// 2012-04-26 johnpfeiffer TODO: jsp's
import java.io.IOException;
import java.io.PrintWriter;
import java.sql.SQLException;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Date;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Iterator;
import java.util.ListIterator;
import java.util.Map;
import java.util.Set;
import java.util.TimeZone;
import java.util.UUID;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
public class todo extends HttpServlet
{
private static final long serialVersionUID = 1L;
private static final String CLASSVERSION = "0.1";
private static final String STATICPASSWORD = "thepassword";
private static String servletURL;
private ArrayList <String> authorizedTokens;
private FileSystem fs;
private static final String DATAFILE = "/var/log/todo.txt";
private String dataFileLocation;
private static final String LOGFILE = "/var/log/todo.log";
private String logFileLocation;
private ArrayList <String> todoData;
public void init( ServletConfig config ) throws ServletException
{
super.init( config );
authorizedTokens = new ArrayList <String> ();
todoData = new ArrayList <String> ();
fs = new FileSystem();
dataFileLocation = fs.convertFileSystemPath( DATAFILE );
logFileLocation = fs.convertFileSystemPath( LOGFILE );
}
protected void doGet( HttpServletRequest request , HttpServletResponse response ) throws ServletException, IOException
{
String contextPath = request.getContextPath();
String servletName = getServletName();
servletURL = contextPath + "/" + servletName;
String sessionToken;
response.setContentType( "text/html" ); // MIME type
PrintWriter servletresponse = null;
try{
servletresponse = response.getWriter();
// create LogFile File
}catch( Exception e )
{ System.err.println( "Unable to create a PrintWriter" );
e.printStackTrace();
System.exit( 1 );
}
HttpSession session = request.getSession( true );
outputXHTMLHeader( servletresponse , "todo" );
servletresponse.println( "<body>" );
String currentToken = "";
if( session != null )
{ currentToken = (String) session.getAttribute( "sessionToken" );
}
String logout = request.getParameter( "logout" );
if( logout != null && !logout.isEmpty() && logout.equals( "logout" ) )
{
logout = "";
if( session != null )
{
while( authorizedTokens.contains( currentToken ) )
{ authorizedTokens.remove( currentToken );
}
if( request.isRequestedSessionIdValid() == true )
{ System.out.println( getUTCTimestamp() + " UTC " + session.getId() + " , " + currentToken + " Logged out." );
session.invalidate();
}else
{ System.out.println( "Logged out. Session is invalidated." );
}
}
}
if( !authorizedTokens.contains( currentToken ) ) //validate start a session, accidentally keeping an extra token from login?
{
String userPassword = request.getParameter( "userPassword" );
if( userPassword != null && !userPassword.isEmpty() && userPassword.equals( STATICPASSWORD ) )
{
userPassword = ""; //use the session, not the password
session.setMaxInactiveInterval( 5 * 60 ); // 5 * 60 seconds = 5 minutes
sessionToken = UUID.randomUUID().toString(); // SecureRandom based
session.setAttribute( "sessionToken" , sessionToken );
authorizedTokens.add( sessionToken );
session = changeSessionIdentifier( request ); //security measure against session hijacking
currentToken = (String) session.getAttribute( "sessionToken" );
System.out.println( getUTCTimestamp() + " UTC Login successful: " + session.getId() + " , " + currentToken );
}else
{ displayLoginForm( servletresponse , servletURL );
}
}
if( authorizedTokens.contains( currentToken ) ) //resume a session
{
servletresponse.println( "Version: " + CLASSVERSION + " <br /><br />" );
//BEGIN APPLICATION SPECIFIC LOGIC HERE
try{
displayMenu( servletresponse , servletURL );
displayTodo( servletresponse );
String save = request.getParameter( "save" );
if( save != null && !save.isEmpty() && save.equals( "save" ) )
{ saveContent( request.getParameter( "content" ) );
}
}catch( Exception ioe )
{ System.out.println( ioe.getMessage() );
servletresponse.println( ioe.getMessage() );
}
//END APPLICATION SPECIFIC LOGIC
displayLogoutButton( servletresponse , servletURL );
}
servletresponse.println( "</body></html>" );
servletresponse.close();
} //end doGet()
private void saveContent( String content ) throws Exception
{
if( content != null && !content.isEmpty() )
{
String currentData = fs.stringFromFile( dataFileLocation );
if( currentData != null )
{ fs.writeStringToFile( currentData + content , dataFileLocation );
}else
{ fs.writeStringToFile( content , dataFileLocation );
}
}
}
private void displayTodo( PrintWriter out )
{
todoData = fs.newlineDelimitedListFromFile( dataFileLocation );
if( todoData != null )
{
ListIterator <String> it = todoData.listIterator();
while ( it.hasNext () )
{ out.println( it.next() + "<br />" );
}
}else
{ out.println( "<br />No data has been loaded<br />" );
}
}
private void displayMenu( PrintWriter out , String submitTarget )
{
out.println( "<form id='reportmenu' action='" + submitTarget + "' method='post' >" );
out.println( "<span><input type='submit' name='save' value='save'/></span>" );
out.println( "<textarea name='todo' rows='5' cols='80'></textarea>" );
out.println( "</form>" );
}
//GENERIC HELPER METHODS
private HttpSession changeSessionIdentifier( HttpServletRequest request )
{
HttpSession session = request.getSession();
HashMap<String, Object> attributes = new HashMap<String, Object>();
@SuppressWarnings("unchecked")
Enumeration <String> attributeNames = (Enumeration<String>) session.getAttributeNames();
while( attributeNames != null && attributeNames.hasMoreElements() )
{
String name = attributeNames.nextElement();
Object value = session.getAttribute( name );
attributes.put( name , value );
}
session.invalidate();
HttpSession newSession = request.getSession();
Set<Map.Entry<String, Object>> attributeValues = attributes.entrySet();
Iterator <Map.Entry<String, Object>> it = attributeValues.iterator(); // copy back the session content
while( it.hasNext() )
{ Map.Entry<String, Object> entry = it.next();
newSession.setAttribute( (String) entry.getKey(), entry.getValue() );
}
return newSession;
}
private String getUTCTimestamp()
{
long currentTimeMilliseconds = System.currentTimeMillis();
Date now = new Date( currentTimeMilliseconds );
SimpleDateFormat utcFormat = new SimpleDateFormat( "yyyy-MM-dd HH:mm:ss" );
utcFormat.setTimeZone( TimeZone.getTimeZone( "UTC" ) );
return utcFormat.format( now );
}
private void displayLogoutButton( PrintWriter out , String submitTarget )
{
out.println( "<br />" );
out.println( "<form id='logout' action='" + servletURL + "' method='post' >" );
out.println( "<div><input type='submit' name='logout' value='logout'/></div>" );
out.println( "</form>" );
out.println( "<br />" );
}
private void displayLoginForm( PrintWriter out , String submitTarget )
{
out.println( "<br />" );
out.println( "<form id='login' action='" + submitTarget + "' method='post' >" );
out.println( "Password: <input type='password' name='userPassword'/> <br /><br />" );
out.println( "<span><input type='submit' name='login' value='login'/></span>" );
out.println( "</form>" );
out.println( "<script type='text/javascript'> document.forms[ 'login' ].elements[ 'userPassword' ].focus(); </script>" );
}
private static void outputXHTMLHeader( PrintWriter out , String title )
{
out.println( "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.1//EN\" \"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd\">");
out.println( "<html xmlns=\"http://www.w3.org/1999/xhtml\">" );
out.println( "<head><title>" + title + "</title>" );
out.println( "<meta http-equiv=\"Content-Type\" content=\"text/html;charset=utf-8\" />" );
// out.println( "<script type='text/javascript' src='" + contextPath + "/javascript.js'></script>" );
out.println( "</head>" );
}
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException
{ doGet( request, response);
}
} //end class