp.es.exemplos.hibernate.security.logic.PrintParameterExample;
 
/**
* Created by jorgemachado on 23/10/18.
*/
public class ServiceExample
{
 
 
@IsAuthenticated
public void servicoDeTesteAutenticado()
{
System.out.println("Entrou no servico autenticado");
}
 
@HasRole(role = "admin,ci")
@PrintParameterExample(paramName = "frase")
public void servicoDeTesteComRoleAdmin(String frase)
{
System.out.println("Entrou no servico de roles: " + frase);
}
}
/es2018/17210/src/java/pt/estgp/es/exemplos/hibernate/security/logic/NotAuthenticatedException.java
New file
0,0 → 1,28
package pt.estgp.es.exemplos.hibernate.security.logic;
 
/**
* Created by jorgemachado on 23/10/18.
*/
public class NotAuthenticatedException extends AccessDeniedException
{
 
public NotAuthenticatedException() {
super();
}
 
public NotAuthenticatedException(String message) {
super(message);
}
 
public NotAuthenticatedException(String message, Throwable cause) {
super(message, cause);
}
 
public NotAuthenticatedException(Throwable cause) {
super(cause);
}
 
public NotAuthenticatedException(String message, Throwable cause, boolean enableSuppression, boolean writableStackTrace) {
super(message, cause, enableSuppression, writableStackTrace);
}
}
/es2018/17210/src/java/pt/estgp/es/exemplos/hibernate/security/logic/Transaction.java
New file
0,0 → 1,7
package pt.estgp.es.exemplos.hibernate.security.logic;
 
/**
* Created by jorgemachado on 18/10/18.
*/
public @interface Transaction {
}
/es2018/17210/src/java/pt/estgp/es/exemplos/hibernate/security/logic/AccessDeniedException.java
New file
0,0 → 1,28
package pt.estgp.es.exemplos.hibernate.security.logic;
 
/**
* Created by jorgemachado on 23/10/18.
*/
public class AccessDeniedException extends Throwable
{
 
public AccessDeniedException() {
super();
}
 
public AccessDeniedException(String message) {
super(message);
}
 
public AccessDeniedException(String message, Throwable cause) {
super(message, cause);
}
 
public AccessDeniedException(Throwable cause) {
super(cause);
}
 
public AccessDeniedException(String message, Throwable cause, boolean enableSuppression, boolean writableStackTrace) {
super(message, cause, enableSuppression, writableStackTrace);
}
}
/es2018/17210/src/java/pt/estgp/es/exemplos/hibernate/security/logic/PrintParameterExample.java
New file
0,0 → 1,16
package pt.estgp.es.exemplos.hibernate.security.logic;
 
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
 
/**
* Created by jorgemachado on 18/10/18.
*/
@Retention(RetentionPolicy.RUNTIME)
@Target({ElementType.TYPE, ElementType.METHOD, ElementType.PARAMETER})
public @interface PrintParameterExample
{
public String paramName() default "";
}
/es2018/17210/src/java/pt/estgp/es/exemplos/hibernate/security/logic/SecurityAspects.java
New file
0,0 → 1,116
package pt.estgp.es.exemplos.hibernate.security.logic;
 
import org.apache.log4j.Logger;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Pointcut;
import pt.estgp.es.exemplos.hibernate.HibernateUtils;
import pt.estgp.es.exemplos.hibernate.UserSession;
import pt.estgp.es.exemplos.hibernate.security.SecurityContextProvider;
 
import java.util.Arrays;
 
 
/**
* Created by jorgemachado on 18/10/18.
*/
@Aspect
public class SecurityAspects
{
 
private static final Logger logger = Logger.getLogger(SecurityAspects.class);
//Defines a pointcut that we can use in the @Before,@After, @AfterThrowing, @AfterReturning,@Around specifications
//The pointcut will look for the @YourAnnotation
@Pointcut("@annotation(Transaction)")
public void serviceTransactionPointCutDefinition(){}
 
 
@Pointcut("@annotation(IsAuthenticated)")
public void isAuthenticatedPointCut(){}
 
@Pointcut("@annotation(hasRole)")
public void hasRolePointCut(HasRole hasRole){}
 
@Pointcut("@annotation(printParameterExample)")
public void printParameterExamplePointCut(PrintParameterExample printParameterExample){}
 
@Pointcut("execution(* *(..))")
public void executionPointCut(){}
 
 
@Around("serviceTransactionPointCutDefinition() && executionPointCut()")
public Object envolventeServico(ProceedingJoinPoint pjp) throws Throwable
{
HibernateUtils.getCurrentSession().beginTransaction();
//Sugestão: um motor de serviços poderia neste ponto abrir a transação na base de dados
logger.info("Iniciando chamada do servico:" + pjp.getSignature().getName() +
" na classe " + pjp.getSourceLocation().getClass().getName());
try {
Object returnObj = pjp.proceed();
//Sugestão: um motor de serviços poderia neste ponto fazer commit da transação na base de dados
logger.info("Terminado chamada do servico");
HibernateUtils.getCurrentSession().getTransaction().commit();
return returnObj;
} catch (Exception e) {
HibernateUtils.getCurrentSession().getTransaction().rollback();
//Sugestão: um motor de serviços poderia neste ponto fazer rollback da transação na base de dados
logger.error("Excepcao no Servico",e);
throw e;
}
}
 
 
@Around("isAuthenticatedPointCut() && executionPointCut()")
public Object isAuthenticatedAdvise(ProceedingJoinPoint pjp) throws Throwable
{
logger.info("Is Authenticated Aspect");
String cookie = SecurityContextProvider.getInstance().getSecuritySessionContext().getRequester();
UserSession session = (UserSession) HibernateUtils.getCurrentSession().load(UserSession.class,cookie);
 
if(session.getUser() != null)
return pjp.proceed();
//Com o cookie ir buscar a sessao e seguidamente o User e ver se esta logado
 
 
throw new NotAuthenticatedException("Access Denied, not authenticated at " + pjp.getSourceLocation().getFileName() + " " + pjp.getSourceLocation().getLine() + " service: " + pjp.getSignature().getName());
}
 
@Around("hasRolePointCut(hasRole) && executionPointCut()")
public Object hasRoleAdvise(ProceedingJoinPoint pjp, HasRole hasRole) throws Throwable
{
logger.info("Has Role Aspect");
String cookie = SecurityContextProvider.getInstance().getSecuritySessionContext().getRequester();
UserSession session = (UserSession) HibernateUtils.getCurrentSession().load(UserSession.class,cookie);
 
String[] rolesIn = hasRole.role().split(",");
if(session.getUser() == null)
throw new NotAuthenticatedException("Access Denied, not authenticated at " + pjp.getSourceLocation().getFileName() + " " + pjp.getSourceLocation().getLine() + " service: " + pjp.getSignature().getName());
//session.getUser().get
//verificar se o username é um user com o role que está em hasRole.role()
if(session.getUser().getRoles() == null)
throw new NotAuthenticatedException("Access Denied, missing role at " + pjp.getSourceLocation().getFileName() + " " + pjp.getSourceLocation().getLine() + " service: " + pjp.getSignature().getName());
 
String[] roles = session.getUser().getRoles().split(",");
for(String checkRole: rolesIn)
{
if(Arrays.asList(roles).contains(checkRole))
{
return pjp.proceed();
}
}
 
 
throw new FailRoleException("Access Denied, does not have role " + hasRole.role() + " at " + pjp.getSourceLocation().getFileName() + " " + pjp.getSourceLocation().getLine() + " service: " + pjp.getSignature().getName());
}
 
@Around("printParameterExamplePointCut(printParameterExample) && executionPointCut()")
public Object printParameterExampleAdvise(ProceedingJoinPoint pjp, PrintParameterExample printParameterExample) throws Throwable
{
System.out.println("PARAMETRO: " + JointPointUtils.getParameter(pjp,printParameterExample.paramName()));
return pjp.proceed();
}
 
 
 
}
/es2018/17210/src/java/pt/estgp/es/exemplos/hibernate/security/logic/FailRoleException.java
New file
0,0 → 1,28
package pt.estgp.es.exemplos.hibernate.security.logic;
 
/**
* Created by jorgemachado on 23/10/18.
*/
public class FailRoleException extends AccessDeniedException
{
 
public FailRoleException() {
super();
}
 
public FailRoleException(String message) {
super(message);
}
 
public FailRoleException(String message, Throwable cause) {
super(message, cause);
}
 
public FailRoleException(Throwable cause) {
super(cause);
}
 
public FailRoleException(String message, Throwable cause, boolean enableSuppression, boolean writableStackTrace) {
super(message, cause, enableSuppression, writableStackTrace);
}
}
/es2018/17210/src/java/pt/estgp/es/exemplos/hibernate/security/logic/HasRole.java
New file
0,0 → 1,16
package pt.estgp.es.exemplos.hibernate.security.logic;
 
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
 
/**
* Created by jorgemachado on 18/10/18.
*/
@Retention(RetentionPolicy.RUNTIME)
@Target({ElementType.TYPE, ElementType.METHOD, ElementType.PARAMETER})
public @interface HasRole
{
public String role() default "";
}
/es2018/17210/src/java/pt/estgp/es/exemplos/hibernate/security/logic/IsAuthenticated.java
New file
0,0 → 1,9
package pt.estgp.es.exemplos.hibernate.security.logic;
 
/**
* Created by jorgemachado on 18/10/18.
*/
 
public @interface IsAuthenticated
{
}
/es2018/17210/src/java/pt/estgp/es/exemplos/hibernate/security/logic/JointPointUtils.java
New file
0,0 → 1,27
package pt.estgp.es.exemplos.hibernate.security.logic;
 
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.Signature;
import org.aspectj.lang.reflect.MethodSignature;
 
/**
* Created by jorgemachado on 30/10/18.
*/
public class JointPointUtils
{
public static Object getParameter(ProceedingJoinPoint joinPoint, String paramName) throws Throwable {
final Signature signature = joinPoint.getStaticPart().getSignature();
if (signature instanceof MethodSignature) {
final MethodSignature ms = (MethodSignature) signature;
String[] params = ms.getParameterNames();
 
Object[] args = joinPoint.getArgs();
for (int argIndex = 0; argIndex < args.length; argIndex++)
{ if(params[argIndex].equals(paramName))
return args[argIndex];
}
}
return null;
}
 
}
/es2018/17210/src/java/pt/estgp/es/exemplos/hibernate/security.zip
Cannot display: file marked as a binary type.
svn:mime-type = application/octet-stream
Property changes:
Added: svn:mime-type
+ application/octet-stream
/es2018/17210/src/java/pt/estgp/es/exemplos/hibernate/web/pluginSession/ServerRegisterSession.java
New file
0,0 → 1,34
package pt.estgp.es.exemplos.hibernate.web.pluginSession;
 
import pt.estgp.es.exemplos.hibernate.UserSession;
import pt.estgp.es.exemplos.hibernate.services.ServicoSessoes;
 
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.http.HttpServletRequest;
import java.io.IOException;
 
public class ServerRegisterSession implements RegisterSession {
 
 
/**
* Abre uma sessao se esta não existir
* Não lida com o User da Sessão, se não existir
* significa que não está autenticado
*
* @param servletRequest
* @return
* @throws IOException
* @throws ServletException
*/
@Override
public UserSession openSession(ServletRequest servletRequest)
{
return new ServicoSessoes()
.registerUserSession(
((HttpServletRequest)servletRequest).getSession().getId()
);
}
 
 
}
/es2018/17210/src/java/pt/estgp/es/exemplos/hibernate/web/pluginSession/PluginFactory.java
New file
0,0 → 1,23
package pt.estgp.es.exemplos.hibernate.web.pluginSession;
 
import java.io.IOException;
import java.util.Properties;
 
public class PluginFactory
{
static Properties properties = new Properties();
static
{
try {
properties.load(PluginFactory.class.getResourceAsStream("/plugins.properties"));
} catch (IOException e) {
e.printStackTrace();
}
}
 
public static Object getPlugin(Class iface) throws ClassNotFoundException, IllegalAccessException, InstantiationException
{
String classNameVerdadeiro = properties.getProperty(iface.getName());
return Class.forName(classNameVerdadeiro).newInstance();
}
}
/es2018/17210/src/java/pt/estgp/es/exemplos/hibernate/web/pluginSession/DevelopRegisterSession.java
New file
0,0 → 1,55
package pt.estgp.es.exemplos.hibernate.web.pluginSession;
 
import pt.estgp.es.exemplos.hibernate.HibernateUtils;
import pt.estgp.es.exemplos.hibernate.User;
import pt.estgp.es.exemplos.hibernate.UserSession;
import pt.estgp.es.exemplos.hibernate.UserSessionImpl;
import pt.estgp.es.exemplos.hibernate.security.SecurityContextProvider;
 
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.http.HttpServletRequest;
import java.io.IOException;
 
public class DevelopRegisterSession implements RegisterSession {
 
/**
* Abre uma sessao se esta não existir e associa-a sempre ao User com id 1
* @param servletRequest
* @return
* @throws IOException
* @throws ServletException
*/
@Override
public UserSession openSession(ServletRequest servletRequest) {
HttpServletRequest request = (HttpServletRequest) servletRequest;
 
SecurityContextProvider.getInstance().registerSessionContext(request.getSession().getId());
UserSession session;
HibernateUtils.getCurrentSession().beginTransaction();
try {
//TODO Mudar par get em vez de load como demonstra a imagem
session = (UserSession) HibernateUtils.getCurrentSession().get(UserSession.class, request.getSession().getId());
if(session == null)
{
session = new UserSessionImpl();
session.setCookie(request.getSession().getId());
HibernateUtils.getCurrentSession().save(session);
}
}catch(Exception e)
{
session = new UserSessionImpl();
session.setCookie(request.getSession().getId());
HibernateUtils.getCurrentSession().save(session);
}
User u = (User) HibernateUtils.getCurrentSession().get(User.class, new Long(1));
 
u = (User) HibernateUtils.narrow(u);
 
session.setUser(u);
 
session = (UserSession) HibernateUtils.narrow(session);
HibernateUtils.getCurrentSession().getTransaction().commit();
return session;
}
}
/es2018/17210/src/java/pt/estgp/es/exemplos/hibernate/web/pluginSession/RegisterSession.java
New file
0,0 → 1,12
package pt.estgp.es.exemplos.hibernate.web.pluginSession;
 
import pt.estgp.es.exemplos.hibernate.UserSession;
 
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import java.io.IOException;
 
public interface RegisterSession
{
public UserSession openSession(ServletRequest servletRequest);
}
/es2018/17210/src/java/pt/estgp/es/exemplos/hibernate/web/pluginSession.zip
Cannot display: file marked as a binary type.
svn:mime-type = application/octet-stream
Property changes:
Added: svn:mime-type
+ application/octet-stream
/es2018/17210/src/java/pt/estgp/es/exemplos/hibernate/web/login/LoginRest.java
New file
0,0 → 1,35
package pt.estgp.es.exemplos.hibernate.web.login;
 
import org.json.JSONException;
import org.json.JSONObject;
import pt.estgp.es.exemplos.hibernate.web.rest.AbstractRestServlet;
 
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
 
public class LoginRest extends AbstractRestServlet
{
public JSONObject login(JSONObject data, HttpServletRequest req, HttpServletResponse resp) throws JSONException
{
String username = data.getString("username");
String password = data.getString("password");
 
System.out.println(username);
System.out.println(password);
 
JSONObject js = new JSONObject();
js.put("result","ok");
 
addMessage("User autenticado com sucesso",req);
 
return js;
}
 
public JSONObject logout(JSONObject data, HttpServletRequest req, HttpServletResponse resp) throws JSONException
{
JSONObject js = new JSONObject();
js.put("result","ok");
 
return js;
}
}
/es2018/17210/src/java/pt/estgp/es/exemplos/hibernate/web/SecurityFilter.java
New file
0,0 → 1,55
package pt.estgp.es.exemplos.hibernate.web;
 
import org.apache.log4j.Logger;
import pt.estgp.es.exemplos.hibernate.UserSession;
import pt.estgp.es.exemplos.hibernate.web.pluginSession.PluginFactory;
import pt.estgp.es.exemplos.hibernate.web.pluginSession.RegisterSession;
 
import javax.servlet.*;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
 
public class SecurityFilter implements Filter {
 
 
 
private static final Logger logger = Logger.getLogger(SecurityFilter.class);
 
private static final String SESSION_IN_REQUEST_KEY = "UserSession";
@Override
public void init(FilterConfig filterConfig) throws ServletException {
 
}
 
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
HttpServletResponse response = (HttpServletResponse) servletResponse;
loadSessionProxy(servletRequest);
filterChain.doFilter(servletRequest, response);
}
 
 
 
public static UserSession loadSessionProxy(ServletRequest servletRequest) throws IOException, ServletException {
 
UserSession session = (UserSession) servletRequest.getAttribute(SESSION_IN_REQUEST_KEY);
 
try {
if(session == null) {
RegisterSession plugin;
plugin = (RegisterSession) PluginFactory.getPlugin(RegisterSession.class);
session = plugin.openSession(servletRequest);
servletRequest.setAttribute(SESSION_IN_REQUEST_KEY,session);
}
} catch (ClassNotFoundException | IllegalAccessException | InstantiationException e) {
logger.error(e,e);
return null;
}
return session;
}
 
@Override
public void destroy() {
 
}
}
/es2018/17210/src/java/pt/estgp/es/exemplos/hibernate/web/rest/AbstractRestServlet.java
New file
0,0 → 1,150
package pt.estgp.es.exemplos.hibernate.web.rest;
 
import org.json.JSONArray;
import org.json.JSONException;
import org.json.JSONObject;
import pt.estgp.es.exemplos.hibernate.utils.StreamsUtils;
 
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.InputStream;
import java.io.PrintWriter;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.util.ArrayList;
import java.util.List;
 
public abstract class AbstractRestServlet extends HttpServlet
{
 
 
 
public void addMessage(String mensagem, HttpServletRequest request)
{
List<String> messages = (List<String>) request.getAttribute("Messages");
messages.add(mensagem);
}
 
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
process(req,resp);
}
 
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
process(req,resp);
}
 
protected void process(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException
{
 
 
req.setAttribute("Messages",new ArrayList<String>());
if(req.getContentType() != null && req.getContentType().equalsIgnoreCase("application/json"))
{
InputStream content = req.getInputStream();
if(content != null)
{
try {
ParseJsonRequestResult parseJsonRequestResult = new ParseJsonRequestResult(content).invoke();
invokeService(req, resp, parseJsonRequestResult.getService(), parseJsonRequestResult.getData());
} catch (Throwable e) {
sendErrorResponse(resp, e);
}
}
}
else
{
JSONObject response = new JSONObject();
try {
response.put("service","error");
response.put("response","REST REQUEST REQUIRED");
resp.setContentType("application/json");
PrintWriter pw = resp.getWriter();
pw.write(response.toString());
} catch (JSONException e) {
e.printStackTrace();
}
 
 
 
}
 
 
}
 
private void invokeService(HttpServletRequest req, HttpServletResponse resp, String service, JSONObject data) throws NoSuchMethodException, IllegalAccessException, InvocationTargetException, JSONException, IOException {
Method innerMethod = this.getClass().getMethod(service,new Class[]{
JSONObject.class,
HttpServletRequest.class,
HttpServletResponse.class});
JSONObject obj = (JSONObject) innerMethod.invoke(this,new Object[]{data,req,resp});
 
JSONObject response = new JSONObject();
response.put("service","ok");
response.put("response",obj);
 
List<String> messages = (List<String>) req.getAttribute("Messages");
 
if(messages.size() > 0)
{
JSONArray msgs = new JSONArray();
for(String msgAdded: messages)
{
msgs.put(msgAdded);
}
response.put("messages",msgs);
}
 
resp.setContentType("application/json");
PrintWriter pw = resp.getWriter();
pw.write(response.toString());
}
 
private void sendErrorResponse(HttpServletResponse resp, Throwable e) throws IOException {
e.printStackTrace();
JSONObject response = new JSONObject();
try {
response.put("service","error");
response.put("exception",e.toString());
resp.setContentType("application/json");
PrintWriter pw = resp.getWriter();
pw.write(response.toString());
} catch (JSONException e1) {
e1.printStackTrace();
}
}
 
private class ParseJsonRequestResult {
private InputStream content;
private String service;
private JSONObject data;
 
public ParseJsonRequestResult(InputStream content) {
this.content = content;
}
 
public String getService() {
return service;
}
 
public JSONObject getData() {
return data;
}
 
public ParseJsonRequestResult invoke() throws IOException, JSONException {
JSONObject requestObj;
String json = StreamsUtils.readString(content);
requestObj = new JSONObject(json);
System.out.println("REQUEST JSON:");
System.out.println(requestObj.toString());
 
service = requestObj.getString("service");
data = requestObj.has("data") ? requestObj.getJSONObject("data") : null;
return this;
}
}
}
/es2018/17210/src/java/teste/Teste2.java
New file
0,0 → 1,4
package teste;
 
public class Teste2 {
}
/es2018/17210/src/java/teste/Teste3.java
New file
0,0 → 1,4
package teste;
 
public class Teste3 {
}
/es2018/17210/src/web/errors/403.jsp
New file
0,0 → 1,8
<%@ page import="pt.estgp.es.Teste" %>
<%@page language="java" contentType="UTF-8" %>
 
<%
 
request.getSession().setAttribute("user",u);
%>
Nao autorizado
/es2018/17210/src/web/errors/404.jsp
New file
0,0 → 1,4
<%@ page import="pt.estgp.es.Teste" %>
<%@page language="java" contentType="UTF-8" %>
 
POagina nao encontrada
/es2018/17210/src/web/js/rest-layer.js
New file
0,0 → 1,47
function rest(restAction,serviceName,data,webMessagesContainer,handlerOk,handlerFail)
{
var request =
{
data : data,
service : serviceName
};
 
$.ajax({
url: restAction,
type: "POST",
contentType: "application/json",
data: JSON.stringify(request),
dataType: "json",
 
success: function(resposta)
{
 
$(webMessagesContainer).find(".web-messages").html("");
if(resposta.service == "error")
{
$(webMessagesContainer).find(".web-messages").html('<div class="alert alert-danger">' + resposta.exception + '</div>');
if(handlerFail != undefined)
{
handlerFail(resposta.exception);
}
 
}
else if(resposta.service == "ok")
{
for(var msg in resposta.messages)
{
$(webMessagesContainer).find(".web-messages").append('<div class="alert alert-success">' + resposta.messages[msg] + '</div>');
}
if(handlerOk != undefined)
handlerOk(resposta.response);
}
},
error: function(resposta) {
$(webMessagesContainer).find(".web-messages").html('<div class="alert alert-danger">Erro de comunicação, por favor tente novamente</div>');
if(handlerFail != undefined)
{
handlerFail(resposta);
}
}
});
}
/es2018/17210/src/web/apresentaPagina.jsp
16,17 → 16,11
<title></title>
</head>
<body>
<%
if(UserSession.getUser() != null)
{
 
}
%>
Olá ${UserSession.user.nome} estamos a ver uma página.
 
<%
 
 
pt.estgp.es.exemplos.hibernate.UserSession sess = SecurityFilter.loadSessionProxy(request);
String id = request.getParameter("id");
HibernateUtils.getCurrentSession().beginTransaction();
/es2018/17210/build.properties
1,6 → 1,6
 
#tomcat.home=C:/Users/Jorge/Documents/estg/cadeiras/EngSoft/material/apache-tomcat-5.5.27
#tomcat.home=C:/Users/17210/Desktop/apache-tomcat-9.0.0.M6
tomcat.home=C:/Users/Nox/Desktop/3ano/es/Desktop/apache-tomcat-9.0.0.M6
tomcat.home=C:/Users/jmachado/Documents/workspace/apache-tomcat-9.0.0.M6
#tomcat.common.lib=${tomcat.home}/common/lib
#tomcat.server.lib=${tomcat.home}/server/lib
tomcat.common.lib=${tomcat.home}/lib