I have an issue with a servlet that I am trying to port for BO 4.1 from BO 3.1. It may be because I do not fully understand the file structure under tomcat7 in the new BO.
We are integrating BO with our own ERP application, and we embed some openDocument pages in our own web portal. The servlet we have is used to authenticate users in BO using Trusted Authentication and a shared secret file, based on the fact that they are already signed into our product.
More specifically, what we do is to set up a filter in BOE's web.xml, so that calls to openDocument1.jsp are routed to our servlet - we have placed an empty file openDocument1.jsp in the folder WEB-INF\eclipse\plugins\webpath.OpenDocument\web\opendoc (and this is the part that is a bit shady to me).
<filter>
<filter-name>OpendocTokenManager</filter-name>
<filter-class>com.inovista.OpendocFilter</filter-class>
<init-param>
<!-- a bunch of these -->
</init-param>
</filter>
<filter-mapping>
<filter-name>OpendocTokenManager</filter-name>
<url-pattern>/OpenDocument/opendoc/openDocument1.jsp</url-pattern>
</filter-mapping>
Then we have the class OpendocFilter that implements the Filter interface in place under BOE's WEB-INF/classes folder. So far, so good - we can see that the class is loaded and when we run the openDocument1.jsp URL, the doFilter() method is run from our class.
Most of the stuff inside the class also works: we call the necessary web service from our own app to verify that the user is logged in there, and then we call the standard BO libs to get a token that we want to use so that we do not have to give username/password to view the document:
ISessionMgr sessionMgr = CrystalEnterprise.getSessionMgr();
ITrustedPrincipal trustedPrincipal = sessionMgr.createTrustedPrincipal(sUser, sCmsRepo, sharedSecret);
IEnterpriseSession enterpriseSession = sessionMgr.logon(trustedPrincipal);
String serSession = enterpriseSession.getSerializedSession();
String serSessionEnc = java.net.URLEncoder.encode(serSession, "UTF-8");
This is also fine: I can take the token that we get out of this and construct a openDocument.jsp URL with this as a serSes parameter, and then the document opens without a prompt for password. But what fails is my attempt to do this inside the servlet. I am trying to use a RequestDispatcher and a dispatchString, so that I can call the forward() method on the RequestDispatcher where I have added "serSes=<token>" to the request. In the below, the OpendocServletRequest class is a simple implementation of HttpRequestWrapper where you want to add parameters to the getParameters map, the same way as it is done here: http://ocpsoft.org/opensource/how-to-safely-add-modify-servlet-request-parameter-values/
final Map<String, String[]> extraParams = new HashMap<String, String[]>();
final String[] boTokenArray = {boToken};
extraParams.put("serSes", boTokenArray);
OpendocServletRequest opendocReq = new OpendocServletRequest(req, extraParams);
final String dispatchString = "openDocument.jsp?" + OpenDocConstants.PARAM_SERIALIZED_SES + "=" + boToken;
final RequestDispatcher reqDispatcher = req.getRequestDispatcher(dispatchString);
reqDispatcher.forward(opendocReq, response);
This worked fine in BO 3.1 (both with tomcat5 and tomcat7), but in 4.1 it does not. As another interesting experiment, I wanted to try and forward to a more simple 'HelloWorld.jsp' page just to check the forward() call, but that does also not work - I put HelloWorld.jsp in the same folder as the openDocument1.jsp (see above), but that does also not work. Even a direct URL http://myServer:8080/BOE/OpenDocument/opendoc/helloWorld.jsp does not work (but the corresponding call to http://myServer:8080/BOE/OpenDocument/opendoc/openDocument1.jsp is captured by my filter).
I am sorry for the long stor, but I wanted to make clear what I am trying to do. The most important thing is of course the forward() call, but my lack of understanding of why helloWorld.jsp does not work might be the underlying roadblock.
Thanks in advance for any help you can provide.