/// <summary> /// The main routine that handles each request, calls the database, and outputs the response from the OWA toolkit back to the client through IIS. /// </summary> /// <param name="o"></param> /// <param name="a"></param> private void HandleRequest(object o, EventArgs a) { // grab the request context from ASP.NET HttpApplication app = (HttpApplication)o; HttpContext ctx = (HttpContext)app.Context; if (DadConfiguration.HideServerBanner) { // http://blogs.technet.com/b/stefan_gossner/archive/2008/03/12/iis-7-how-to-send-a-custom-server-http-header.aspx try { app.Response.Headers.Remove("Server"); app.Response.Headers.Remove("X-AspNet-Version"); app.Response.Headers.Remove("X-Powered-By"); } catch (PlatformNotSupportedException e) { logger.Warn("Attempted to hide server banners (HideServerBanner = True), but failed with error: " + e.Message); } } // check if gateway should be bypassed (return normal execution to IIS) if (DadConfiguration.ServeStaticContent) { string physicalPath = app.Request.PhysicalPath; if (File.Exists(physicalPath)) { logger.Debug("Requested file " + physicalPath + " exists on disk. Gateway will not handle this request."); return; } else { logger.Debug("Requested file " + physicalPath + " was NOT found on disk, continuing with normal gateway request."); } } // parse the request (URL); we are expecting calls in a format similar to the following: // http://servername/PLSQLGatewayModule/dadname/[schema.][package.]procedure?parameter1=xxx¶meter2=yyy string serverName = app.Request.ServerVariables["HTTP_HOST"]; string requestContentType = app.Request.ContentType; string requestBody = ""; string requestPath = app.Request.FilePath.Substring(1); string soapAction = app.Request.Headers["SOAPAction"]; if (requestContentType.ToLower() != "application/x-www-form-urlencoded") { requestBody = new StreamReader(app.Request.InputStream, System.Text.Encoding.Default).ReadToEnd(); requestBody = HttpUtility.UrlDecode(requestBody); } GatewayRequest gReq = new GatewayRequest(serverName, app.Request.HttpMethod, app.Request.FilePath, app.Request.RawUrl, soapAction); if (!gReq.DadSpecifiedInRequest) { if (DadConfiguration.DefaultDadEnabled) { string defaultURL = "/" + gReq.ModuleName + "/" + gReq.DadName + "/" + gReq.ProcName; logger.Debug("DAD not specified in URL, or specified DAD not defined in configuration file. Redirecting to default DAD and default procedure: " + defaultURL); ctx.Response.Redirect(defaultURL); //ctx.Response.StatusCode = 302; // moved temporarily app.CompleteRequest(); return; } else { logger.Warn("DAD not specified in request, or DAD not defined in configuration file, and default DAD disabled. Request terminated with 404."); throw new HttpException(404, "Not Found"); } } if (gReq.ValidRequest) { // the requested procedure name is valid // now process querystring and form variables, set up the OWA packages with the CGI environment information, // and check if there are files to be uploaded if (gReq.IsWsdlRequest) { logger.Debug("Request is for WSDL document"); } else if (gReq.IsSoapRequest) { logger.Debug("Invocation protocol is SOAP"); gReq.AddRequestParametersForSOAP(gReq.ProcName, requestBody); } else { gReq.AddRequestParameters(app.Request.QueryString, app.Request.Form, app.Request.Files, requestBody); } gReq.AddCGIEnvironment(ctx.Request.ServerVariables); OracleParameterCache opc = new OracleParameterCache(ctx); // connect to the database OracleInterface ora = new OracleInterface(gReq, opc); if (ora.Connected()) { ora.SetupOwaCGI(gReq.CGIParameters, ctx.Request.UserHostName, ctx.Request.UserHostAddress, gReq.BasicAuthUsername, gReq.BasicAuthPassword); if (ctx.Request.Files.Count > 0) { bool uploadSuccess = ora.UploadFiles(gReq.UploadedFiles); } } bool success = false; // the GatewayResponse object will hold the result of the database call (headers, cookies, status codes, response body, etc.) GatewayResponse gResp = new GatewayResponse(); if (!ora.Connected()) { logger.Debug("Failed to connect to database, skipping procedure execution."); success = false; } else if (gReq.IsSoapRequest) { if (gReq.IsWsdlRequest) { success = ora.GenerateWsdl(gReq.ServerName, gReq.ModuleName, gReq.DadName, gReq.ProcName); } else { success = ora.ExecuteMainProc(gReq.OwaProc, gReq.RequestParameters, false, gReq.ProcName); if (success) { ora.GenerateSoapResponse(gReq.ProcName); } else { int errorCode = ora.GetLastErrorCode(); string errorText = ora.GetLastErrorText(); logger.Debug("SOAP request failed with error code " + errorCode + ", generating SOAP Fault response."); ora.GenerateSoapFault(errorCode, errorText); } } } else if (gReq.IsFlexibleParams) { logger.Debug("Using flexible parameter mode (converting parameters to name/value arrays)"); success = ora.ExecuteMainProc(gReq.OwaProc, gReq.GetFlexibleParams(), false, gReq.ProcName); } else if (gReq.IsPathAlias) { logger.Debug("Forwarding request to PathAliasProcedure"); success = ora.ExecuteMainProc(gReq.OwaProc, gReq.GetPathAliasParams(), false, gReq.ProcName); } else if (gReq.IsXdbAlias) { logger.Debug("Forwarding request to XDB Repository"); success = ora.GetXdbResource(gReq.XdbAliasValue); } else if (gReq.IsDocumentPath) { logger.Debug("Forwarding request to DocumentProcedure"); success = ora.ExecuteMainProc(gReq.OwaProc, new List <NameValuePair>(), false, gReq.ProcName); } else { success = ora.ExecuteMainProc(gReq.OwaProc, gReq.RequestParameters, false, gReq.ProcName); if (!success && ora.GetLastErrorText().IndexOf("PLS-00306:") > -1) { logger.Error("Call failed: " + ora.GetLastErrorText()); logger.Debug("Wrong number or types of arguments in call. Will retry call after looking up parameter metadata in data dictionary."); success = ora.ExecuteMainProc(gReq.OwaProc, gReq.RequestParameters, true, gReq.ProcName); } else if (!success && ora.GetLastErrorText().IndexOf("ORA-01460:") > -1) { logger.Error("Call failed: " + ora.GetLastErrorText()); logger.Debug("Unimplemented or unreasonable conversion requested. Will retry call after looking up parameter metadata in data dictionary."); success = ora.ExecuteMainProc(gReq.OwaProc, gReq.RequestParameters, true, gReq.ProcName); } else if (!success && ora.GetLastErrorText().IndexOf("ORA-00201:") > -1) { logger.Error("Call failed: " + ora.GetLastErrorText()); logger.Debug("Identifier must be declared. Will retry call after looking up parameter metadata in data dictionary."); success = ora.ExecuteMainProc(gReq.OwaProc, gReq.RequestParameters, true, gReq.ProcName); } } if (success) { logger.Info("Gateway procedure executed successfully."); ora.DoCommit(); if (gReq.IsWsdlRequest) { logger.Info("Responding with WSDL document"); gResp.FetchWsdlResponse(ora); } else if (gReq.IsSoapRequest) { logger.Info("Responding with SOAP response"); gResp.FetchSoapResponse(ora); } else if (gReq.IsXdbAlias) { logger.Info("Responding with XDB Resource"); gResp.FetchXdbResponse(ora); } else { // fetch the response buffers from OWA logger.Debug("Fetch buffer size = " + gReq.DadConfig.FetchBufferSize); gResp.FetchOwaResponse(ora); } ora.CloseConnection(); // process response ProcessResponse(gReq, gResp, ctx, app); } else { logger.Error("Call failed: " + ora.GetLastErrorText()); ora.DoRollback(); if (gReq.IsSoapRequest) { logger.Debug("SOAP request failed, returning SOAP fault as part of normal response."); gResp.FetchSoapResponse(ora); ProcessResponse(gReq, gResp, ctx, app); } else if (gReq.DadConfig.ErrorStyle == "DebugStyle") { logger.Error("Request failed, showing debug error page"); ctx.Response.Write(GatewayError.GetErrorDebugPage(gReq, ora.GetLastErrorText())); } else { logger.Error("Request failed, user gets status code 404"); throw new HttpException(404, "Not Found"); //ctx.Response.Clear(); //ctx.Response.StatusCode = 404; } // TODO: does this get called if HttpException is thrown above... don't think so! ora.CloseConnection(); } } else { logger.Warn("Request (" + requestPath + ") not valid, returning 404..."); if (gReq.DadConfig.ErrorStyle == "DebugStyle") { ctx.Response.Write(GatewayError.GetInvalidRequestDebugPage(requestPath, gReq.DadConfig)); } else { throw new HttpException(404, "Not Found"); //ctx.Response.Clear(); //ctx.Response.StatusCode = 404; } } app.CompleteRequest(); logger.Info("Request completed."); }
public OracleInterface(GatewayRequest req, OracleParameterCache opc) { _dadName = req.DadName; _dadConfig = req.DadConfig; _opc = opc; string dbUsername = _dadConfig.DatabaseUserName; string dbPassword = _dadConfig.DatabasePassword; // Integrated Windows Authentication (use in combination with Oracle proxy authentication) if (dbUsername == "LOGON_USER") { dbUsername = req.WindowsUsername; // if username contains backslash (domain\user), add double quotes to username if (dbUsername.IndexOf("\\") > -1) { dbUsername = "******"" + dbUsername + "\""; } } if (dbUsername == "LOGON_USER_NO_DOMAIN") { dbUsername = req.WindowsUsernameNoDomain; } // for connection string attributes, see http://download.oracle.com/docs/html/E15167_01/featConnecting.htm#i1006259 _connStr = "User Id=" + dbUsername + ";Password="******";Data Source=" + _dadConfig.DatabaseConnectString + ";" + _dadConfig.DatabaseConnectStringAttributes; // careful with this one, it will expose the passwords in the log // use it just for additional debugging during development // logger.Debug("Connection string: " + _connStr); // Connect to Oracle if (logger.IsDebugEnabled) { logger.Debug("Connecting with user " + dbUsername + " to " + _dadConfig.DatabaseConnectString + "..."); } _conn = new OracleConnection(_connStr); try { _conn.Open(); _connected = true; if (logger.IsDebugEnabled) { logger.Debug("Connected to Oracle " + _conn.ServerVersion); } } catch (OracleException e) { _lastError = e.Message; logger.Error("Failed to connect to database: " + e.Message); } if (_connected) { _txn = _conn.BeginTransaction(); // setup National Language Support (NLS) string sql = "alter session set nls_language='" + _dadConfig.NLSLanguage + "' nls_territory='" + _dadConfig.NLSTerritory + "'"; ExecuteSQL(sql, new ArrayList()); //OracleGlobalization glb = OracleGlobalization.GetThreadInfo(); //logger.Debug ("ODP.NET Client Character Set: " + glb.ClientCharacterSet); // ensure a stateless environment by resetting package state sql = "begin dbms_session.modify_package_state(dbms_session.reinitialize); end;"; ExecuteSQL(sql, new ArrayList()); if (_dadConfig.InvocationProtocol == DadConfiguration.INVOCATION_PROTOCOL_SOAP) { // use SOAP date encoding sql = "alter session set nls_date_format = '" + _dadConfig.SoapDateFormat + "'"; ExecuteSQL(sql, new ArrayList()); } } }