Package org.mycore.frontend

Class MCRFrontendUtil

java.lang.Object

org.mycore.frontend.MCRFrontendUtil

public class MCRFrontendUtil
extends Object

Servlet/Jersey Resource utility class.

Field Summary

Fields

Modifier and Type	Field	Description
static final String	BASE_URL_ATTRIBUTE
static byte[]	SESSION_NETMASK_IPV4
static final String	SESSION_NETMASK_IPV4_STRING
static byte[]	SESSION_NETMASK_IPV6
static final String	SESSION_NETMASK_IPV6_STRING
protected static final Set<String>	TRUSTED_PROXIES	The IP addresses of trusted web proxies

Constructor Summary

Constructors

Constructor	Description
MCRFrontendUtil()

Method Summary

Modifier and Type	Method	Description
static void	configureSession(MCRSession session, jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response)
static String	getBaseURL()	returns the base URL of the mycore system
static String	getBaseURL(jakarta.servlet.ServletRequest req)	returns the base URL of the mycore system.
static Optional<MCRServletJob>	getCurrentServletJob()	Returns the instance saved for the current thread via configureSession(MCRSession, HttpServletRequest, HttpServletResponse).
static String	getHostIP()
static Optional<String>	getProperty(jakarta.servlet.http.HttpServletRequest request, String name)
static String	getRemoteAddr(jakarta.servlet.http.HttpServletRequest req)	Returns the IP address of the client that made the request.
static Optional<File>	getWebAppBaseDir(jakarta.servlet.ServletContext ctx)
static boolean	isIPAddrAllowed(String lastIP, String newIP)	Checks if the newIP address matches the session of lastIP address.
static void	prepareBaseURLs(String baseURL)
static void	writeCacheHeaders(jakarta.servlet.http.HttpServletResponse response, long cacheTime, long lastModified, boolean useExpire)	Sets cache-control, last-modified and expires parameter to the response header.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

BASE_URL_ATTRIBUTE

public static final String BASE_URL_ATTRIBUTE

See Also:

• Constant Field Values

SESSION_NETMASK_IPV4_STRING

public static final String SESSION_NETMASK_IPV4_STRING

SESSION_NETMASK_IPV6_STRING

public static final String SESSION_NETMASK_IPV6_STRING

SESSION_NETMASK_IPV4

public static byte[] SESSION_NETMASK_IPV4

SESSION_NETMASK_IPV6

public static byte[] SESSION_NETMASK_IPV6

TRUSTED_PROXIES

protected static final Set<String> TRUSTED_PROXIES

The IP addresses of trusted web proxies

Constructor Details

MCRFrontendUtil

public MCRFrontendUtil()

Method Details

getBaseURL

public static String getBaseURL()

returns the base URL of the mycore system

getHostIP

public static String getHostIP()

getBaseURL

public static String getBaseURL(jakarta.servlet.ServletRequest req)

returns the base URL of the mycore system. This method uses the request to 'calculate' the right baseURL. Generally it is sufficent to use getBaseURL() instead.

prepareBaseURLs

public static void prepareBaseURLs(String baseURL)

configureSession

public static void configureSession(MCRSession session,
 jakarta.servlet.http.HttpServletRequest request,
 jakarta.servlet.http.HttpServletResponse response)

getProperty

public static Optional<String> getProperty(jakarta.servlet.http.HttpServletRequest request,
 String name)

Parameters:

request - current request to get property from

name - of request attribute or parameter

Returns:

an Optional that is either empty or contains a trimmed non-empty String that is either the value of the request attribute or a parameter (in that order) with the given name.

getRemoteAddr

public static String getRemoteAddr(jakarta.servlet.http.HttpServletRequest req)

Returns the IP address of the client that made the request. When a trusted proxy server was used, e. g. a local Apache mod_proxy in front of Tomcat, the value of the last entry in the HTTP header X_FORWARDED_FOR is returned, otherwise the REMOTE_ADDR is returned. The list of trusted proxy IPs can be configured using the property MCR.Request.TrustedProxies, which is a List of IP addresses separated by blanks and/or comma.

getCurrentServletJob

public static Optional<MCRServletJob> getCurrentServletJob()

Returns the instance saved for the current thread via configureSession(MCRSession, HttpServletRequest, HttpServletResponse).

Returns:

Optional.empty() if no servlet job is available for the current MCRSession

writeCacheHeaders

public static void writeCacheHeaders(jakarta.servlet.http.HttpServletResponse response,
 long cacheTime,
 long lastModified,
 boolean useExpire)

Sets cache-control, last-modified and expires parameter to the response header. Use this method when the client should cache the response data.

Parameters:

response - the response data to cache

cacheTime - how long to cache

lastModified - when the data was last modified

useExpire - true if 'Expire' header should be set

getWebAppBaseDir

public static Optional<File> getWebAppBaseDir(jakarta.servlet.ServletContext ctx)

isIPAddrAllowed

public static boolean isIPAddrAllowed(String lastIP,
 String newIP)
                               throws UnknownHostException

Checks if the newIP address matches the session of lastIP address. Usually this is only true if both addresses are equal by InetAddress.equals(Object). This method is called to detect if a session is stolen by a 3rd party. There are two properties (with their default value) to modify this behavior and specify netmasks:

 MCR.Servlet.Session.NetMask.IPv4=255.255.255.255
 MCR.Servlet.Session.NetMask.IPv6=FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF
 

Parameters:

lastIP - IP address from former request

newIP - IP address from current request

Returns:

Throws:

UnknownHostException - if lastIP or newIP are not valid IP addresses.