/*
 * RestrictAccessServlet.java 97/09/06
 * 
 * Copyright (c) 1997 Ralph Freese
 * 
 */

import java.io.*;
import java.util.*;
import java.net.*;

import javax.servlet.*;
import javax.servlet.http.*;

// import sun.security.x509.*;


/**
 * RestrictAccess servlet. This servlet serves up a file is the request
 * is form a certain subnet, else an error html file is served.
 * 
 * There are 3 init parameters: (how to set the init parameters is below)
 * 
 * acceptfile 			the file served if in the subdomain
 * rejectfile			the file served if not in the subdomain
 * accesslistfile		a list of subdomain address, see below
 * 
 * All have defaults
 * 
 * acceptfile 			http://www.math.hawaii.edu/accept.html
 * rejectfile			http://www.math.hawaii.edu/reject.html
 * accesslistfile		/home/ralph/Java/Servlets/subnets.doc
 * 
 * (but it wouldn't make much sense not to override acceptfile)
 * The default for accesslistfile allows machine in the math subdomain only.
 * 
 * acceptfile (and rejectfile) must either start with http: (and be a
 * valid URL in this case) or be an absolute path starting with a /.
 * In either case they must be a valid html page.
 * 
 * Below is the instructions for using the servlet. 
 * 
 * 
 * I decided to try out the java servlet feature that comes with the web
 * server. It actually seems pretty powerful. I made a servlet and configured
 * the server so that it is accessed as an URL (www.math.hawaii.edu/local.html).
 * When a browser tries to access this page the servlet determines if it is
 * being accessed from within our class C subdomain and servers up one page
 * if it is and another if not. This might be used to put math department
 * info on the web not relevant to outsiders.
 * 
 * What is nice is that this is all configurable---the same Java
 * program can be use to selectively load different files.  Here's the
 * details of how to do it.  Suppose you have 2 files:  good.html and
 * bad.html, both in your public_html area (or the dept's), and you
 * only want the math department to be able to read good.html.
 * 
 *
 * @version 	1.0, 97/09/06
 * @author 	Ralph Freese
 */

public class RestrictAccessServlet extends HttpServlet {

  private static String acceptFileDefault = 
                  "http://www.math.hawaii.edu/accept.html";
  private static String rejectFileDefault = 
                  "http://www.math.hawaii.edu/reject.html";
  private static String accessListFileDefault = 
		  "/home/ralph/Java/Servlets/subnets.doc";
  private String acceptFile;
  private String rejectFile;
  private String accessListFile;

  public void init(ServletConfig conf) throws ServletException {

    super.init(conf);
    acceptFile = getInitParameter("acceptfile");
    if (acceptFile == null) { acceptFile = acceptFileDefault ; }

    rejectFile = getInitParameter("rejectfile");
    if (rejectFile == null) { rejectFile = rejectFileDefault ; }

    accessListFile = getInitParameter("accesslistfile");
    if (accessListFile == null) { accessListFile = accessListFileDefault ; }
  }

  public void doPost (HttpServletRequest req, HttpServletResponse res)
			throws ServletException, IOException {
    doGet(req, res);
  }
    
  public void doGet (HttpServletRequest req, HttpServletResponse res)
	        throws ServletException, IOException {

    InetAddress iaddr = InetAddress.getByName(req.getRemoteAddr());
    InputSubnets subnets = new InputSubnets(accessListFile);
    if (subnets.isInOneSubnet(iaddr)) {
      if (acceptFile.startsWith("http:")) {
        res.sendRedirect(acceptFile);
      } else {
        loadFile(acceptFile, res);
      }
    } else {
      if (rejectFile.startsWith("http:")) {
        res.sendRedirect(rejectFile);
      } else {
        loadFile(rejectFile, res);
      }
    }
  }

  public void loadFile (String file, HttpServletResponse res) 
	                  throws ServletException, IOException {

    res.setContentType("text/html");
    ServletOutputStream out = res.getOutputStream();
    FileReader in = new FileReader(file);
    BufferedReader buff = new BufferedReader(in);
    String line;
    while ((line = buff.readLine()) != null) { out.println(line); }
    in.close();
  }

  /* An Inner Class */

  public class InputSubnets {
  
    private InputStreamReader stream;
    private Vector subnets;
  
  
  
    public InputSubnets(String file) 
  			throws FileNotFoundException,IOException {
      subnets = new Vector();
      StreamTokenizer in;
      byte[] b = new byte[4];
      byte[] b2 ;
      int n = 0;
      // Java 1.1 wants an InputStreamReader as the arg to StreamTokenizer
      stream = new InputStreamReader(new FileInputStream(file));
      in = new StreamTokenizer(stream);
      /*
  	StreamTokenizer always read 2.3 as a number (and so a single token)
  	unless I did reset.Syntax().
      */
      in.resetSyntax();
      in.wordChars('0','9');	// only digits in our tokens
      in.eolIsSignificant(true);
      in.commentChar('%');
      in.commentChar('#');
      in.whitespaceChars('.','.');
      while (in.nextToken() != StreamTokenizer.TT_EOF) {
        if (in.ttype == StreamTokenizer.TT_EOL) {
  	if (n > 0) {
  	  b2 = new byte[n];
  	  for(int i=0;i<n;i++) { b2[i] = b[i];}
  	  subnets.addElement(new Subnet(b2, n));
  	}
          n = 0;
        }
        if (in.ttype == StreamTokenizer.TT_WORD) {
          try {
  	  b[n] = (byte)Integer.parseInt(in.sval);
          } catch (NumberFormatException e) {
  	  System.out.println("Number format exception");
          }
  	n++;
        }
      }
    }
  
    public Vector getSubnets() { return subnets; }
  
    public boolean isInOneSubnet (InetAddress iaddr) {
      Enumeration e = subnets.elements();
      boolean ans = false;
      Subnet subn;
      while (e.hasMoreElements()) {
	subn = (Subnet)e.nextElement();
	if (subn.isInSubnet(iaddr)) {
	  ans = true;
	  break;
	}
      }
      return ans;
    }
  
    public void close() throws FileNotFoundException,IOException {
      if (stream != null) {
        stream.close();
        stream = null;
      }
    }
  
    protected void finalize() throws Throwable {
      super.finalize();
      close();
    }
  
  
    public class Subnet {
    
      private byte[] bytes;
      private int length;		// 1, 2, 3, or 4
    
      public Subnet(byte[] bytes, int len) {
        this.bytes = bytes;
        length = len;
      }
    
      public int getLength() { return length ; }
    
      public byte[] getBytes() { return bytes ; }
    
      public boolean isInSubnet (InetAddress iaddr) {
        byte[] addr = iaddr.getAddress();
        boolean ans = true;
        for (int i=0; i < length; i++) {
          if (addr[i] != bytes[i]) {
    	ans = false;
    	break;
          }
        }
        return ans;
      }
    }
  }

}