001    /**
002     * Copyright (c) 2000-present Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.sharepoint;
016    
017    import com.liferay.portal.kernel.servlet.HttpHeaders;
018    import com.liferay.portal.kernel.servlet.HttpMethods;
019    import com.liferay.portal.kernel.util.GetterUtil;
020    import com.liferay.portal.servlet.filters.secure.SecureFilter;
021    
022    import javax.servlet.FilterChain;
023    import javax.servlet.FilterConfig;
024    import javax.servlet.http.HttpServletRequest;
025    import javax.servlet.http.HttpServletResponse;
026    
027    /**
028     * @author Bruno Farache
029     * @author Alexander Chow
030     */
031    public class SharepointFilter extends SecureFilter {
032    
033            @Override
034            public void init(FilterConfig filterConfig) {
035                    super.init(filterConfig);
036    
037                    setUsePermissionChecker(true);
038            }
039    
040            protected boolean isSharepointRequest(String uri) {
041                    if (uri == null) {
042                            return false;
043                    }
044    
045                    if (uri.endsWith("*.asmx")) {
046                            return true;
047                    }
048    
049                    for (String prefix : _PREFIXES) {
050                            if (uri.startsWith(prefix)) {
051                                    return true;
052                            }
053                    }
054    
055                    return false;
056            }
057    
058            protected boolean isWebDAVRequest(String uri) {
059                    if (uri.startsWith("/webdav")) {
060                            return true;
061                    }
062    
063                    return false;
064            }
065    
066            @Override
067            protected void processFilter(
068                            HttpServletRequest request, HttpServletResponse response,
069                            FilterChain filterChain)
070                    throws Exception {
071    
072                    String method = request.getMethod();
073    
074                    String userAgent = GetterUtil.getString(
075                            request.getHeader(HttpHeaders.USER_AGENT));
076    
077                    if ((userAgent.startsWith(
078                                    "Microsoft Data Access Internet Publishing") ||
079                             userAgent.startsWith("Microsoft Office Protocol Discovery")) &&
080                            method.equals(HttpMethods.OPTIONS)) {
081    
082                            setOptionsHeaders(request, response);
083    
084                            return;
085                    }
086    
087                    if (!isSharepointRequest(request.getRequestURI())) {
088                            processFilter(
089                                    SharepointFilter.class.getName(), request, response,
090                                    filterChain);
091    
092                            return;
093                    }
094    
095                    if (method.equals(HttpMethods.GET) || method.equals(HttpMethods.HEAD)) {
096                            setGetHeaders(response);
097                    }
098                    else if (method.equals(HttpMethods.POST)) {
099                            setPostHeaders(response);
100                    }
101    
102                    super.processFilter(request, response, filterChain);
103            }
104    
105            protected void setGetHeaders(HttpServletResponse response) {
106                    response.setContentType("text/html");
107    
108                    response.setHeader(
109                            "Public-Extension", "http://schemas.microsoft.com/repl-2");
110                    response.setHeader(
111                            "MicrosoftSharePointTeamServices", SharepointUtil.VERSION);
112                    response.setHeader("Cache-Control", "no-cache");
113            }
114    
115            protected void setOptionsHeaders(
116                    HttpServletRequest request, HttpServletResponse response) {
117    
118                    if (isWebDAVRequest(request.getRequestURI())) {
119                            response.setHeader("MS-Author-Via", "DAV,MS-FP/4.0");
120                    }
121                    else {
122                            response.setHeader("MS-Author-Via", "MS-FP/4.0,DAV");
123                    }
124    
125                    response.setHeader("MicrosoftOfficeWebServer", "5.0_Collab");
126                    response.setHeader(
127                            "MicrosoftSharePointTeamServices", SharepointUtil.VERSION);
128                    response.setHeader("DAV", "1,2");
129                    response.setHeader("Accept-Ranges", "none");
130                    response.setHeader("Cache-Control", "no-cache");
131                    response.setHeader(
132                            "Allow",
133                            "COPY, DELETE, GET, GETLIB, HEAD, LOCK, MKCOL, MOVE, OPTIONS, " +
134                                    "POST, PROPFIND, PROPPATCH, PUT, UNLOCK");
135            }
136    
137            protected void setPostHeaders(HttpServletResponse response) {
138                    response.setContentType("application/x-vermeer-rpc");
139    
140                    response.setHeader(
141                            "MicrosoftSharePointTeamServices", SharepointUtil.VERSION);
142                    response.setHeader("Cache-Control", "no-cache");
143                    response.setHeader("Connection", "close");
144            }
145    
146            private static final String[] _PREFIXES = new String[] {
147                    "/_vti_inf.html", "/_vti_bin", "/sharepoint", "/history", "/resources"
148            };
149    
150    }