+ eelflogger.info(EelfMsgs.MESSAGE_WITH_BEHALF_AND_SUBID, req.getHeader(BEHALF_HEADER), getIdFromPath(req) + "");\r
+ EventLogRecord elr = new EventLogRecord(req);\r
+ String message = isAuthorizedForProvisioning(req);\r
+ if (message != null) {\r
+ elr.setMessage(message);\r
+ elr.setResult(HttpServletResponse.SC_FORBIDDEN);\r
+ eventlogger.info(elr);\r
+ sendResponseError(resp, HttpServletResponse.SC_FORBIDDEN, message, eventlogger);\r
+ return;\r
+ }\r
+ if (isProxyServer()) {\r
+ super.doPut(req, resp);\r
+ return;\r
+ }\r
+ String bhdr = req.getHeader(BEHALF_HEADER);\r
+ if (bhdr == null) {\r
+ message = "Missing " + BEHALF_HEADER + " header.";\r
+ elr.setMessage(message);\r
+ elr.setResult(HttpServletResponse.SC_BAD_REQUEST);\r
+ eventlogger.info(elr);\r
+ sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, message, eventlogger);\r
+ return;\r
+ }\r
+ int subid = getIdFromPath(req);\r
+ if (subid < 0) {\r
+ message = "Missing or bad subscription number.";\r
+ elr.setMessage(message);\r
+ elr.setResult(HttpServletResponse.SC_BAD_REQUEST);\r
+ eventlogger.info(elr);\r
+ sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, message, eventlogger);\r
+ return;\r
+ }\r
+ Subscription oldsub = Subscription.getSubscriptionById(subid);\r
+ if (oldsub == null) {\r
+ message = "Missing or bad subscription number.";\r
+ elr.setMessage(message);\r
+ elr.setResult(HttpServletResponse.SC_NOT_FOUND);\r
+ eventlogger.info(elr);\r
+ sendResponseError(resp, HttpServletResponse.SC_NOT_FOUND, message, eventlogger);\r
+ return;\r
+ }\r
+ // Check with the Authorizer\r
+ AuthorizationResponse aresp = authz.decide(req);\r
+ if (!aresp.isAuthorized()) {\r
+ message = "Policy Engine disallows access.";\r
+ elr.setMessage(message);\r
+ elr.setResult(HttpServletResponse.SC_FORBIDDEN);\r
+ eventlogger.info(elr);\r
+ sendResponseError(resp, HttpServletResponse.SC_FORBIDDEN, message, eventlogger);\r
+ return;\r
+ }\r
+ // check content type is SUB_CONTENT_TYPE, version 1.0\r
+ ContentHeader ch = getContentHeader(req);\r
+ String ver = ch.getAttribute("version");\r
+ if (!ch.getType().equals(SUB_BASECONTENT_TYPE) || !(ver.equals("1.0") || ver.equals("2.0"))) {\r
+ message = "Incorrect content-type";\r
+ elr.setMessage(message);\r
+ elr.setResult(HttpServletResponse.SC_UNSUPPORTED_MEDIA_TYPE);\r
+ eventlogger.info(elr);\r
+ sendResponseError(resp, HttpServletResponse.SC_UNSUPPORTED_MEDIA_TYPE, message, eventlogger);\r
+ return;\r
+ }\r
+ JSONObject jo = getJSONfromInput(req);\r
+ if (jo == null) {\r
+ message = "Badly formed JSON";\r
+ elr.setMessage(message);\r
+ elr.setResult(HttpServletResponse.SC_BAD_REQUEST);\r
+ eventlogger.info(elr);\r
+ sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, message, eventlogger);\r
+ return;\r
+ }\r
+ if (intlogger.isDebugEnabled()) {\r
+ intlogger.debug(jo.toString());\r
+ }\r
+ Subscription sub = null;\r
+ try {\r
+ sub = new Subscription(jo);\r
+ } catch (InvalidObjectException e) {\r
+ message = e.getMessage();\r
+ elr.setMessage(message);\r
+ elr.setResult(HttpServletResponse.SC_BAD_REQUEST);\r
+ eventlogger.info(elr);\r
+ sendResponseError(resp, HttpServletResponse.SC_BAD_REQUEST, message, eventlogger);\r
+ return;\r
+ }\r
+ sub.setSubid(oldsub.getSubid());\r
+ sub.setFeedid(oldsub.getFeedid());\r
+ sub.setSubscriber(bhdr); // set from X-ATT-DR-ON-BEHALF-OF header\r