[exo-jcr-commits] exo-jcr SVN: r5635 - in jcr/branches/1.12.x: exo.jcr.component.webdav/src/test/java/org/exoplatform/services/jcr/webdav/command and 3 other directories.
do-not-reply at jboss.org
do-not-reply at jboss.org
Tue Feb 14 21:16:27 EST 2012
Author: trang_vu
Date: 2012-02-14 21:16:26 -0500 (Tue, 14 Feb 2012)
New Revision: 5635
Added:
jcr/branches/1.12.x/patch/1.12.12-GA/JCR-1704/readme.txt
Modified:
jcr/branches/1.12.x/exo.jcr.component.webdav/src/main/java/org/exoplatform/services/jcr/webdav/WebDavService.java
jcr/branches/1.12.x/exo.jcr.component.webdav/src/main/java/org/exoplatform/services/jcr/webdav/WebDavServiceImpl.java
jcr/branches/1.12.x/exo.jcr.component.webdav/src/test/java/org/exoplatform/services/jcr/webdav/command/TestPut.java
jcr/branches/1.12.x/exo.jcr.component.webdav/src/test/resources/conf/standalone/test-configuration.xml
jcr/branches/1.12.x/exo.jcr.docs/exo.jcr.docs.developer/en/src/main/docbook/en-US/modules/jcr/protocols/webdav.xml
Log:
JCR-1704: Portlet crash and no preview available after saving Office 2010 documents in webdav
Fix description
* Add new WebDavService initial parameter to contain a set of untrusted user agents.
Content-type headers sent by this user agents are now ignored, we use instead MimeTypeResolver to define resource's MIME type.
Modified: jcr/branches/1.12.x/exo.jcr.component.webdav/src/main/java/org/exoplatform/services/jcr/webdav/WebDavService.java
===================================================================
--- jcr/branches/1.12.x/exo.jcr.component.webdav/src/main/java/org/exoplatform/services/jcr/webdav/WebDavService.java 2012-02-14 14:51:09 UTC (rev 5634)
+++ jcr/branches/1.12.x/exo.jcr.component.webdav/src/main/java/org/exoplatform/services/jcr/webdav/WebDavService.java 2012-02-15 02:16:26 UTC (rev 5635)
@@ -18,15 +18,14 @@
*/
package org.exoplatform.services.jcr.webdav;
+import org.exoplatform.common.util.HierarchicalProperty;
+
import java.io.InputStream;
-import java.util.List;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriInfo;
-import org.exoplatform.common.util.HierarchicalProperty;
-
/**
* Created by The eXo Platform SARL .<br/>
* JCR WebDAV entry point. Defines WebDav protocol methods: RFC-2518 HTTP
@@ -68,7 +67,7 @@
Response head(String repoName, String repoPath, UriInfo baseURI);
/**
- * WedDAV "HEAD" method. See <a
+ * WedDAV "PUT" method. See <a
* href='http://www.ietf.org/rfc/rfc2518.txt'>HTTP methods for distributed
* authoring sec. 8.7 "PUT"</a>.
*
@@ -83,16 +82,37 @@
* @param inputStream stream that contain incoming data
* @return the instance of javax.ws.rs.core.Response
*/
+ @Deprecated
Response put(String repoName, String repoPath, String lockTokenHeader, String ifHeader, String fileNodeTypeHeader,
String contentNodeTypeHeader, String mixinTypes, MediaType mediatype, InputStream inputStream);
/**
+ * WedDAV "PUT" method. See <a
+ * href='http://www.ietf.org/rfc/rfc2518.txt'>HTTP methods for distributed
+ * authoring sec. 8.7 "PUT"</a>.
+ *
* @param repoName repository name
* @param repoPath path in repository
* @param lockTokenHeader Lock-Token HTTP header
* @param ifHeader If HTTP Header
+ * @param fileNodeTypeHeader JCR NodeType header
+ * @param contentNodeTypeHeader JCR Content-NodeType header
+ * @param mixinTypes JCR Mixin types header
+ * @param mimeType Content-Type HTTP header
+ * @param userAgent User-Agent HTTP header
+ * @param inputStream stream that contain incoming data
* @return the instance of javax.ws.rs.core.Response
*/
+ Response put(String repoName, String repoPath, String lockTokenHeader, String ifHeader, String fileNodeTypeHeader,
+ String contentNodeTypeHeader, String mixinTypes, MediaType mediaType, String userAgent, InputStream inputStream);
+
+ /**
+ * @param repoName repository name
+ * @param repoPath path in repository
+ * @param lockTokenHeader Lock-Token HTTP header
+ * @param ifHeader If HTTP Header
+ * @return the instance of javax.ws.rs.core.Response
+ */
Response delete(String repoName, String repoPath, String lockTokenHeader, String ifHeader);
/**
Modified: jcr/branches/1.12.x/exo.jcr.component.webdav/src/main/java/org/exoplatform/services/jcr/webdav/WebDavServiceImpl.java
===================================================================
--- jcr/branches/1.12.x/exo.jcr.component.webdav/src/main/java/org/exoplatform/services/jcr/webdav/WebDavServiceImpl.java 2012-02-14 14:51:09 UTC (rev 5634)
+++ jcr/branches/1.12.x/exo.jcr.component.webdav/src/main/java/org/exoplatform/services/jcr/webdav/WebDavServiceImpl.java 2012-02-15 02:16:26 UTC (rev 5635)
@@ -23,6 +23,7 @@
import org.exoplatform.commons.utils.MimeTypeResolver;
import org.exoplatform.container.xml.InitParams;
import org.exoplatform.container.xml.ValueParam;
+import org.exoplatform.container.xml.ValuesParam;
import org.exoplatform.services.jcr.RepositoryService;
import org.exoplatform.services.jcr.core.ManageableRepository;
import org.exoplatform.services.jcr.ext.app.ThreadLocalSessionProviderService;
@@ -76,8 +77,10 @@
import java.net.URLEncoder;
import java.util.ArrayList;
import java.util.HashMap;
+import java.util.HashSet;
import java.util.List;
import java.util.Map;
+import java.util.Set;
import javax.jcr.NoSuchWorkspaceException;
import javax.jcr.PathNotFoundException;
@@ -141,6 +144,8 @@
public static final String FOLDER_ICON_PATH = "folder-icon-path";
+ public static final String UNTRUSTED_USER_AGENTS = "untrusted-user-agents";
+
/**
* Logger.
*/
@@ -192,6 +197,10 @@
private Map<String, String> xsltParams = new HashMap<String, String>();
/**
+ * Set of untrusted user agents. Special rules are applied for listed agents.
+ */
+ private Set<String> untrustedUserAgents = new HashSet<String>();
+ /**
* The list of allowed methods.
*/
private static final String ALLOW;
@@ -300,6 +309,12 @@
}
+ ValuesParam pUntrustedUserAgents = params.getValuesParam(UNTRUSTED_USER_AGENTS);
+ if (pUntrustedUserAgents != null)
+ {
+ untrustedUserAgents.addAll((List<String>)pUntrustedUserAgents.getValues());
+ }
+
}
/**
@@ -987,6 +1002,17 @@
}
}
+ @Deprecated
+ public Response put(@PathParam("repoName") String repoName, @PathParam("repoPath") String repoPath,
+ @HeaderParam(ExtHttpHeaders.LOCKTOKEN) String lockTokenHeader, @HeaderParam(ExtHttpHeaders.IF) String ifHeader,
+ @HeaderParam(ExtHttpHeaders.FILE_NODETYPE) String fileNodeTypeHeader,
+ @HeaderParam(ExtHttpHeaders.CONTENT_NODETYPE) String contentNodeTypeHeader,
+ @HeaderParam(ExtHttpHeaders.CONTENT_MIXINTYPES) String mixinTypes,
+ @HeaderParam(ExtHttpHeaders.CONTENT_TYPE) MediaType mediatype, InputStream inputStream)
+ {
+ return put(repoName, repoPath, lockTokenHeader, ifHeader, fileNodeTypeHeader, contentNodeTypeHeader, mixinTypes,
+ mediatype, null, inputStream);
+ }
/**
* {@inheritDoc}
*/
@@ -997,9 +1023,9 @@
@HeaderParam(ExtHttpHeaders.FILE_NODETYPE) String fileNodeTypeHeader,
@HeaderParam(ExtHttpHeaders.CONTENT_NODETYPE) String contentNodeTypeHeader,
@HeaderParam(ExtHttpHeaders.CONTENT_MIXINTYPES) String mixinTypes,
- @HeaderParam(ExtHttpHeaders.CONTENT_TYPE) MediaType mediatype, InputStream inputStream)
+ @HeaderParam(ExtHttpHeaders.CONTENT_TYPE) MediaType mediatype,
+ @HeaderParam(ExtHttpHeaders.USER_AGENT) String userAgent, InputStream inputStream)
{
-
if (log.isDebugEnabled())
{
log.debug("PUT " + repoName + "/" + repoPath);
@@ -1012,7 +1038,7 @@
String mimeType = null;
String encoding = null;
- if (mediatype == null)
+ if (mediatype == null || untrustedUserAgents.contains(userAgent))
{
MimeTypeResolver mimeTypeResolver = new MimeTypeResolver();
mimeTypeResolver.setDefaultMimeType(defaultFileMimeType);
Modified: jcr/branches/1.12.x/exo.jcr.component.webdav/src/test/java/org/exoplatform/services/jcr/webdav/command/TestPut.java
===================================================================
--- jcr/branches/1.12.x/exo.jcr.component.webdav/src/test/java/org/exoplatform/services/jcr/webdav/command/TestPut.java 2012-02-14 14:51:09 UTC (rev 5634)
+++ jcr/branches/1.12.x/exo.jcr.component.webdav/src/test/java/org/exoplatform/services/jcr/webdav/command/TestPut.java 2012-02-15 02:16:26 UTC (rev 5635)
@@ -144,6 +144,85 @@
assertEquals(headers.getFirst(HttpHeaders.CONTENT_TYPE), property.getString());
}
+ /**
+ * Testing if we use MimeTypeResolver to define jcr:mimeType property
+ * for untrusted user agents during resource creation.
+ */
+ public void testUntrustedUserAgentResourceCreation() throws Exception
+ {
+ String content = TestUtils.getFileContent();
+ String path = TestUtils.getFileName();
+
+ // create User-Agent header indicating that the resource we create
+ // has application/octet-stream type
+ // though it's extension is .txt
+ MultivaluedMap<String, String> headers = new MultivaluedMapImpl();
+ headers.add(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_OCTET_STREAM);
+ headers.add(HttpHeaders.USER_AGENT, "test-user-agent");
+
+ // fullfiling the request
+ service(WebDAVMethods.PUT, getPathWS() + path, "", headers, content.getBytes());
+
+ Node node = session.getRootNode().getNode(TextUtil.relativizePath(path)).getNode("jcr:content");
+ // though that we passed application/octet-stream mime type
+ // the user agent is within untrusted user agents set
+ // so we use MimeTypeResolver to define the mimeType and
+ // ignore Content-Type header
+ assertEquals(MediaType.TEXT_PLAIN, node.getProperty("jcr:mimeType").getString());
+ }
+
+ /**
+ * Testing if we use MimeTypeResolver to define jcr:mimeType property
+ * for untrusted user agents during resource modification.
+ */
+ public void testUntrustedUserAgentResourceModification() throws Exception
+ {
+ String content = TestUtils.getFileContent();
+ String path = TestUtils.getFileName();
+
+ // create data with 'trusted' user agent
+ // (all user agents are considered to be trusted
+ // if they are not listed as untrusted)
+ MultivaluedMap<String, String> headers = new MultivaluedMapImpl();
+ headers.add(HttpHeaders.CONTENT_TYPE, MediaType.TEXT_PLAIN);
+
+ service(WebDAVMethods.PUT, getPathWS() + path, "", headers, content.getBytes());
+
+ headers.clear();
+ content = TestUtils.getFileContent();
+ // define user agent to be among untrusted user agents
+ headers.add(HttpHeaders.USER_AGENT, "test-user-agent");
+ // define incorrect mime-type via seting Content-Type header
+ headers.add(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_OCTET_STREAM);
+
+ service(WebDAVMethods.PUT, getPathWS() + path, "", headers, content.getBytes());
+
+ Node node = session.getRootNode().getNode(TextUtil.relativizePath(path)).getNode("jcr:content");
+ // mime-type should still be correct
+ assertEquals(MediaType.TEXT_PLAIN, node.getProperty("jcr:mimeType").getString());
+ }
+
+ /**
+ * Testing if we can modify mime-type of previously defined resource
+ * via trusted user agent
+ */
+ public void testTrustedUserAgentResourceModification() throws Exception
+ {
+ String content = TestUtils.getFileContent();
+ String path = TestUtils.getFileName() + ".html";
+
+ service(WebDAVMethods.PUT, getPathWS() + path, "", null, content.getBytes());
+ Node node = session.getRootNode().getNode(TextUtil.relativizePath(path));
+ // mime-type is defined according to resource's extension
+ assertEquals(MediaType.TEXT_HTML, node.getNode("jcr:content").getProperty("jcr:mimeType").getString());
+
+ MultivaluedMap<String, String> headers = new MultivaluedMapImpl();
+ headers.add(HttpHeaders.CONTENT_TYPE, MediaType.TEXT_XML);
+ service(WebDAVMethods.PUT, getPathWS() + path, "", headers, content.getBytes());
+ // mime-type modified according to Content-Type header content
+ assertEquals(MediaType.TEXT_XML, node.getNode("jcr:content").getProperty("jcr:mimeType").getString());
+ }
+
@Override
protected String getRepositoryName()
{
Modified: jcr/branches/1.12.x/exo.jcr.component.webdav/src/test/resources/conf/standalone/test-configuration.xml
===================================================================
--- jcr/branches/1.12.x/exo.jcr.component.webdav/src/test/resources/conf/standalone/test-configuration.xml 2012-02-14 14:51:09 UTC (rev 5634)
+++ jcr/branches/1.12.x/exo.jcr.component.webdav/src/test/resources/conf/standalone/test-configuration.xml 2012-02-15 02:16:26 UTC (rev 5635)
@@ -209,6 +209,16 @@
<value>/absolute/path/to/file</value>
</value-param>
+ <!--
+ For testing untrusted-user-agents proper treatment.
+ Content-type headers of listed here user agents should be
+ ignored and MimeTypeResolver should be explicitly used instead
+ -->
+ <values-param>
+ <name>untrusted-user-agents</name>
+ <value>test-user-agent</value>
+ </values-param>
+
</init-params>
</component>
Modified: jcr/branches/1.12.x/exo.jcr.docs/exo.jcr.docs.developer/en/src/main/docbook/en-US/modules/jcr/protocols/webdav.xml
===================================================================
--- jcr/branches/1.12.x/exo.jcr.docs/exo.jcr.docs.developer/en/src/main/docbook/en-US/modules/jcr/protocols/webdav.xml 2012-02-14 14:51:09 UTC (rev 5634)
+++ jcr/branches/1.12.x/exo.jcr.docs/exo.jcr.docs.developer/en/src/main/docbook/en-US/modules/jcr/protocols/webdav.xml 2012-02-15 02:16:26 UTC (rev 5635)
@@ -1,345 +1,471 @@
-<?xml version='1.0' encoding='UTF-8'?>
-<!-- This document was created with Syntext Serna Free. --><!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" []>
-<chapter id="JCR.WebDAV">
-<?dbhtml filename="ch-webdav.html"?> <title>WebDAV</title>
- <section>
- <title>Related documents</title>
- <itemizedlist>
- <listitem>
- <para><link linkend="JCR.LinkProducerService">Link Producer</link></para>
- </listitem>
- </itemizedlist>
- </section>
- <section>
- <title>Introduction</title>
- <para>The WebDAV protocol enables you to use the third party tools to
- communicate with hierarchical content servers via HTTP. It is possible to
- add and remove documents or a set of documents from a path on the server.
- DeltaV is an extension of the WebDav protocol that allows managing
- document versioning. Locking guarantees protection against multiple access
- when writing resources. The ordering support allows changing the position
- of the resource in the list and sort the directory to make the directory tree viewed conveniently. The full-text search makes it easy to find the
- necessary documents. You can search by using two languages: SQL and
- XPATH.</para>
- <para>In eXo JCR, we plug in the WebDAV layer - based on the code taken
- from the extension modules of the reference implementation - on the top of
- our JCR implementation so that it is possible to browse a workspace using
- the third party tools (it can be Windows folders or Mac ones as well as a
- Java WebDAV client, such as DAVExplorer or IE using File->Open as a Web
- Folder).</para>
- <para>Now WebDav is an extension of the REST service. To get the WebDav
- server ready, you must deploy the REST application. Then, you can access
- any workspaces of your repository by using the following URL:</para>
- <para>Standalone mode:</para>
- <para><uri>http://host:port/rest/jcr/{RepositoryName}/{WorkspaceName}/{Path}</uri></para>
- <para>Portal mode:</para>
- <para><uri>http://host:port/portal/rest/private/jcr/{RepositoryName}/{WorkspaceName}/{Path}</uri></para>
- <para>When accessing the WebDAV server with the URL<uri>http://localhost:8080/rest/jcr/repository/production</uri>, you might
- also use "collaboration" (instead of "production") which is the default
- workspace in eXo products. You will be asked to enter your login and
- password. Those will then be checked by using the organization service
- that can be implemented thanks to an InMemory (dummy) module or a DB module
- or an LDAP one and the JCR user session will be created with the correct JCR
- Credentials.</para>
- <note>
- <para>If you try the "in ECM"
- option, add "@ecm" to the user's password. Alternatively, you may modify
- jaas.conf by adding the <emphasis role="bold">domain=ecm</emphasis> option
- as follows:</para>
- <programlisting>exo-domain {
- org.exoplatform.services.security.jaas.BasicLoginModule required domain=ecm;
-};</programlisting>
- </note>
- </section>
- <section>
- <title>Configuration</title>
- <programlisting><component>
- <key>org.exoplatform.services.webdav.WebDavServiceImpl</key>
- <type>org.exoplatform.services.webdav.WebDavServiceImpl</type>
- <init-params>
-
- <!-- this parameter indicates the default login and password values
- used as credentials for accessing the repository -->
- <!-- value-param>
- <name>default-identity</name>
- <value>admin:admin</value>
- </value-param -->
-
- <!-- this is the value of WWW-Authenticate header -->
- <value-param>
- <name>auth-header</name>
- <value>Basic realm="eXo-Platform Webdav Server 1.6.1"</value>
- </value-param>
-
- <!-- default node type which is used for the creation of collections -->
- <value-param>
- <name>def-folder-node-type</name>
- <value>nt:folder</value>
- </value-param>
-
- <!-- default node type which is used for the creation of files -->
- <value-param>
- <name>def-file-node-type</name>
- <value>nt:file</value>
- </value-param>
-
- <!-- if MimeTypeResolver can't find the required mime type,
- which conforms with the file extension, and the mimeType header is absent
- in the HTTP request header, this parameter is used
- as the default mime type-->
- <value-param>
- <name>def-file-mimetype</name>
- <value>application/octet-stream</value>
- </value-param>
-
- <!-- This parameter indicates one of the three cases when you update the content of the resource by PUT command.
- In case of "create-version", PUT command creates the new version of the resource if this resource exists.
- In case of "replace" - if the resource exists, PUT command updates the content of the resource and its last modification date.
- In case of "add", the PUT command tries to create the new resource with the same name (if the parent node allows same-name siblings).-->
-
- <value-param>
- <name>update-policy</name>
- <value>create-version</value>
- <!--value>replace</value -->
- <!-- value>add</value -->
- </value-param>
-
- <!--
- This parameter determines how service responds to a method that attempts to modify file content.
- In case of "checkout-checkin" value, when a modification request is applied to a checked-in version-controlled resource, the request is automatically preceded by a checkout and followed by a checkin operation.
- In case of "checkout" value, when a modification request is applied to a checked-in version-controlled resource, the request is automatically preceded by a checkout operation.
- -->
- <value-param>
- <name>auto-version</name>
- <value>checkout-checkin</value>
- <!--value>checkout</value -->
- </value-param>
-
- <!--
- This parameter is responsible for managing Cache-Control header value which will be returned to the client.
- You can use patterns like "text/*", "image/*" or wildcard to define the type of content.
- -->
- <value-param>
- <name>cache-control</name>
- <value>text/xml,text/html:max-age=3600;image/png,image/jpg:max-age=1800;*/*:no-cache;</value>
- </value-param>
-
- <!--
- This parameter determines the absolute path to the folder icon file, which is shown
- during WebDAV view of the contents
- -->
- <value-param>
- <name>folder-icon-path</name>
- <value>/absolute/path/to/file</value>
- </value-param>
-
- </init-params
-</component></programlisting>
- </section>
- <section>
- <title>Screenshots</title>
- <para>At present, eXo JCR WebDav server is tested by using MS Internet
- Explorer, <ulink url="http://www.ics.uci.edu/~webdav">Dav Explorer</ulink>, <ulink url="http://www.xythos.com/home/xythos/products/xythos_drive.html">Xythos Drive</ulink>, Microsoft Office 2003 (as client), and Ubuntu Linux.</para>
- <section>
- <title>MS Internet Explorer</title>
- <para>(File -> Open as Web Folder)</para>
- <mediaobject>
- <imageobject>
- <imagedata fileref="images/protocols/webdav_explorer.jpg"/>
- </imageobject>
- </mediaobject>
- </section>
- <section>
- <title>Dav Explorer</title>
- <mediaobject>
- <imageobject>
- <imagedata fileref="images/protocols/webdav_davexplorer.jpg"/>
- </imageobject>
- </mediaobject>
- </section>
- <section>
- <title>Xythos Drive</title>
- <mediaobject>
- <imageobject>
- <imagedata fileref="images/protocols/webdav_xythosdrive.jpg"/>
- </imageobject>
- </mediaobject>
- </section>
- <section>
- <title>Microsoft Office 2003</title>
- <para>(as client) (File->Open with typing http://... href in the file
- name box)</para>
- <mediaobject>
- <imageobject>
- <imagedata fileref="images/protocols/webdav_msoffice2003.jpg"/>
- </imageobject>
- </mediaobject>
- </section>
- <section>
- <title>Ubuntu Linux</title>
- <mediaobject>
- <imageobject>
- <imagedata fileref="images/protocols/webdav_ubuntulinux.jpg"/>
- </imageobject>
- </mediaobject>
- </section>
- </section>
- <section>
- <title>Comparison table of WebDav and JCR commands</title>
- <table>
- <title/>
- <tgroup cols="2">
- <thead>
- <row>
- <entry>WebDav</entry>
- <entry>JCR</entry>
- </row>
- </thead>
- <tbody>
- <row>
- <entry>COPY</entry>
- <entry>Workspace.copy(...)</entry>
- </row>
- <row>
- <entry>DELETE</entry>
- <entry>Node.remove()</entry>
- </row>
- <row>
- <entry>GET</entry>
- <entry>Node.getProperty(...); Property.getValue()</entry>
- </row>
- <row>
- <entry>HEAD</entry>
- <entry>Node.getProperty(...); Property.getLength()</entry>
- </row>
- <row>
- <entry>MKCOL</entry>
- <entry>Node.addNode(...)</entry>
- </row>
- <row>
- <entry>MOVE</entry>
- <entry>Session.move(...) or Workspace.move(...)</entry>
- </row>
- <row>
- <entry>PROPFIND</entry>
- <entry>Session.getNode(...); Node.getNode(...); Node.getNodes(...); Node.getProperties()</entry>
- </row>
- <row>
- <entry>PROPPATCH</entry>
- <entry>Node.setProperty(...); Node.getProperty(...).remove()</entry>
- </row>
- <row>
- <entry>PUT</entry>
- <entry>Node.addNode("node","nt:file"); Node.setProperty("jcr:data", "data")</entry>
- </row>
- <row>
- <entry>CHECKIN</entry>
- <entry>Node.checkin()</entry>
- </row>
- <row>
- <entry>CHECKOUT</entry>
- <entry>Node.checkout()</entry>
- </row>
- <row>
- <entry>REPORT</entry>
- <entry>Node.getVersionHistory(); VersionHistory.getAllVersions(); Version.getProperties()</entry>
- </row>
- <row>
- <entry>RESTORE</entry>
- <entry>Node.restore(...)</entry>
- </row>
- <row>
- <entry>UNCHECKOUT</entry>
- <entry>Node.restore(...)</entry>
- </row>
- <row>
- <entry>VERSION-CONTROL</entry>
- <entry>Node.addMixin("mix:versionable")</entry>
- </row>
- <row>
- <entry>LOCK</entry>
- <entry>Node.lock(...)</entry>
- </row>
- <row>
- <entry>UNLOCK</entry>
- <entry>Node.unlock()</entry>
- </row>
- <row>
- <entry>ORDERPATCH</entry>
- <entry>Node.orderBefore(...)</entry>
- </row>
- <row>
- <entry>SEARCH</entry>
- <entry>Workspace.getQueryManager(); QueryManager.createQuery(); Query.execute()</entry>
- </row>
- </tbody>
- </tgroup>
- </table>
- </section>
- <section>
- <title>Restrictions</title>
- <para>There are some restrictions for WebDAV in different Operating
- systems.</para>
- <section>
- <title>Windows 7</title>
- <para>When you try to set up a web folder by “adding a network location”
- or “map a network drive” through My Computer, you can get an error
- message saying that either “The folder you entered does not appear to be valid.
- Please choose another” or “Windows cannot access… Check the spelling of
- the name. Otherwise, there might be…”. These errors may appear when you are
- using SSL or non-SSL.</para>
- <para>To fix this, do as follows:</para>
- <orderedlist>
- <listitem>
- <para>Go to Windows Registry Editor.</para>
- </listitem>
- <listitem>
- <para>Find a key:
- \HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlset\services\WebClient\Parameters\BasicAuthLevel
- .</para>
- </listitem>
- <listitem>
- <para>Change the value to 2.</para>
- </listitem>
- </orderedlist>
- </section>
- <section>
- <title>Microsoft Office 2010</title>
- <para>If you have Microsoft Office 2010 applications or Microsoft Office 2007 applications installed on a client computer. From that client computer, you try to access an Office file that is stored on a web server that is configured for Basic authentication. The connection between your computer and the web server does not use Secure Sockets Layer (SSL). When you try to open or to download the file, you experience the following symptoms:
- <itemizedlist>
- <listitem>
- <para>The Office file does not open or download.</para>
- </listitem>
- <listitem>
- <para>You do not receive a Basic authentication password prompt when you try to open or to download the file.</para>
- </listitem>
- <listitem>
- <para>You do not receive an error message when you try to open the file. The associated Office application starts. However, the selected file does not open.</para>
- </listitem>
- </itemizedlist>
- </para>
- <para>To enable Basic authentication on the client computer, follow these steps:</para>
- <orderedlist>
- <listitem>
- <para>Click Start, type regedit in the Start Search box, and then press Enter.</para>
- </listitem>
- <listitem>
- <para>Locate and then click the following registry subkey: </para>
- <para>HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\Internet</para>
- </listitem>
- <listitem>
- <para>On the Edit menu, point to New, and then click DWORD Value.</para>
- </listitem>
- <listitem>
- <para>Type BasicAuthLevel, and then press Enter.</para>
- </listitem>
- <listitem>
- <para>Right-click BasicAuthLevel, and then click Modify.</para>
- </listitem>
- <listitem>
- <para>In the Value data box, type 2, and then click OK.</para>
- </listitem>
- </orderedlist>
- </section>
- </section>
-</chapter>
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- This document was created with Syntext Serna Free. -->
+<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
+"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd">
+<chapter id="JCR.WebDAV">
+ <?dbhtml filename="ch-webdav.html"?>
+
+ <title>WebDAV</title>
+
+ <section>
+ <title>Related documents</title>
+
+ <itemizedlist>
+ <listitem>
+ <para><link linkend="JCR.LinkProducerService">Link
+ Producer</link></para>
+ </listitem>
+ </itemizedlist>
+ </section>
+
+ <section>
+ <title>Introduction</title>
+
+ <para>The WebDAV protocol enables you to use the third party tools to
+ communicate with hierarchical content servers via HTTP. It is possible to
+ add and remove documents or a set of documents from a path on the server.
+ DeltaV is an extension of the WebDav protocol that allows managing
+ document versioning. Locking guarantees protection against multiple access
+ when writing resources. The ordering support allows changing the position
+ of the resource in the list and sort the directory to make the directory
+ tree viewed conveniently. The full-text search makes it easy to find the
+ necessary documents. You can search by using two languages: SQL and
+ XPATH.</para>
+
+ <para>In eXo JCR, we plug in the WebDAV layer - based on the code taken
+ from the extension modules of the reference implementation - on the top of
+ our JCR implementation so that it is possible to browse a workspace using
+ the third party tools (it can be Windows folders or Mac ones as well as a
+ Java WebDAV client, such as DAVExplorer or IE using File->Open as a Web
+ Folder).</para>
+
+ <para>Now WebDav is an extension of the REST service. To get the WebDav
+ server ready, you must deploy the REST application. Then, you can access
+ any workspaces of your repository by using the following URL:</para>
+
+ <para>Standalone mode:</para>
+
+ <para><uri>http://host:port/rest/jcr/{RepositoryName}/{WorkspaceName}/{Path}</uri></para>
+
+ <para>Portal mode:</para>
+
+ <para><uri>http://host:port/portal/rest/private/jcr/{RepositoryName}/{WorkspaceName}/{Path}</uri></para>
+
+ <para>When accessing the WebDAV server with the
+ URL<uri>http://localhost:8080/rest/jcr/repository/production</uri>, you
+ might also use "collaboration" (instead of "production") which is the
+ default workspace in eXo products. You will be asked to enter your login
+ and password. Those will then be checked by using the organization service
+ that can be implemented thanks to an InMemory (dummy) module or a DB
+ module or an LDAP one and the JCR user session will be created with the
+ correct JCR Credentials.</para>
+
+ <note>
+ <para>If you try the "in ECM" option, add "@ecm" to the user's password.
+ Alternatively, you may modify jaas.conf by adding the <emphasis
+ role="bold">domain=ecm</emphasis> option as follows:</para>
+
+ <programlisting>exo-domain {
+ org.exoplatform.services.security.jaas.BasicLoginModule required domain=ecm;
+};</programlisting>
+ </note>
+ </section>
+
+ <section>
+ <title>Configuration</title>
+
+ <programlisting><component>
+ <key>org.exoplatform.services.webdav.WebDavServiceImpl</key>
+ <type>org.exoplatform.services.webdav.WebDavServiceImpl</type>
+ <init-params>
+
+ <!-- this parameter indicates the default login and password values
+ used as credentials for accessing the repository -->
+ <!-- value-param>
+ <name>default-identity</name>
+ <value>admin:admin</value>
+ </value-param -->
+
+ <!-- this is the value of WWW-Authenticate header -->
+ <value-param>
+ <name>auth-header</name>
+ <value>Basic realm="eXo-Platform Webdav Server 1.6.1"</value>
+ </value-param>
+
+ <!-- default node type which is used for the creation of collections -->
+ <value-param>
+ <name>def-folder-node-type</name>
+ <value>nt:folder</value>
+ </value-param>
+
+ <!-- default node type which is used for the creation of files -->
+ <value-param>
+ <name>def-file-node-type</name>
+ <value>nt:file</value>
+ </value-param>
+
+ <!-- if MimeTypeResolver can't find the required mime type,
+ which conforms with the file extension, and the mimeType header is absent
+ in the HTTP request header, this parameter is used
+ as the default mime type-->
+ <value-param>
+ <name>def-file-mimetype</name>
+ <value>application/octet-stream</value>
+ </value-param>
+
+ <!-- This parameter indicates one of the three cases when you update the content of the resource by PUT command.
+ In case of "create-version", PUT command creates the new version of the resource if this resource exists.
+ In case of "replace" - if the resource exists, PUT command updates the content of the resource and its last modification date.
+ In case of "add", the PUT command tries to create the new resource with the same name (if the parent node allows same-name siblings).-->
+
+ <value-param>
+ <name>update-policy</name>
+ <value>create-version</value>
+ <!--value>replace</value -->
+ <!-- value>add</value -->
+ </value-param>
+
+ <!--
+ This parameter determines how service responds to a method that attempts to modify file content.
+ In case of "checkout-checkin" value, when a modification request is applied to a checked-in version-controlled resource, the request is automatically preceded by a checkout and followed by a checkin operation.
+ In case of "checkout" value, when a modification request is applied to a checked-in version-controlled resource, the request is automatically preceded by a checkout operation.
+ -->
+ <value-param>
+ <name>auto-version</name>
+ <value>checkout-checkin</value>
+ <!--value>checkout</value -->
+ </value-param>
+
+ <!--
+ This parameter is responsible for managing Cache-Control header value which will be returned to the client.
+ You can use patterns like "text/*", "image/*" or wildcard to define the type of content.
+ -->
+ <value-param>
+ <name>cache-control</name>
+ <value>text/xml,text/html:max-age=3600;image/png,image/jpg:max-age=1800;*/*:no-cache;</value>
+ </value-param>
+
+ <!--
+ This parameter determines the absolute path to the folder icon file, which is shown
+ during WebDAV view of the contents
+ -->
+ <value-param>
+ <name>folder-icon-path</name>
+ <value>/absolute/path/to/file</value>
+ </value-param>
+
+ <!--
+ This parameter is responsible for untrusted user agents definition.
+ Content-type headers of listed here user agents should be
+ ignored and MimeTypeResolver should be explicitly used instead
+ -->
+ <values-param>
+ <name>untrusted-user-agents</name>
+ <value>Microsoft Office Core Storage Infrastructure/1.0</value>
+ </values-param>
+
+
+ </init-params>
+</component></programlisting>
+ </section>
+
+ <section>
+ <title>Screenshots</title>
+
+ <para>At present, eXo JCR WebDav server is tested by using MS Internet
+ Explorer, <ulink url="http://www.ics.uci.edu/~webdav">Dav
+ Explorer</ulink>, <ulink
+ url="http://www.xythos.com/home/xythos/products/xythos_drive.html">Xythos
+ Drive</ulink>, Microsoft Office 2003 (as client), and Ubuntu Linux.</para>
+
+ <section>
+ <title>MS Internet Explorer</title>
+
+ <para>(File -> Open as Web Folder)</para>
+
+ <mediaobject>
+ <imageobject>
+ <imagedata fileref="images/protocols/webdav_explorer.jpg" />
+ </imageobject>
+ </mediaobject>
+ </section>
+
+ <section>
+ <title>Dav Explorer</title>
+
+ <mediaobject>
+ <imageobject>
+ <imagedata fileref="images/protocols/webdav_davexplorer.jpg" />
+ </imageobject>
+ </mediaobject>
+ </section>
+
+ <section>
+ <title>Xythos Drive</title>
+
+ <mediaobject>
+ <imageobject>
+ <imagedata fileref="images/protocols/webdav_xythosdrive.jpg" />
+ </imageobject>
+ </mediaobject>
+ </section>
+
+ <section>
+ <title>Microsoft Office 2003</title>
+
+ <para>(as client) (File->Open with typing http://... href in the file
+ name box)</para>
+
+ <mediaobject>
+ <imageobject>
+ <imagedata fileref="images/protocols/webdav_msoffice2003.jpg" />
+ </imageobject>
+ </mediaobject>
+ </section>
+
+ <section>
+ <title>Ubuntu Linux</title>
+
+ <mediaobject>
+ <imageobject>
+ <imagedata fileref="images/protocols/webdav_ubuntulinux.jpg" />
+ </imageobject>
+ </mediaobject>
+ </section>
+ </section>
+
+ <section>
+ <title>Comparison table of WebDav and JCR commands</title>
+
+ <table>
+ <title></title>
+
+ <tgroup cols="2">
+ <thead>
+ <row>
+ <entry>WebDav</entry>
+
+ <entry>JCR</entry>
+ </row>
+ </thead>
+
+ <tbody>
+ <row>
+ <entry>COPY</entry>
+
+ <entry>Workspace.copy(...)</entry>
+ </row>
+
+ <row>
+ <entry>DELETE</entry>
+
+ <entry>Node.remove()</entry>
+ </row>
+
+ <row>
+ <entry>GET</entry>
+
+ <entry>Node.getProperty(...); Property.getValue()</entry>
+ </row>
+
+ <row>
+ <entry>HEAD</entry>
+
+ <entry>Node.getProperty(...); Property.getLength()</entry>
+ </row>
+
+ <row>
+ <entry>MKCOL</entry>
+
+ <entry>Node.addNode(...)</entry>
+ </row>
+
+ <row>
+ <entry>MOVE</entry>
+
+ <entry>Session.move(...) or Workspace.move(...)</entry>
+ </row>
+
+ <row>
+ <entry>PROPFIND</entry>
+
+ <entry>Session.getNode(...); Node.getNode(...);
+ Node.getNodes(...); Node.getProperties()</entry>
+ </row>
+
+ <row>
+ <entry>PROPPATCH</entry>
+
+ <entry>Node.setProperty(...);
+ Node.getProperty(...).remove()</entry>
+ </row>
+
+ <row>
+ <entry>PUT</entry>
+
+ <entry>Node.addNode("node","nt:file");
+ Node.setProperty("jcr:data", "data")</entry>
+ </row>
+
+ <row>
+ <entry>CHECKIN</entry>
+
+ <entry>Node.checkin()</entry>
+ </row>
+
+ <row>
+ <entry>CHECKOUT</entry>
+
+ <entry>Node.checkout()</entry>
+ </row>
+
+ <row>
+ <entry>REPORT</entry>
+
+ <entry>Node.getVersionHistory(); VersionHistory.getAllVersions();
+ Version.getProperties()</entry>
+ </row>
+
+ <row>
+ <entry>RESTORE</entry>
+
+ <entry>Node.restore(...)</entry>
+ </row>
+
+ <row>
+ <entry>UNCHECKOUT</entry>
+
+ <entry>Node.restore(...)</entry>
+ </row>
+
+ <row>
+ <entry>VERSION-CONTROL</entry>
+
+ <entry>Node.addMixin("mix:versionable")</entry>
+ </row>
+
+ <row>
+ <entry>LOCK</entry>
+
+ <entry>Node.lock(...)</entry>
+ </row>
+
+ <row>
+ <entry>UNLOCK</entry>
+
+ <entry>Node.unlock()</entry>
+ </row>
+
+ <row>
+ <entry>ORDERPATCH</entry>
+
+ <entry>Node.orderBefore(...)</entry>
+ </row>
+
+ <row>
+ <entry>SEARCH</entry>
+
+ <entry>Workspace.getQueryManager(); QueryManager.createQuery();
+ Query.execute()</entry>
+ </row>
+ </tbody>
+ </tgroup>
+ </table>
+ </section>
+
+ <section>
+ <title>Restrictions</title>
+
+ <para>There are some restrictions for WebDAV in different Operating
+ systems.</para>
+
+ <section>
+ <title>Windows 7</title>
+
+ <para>When you try to set up a web folder by “adding a network location”
+ or “map a network drive” through My Computer, you can get an error
+ message saying that either “The folder you entered does not appear to be
+ valid. Please choose another” or “Windows cannot access… Check the
+ spelling of the name. Otherwise, there might be…”. These errors may
+ appear when you are using SSL or non-SSL.</para>
+
+ <para>To fix this, do as follows:</para>
+
+ <orderedlist>
+ <listitem>
+ <para>Go to Windows Registry Editor.</para>
+ </listitem>
+
+ <listitem>
+ <para>Find a key:
+ \HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlset\services\WebClient\Parameters\BasicAuthLevel
+ .</para>
+ </listitem>
+
+ <listitem>
+ <para>Change the value to 2.</para>
+ </listitem>
+ </orderedlist>
+ </section>
+
+ <section>
+ <title>Microsoft Office 2010</title>
+
+ <para>If you have Microsoft Office 2010 applications or Microsoft Office
+ 2007 applications installed on a client computer. From that client
+ computer, you try to access an Office file that is stored on a web
+ server that is configured for Basic authentication. The connection
+ between your computer and the web server does not use Secure Sockets
+ Layer (SSL). When you try to open or to download the file, you
+ experience the following symptoms: <itemizedlist>
+ <listitem>
+ <para>The Office file does not open or download.</para>
+ </listitem>
+
+ <listitem>
+ <para>You do not receive a Basic authentication password prompt
+ when you try to open or to download the file.</para>
+ </listitem>
+
+ <listitem>
+ <para>You do not receive an error message when you try to open the
+ file. The associated Office application starts. However, the
+ selected file does not open.</para>
+ </listitem>
+ </itemizedlist></para>
+
+ <para>To enable Basic authentication on the client computer, follow
+ these steps:</para>
+
+ <orderedlist>
+ <listitem>
+ <para>Click Start, type regedit in the Start Search box, and then
+ press Enter.</para>
+ </listitem>
+
+ <listitem>
+ <para>Locate and then click the following registry subkey:</para>
+
+ <para>HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\Internet</para>
+ </listitem>
+
+ <listitem>
+ <para>On the Edit menu, point to New, and then click DWORD
+ Value.</para>
+ </listitem>
+
+ <listitem>
+ <para>Type BasicAuthLevel, and then press Enter.</para>
+ </listitem>
+
+ <listitem>
+ <para>Right-click BasicAuthLevel, and then click Modify.</para>
+ </listitem>
+
+ <listitem>
+ <para>In the Value data box, type 2, and then click OK.</para>
+ </listitem>
+ </orderedlist>
+ </section>
+ </section>
+</chapter>
Added: jcr/branches/1.12.x/patch/1.12.12-GA/JCR-1704/readme.txt
===================================================================
--- jcr/branches/1.12.x/patch/1.12.12-GA/JCR-1704/readme.txt (rev 0)
+++ jcr/branches/1.12.x/patch/1.12.12-GA/JCR-1704/readme.txt 2012-02-15 02:16:26 UTC (rev 5635)
@@ -0,0 +1,82 @@
+Summary
+
+ * Status: Portlet crash and no preview available after save from Office 2010 in webdav
+ * CCP Issue: CCP-1182, Product Jira Issue: JCR-1704.
+ * Complexity: medium
+
+The Proposal
+Problem description
+
+What is the problem to fix?
+Portlet crash and no preview available after save from Office 2010 in webdav
+To reproduce this issue:
+
+ * Create a webdav drive, for example "http://localhost:8080/rest/private/jcr/repository/collaboration/"
+ * Copy any doc or DOCX created by MS Office 2010 to this drive
+ * Access to the document in the Site Explorer => The icon associated to the MIME type of DOCX is the icon of nt file
+ * Open the document in the webdav drive and make a modification (even one character) then save it.
+ * Access again to Site Explorer
+ => The MIME type and the icon of the document have changed to XML.
+ => The portlet crashes and it is difficult to get the interface back.
+
+Fix description
+
+How is the problem fixed?
+
+ * New WebDavService initial parameter added to contain a set of untrusted user agents.
+ Content-type headers sent by this user agents are now ignored, we use instead MimeTypeResolver to define resource's MIME type.
+
+Patch file: JCR-1704.patch
+
+Tests to perform
+
+Reproduction test
+1. Case 1: cf. above
+2. Case 2:
+* Create a webdav drive, for example "http://localhost:8080/rest/private/jcr/repository/collaboration/"
+* Create a new document by Office 2010 inside that web folder
+* Save the document directly in the webdav folder (no copy from local)
+ => The MIME type passes directly to xml before doing any modification in the document.
+
+Tests performed at DevLevel
+* Launch PLF to manually reproduce usecase.
+* Creat unit test with the usecase.
+
+Tests performed at QA/Support Level
+*
+
+Documentation changes
+
+Documentation changes:
+* Added description and example of a new initial parameter for WebDavService
+
+Configuration changes
+
+Configuration changes:
+
+ * Added new initial parameter for WebDavService
+
+Will previous configuration continue to work?
+
+ * Yes
+
+Risks and impacts
+
+Can this bug fix have any side effects on current client projects?
+
+ * No
+
+Is there a performance risk/cost?
+
+ * No
+
+Validation (PM/Support/QA)
+
+PM Comment
+* Validated
+
+Support Comment
+* Validated
+
+QA Feedbacks
+*
More information about the exo-jcr-commits
mailing list