/** * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. * * Copyright (c) 2007 Sun Microsystems Inc. All Rights Reserved * * The contents of this file are subject to the terms * of the Common Development and Distribution License * (the License). You may not use this file except in * compliance with the License. * * You can obtain a copy of the License at * https://opensso.dev.java.net/public/CDDLv1.0.html or * opensso/legal/CDDLv1.0.txt * See the License for the specific language governing * permission and limitations under the License. * * When distributing Covered Code, include this CDDL * Header Notice in each file and include the License file * at opensso/legal/CDDLv1.0.txt. * If applicable, add the following below the CDDL Header, * with the fields enclosed by brackets [] replaced by * your own identifying information: * "Portions Copyrighted [year] [name of copyright owner]" * * $Id: AMPostViewBean.java,v 1.2 2008/06/25 05:42:47 qcheng Exp $ * * Portions Copyrighted 2014-2015 ForgeRock AS. */ package com.sun.identity.console.base; import com.iplanet.jato.NavigationException; import com.iplanet.jato.RequestContext; import com.iplanet.jato.model.ModelControlException; import com.iplanet.jato.view.View; import com.iplanet.jato.view.event.DisplayEvent; import com.iplanet.jato.view.html.StaticTextField; import com.sun.identity.shared.debug.Debug; import com.sun.web.ui.view.alert.CCAlert; import org.forgerock.openam.console.base.ConsoleViewBeanBase; import org.owasp.esapi.ESAPI; /** * This view bean bridges view beans from two deployment domains. * For example, you want to forward a register from one view bean to * another and both view beans are in different file. */ public class AMPostViewBean extends ConsoleViewBeanBase { private static final Debug debug = Debug.getInstance("amConsole"); private static final String PAGE_NAME = "AMPost"; private static final String DEFAULT_DISPLAY_URL = "/console/base/AMPost.jsp"; private static final String FORM_ACTION = "formAction"; private String urlViewBean; private boolean isValid = false; /** * Constructs a post view bean. */ public AMPostViewBean() { super(PAGE_NAME); setDefaultDisplayURL(DEFAULT_DISPLAY_URL); } protected View createChild(String name) { View child = null; if (name.equals(FORM_ACTION)) { child = new StaticTextField(this, name, ""); } else { throw new IllegalArgumentException( "Invalid child name [" + name + "]"); } return child; } /** * Set value for form action. * * @param event display event. * @throws ModelControlException if default model cannot be created. */ public void beginDisplay(DisplayEvent event) throws ModelControlException { super.beginDisplay(event); setDisplayFieldValue(FORM_ACTION, urlViewBean); } /** * Set URL of target view bean. * * @param url URL of target view bean. */ public void setTargetViewBeanURL(String url) { // The HTTPParameterValue validator provides better coverage of input values such as : but still allows / and ? isValid = ESAPI.validator().isValidInput("AMPost_viewbeanUrl", url, "HTTPParameterValue", 1024, false); if (!isValid && debug.warningEnabled()) { debug.warning("AMPostViewBean.setTargetViewBeanURL: Possibly malicious content detected in AMPostViewBean: " + url); } urlViewBean = url; } @Override public void forwardTo(RequestContext requestContext) throws NavigationException { if (isValid) { super.forwardTo(requestContext); } else { MessageViewBean msgVB = (MessageViewBean) getViewBean(MessageViewBean.class); msgVB.setMessage(CCAlert.TYPE_ERROR, "message.error", "message.input.error"); msgVB.forwardTo(requestContext); } } }