public class WebHandler
extends org.eclipse.jetty.server.handler.AbstractHandler
On GET method a web page containing an authentication form is returned to caller. The user should enter the user name and the password used to authenticate on the target client platform (Linux / Windows) and press the "Login" button to submit the form (which will submit/POST the form).
On POST method using the user submitted credentials a new web client process is spawned with the user's operating-system login environment. On web client URI notification the user's browser is redirected to this URI. If no response from the spawned client occurs within a specified amount of time, the authentication page is reloaded with an error message.
Modifier and Type | Class and Description |
---|---|
private static class |
WebHandler.SpawnerParameters
The container for spawner parameters.
|
private static class |
WebHandler.SpawnerResult
Simple container for the spawn result.
|
private static class |
WebHandler.ThemeUI
Represents a given theme to UI.
|
org.eclipse.jetty.server.handler.AbstractHandler.ErrorDispatchHandler
org.eclipse.jetty.util.component.AbstractLifeCycle.AbstractLifeCycleListener
Modifier and Type | Field and Description |
---|---|
static java.lang.String |
CLIENT_IP
The client address parameter key
|
static java.lang.String |
ERROR_PREFIX
Error message prefix.
|
private java.lang.String |
errorMessage
Error message to display, if any.
|
private boolean |
isGui
Flag that denotes client type (
true for GUI, false for ChUI). |
private static java.util.logging.Logger |
LOG
Logger.
|
private static DesktopSettings |
LOGIN_FORM_SETTINGS
Reads login form settings from the directory
|
private static java.lang.String |
SELECTED_UI_THEME
The selected UI theme
|
private static java.lang.String |
TARGET_CHUI_ROOT
The root portion of the ChUI client request name (part of the URL).
|
private static java.lang.String |
TARGET_GUI_ROOT
The root portion of the GUI client request name (part of the URL).
|
private static java.util.List<WebHandler.ThemeUI> |
THEMES_UI
The available UI themes
|
private static boolean |
virtualDesktopEnabled
Virtual desktop mode is set by this directory option, virtualDesktopEnabled
|
Constructor and Description |
---|
WebHandler() |
Modifier and Type | Method and Description |
---|---|
void |
doGet(java.lang.String target,
org.eclipse.jetty.server.Request base,
javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
Handle GET requests.
|
void |
doOptions(java.lang.String target,
org.eclipse.jetty.server.Request base,
javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
Handle OPTIONS requests.
|
void |
doPost(java.lang.String target,
org.eclipse.jetty.server.Request base,
javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
Handle POST request.
|
private static java.lang.String |
errorMessage(int rc,
java.lang.String user)
Build a text string containing a message error based on the exit code.
|
private static java.util.List<WebHandler.ThemeUI> |
getAvailableThemes()
Gets available UI themes from the directory.
|
static java.lang.String |
getClientAddress(javax.servlet.http.HttpServletRequest request)
Retrieves the client's IP address from the provided HTTP request.
|
static java.lang.String[] |
getRequestParameters(javax.servlet.http.HttpServletRequest request)
Retrieves these parameters: a forwarded host, a forwarded proto and a client IP address if
they are provided by http request.
|
void |
handle(java.lang.String target,
org.eclipse.jetty.server.Request base,
javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
Handle HTTP requests.
|
protected java.lang.String |
handleReplacements(java.lang.String text)
Process the given string and make any replacements of parameter
values as needed.
|
private void |
sendError(java.lang.String error,
org.eclipse.jetty.server.Request base,
javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
Sends the error message to the client.
|
private boolean |
sendForbiddenIfVirtualDesktopDisabled(org.eclipse.jetty.server.Request base,
javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
Send 403 if the virtual desktop mode is not allowed.
|
private void |
sendRedirectPath(java.lang.String remoteUri,
org.eclipse.jetty.server.Request base,
javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
Sends the redirect to the main application site that requires users to be authorized.
|
static java.lang.String |
spawn(java.lang.String user,
java.lang.String pw,
boolean gui,
java.lang.String[] options,
java.lang.String referrer,
java.lang.String[] requestParameters)
Spawn a new web client process, returning the redirect URL if successful.
|
private static WebHandler.SpawnerResult |
spawnWorker(java.lang.String user,
java.lang.String pw,
boolean gui,
java.lang.String[] options,
boolean trusted,
java.lang.String referrer,
java.lang.String[] requestParameters)
Spawn a client with the given account credentials and UI mode.
|
private static WebHandler.SpawnerResult |
spawnWorker(java.lang.String user,
java.lang.String pw,
WebHandler.SpawnerParameters spawnerParameters,
java.lang.String[] requestParameters)
Spawn a client with the given account credentials and UI mode.
|
private static boolean |
verifySpawnOptions(java.lang.String user,
java.lang.String[] options)
Verify the spawn options passed by the remote side.
|
destroy, doError, doStart, doStop, getServer, setServer
addBean, addBean, addEventListener, addManaged, contains, dump, dump, dump, dump, dump, dumpBeans, dumpObject, dumpObjects, dumpStdErr, dumpThis, getBean, getBeans, getBeans, getContainedBeans, getContainedBeans, isAuto, isManaged, isUnmanaged, manage, removeBean, removeBeans, removeEventListener, setBeans, setStopTimeout, start, stop, unmanage, updateBean, updateBean, updateBeans
addLifeCycleListener, getState, getState, getStopTimeout, isFailed, isRunning, isStarted, isStarting, isStopped, isStopping, removeLifeCycleListener, start, stop, toString
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
public static final java.lang.String ERROR_PREFIX
public static final java.lang.String CLIENT_IP
private static final java.util.logging.Logger LOG
private static final java.lang.String TARGET_CHUI_ROOT
private static final java.lang.String TARGET_GUI_ROOT
private java.lang.String errorMessage
private boolean isGui
true
for GUI, false
for ChUI).private static final boolean virtualDesktopEnabled
private static java.lang.String SELECTED_UI_THEME
private static java.util.List<WebHandler.ThemeUI> THEMES_UI
private static DesktopSettings LOGIN_FORM_SETTINGS
public static java.lang.String spawn(java.lang.String user, java.lang.String pw, boolean gui, java.lang.String[] options, java.lang.String referrer, java.lang.String[] requestParameters)
The following modes are possible:
Default Override Trusted Account User Password Configured Configured Configured Result --------- ------------ ---------- ---------- ---------- -------------------------------------------------- non-null non-null no n/a n/a Spawn using the given credentials. non-null non-null yes n/a no Error (override mode requires a default account). non-null non-null yes n/a yes Spawn using the default account and the given pw. non-null null n/a no n/a Error (pw can't be null unless trusted mode is allowed). non-null null no yes n/a Spawn using the given user. non-null null yes yes no Error (override mode requires a default account). non-null null yes yes yes Spawn using the default account. null non-null no n/a no Error (null user requires a default account). null non-null yes n/a no Error (override mode requires a default account). null null no n/a no Error (null user requires a default account). null null yes n/a no Error (override mode requires a default account). null null yes no yes Error (pw can't be null unless trusted mode is allowed). null null yes yes yes Spawn using the default account.
Trusted mode is attempted when the password is passed as null
, but it will
only work if the mode is also enabled in the server's configuration.
In all cases above, the security context must have the sufficient rights to spawn a web client for the given user name. Even if all other values are configured properly, this will still cause an error to occur.
user
- The OS userid to use for the new process. If null
, the default
account will be used (if such an account has been configured). If the
default account is not configured, then a null
will cause an
error. If override mode is configured and a default account is configured,
then the default account will be used regardless of the value passed.pw
- The OS password to authenticate the user. If null
, then the
spawn will be attempted in trusted mode. Trusted mode must be allowed for the
current security context otherwise this will result in a failure.gui
- This specifies the UI mode (true
for GUI, false
for
ChUI).options
- List of caller-specified options to be passed on the client command line or
null
if no values are specified. The options will be checked to
ensure that they are allowed by the security context. If not allowed, this
will cause an error.referrer
- The referrer string to provide the web client. If the client gets disconnected
it will be redirected back to this URL.requestParameters
- Holds additional parameters if they are provided. It is expected that the first
requestParameters[0] holds the forwarded host of "X-Forwarded-Host" HTTP header,
requestParameters[1] holds the corresponding forwarded protocol that is provided
by "X-Forwarded-Proto" value and requestParameters[2] holds the client IP address.ERROR_PREFIX
and followed by
descriptive error text.public static java.lang.String getClientAddress(javax.servlet.http.HttpServletRequest request)
request
- The provided HTTP servlet requestpublic static java.lang.String[] getRequestParameters(javax.servlet.http.HttpServletRequest request)
request
- The http servlet requestpublic void handle(java.lang.String target, org.eclipse.jetty.server.Request base, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws java.io.IOException, javax.servlet.ServletException
handle
in interface org.eclipse.jetty.server.Handler
handle
in class org.eclipse.jetty.server.handler.AbstractHandler
target
- The target of the request - either a URI or a name.base
- The base request.request
- The object or a wrapper of the request.response
- The object or a wrapper of the response.java.io.IOException
javax.servlet.ServletException
public void doOptions(java.lang.String target, org.eclipse.jetty.server.Request base, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws java.io.IOException, javax.servlet.ServletException
target
- The target of the request - either a URI or a name.base
- The base request.request
- The object or a wrapper of the request.response
- The object or a wrapper of the response.java.io.IOException
javax.servlet.ServletException
private boolean sendForbiddenIfVirtualDesktopDisabled(org.eclipse.jetty.server.Request base, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws java.io.IOException
base
- The base request.request
- The object or a wrapper of the request.response
- The object or a wrapper of the response.java.io.IOException
- iff the output stream throws IOExceptionpublic void doGet(java.lang.String target, org.eclipse.jetty.server.Request base, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws java.io.IOException, javax.servlet.ServletException
target
- The target of the request - either a URI or a name.base
- The base request.request
- The object or a wrapper of the request.response
- The object or a wrapper of the response.java.io.IOException
javax.servlet.ServletException
public void doPost(java.lang.String target, org.eclipse.jetty.server.Request base, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws java.io.IOException, javax.servlet.ServletException
target
- The target of the request - either a URI or a name.base
- The base request.request
- The object or a wrapper of the request.response
- The object or a wrapper of the response.java.io.IOException
javax.servlet.ServletException
private void sendRedirectPath(java.lang.String remoteUri, org.eclipse.jetty.server.Request base, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
remoteUri
- The redirect url provided with the authorization parameter.base
- The base request.request
- The http request.response
- The http response.private void sendError(java.lang.String error, org.eclipse.jetty.server.Request base, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
error
- The error message to the client.base
- The base request.request
- The http request.response
- The http response.protected java.lang.String handleReplacements(java.lang.String text)
Example: ${expression}
text
- The text line that may need modifications.private static WebHandler.SpawnerResult spawnWorker(java.lang.String user, java.lang.String pw, boolean gui, java.lang.String[] options, boolean trusted, java.lang.String referrer, java.lang.String[] requestParameters)
user
- The operating system userid.pw
- The password for authenticating the operating system account.gui
- true
for GUI mode, false
for ChUI mode.options
- List of caller-specified options to be passed on the client command line or
null
if no values are specified.trusted
- true
if trusted spawning mode should be used.referrer
- The referrer string to provide the web client. If the client gets disconnected
it will be redirected back to this URL.requestParameters
- Holds additional parameters if they are provided. It is expected that the first
requestParameters[0] holds the forwarded host of "X-Forwarded-Host" HTTP header,
requestParameters[1] holds the corresponding forwarded protocol that is provided
by "X-Forwarded-Proto" value and requestParameters[2] holds the client IP address.null
and the return code will describe the error.private static WebHandler.SpawnerResult spawnWorker(java.lang.String user, java.lang.String pw, WebHandler.SpawnerParameters spawnerParameters, java.lang.String[] requestParameters)
user
- The operating system userid.pw
- The password for authenticating the operating system account.spawnerParameters
- Holds the required spawner parameters.requestParameters
- Holds additional parameters if they are provided. It is expected that the first
requestParameters[0] holds the forwarded host of "X-Forwarded-Host" HTTP header,
requestParameters[1] holds the corresponding forwarded protocol that is provided
by "X-Forwarded-Proto" value and requestParameters[2] holds the client IP address.null
and the return code will describe the error.private static boolean verifySpawnOptions(java.lang.String user, java.lang.String[] options)
user
- The operating system userid.options
- List of caller-specified options to be passed on the client command line or
null
if no values are specified.true
if all the options are authorized for the spawning account.private static java.lang.String errorMessage(int rc, java.lang.String user)
rc
- Exit code.user
- Account user name.private static java.util.List<WebHandler.ThemeUI> getAvailableThemes()