diff --git a/IdentService/build/web/WEB-INF/classes/org/IdentService/login.class b/IdentService/build/web/WEB-INF/classes/org/IdentService/login.class
index 277a3c5f67972f286188ac1932a28efae5576215..4bff7d5e3e6e7aa58fa413b5f7b8e0205739e2db 100644
Binary files a/IdentService/build/web/WEB-INF/classes/org/IdentService/login.class and b/IdentService/build/web/WEB-INF/classes/org/IdentService/login.class differ
diff --git a/IdentService/src/java/org/IdentService/login.java b/IdentService/src/java/org/IdentService/login.java
index bbe0bf9e8e34fefbe9993c6601a45974f10e8700..c5c2b256f03f50db8f2bd8f37cb323eacd638272 100644
--- a/IdentService/src/java/org/IdentService/login.java
+++ b/IdentService/src/java/org/IdentService/login.java
@@ -160,34 +160,11 @@ public class login extends HttpServlet {
return "Short description";
}// </editor-fold>
- private static final String[] HEADERS_TO_TRY = {
- "X-Forwarded-For",
- "Proxy-Client-IP",
- "WL-Proxy-Client-IP",
- "HTTP_X_FORWARDED_FOR",
- "HTTP_X_FORWARDED",
- "HTTP_X_CLUSTER_CLIENT_IP",
- "HTTP_CLIENT_IP",
- "HTTP_FORWARDED_FOR",
- "HTTP_FORWARDED",
- "HTTP_VIA",
- "REMOTE_ADDR" };
-
public String generateToken(HttpServletRequest request){
String token;
String user_agent = request.getParameter("user_agent");
- String ip = getClientIpAddress(request);
+ String ip = request.getParameter("ip");
token = tokenGenerator.nextString() + "|" + user_agent + '|' + ip;
return token;
}
-
- public static String getClientIpAddress(HttpServletRequest request) {
- for (String header : HEADERS_TO_TRY) {
- String ip = request.getHeader(header);
- if (ip != null && ip.length() != 0 && !"unknown".equalsIgnoreCase(ip)) {
- return ip;
- }
- }
- return request.getRemoteAddr();
- }
}
diff --git a/KAA-JSP/build/web/WEB-INF/classes/org/saleproject/KAA/tokenParser.class b/KAA-JSP/build/web/WEB-INF/classes/org/saleproject/KAA/tokenParser.class
index 6e50e3a5a8bca4fa92971654320dcc93e699139e..a0130494cc1ec901acfdcb72b58e81e9d8519dbc 100644
Binary files a/KAA-JSP/build/web/WEB-INF/classes/org/saleproject/KAA/tokenParser.class and b/KAA-JSP/build/web/WEB-INF/classes/org/saleproject/KAA/tokenParser.class differ
diff --git a/KAA-JSP/build/web/catalog.jsp b/KAA-JSP/build/web/catalog.jsp
index 4fb91299f650708cfbad429ea0dcf9fd105d6428..f6fe673e4ff4d055dad28edb03e3f8d0654b4f08 100644
--- a/KAA-JSP/build/web/catalog.jsp
+++ b/KAA-JSP/build/web/catalog.jsp
@@ -4,6 +4,8 @@
Author : khrs
--%>
+<%@page import="org.saleproject.KAA.GetIP"%>
+<%@page import="org.saleproject.KAA.tokenParser"%>
<%@page import="java.io.FileInputStream"%>
<%@page import="org.kaa.marketplaceservice.service.ProcedureStatus"%>
<%@page import="org.saleproject.KAA.RestAPI_consumer"%>
@@ -51,6 +53,29 @@
<div class="information">
<span>
<%
+ /* handler */
+ String user_token = request.getParameter("token");
+ String tokenBrowser = tokenParser.parseBrowser(user_token);
+ String tokenIP = tokenParser.parseIP(user_token);
+ System.out.println(tokenBrowser+" "+tokenIP);
+ String useragent = request.getHeader("user-agent");
+ String userIP = GetIP.getClientIpAddress(request);
+ System.out.println(useragent+" "+ userIP);
+ if (!tokenBrowser.equals(useragent) || !tokenIP.equals(userIP)){
+ String ParameterURL1 = "token=" + user_token;
+ String APIURL1 = "http://localhost:8080/IdentService/logout?";
+ RestAPI_consumer consumer1 = new RestAPI_consumer(APIURL1, ParameterURL1);
+ consumer1.execute();
+ JSONObject responseJSON1 = consumer1.getOutput();
+ String status1 = (String) responseJSON1.get("status");
+ if (status1.equals("OK")) {
+ response.sendRedirect("http://localhost:8080/KAA-JSP/login.jsp?"
+ + "message=tokeninvalid");
+ } else {
+ response.sendRedirect("http://localhost:8080/KAA-JSP/catalog."
+ + "jsp?token=" + user_token);
+ }
+ }
JSONObject responseJSON = new JSONObject();
JSONObject responseJSON1 = new JSONObject();
org.kaa.marketplaceservice.service.MarketPlaceService_Service service = new org.kaa.marketplaceservice.service.MarketPlaceService_Service();
@@ -63,7 +88,6 @@
String urlRequest2 = "http://localhost:8080/ChatService/RetrieveStatus?";
/* Showing username of user */
- String user_token = request.getParameter("token");
if (request.getParameter("like") != null) {
String productId = request.getParameter("product_id");
boolean like;
diff --git a/KAA-JSP/build/web/login.jsp b/KAA-JSP/build/web/login.jsp
index 90300e56a2c1e9880784dd22c1a3751677a9ae09..6e5775b7bc6ec322366fdb1cce306c88a15cd12c 100644
--- a/KAA-JSP/build/web/login.jsp
+++ b/KAA-JSP/build/web/login.jsp
@@ -1,3 +1,4 @@
+<%@page import="org.saleproject.KAA.GetIP"%>
<%@page import="org.saleproject.KAA.RestAPI_consumer"%>
<%@page import="org.json.simple.parser.JSONParser"%>
<%@page import="java.net.HttpURLConnection"%>
@@ -18,8 +19,9 @@
String user = request.getParameter("username");
String pass = request.getParameter("password");
String userAgent = request.getHeader("user-agent");
+ String userIP = GetIP.getClientIpAddress(request);
String urlParameter = "username=" + user + "&password=" + pass +
- "&user_agent=" + userAgent;
+ "&user_agent=" + userAgent + "&ip=" + userIP;
String urlRequest = "http://localhost:8080/IdentService/login?";
RestAPI_consumer consumer = new RestAPI_consumer(urlRequest, urlParameter);
consumer.executePost();
diff --git a/KAA-JSP/src/java/org/saleproject/KAA/GetIP.java b/KAA-JSP/src/java/org/saleproject/KAA/GetIP.java
new file mode 100644
index 0000000000000000000000000000000000000000..43e53151726ff6f8e69f61cd6b3a853230e3ae9d
--- /dev/null
+++ b/KAA-JSP/src/java/org/saleproject/KAA/GetIP.java
@@ -0,0 +1,39 @@
+/*
+ * To change this license header, choose License Headers in Project Properties.
+ * To change this template file, choose Tools | Templates
+ * and open the template in the editor.
+ */
+package org.saleproject.KAA;
+
+import javax.servlet.http.HttpServletRequest;
+
+/**
+ *
+ * @author Ali-pc
+ */
+
+
+public class GetIP {
+ private static final String[] HEADERS_TO_TRY = {
+ "X-Forwarded-For",
+ "Proxy-Client-IP",
+ "WL-Proxy-Client-IP",
+ "HTTP_X_FORWARDED_FOR",
+ "HTTP_X_FORWARDED",
+ "HTTP_X_CLUSTER_CLIENT_IP",
+ "HTTP_CLIENT_IP",
+ "HTTP_FORWARDED_FOR",
+ "HTTP_FORWARDED",
+ "HTTP_VIA",
+ "REMOTE_ADDR" };
+
+ public static String getClientIpAddress(HttpServletRequest request) {
+ for (String header : HEADERS_TO_TRY) {
+ String ip = request.getHeader(header);
+ if (ip != null && ip.length() != 0 && !"unknown".equalsIgnoreCase(ip)) {
+ return ip;
+ }
+ }
+ return request.getRemoteAddr();
+ }
+}
diff --git a/KAA-JSP/src/java/org/saleproject/KAA/tokenParser.java b/KAA-JSP/src/java/org/saleproject/KAA/tokenParser.java
index 7e0880e02ee8da0c707feeafa53970088bdf67b1..e289e6c00eac1db88c38497c740cc71fb1e96092 100644
--- a/KAA-JSP/src/java/org/saleproject/KAA/tokenParser.java
+++ b/KAA-JSP/src/java/org/saleproject/KAA/tokenParser.java
@@ -12,16 +12,17 @@ package org.saleproject.KAA;
public class tokenParser {
public static String parseBrowser(String token){
int i = 0;
- String result = null;
+ String result = "";
int countHastag = 0;
while (i < token.length()){
char x = token.charAt(i);
+ if (x == '|'){
+ countHastag++;
+ i++;
+ }
if (countHastag == 1){
result += token.charAt(i);
}
- if (x == '#'){
- countHastag++;
- }
i++;
}
return result;
@@ -29,16 +30,17 @@ public class tokenParser {
public static String parseIP(String token){
int i = 0;
- String result = null;
+ String result = "";
int countHastag = 0;
while (i < token.length()){
char x = token.charAt(i);
+ if (x == '|'){
+ countHastag++;
+ i++;
+ }
if (countHastag == 2){
result += token.charAt(i);
}
- if (x == '#'){
- countHastag++;
- }
i++;
}
return result;
diff --git a/KAA-JSP/web/catalog.jsp b/KAA-JSP/web/catalog.jsp
index 4fb91299f650708cfbad429ea0dcf9fd105d6428..f6fe673e4ff4d055dad28edb03e3f8d0654b4f08 100644
--- a/KAA-JSP/web/catalog.jsp
+++ b/KAA-JSP/web/catalog.jsp
@@ -4,6 +4,8 @@
Author : khrs
--%>
+<%@page import="org.saleproject.KAA.GetIP"%>
+<%@page import="org.saleproject.KAA.tokenParser"%>
<%@page import="java.io.FileInputStream"%>
<%@page import="org.kaa.marketplaceservice.service.ProcedureStatus"%>
<%@page import="org.saleproject.KAA.RestAPI_consumer"%>
@@ -51,6 +53,29 @@
<div class="information">
<span>
<%
+ /* handler */
+ String user_token = request.getParameter("token");
+ String tokenBrowser = tokenParser.parseBrowser(user_token);
+ String tokenIP = tokenParser.parseIP(user_token);
+ System.out.println(tokenBrowser+" "+tokenIP);
+ String useragent = request.getHeader("user-agent");
+ String userIP = GetIP.getClientIpAddress(request);
+ System.out.println(useragent+" "+ userIP);
+ if (!tokenBrowser.equals(useragent) || !tokenIP.equals(userIP)){
+ String ParameterURL1 = "token=" + user_token;
+ String APIURL1 = "http://localhost:8080/IdentService/logout?";
+ RestAPI_consumer consumer1 = new RestAPI_consumer(APIURL1, ParameterURL1);
+ consumer1.execute();
+ JSONObject responseJSON1 = consumer1.getOutput();
+ String status1 = (String) responseJSON1.get("status");
+ if (status1.equals("OK")) {
+ response.sendRedirect("http://localhost:8080/KAA-JSP/login.jsp?"
+ + "message=tokeninvalid");
+ } else {
+ response.sendRedirect("http://localhost:8080/KAA-JSP/catalog."
+ + "jsp?token=" + user_token);
+ }
+ }
JSONObject responseJSON = new JSONObject();
JSONObject responseJSON1 = new JSONObject();
org.kaa.marketplaceservice.service.MarketPlaceService_Service service = new org.kaa.marketplaceservice.service.MarketPlaceService_Service();
@@ -63,7 +88,6 @@
String urlRequest2 = "http://localhost:8080/ChatService/RetrieveStatus?";
/* Showing username of user */
- String user_token = request.getParameter("token");
if (request.getParameter("like") != null) {
String productId = request.getParameter("product_id");
boolean like;
diff --git a/KAA-JSP/web/login.jsp b/KAA-JSP/web/login.jsp
index 90300e56a2c1e9880784dd22c1a3751677a9ae09..6e5775b7bc6ec322366fdb1cce306c88a15cd12c 100644
--- a/KAA-JSP/web/login.jsp
+++ b/KAA-JSP/web/login.jsp
@@ -1,3 +1,4 @@
+<%@page import="org.saleproject.KAA.GetIP"%>
<%@page import="org.saleproject.KAA.RestAPI_consumer"%>
<%@page import="org.json.simple.parser.JSONParser"%>
<%@page import="java.net.HttpURLConnection"%>
@@ -18,8 +19,9 @@
String user = request.getParameter("username");
String pass = request.getParameter("password");
String userAgent = request.getHeader("user-agent");
+ String userIP = GetIP.getClientIpAddress(request);
String urlParameter = "username=" + user + "&password=" + pass +
- "&user_agent=" + userAgent;
+ "&user_agent=" + userAgent + "&ip=" + userIP;
String urlRequest = "http://localhost:8080/IdentService/login?";
RestAPI_consumer consumer = new RestAPI_consumer(urlRequest, urlParameter);
consumer.executePost();