001    package org.apache.myfaces.tobago.servlet;
002    
003    /*
004     * Licensed to the Apache Software Foundation (ASF) under one or more
005     * contributor license agreements.  See the NOTICE file distributed with
006     * this work for additional information regarding copyright ownership.
007     * The ASF licenses this file to You under the Apache License, Version 2.0
008     * (the "License"); you may not use this file except in compliance with
009     * the License.  You may obtain a copy of the License at
010     *
011     *      http://www.apache.org/licenses/LICENSE-2.0
012     *
013     * Unless required by applicable law or agreed to in writing, software
014     * distributed under the License is distributed on an "AS IS" BASIS,
015     * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
016     * See the License for the specific language governing permissions and
017     * limitations under the License.
018     */
019    
020    import org.apache.commons.io.IOUtils;
021    import org.apache.commons.logging.Log;
022    import org.apache.commons.logging.LogFactory;
023    import org.apache.myfaces.tobago.util.MimeTypeUtils;
024    
025    import javax.servlet.ServletException;
026    import javax.servlet.ServletConfig;
027    import javax.servlet.http.HttpServlet;
028    import javax.servlet.http.HttpServletRequest;
029    import javax.servlet.http.HttpServletResponse;
030    import java.io.IOException;
031    import java.io.InputStream;
032    import java.util.Date;
033    
034    /**
035     * <p><pre>
036     * &lt;servlet&gt;
037     *   &lt;servlet-name&gt;ResourceServlet&lt;/servlet-name&gt;
038     *   &lt;servlet-class&gt;org.apache.myfaces.tobago.servlet.ResourceServlet&lt;/servlet-class&gt;
039     *   &lt;init-param&gt;
040     *     &lt;description&gt;The value for the expires header in seconds.
041     *            Default is no expires header.&lt;/description&gt;
042     *     &lt;param-name&gt;expires&lt;/param-name&gt;
043     *     &lt;param-value&gt;14400&lt;/param-value&gt;
044     *   &lt;/init-param&gt;
045     * &lt;/servlet&gt;
046     * &lt;servlet-mapping&gt;
047     *   &lt;servlet-name&gt;ResourceServlet&lt;/servlet-name&gt;
048     *   &lt;url-pattern&gt;/org/apache/myfaces/tobago/renderkit/*&lt;/url-pattern&gt;
049     * &lt;/servlet-mapping&gt;
050     *</pre><p>
051     *
052     * @since 1.0.7
053     *        <p/>
054     *        XXX This class is in development. Please don't use it in
055     *        production environment!
056     */
057    public class ResourceServlet extends HttpServlet {
058    
059      private static final Log LOG = LogFactory.getLog(ResourceServlet.class);
060    
061      private Long expires;
062    
063      public void init(ServletConfig servletConfig) throws ServletException {
064        super.init(servletConfig);
065        String expiresString = servletConfig.getInitParameter("expires");
066    
067        expires = null;
068        if (expiresString != null) {
069          try {
070            expires = new Long(expiresString);
071          } catch (NumberFormatException e) {
072            LOG.error("Catched: " + e.getMessage(), e);
073          }
074        }
075      }
076    
077      @Override
078      protected void service(
079          HttpServletRequest request, HttpServletResponse response)
080          throws ServletException, IOException {
081    
082        String requestURI = request.getRequestURI();
083    
084        String resource = requestURI.substring(
085            request.getContextPath().length() + 1); // todo: make it "stable"
086    
087        if (expires != null) {
088          response.setHeader("Cache-Control", "max-age=" + expires);
089          response.setDateHeader("Expires", new Date().getTime() + (expires * 1000));
090        }
091        String contentType = MimeTypeUtils.getMimeTypeForFile(requestURI);
092        if (contentType != null) {
093          response.setContentType(contentType);
094        } else {
095          LOG.warn("Unsupported file extension, will be ignored for security "
096              + "reasons; resource='" + resource + "'");
097          response.setStatus(HttpServletResponse.SC_FORBIDDEN);
098        }
099        InputStream inputStream = null;
100        try {
101          ClassLoader classLoader = Thread.currentThread().getContextClassLoader();
102          inputStream = classLoader.getResourceAsStream(resource);
103          if (inputStream != null) {
104            IOUtils.copy(inputStream, response.getOutputStream());
105          } else {
106            LOG.warn("Resource '" + resource + "' not found!");
107          }
108        } finally {
109          IOUtils.closeQuietly(inputStream);
110        }
111      }
112    }