- String publishid = req.getHeader("X-ATT-DR-PUBLISH-ID");
- String filename =
- URLEncoder.encode(fileid, "UTF-8").replaceAll("^\\.", "%2E").replaceAll("\\*", "%2A");
- String fullPath = outputDirectory + "/" + filename;
- String tmpPath = outputDirectory + "/." + filename;
- try {
- if (isdelete) {
- Files.deleteIfExists(Paths.get(fullPath));
- logger.info(
- "SampleSubServlet: Received delete for file id "
- + fileid
- + " from "
- + req.getRemoteAddr()
- + " publish id "
- + publishid
- + " as "
- + fullPath);
- } else {
- new File(tmpPath).createNewFile();
- try (InputStream is = req.getInputStream();
- OutputStream os = new FileOutputStream(tmpPath)) {
- byte[] buf = new byte[65536];
- int i;
- while ((i = is.read(buf)) > 0) {
- os.write(buf, 0, i);
- }
+
+ /**
+ * Process a PUT or DELETE request.
+ *
+ * <ol>
+ * <li>Verify that the request contains an Authorization header or else UNAUTHORIZED.
+ * <li>Verify that the Authorization header matches the configured Login and Password or else
+ * FORBIDDEN.
+ * <li>If the request is PUT, store the message body as a file in the configured outputDirectory
+ * directory protecting against evil characters in the received FileID. The file is created
+ * initially with its name prefixed with a ".", and once it is complete, it is renamed to
+ * remove the leading "." character.
+ * <li>If the request is DELETE, instead delete the file (if it exists) from the configured
+ * outputDirectory directory.
+ * <li>Respond with NO_CONTENT.
+ * </ol>
+ */
+ private void common(HttpServletRequest req, HttpServletResponse resp, boolean isdelete) throws IOException {
+ String authHeader = req.getHeader("Authorization");
+ if (authHeader == null) {
+ logger.info("SampleSubServlet: Rejecting request with no Authorization header from " + req.getRemoteAddr()
+ + ": " + req.getPathInfo());
+ resp.sendError(HttpServletResponse.SC_UNAUTHORIZED);
+ return;
+ }
+ if (!basicAuth.equals(authHeader)) {
+ logger.info("SampleSubServlet: Rejecting request with incorrect Authorization header from "
+ + req.getRemoteAddr() + ": " + req.getPathInfo());
+ resp.sendError(HttpServletResponse.SC_FORBIDDEN);
+ return;
+ }
+ String fileid = req.getPathInfo();
+ fileid = fileid.substring(fileid.lastIndexOf('/') + 1);
+ String queryString = req.getQueryString();
+ if (queryString != null) {
+ fileid = fileid + "?" + queryString;
+ }
+ String publishid = req.getHeader("X-DMAAP-DR-PUBLISH-ID");
+ String filename = URLEncoder.encode(fileid, "UTF-8").replaceAll("^\\.", "%2E").replaceAll("\\*", "%2A");
+ String fullPath = outputDirectory + "/" + filename;
+ String tmpPath = outputDirectory + "/." + filename;
+ String fullMetaDataPath = outputDirectory + "/" + filename + ".M";
+ String tmpMetaDataPath = outputDirectory + "/." + filename + ".M";
+ try {
+ if (isdelete) {
+ Files.deleteIfExists(Paths.get(fullPath));
+ Files.deleteIfExists(Paths.get(fullMetaDataPath));
+ logger.info("SampleSubServlet: Received delete for file id " + fileid + " from " + req.getRemoteAddr()
+ + " publish id " + publishid + " as " + fullPath);
+ } else {
+ new File(tmpPath).createNewFile();
+ new File(tmpMetaDataPath).createNewFile();
+ try (InputStream is = req.getInputStream(); OutputStream os = new FileOutputStream(tmpPath)) {
+ byte[] buf = new byte[65536];
+ int bufferSize;
+ while ((bufferSize = is.read(buf)) > 0) {
+ os.write(buf, 0, bufferSize);
+ }
+ }
+ Files.move(Paths.get(tmpPath), Paths.get(fullPath), StandardCopyOption.REPLACE_EXISTING);
+ try (PrintWriter writer = new PrintWriter(new FileOutputStream(tmpMetaDataPath))) {
+ String metaData = req.getHeader("X-DMAAP-DR-META");
+ writer.print(metaData);
+ }
+ Files.move(Paths.get(tmpMetaDataPath), Paths.get(fullMetaDataPath),
+ StandardCopyOption.REPLACE_EXISTING);
+ logger.info(
+ "SampleSubServlet: Received file id " + fileid + " from " + req.getRemoteAddr() + " publish id "
+ + publishid + " as " + fullPath);
+ resp.setStatus(HttpServletResponse.SC_NO_CONTENT);
+ }
+ resp.setStatus(HttpServletResponse.SC_NO_CONTENT);
+ } catch (IOException ioe) {
+ Files.deleteIfExists(Paths.get(tmpPath));
+ Files.deleteIfExists(Paths.get(tmpMetaDataPath));
+ logger.info("SampleSubServlet: Failed to process file " + fullPath + " from " + req.getRemoteAddr() + ": "
+ + req.getPathInfo());
+ throw ioe;