001    /**
002     * Copyright (c) 2000-present Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.xml;
016    
017    import com.liferay.portal.kernel.log.Log;
018    import com.liferay.portal.kernel.log.LogFactoryUtil;
019    import com.liferay.portal.kernel.xml.XMLSchema;
020    import com.liferay.portal.util.EntityResolver;
021    
022    import org.xml.sax.XMLReader;
023    
024    /**
025     * @author Raymond Aug??
026     */
027    public class SAXReaderFactory {
028    
029            public static final org.dom4j.io.SAXReader getSAXReader(
030                    XMLReader xmlReader, boolean validate, boolean secure) {
031    
032                    org.dom4j.io.SAXReader reader = null;
033    
034                    try {
035                            reader = new org.dom4j.io.SAXReader(xmlReader, validate);
036    
037                            reader.setEntityResolver(new EntityResolver());
038                            reader.setFeature(_FEATURES_DYNAMIC, validate);
039                            reader.setFeature(_FEATURES_VALIDATION, validate);
040                            reader.setFeature(_FEATURES_VALIDATION_SCHEMA, validate);
041                            reader.setFeature(
042                                    _FEATURES_VALIDATION_SCHEMA_FULL_CHECKING, validate);
043    
044                            if (!secure) {
045                                    reader.setFeature(_FEATURES_DISALLOW_DOCTYPE_DECL, false);
046                                    reader.setFeature(_FEATURES_LOAD_DTD_GRAMMAR, validate);
047                                    reader.setFeature(_FEATURES_LOAD_EXTERNAL_DTD, validate);
048                            }
049                    }
050                    catch (Exception e) {
051                            if (_log.isWarnEnabled()) {
052                                    _log.warn(
053                                            "XSD validation is disabled because " + e.getMessage());
054                            }
055    
056                            reader = new org.dom4j.io.SAXReader(xmlReader, false);
057    
058                            reader.setEntityResolver(new EntityResolver());
059                    }
060    
061                    return reader;
062            }
063    
064            public static final org.dom4j.io.SAXReader getSAXReader(
065                    XMLReader xmlReader, XMLSchema xmlSchema, boolean validate,
066                    boolean secure) {
067    
068                    org.dom4j.io.SAXReader saxReader = getSAXReader(
069                            xmlReader, validate, secure);
070    
071                    if ((xmlSchema == null) || (validate == false)) {
072                            return saxReader;
073                    }
074    
075                    try {
076                            saxReader.setProperty(
077                                    _PROPERTY_SCHEMA_LANGUAGE, xmlSchema.getSchemaLanguage());
078                            saxReader.setProperty(
079                                    _PROPERTY_SCHEMA_SOURCE, xmlSchema.getSchemaSource());
080                    }
081                    catch (Exception e) {
082                            if (_log.isWarnEnabled()) {
083                                    _log.warn(
084                                            "XSD validation is disabled because " + e.getMessage());
085                            }
086                    }
087    
088                    return saxReader;
089            }
090    
091            private static final String _FEATURES_DISALLOW_DOCTYPE_DECL =
092                    "http://apache.org/xml/features/disallow-doctype-decl";
093    
094            private static final String _FEATURES_DYNAMIC =
095                    "http://apache.org/xml/features/validation/dynamic";
096    
097            private static final String _FEATURES_LOAD_DTD_GRAMMAR =
098                    "http://apache.org/xml/features/nonvalidating/load-dtd-grammar";
099    
100            private static final String _FEATURES_LOAD_EXTERNAL_DTD =
101                    "http://apache.org/xml/features/nonvalidating/load-external-dtd";
102    
103            private static final String _FEATURES_VALIDATION =
104                    "http://xml.org/sax/features/validation";
105    
106            private static final String _FEATURES_VALIDATION_SCHEMA =
107                    "http://apache.org/xml/features/validation/schema";
108    
109            private static final String _FEATURES_VALIDATION_SCHEMA_FULL_CHECKING =
110                    "http://apache.org/xml/features/validation/schema-full-checking";
111    
112            private static final String _PROPERTY_SCHEMA_LANGUAGE =
113                    "http://java.sun.com/xml/jaxp/properties/schemaLanguage";
114    
115            private static final String _PROPERTY_SCHEMA_SOURCE =
116                    "http://java.sun.com/xml/jaxp/properties/schemaSource";
117    
118            private static final Log _log = LogFactoryUtil.getLog(
119                    SAXReaderFactory.class);
120    
121    }