- return;\r
- }\r
- String bhdr = req.getHeader(BEHALF_HEADER);\r
- if (bhdr == null) {\r
- message = "Missing " + BEHALF_HEADER + " header.";\r
- elr.setMessage(message);\r
- elr.setResult(HttpServletResponse.SC_BAD_REQUEST);\r
- eventlogger.info(elr);\r
- sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, message, eventlogger);\r
- return;\r
- }\r
- int subid = getIdFromPath(req);\r
- if (subid < 0) {\r
- message = "Missing or bad subscription number.";\r
- elr.setMessage(message);\r
- elr.setResult(HttpServletResponse.SC_BAD_REQUEST);\r
- eventlogger.info(elr);\r
- sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, message, eventlogger);\r
- return;\r
- }\r
- Subscription oldsub = Subscription.getSubscriptionById(subid);\r
- if (oldsub == null) {\r
- message = "Missing or bad subscription number.";\r
- elr.setMessage(message);\r
- elr.setResult(HttpServletResponse.SC_NOT_FOUND);\r
- eventlogger.info(elr);\r
- sendResponseError(resp, HttpServletResponse.SC_NOT_FOUND, message, eventlogger);\r
- return;\r
- }\r
- // Check with the Authorizer\r
- AuthorizationResponse aresp = authz.decide(req);\r
- if (!aresp.isAuthorized()) {\r
- message = "Policy Engine disallows access.";\r
- elr.setMessage(message);\r
- elr.setResult(HttpServletResponse.SC_FORBIDDEN);\r
- eventlogger.info(elr);\r
- sendResponseError(resp, HttpServletResponse.SC_FORBIDDEN, message, eventlogger);\r
- return;\r
- }\r
- // check content type is SUB_CONTENT_TYPE, version 1.0\r
- ContentHeader ch = getContentHeader(req);\r
- String ver = ch.getAttribute("version");\r
- if (!ch.getType().equals(SUB_BASECONTENT_TYPE) || !(ver.equals("1.0") || ver.equals("2.0"))) {\r
- message = "Incorrect content-type";\r
- elr.setMessage(message);\r
- elr.setResult(HttpServletResponse.SC_UNSUPPORTED_MEDIA_TYPE);\r
- eventlogger.info(elr);\r
- sendResponseError(resp, HttpServletResponse.SC_UNSUPPORTED_MEDIA_TYPE, message, eventlogger);\r
- return;\r
- }\r
- JSONObject jo = getJSONfromInput(req);\r
- if (jo == null) {\r
- message = "Badly formed JSON";\r
- elr.setMessage(message);\r
- elr.setResult(HttpServletResponse.SC_BAD_REQUEST);\r
- eventlogger.info(elr);\r
- sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, message, eventlogger);\r
- return;\r
- }\r
- if (intlogger.isDebugEnabled()) {\r
- intlogger.debug(jo.toString());\r
- }\r
- Subscription sub = null;\r
- try {\r
- sub = new Subscription(jo);\r
- } catch (InvalidObjectException e) {\r
- message = e.getMessage();\r
- elr.setMessage(message);\r
- elr.setResult(HttpServletResponse.SC_BAD_REQUEST);\r
- eventlogger.info(elr);\r
- sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, message, eventlogger);\r
- return;\r
- }\r
- sub.setSubid(oldsub.getSubid());\r
- sub.setFeedid(oldsub.getFeedid());\r
- sub.setSubscriber(bhdr); // set from X-ATT-DR-ON-BEHALF-OF header\r