*/
package gr.ebs.gss.server;
-import static gr.ebs.gss.server.configuration.GSSConfigurationFactory.getConfiguration;
import gr.ebs.gss.client.exceptions.RpcException;
import gr.ebs.gss.server.domain.Invitation;
-import gr.ebs.gss.server.ejb.ExternalAPI;
import java.io.IOException;
-import java.net.URLEncoder;
-import javax.naming.Context;
-import javax.naming.InitialContext;
-import javax.naming.NamingException;
-import javax.rmi.PortableRemoteObject;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
*/
private static Log logger = LogFactory.getLog(Invitations.class);
- /**
- * A helper method that retrieves a reference to the ExternalAPI bean and
- * stores it for future use.
- *
- * @return an ExternalAPI instance
- * @throws RpcException in case an error occurs
- */
- private ExternalAPI getService() throws RpcException {
- try {
- final Context ctx = new InitialContext();
- final Object ref = ctx.lookup(getConfiguration().getString("externalApiPath"));
- return (ExternalAPI) PortableRemoteObject.narrow(ref, ExternalAPI.class);
- } catch (final NamingException e) {
- logger.error("Unable to retrieve the ExternalAPI EJB", e);
- throw new RpcException("An error occurred while contacting the naming service");
- }
- }
-
@Override
public void service(HttpServletRequest request, HttpServletResponse response) throws IOException {
String code = request.getParameter(CODE_PARAM);
// Validate input parameters.
if (code == null || code.isEmpty()) {
- String error = URLEncoder.encode("No code was specified", "UTF-8");
- String errorUrl = "invites.jsp?error=" + error;
- response.sendRedirect(errorUrl);
+ response.sendRedirect("invites.jsp?error=" + encode("No code was specified"));
return;
}
try {
Invitation invite = getService().findInvite(code);
if (invite == null) {
- String error = URLEncoder.encode("The specified code was not found", "UTF-8");
- String errorUrl = "invites.jsp?code=&error=" + error;
- response.sendRedirect(errorUrl);
+ response.sendRedirect("invites.jsp?code=&error=" + encode("The specified code was not found"));
return;
}
String firstname = invite.getFirstname() == null? "": invite.getFirstname();
String lastname = invite.getLastname() == null? "": invite.getLastname();
String email = invite.getEmail() == null? "": invite.getEmail();
- response.sendRedirect("register.jsp?firstname=" + firstname +
- "&lastname=" + lastname + "&email=" + email);
+ response.sendRedirect("register.jsp?firstname=" + encode(firstname) +
+ "&lastname=" + encode(lastname) + "&email=" + encode(email));
} catch (RpcException e) {
- String error = "An error occurred while communicating with the service";
- logger.error(error, e);
- response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, error);
+ logger.error(e);
+ handleException(response, encode("An error occurred while communicating with the service"));
}
}
+
+ private void handleException(HttpServletResponse response, String error) throws IOException {
+ String errorUrl = "invites.jsp?username=&firstname=&lastname=&email=&error=" + error;
+ response.sendRedirect(errorUrl);
+ }
}
import gr.ebs.gss.server.ejb.TransactionHelper;
import java.io.IOException;
+import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.util.concurrent.Callable;
* @return an ExternalAPI instance
* @throws RpcException in case an error occurs
*/
- private ExternalAPI getService() throws RpcException {
+ protected ExternalAPI getService() throws RpcException {
try {
final Context ctx = new InitialContext();
final Object ref = ctx.lookup(getConfiguration().getString("externalApiPath"));
// Validate input parameters.
if (username == null || username.isEmpty()) {
- String error = URLEncoder.encode("No username was specified", "UTF-8");
+ String error = encode("No username was specified");
String errorUrl = "register.jsp?username=&error=" + error;
- errorUrl += "&firstname=" + (firstname == null? "": firstname);
- errorUrl += "&lastname=" + (lastname == null? "": lastname);
- errorUrl += "&email=" + (email == null? "": email);
+ errorUrl += "&firstname=" + (firstname == null? "": encode(firstname));
+ errorUrl += "&lastname=" + (lastname == null? "": encode(lastname));
+ errorUrl += "&email=" + (email == null? "": encode(email));
response.sendRedirect(errorUrl);
return;
} else if (firstname == null || firstname.isEmpty()) {
- String error = URLEncoder.encode("No firstname was specified", "UTF-8");
+ String error = encode("No firstname was specified");
String errorUrl = "register.jsp?firstname=&error=" + error;
- errorUrl += "&username=" + username;
- errorUrl += "&lastname=" + (lastname == null? "": lastname);
- errorUrl += "&email=" + (email == null? "": email);
+ errorUrl += "&username=" + encode(username);
+ errorUrl += "&lastname=" + (lastname == null? "": encode(lastname));
+ errorUrl += "&email=" + (email == null? "": encode(email));
response.sendRedirect(errorUrl);
return;
} else if (lastname == null || lastname.isEmpty()) {
- String error = URLEncoder.encode("No lastname was specified", "UTF-8");
+ String error = encode("No lastname was specified");
String errorUrl = "register.jsp?lastname=&error=" + error;
- errorUrl += "&username=" + username;
- errorUrl += "&firstname=" + firstname;
- errorUrl += "&email=" + (email == null? "": email);
+ errorUrl += "&username=" + encode(username);
+ errorUrl += "&firstname=" + encode(firstname);
+ errorUrl += "&email=" + (email == null? "": encode(email));
response.sendRedirect(errorUrl);
return;
} else if (email == null || email.isEmpty()) {
- String error = URLEncoder.encode("No e-mail was specified", "UTF-8");
+ String error = encode("No e-mail was specified");
String errorUrl = "register.jsp?email=&error=" + error;
- errorUrl += "&username=" + username;
- errorUrl += "&firstname=" + firstname;
- errorUrl += "&lastname=" + lastname;
+ errorUrl += "&username=" + encode(username);
+ errorUrl += "&firstname=" + encode(firstname);
+ errorUrl += "&lastname=" + encode(lastname);
response.sendRedirect(errorUrl);
return;
} else if (password == null || password.isEmpty()) {
- String error = URLEncoder.encode("No password was specified", "UTF-8");
+ String error = encode("No password was specified");
String errorUrl = "register.jsp?error=" + error;
- errorUrl += "&username=" + username;
- errorUrl += "&firstname=" + firstname;
- errorUrl += "&lastname=" + lastname;
- errorUrl += "&email=" + email;
+ errorUrl += "&username=" + encode(username);
+ errorUrl += "&firstname=" + encode(firstname);
+ errorUrl += "&lastname=" + encode(lastname);
+ errorUrl += "&email=" + encode(email);
response.sendRedirect(errorUrl);
return;
} else if (!password.equals(password2)) {
- String error = URLEncoder.encode("Passwords do not match", "UTF-8");
+ String error = encode("Passwords do not match");
String errorUrl = "register.jsp?error=" + error;
- errorUrl += "&username=" + username;
- errorUrl += "&firstname=" + firstname;
- errorUrl += "&lastname=" + lastname;
- errorUrl += "&email=" + email;
+ errorUrl += "&username=" + encode(username);
+ errorUrl += "&firstname=" + encode(firstname);
+ errorUrl += "&lastname=" + encode(lastname);
+ errorUrl += "&email=" + encode(email);
response.sendRedirect(errorUrl);
return;
} else if (!"on".equalsIgnoreCase(accept)) {
- String error = URLEncoder.encode("You must accept the terms and conditions", "UTF-8");
+ String error = encode("You must accept the terms and conditions");
String errorUrl = "register.jsp?error=" + error;
- errorUrl += "&username=" + username;
- errorUrl += "&firstname=" + firstname;
- errorUrl += "&lastname=" + lastname;
- errorUrl += "&email=" + email;
+ errorUrl += "&username=" + encode(username);
+ errorUrl += "&firstname=" + encode(firstname);
+ errorUrl += "&lastname=" + encode(lastname);
+ errorUrl += "&email=" + encode(email);
response.sendRedirect(errorUrl);
return;
}
try {
user = getService().findUser(username);
if (user != null) {
- String error = URLEncoder.encode("The username already exists", "UTF-8");
+ String error = encode("The username already exists");
String errorUrl = "register.jsp?username=&error=" + error;
- errorUrl += "&firstname=" + firstname;
- errorUrl += "&lastname=" + lastname;
- errorUrl += "&email=" + email;
+ errorUrl += "&firstname=" + encode(firstname);
+ errorUrl += "&lastname=" + encode(lastname);
+ errorUrl += "&email=" + encode(email);
response.sendRedirect(errorUrl);
return;
}
getService().createLdapUser(username, firstname, lastname, email, password);
} catch (Exception e) {
logger.error(e);
- response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.getMessage());
+ handleException(response, e.getMessage());
return;
}
final UserDTO userDto = new TransactionHelper<UserDTO>().tryExecute(new Callable<UserDTO>() {
});
response.sendRedirect("registered.jsp");
} catch (RpcException e) {
- String error = "An error occurred while communicating with the service";
- logger.error(error, e);
- response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, error);
+ logger.error(e);
+ handleException(response, "An error occurred while communicating with the service");
} catch (DuplicateNameException e) {
// Can't happen, but this is more user-friendly than an assert.
- String error = URLEncoder.encode("The username already exists", "UTF-8");
- String errorUrl = "register.jsp?username=&firstname=&lastname=&email=&error=" + error;
- response.sendRedirect(errorUrl);
+ logger.error(e);
+ handleException(response, "The username already exists");
} catch (ObjectNotFoundException e) {
// Can't happen, but this is more user-friendly than an assert.
- String error = URLEncoder.encode("No username or name was specified", "UTF-8");
- String errorUrl = "register.jsp?username=&firstname=&lastname=&email=&error=" + error;
- response.sendRedirect(errorUrl);
+ logger.error(e);
+ handleException(response, "No username or name was specified");
} catch (Exception e) {
logger.error(e);
- response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.getMessage());
+ handleException(response, e.getMessage());
}
}
+
+ private void handleException(HttpServletResponse response, String error) throws IOException {
+ String errorUrl = "register.jsp?username=&firstname=&lastname=&email=&error=" + encode(error);
+ response.sendRedirect(errorUrl);
+ }
+
+ protected String encode(String parameter) throws UnsupportedEncodingException {
+ return URLEncoder.encode(parameter, "UTF-8");
+ }
}