svn commit: r741374 [1/2] - in /ofbiz/trunk: applications/ecommerce/webapp/ecommerce/ applications/order/src/org/ofbiz/order/shoppingcart/ framework/base/src/org/ofbiz/base/util/ framework/common/webcommon/ framework/common/webcommon/WEB-INF/ framework...

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

svn commit: r741374 [1/2] - in /ofbiz/trunk: applications/ecommerce/webapp/ecommerce/ applications/order/src/org/ofbiz/order/shoppingcart/ framework/base/src/org/ofbiz/base/util/ framework/common/webcommon/ framework/common/webcommon/WEB-INF/ framework...

jonesde
Author: jonesde
Date: Fri Feb  6 02:14:19 2009
New Revision: 741374

URL: http://svn.apache.org/viewvc?rev=741374&view=rev
Log:
A few related changes:

Big refactor of ControlServlet, RequestManager, RequestHandler, and ConfigXMLReader so that simple objects are used instead of Maps within Maps within Maps for the data from the controller.xml file, which results in eliminating hundreds of lines of code including the entire RequestHandler class. I have tested this a lot with different apps that use the ControlServlet differently, but this is a very big change so there could still be issues. Based on this cleanup future issues and new features should be easier and less error prone, and that is why doing it now in order to help with a number of other improvements and bug fixes that are part of this commit.

Also added redirect-parameter element to go under the request-map -> response element which allows you to specify which parameters will be passed on in a redirect instead of using all of them. Also improved default there and in various places to only include parameters from the URL to avoid issues with form data, but if the ID to display (like following a crAlso added redirect-parameter element to go under the request-map -> response element which allows you to specify which parameters will be passed on in a redirect instead of using all of them. Also improved default there and in various places to only include parameters from the URL to avoid issues with form data, but if the ID to display (like following a crAlso added redirect-parameter element to go under the request-map -> response element which allows you to specify which parameters will be passed on in a redirect instead of using all of them. Also improved default there and in various places to only include parameters
 from the URL to avoid issues wd in and also going to the same page after login from auth=true or from clicking on the login link.

Related to cleaning up login URLs also changed how the request and parameters passed to a request before a login are saved and used after a login is successful so that it URL parameters go on the URL in a redirect to the original request to make it more transparent, and non-URL parameters just stay in the session and are used when the original request is run again to avoid putting sensitive information like passwords and big information like textarea data in the URL, which has been a problem before.

To see what some of these things combined can do try going to the example app, login, click on the New Example link, then logout in another tab or window, then go back to the New Example page and enter a name and a whole bunch of text in the long description then click Create, the system will show you the login page so enter username/password, and then after login you'll see a nice URL to EditExample with the correct exampleId parameter and all of the data entered before login successfully saved and never appearing in a URL.

Removed:
    ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/RequestManager.java
Modified:
    ofbiz/trunk/applications/ecommerce/webapp/ecommerce/login.ftl
    ofbiz/trunk/applications/order/src/org/ofbiz/order/shoppingcart/ShoppingCartEvents.java
    ofbiz/trunk/framework/base/src/org/ofbiz/base/util/UtilHttp.java
    ofbiz/trunk/framework/common/webcommon/WEB-INF/common-controller.xml
    ofbiz/trunk/framework/common/webcommon/includes/header.ftl
    ofbiz/trunk/framework/common/webcommon/login.ftl
    ofbiz/trunk/framework/example/webapp/example/WEB-INF/controller.xml
    ofbiz/trunk/framework/webapp/dtd/site-conf.xsd
    ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/ConfigXMLReader.java
    ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java
    ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/RequestHandler.java
    ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/event/CoreEvents.java
    ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/event/EventFactory.java
    ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/event/SOAPEventHandler.java
    ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/event/ServiceMultiEventHandler.java
    ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/view/ViewFactory.java
    ofbiz/trunk/framework/webtools/src/org/ofbiz/webtools/artifactinfo/ArtifactInfoFactory.java
    ofbiz/trunk/framework/webtools/src/org/ofbiz/webtools/artifactinfo/ControllerRequestArtifactInfo.java
    ofbiz/trunk/framework/webtools/src/org/ofbiz/webtools/artifactinfo/ControllerViewArtifactInfo.java
    ofbiz/trunk/framework/widget/src/org/ofbiz/widget/screen/ScreenRenderer.java
    ofbiz/trunk/specialpurpose/hhfacility/webapp/hhfacility/login.ftl
    ofbiz/trunk/specialpurpose/myportal/widget/login.ftl

Modified: ofbiz/trunk/applications/ecommerce/webapp/ecommerce/login.ftl
URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/ecommerce/webapp/ecommerce/login.ftl?rev=741374&r1=741373&r2=741374&view=diff
==============================================================================
--- ofbiz/trunk/applications/ecommerce/webapp/ecommerce/login.ftl (original)
+++ ofbiz/trunk/applications/ecommerce/webapp/ecommerce/login.ftl Fri Feb  6 02:14:19 2009
@@ -34,7 +34,7 @@
             <div class="boxhead">${uiLabelMap.CommonRegistered}</div>
         </div>
         <div class="screenlet-body" style="text-align: center;">
-          <form method="post" action="<@ofbizUrl>login${previousParams}</@ofbizUrl>" name="loginform">
+          <form method="post" action="<@ofbizUrl>login</@ofbizUrl>" name="loginform">
               <div class="tabletext">
                   ${uiLabelMap.CommonUsername}:&nbsp;
                   <input type="text" class="inputBox" name="USERNAME" value="<#if requestParameters.USERNAME?has_content>${requestParameters.USERNAME}<#elseif autoUserLogin?has_content>${autoUserLogin.userLoginId}</#if>" size="20"/>
@@ -60,7 +60,7 @@
             <div class="boxhead">${uiLabelMap.CommonForgotYourPassword}?</div>
         </div>
         <div class="screenlet-body" style="text-align: center;">
-          <form method="post" action="<@ofbizUrl>forgotpassword${previousParams}</@ofbizUrl>" name="forgotpassword" style="margin: 0;">
+          <form method="post" action="<@ofbizUrl>forgotpassword</@ofbizUrl>" name="forgotpassword" style="margin: 0;">
             <span class="tabletext">${uiLabelMap.CommonUsername}:&nbsp;</span><input type="text" size="20" class="inputBox" name="USERNAME" value="<#if requestParameters.USERNAME?has_content>${requestParameters.USERNAME}<#elseif autoUserLogin?has_content>${autoUserLogin.userLoginId}</#if>"/>
             <div><input type="submit" name="GET_PASSWORD_HINT" class="smallSubmit" value="${uiLabelMap.CommonGetPasswordHint}"/>&nbsp;<input type="submit" name="EMAIL_PASSWORD" class="smallSubmit" value="${uiLabelMap.CommonEmailPassword}"/></div>
           </form>
@@ -74,7 +74,7 @@
             <div class="boxhead">${uiLabelMap.CommonNewUser}</div>
         </div>
         <div class="screenlet-body" style="text-align: center;">
-          <form method="post" action="<@ofbizUrl>newcustomer${previousParams}</@ofbizUrl>" style="margin: 0;">
+          <form method="post" action="<@ofbizUrl>newcustomer</@ofbizUrl>" style="margin: 0;">
             <div class="tabletext">${uiLabelMap.CommonMayCreateNewAccountHere}:</div>
             <div><input type="submit" class="smallSubmit" value="${uiLabelMap.CommonMayCreate}"/></div>
           </form>

Modified: ofbiz/trunk/applications/order/src/org/ofbiz/order/shoppingcart/ShoppingCartEvents.java
URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/order/src/org/ofbiz/order/shoppingcart/ShoppingCartEvents.java?rev=741374&r1=741373&r2=741374&view=diff
==============================================================================
--- ofbiz/trunk/applications/order/src/org/ofbiz/order/shoppingcart/ShoppingCartEvents.java (original)
+++ ofbiz/trunk/applications/order/src/org/ofbiz/order/shoppingcart/ShoppingCartEvents.java Fri Feb  6 02:14:19 2009
@@ -465,7 +465,7 @@
                         partyId = userLogin.getString("partyId");
                     }
                     String formAction = "/additemsurvey";
-                    String nextPage = RequestHandler.getNextPageUri(request.getPathInfo());
+                    String nextPage = RequestHandler.getOverrideViewUri(request.getPathInfo());
                     if (nextPage != null) {
                         formAction = formAction + "/" + nextPage;
                     }

Modified: ofbiz/trunk/framework/base/src/org/ofbiz/base/util/UtilHttp.java
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/base/src/org/ofbiz/base/util/UtilHttp.java?rev=741374&r1=741373&r2=741374&view=diff
==============================================================================
--- ofbiz/trunk/framework/base/src/org/ofbiz/base/util/UtilHttp.java (original)
+++ ofbiz/trunk/framework/base/src/org/ofbiz/base/util/UtilHttp.java Fri Feb  6 02:14:19 2009
@@ -37,7 +37,6 @@
 import java.util.Enumeration;
 import java.util.HashMap;
 import java.util.HashSet;
-import java.util.Iterator;
 import java.util.List;
 import java.util.Locale;
 import java.util.Map;
@@ -97,22 +96,29 @@
      * @return The resulting Map
      */
     public static Map<String, Object> getParameterMap(HttpServletRequest request) {
-        return getParameterMap(request, null);
+        return getParameterMap(request, null, null);
+    }
+
+    public static Map<String, Object> getParameterMap(HttpServletRequest request, Set<? extends String> nameSet) {
+        return getParameterMap(request, nameSet, null);
     }
 
     /**
      * Create a map from a HttpServletRequest (parameters) object
+     * @param onlyIncludeOrSkip If true only include, if false skip, the named parameters in the nameSet. If this is null and nameSet is not null, default to skip.
      * @return The resulting Map
      */
-    public static Map<String, Object> getParameterMap(HttpServletRequest request, Set<? extends String> namesToSkip) {
+    public static Map<String, Object> getParameterMap(HttpServletRequest request, Set<? extends String> nameSet, Boolean onlyIncludeOrSkip) {
+        boolean onlyIncludeOrSkipPrim = onlyIncludeOrSkip == null ? true : onlyIncludeOrSkip.booleanValue();
         Map<String, Object> paramMap = FastMap.newInstance();
 
         // add all the actual HTTP request parameters
-        Enumeration e = request.getParameterNames();
+        Enumeration<String> e = request.getParameterNames();
         while (e.hasMoreElements()) {
             String name = (String) e.nextElement();
-            if (namesToSkip != null && namesToSkip.contains(name))
+            if (nameSet != null && (onlyIncludeOrSkipPrim ^ nameSet.contains(name))) {
                 continue;
+            }
 
             Object value = null;
             String[] paramArr = request.getParameterValues(name);
@@ -126,7 +132,52 @@
             }
             paramMap.put(name, value);
         }
+        
+        paramMap.putAll(getPathInfoOnlyParameterMap(request, nameSet, onlyIncludeOrSkip));
 
+        if (paramMap.size() == 0) {
+            // nothing found in the parameters; maybe we read the stream instead
+            Map<String, Object> multiPartMap = UtilGenerics.checkMap(request.getAttribute("multiPartMap"));
+            if (UtilValidate.isNotEmpty(multiPartMap)) {
+                paramMap.putAll(multiPartMap);
+            }
+        }
+
+        if (Debug.verboseOn()) {
+            Debug.logVerbose("Made Request Parameter Map with [" + paramMap.size() + "] Entries", module);
+            Debug.logVerbose("Request Parameter Map Entries: " + System.getProperty("line.separator") + UtilMisc.printMap(paramMap), module);
+        }
+        
+        return paramMap;
+    }
+    
+    public static Map<String, Object> getQueryStringOnlyParameterMap(HttpServletRequest request) {
+        Map<String, Object> paramMap = FastMap.newInstance();
+        String queryString = request.getQueryString();
+        if (UtilValidate.isNotEmpty(queryString)) {
+            StringTokenizer queryTokens = new StringTokenizer(queryString, "&");
+            while (queryTokens.hasMoreTokens()) {
+                String token = queryTokens.nextToken();
+                if (token.startsWith("amp;")) {
+                    // this is most likely a split value that had an &amp; in it, so don't consider this a name; note that some old code just stripped the "amp;" and went with it
+                    //token = token.substring(4);
+                    continue;
+                }
+                int equalsIndex = token.indexOf("=");
+                String name = token;
+                if (equalsIndex > 0) {
+                    name = token.substring(0, equalsIndex);
+                    paramMap.put(name, request.getParameter(name));
+                }
+            }
+        }
+        return paramMap;
+    }
+    
+    public static Map<String, Object> getPathInfoOnlyParameterMap(HttpServletRequest request, Set<? extends String> nameSet, Boolean onlyIncludeOrSkip) {
+        boolean onlyIncludeOrSkipPrim = onlyIncludeOrSkip == null ? true : onlyIncludeOrSkip.booleanValue();
+        Map<String, Object> paramMap = FastMap.newInstance();
+        
         // now add in all path info parameters /~name1=value1/~name2=value2/
         // note that if a parameter with a given name already exists it will be put into a list with all values
         String pathInfoStr = request.getPathInfo();
@@ -142,6 +193,10 @@
                 last = current;
                 if (element.charAt(0) == '~' && element.indexOf('=') > -1) {
                     String name = element.substring(1, element.indexOf('='));
+                    if (nameSet != null && (onlyIncludeOrSkipPrim ^ nameSet.contains(name))) {
+                        continue;
+                    }
+
                     String value = element.substring(element.indexOf('=') + 1);
                     Object curValue = paramMap.get(name);
                     if (curValue != null) {
@@ -162,22 +217,15 @@
                 }
             }
         }
-
-        if (paramMap.size() == 0) {
-            // nothing found in the parameters; maybe we read the stream instead
-            Map<String, Object> multiPartMap = UtilGenerics.checkMap(request.getAttribute("multiPartMap"));
-            if (UtilValidate.isNotEmpty(multiPartMap)) {
-                paramMap.putAll(multiPartMap);
-            }
-        }
-
-        if (Debug.verboseOn()) {
-            Debug.logVerbose("Made Request Parameter Map with [" + paramMap.size() + "] Entries", module);
-            Debug.logVerbose("Request Parameter Map Entries: " + System.getProperty("line.separator") + UtilMisc.printMap(paramMap), module);
-        }
         
         return paramMap;
     }
+    
+    public static Map<String, Object> getUrlOnlyParameterMap(HttpServletRequest request) {
+        Map<String, Object> paramMap = getQueryStringOnlyParameterMap(request);
+        paramMap.putAll(getPathInfoOnlyParameterMap(request, null, null));
+        return paramMap;
+    }
 
     /**
      * Create a map from a HttpRequest (attributes) object
@@ -960,7 +1008,7 @@
         }
         return retStr;
     }
-
+    
     /**
      * Given multi form data with the ${param}_o_N notation, creates a Collection
      * of Maps for the submitted rows. Each Map contains the key/value pairs

Modified: ofbiz/trunk/framework/common/webcommon/WEB-INF/common-controller.xml
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/common/webcommon/WEB-INF/common-controller.xml?rev=741374&r1=741373&r2=741374&view=diff
==============================================================================
--- ofbiz/trunk/framework/common/webcommon/WEB-INF/common-controller.xml (original)
+++ ofbiz/trunk/framework/common/webcommon/WEB-INF/common-controller.xml Fri Feb  6 02:14:19 2009
@@ -77,7 +77,7 @@
     <request-map uri="logout">
         <security https="true" auth="true"/>
         <event type="java" path="org.ofbiz.webapp.control.LoginWorker" invoke="logout"/>
-        <response name="success" type="request" value="checkLogin"/>
+        <response name="success" type="request-redirect" value="main"/>
         <response name="error" type="view" value="main"/>
     </request-map>
     <request-map uri="forgotPassword">

Modified: ofbiz/trunk/framework/common/webcommon/includes/header.ftl
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/common/webcommon/includes/header.ftl?rev=741374&r1=741373&r2=741374&view=diff
==============================================================================
--- ofbiz/trunk/framework/common/webcommon/includes/header.ftl (original)
+++ ofbiz/trunk/framework/common/webcommon/includes/header.ftl Fri Feb  6 02:14:19 2009
@@ -106,10 +106,8 @@
         <li>
           <#if person?has_content>
             ${uiLabelMap.CommonWelcome} ${person.firstName?if_exists} ${person.middleName?if_exists} ${person.lastName?if_exists} [${userLogin.userLoginId}]
-            <#if defaultOrganizationPartyId?exists>${uiLabelMap.CommonDefaultOrganizationPartyId} : ${defaultOrganizationPartyGroupName?if_exists} [${defaultOrganizationPartyId}]</#if>
           <#elseif partyGroup?has_content>
             ${uiLabelMap.CommonWelcome} ${partyGroup.groupName?if_exists} [${userLogin.userLoginId}]
-            <#if defaultOrganizationPartyId?exists>${uiLabelMap.CommonDefaultOrganizationPartyId} : ${defaultOrganizationPartyGroupName?if_exists} [${defaultOrganizationPartyId}]</#if>
           <#else>
             ${uiLabelMap.CommonWelcome}!
           </#if>
@@ -134,27 +132,23 @@
         <li class="control-area"<#if layoutSettings.headerRightBackgroundUrl?has_content> background="${layoutSettings.headerRightBackgroundUrl}"</#if>>
           <#if userLogin?exists>
             <p class="expanded">
+              <#if person?has_content>
+                ${uiLabelMap.CommonWelcome} ${person.firstName?if_exists} ${person.lastName?if_exists}
+              <#elseif partyGroup?has_content>
+                ${uiLabelMap.CommonWelcome} ${partyGroup.groupName?if_exists}
+              </#if>
+              [${userLogin.userLoginId}]
               <a href="<@ofbizUrl>logout</@ofbizUrl>">${uiLabelMap.CommonLogout}</a>&nbsp;&nbsp;
               <a href="setUserPreference?userPrefGroupTypeId=GLOBAL_PREFERENCES&amp;userPrefTypeId=COMPACT_HEADER&amp;userPrefValue=Y">&nbsp;&nbsp;</a>
             </p>
-          </#if>
-          <p>
-          <#if person?has_content>
-            ${uiLabelMap.CommonWelcome} ${person.firstName?if_exists} ${person.lastName?if_exists} [${userLogin.userLoginId}]
-          </p>
-            <#if defaultOrganizationPartyId?exists><p>${uiLabelMap.CommonDefaultOrganizationPartyId} : ${defaultOrganizationPartyGroupName?if_exists} [${defaultOrganizationPartyId}]</p></#if>
-          <#elseif partyGroup?has_content>
-            ${uiLabelMap.CommonWelcome} ${partyGroup.groupName?if_exists} [${userLogin.userLoginId}]
-          </p>
             <#if defaultOrganizationPartyId?exists><p>${uiLabelMap.CommonDefaultOrganizationPartyId} : ${defaultOrganizationPartyGroupName?if_exists} [${defaultOrganizationPartyId}]</p></#if>
-          <#else>
+          <#else/>
+            <p>
             ${uiLabelMap.CommonWelcome}! <a href="<@ofbizUrl>${checkLoginUrl}</@ofbizUrl>">${uiLabelMap.CommonLogin}</a>
-          </p>
+            </p>
           </#if>
           <ul id="preferences-menu">
-<!--
-            <li class="first"><a href="<@ofbizUrl>Preferences</@ofbizUrl>">${uiLabelMap.CommonPreferences}</a></li>
--->
+            <!-- <li class="first"><a href="<@ofbizUrl>Preferences</@ofbizUrl>">${uiLabelMap.CommonPreferences}</a></li> -->
             <li class="first"><a href="<@ofbizUrl>LookupLocales</@ofbizUrl>">${uiLabelMap.CommonLanguageTitle} : ${locale.getDisplayName(locale)}</a></li>
             <#if userLogin?exists>
               <li><a href="<@ofbizUrl>LookupVisualThemes</@ofbizUrl>">${uiLabelMap.CommonVisualThemes}</a></li>
@@ -163,5 +157,5 @@
         </li>
       </#if>
     </ul>
-    <br class="clear" />
+    <br class="clear"/>
   </div>

Modified: ofbiz/trunk/framework/common/webcommon/login.ftl
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/common/webcommon/login.ftl?rev=741374&r1=741373&r2=741374&view=diff
==============================================================================
--- ofbiz/trunk/framework/common/webcommon/login.ftl (original)
+++ ofbiz/trunk/framework/common/webcommon/login.ftl Fri Feb  6 02:14:19 2009
@@ -19,11 +19,6 @@
 
 <#if requestAttributes.uiLabelMap?exists><#assign uiLabelMap = requestAttributes.uiLabelMap></#if>
 
-<#assign previousParams = sessionAttributes._PREVIOUS_PARAMS_?if_exists>
-<#if previousParams?has_content>
-  <#assign previousParams = "?" + previousParams>
-</#if>
-
 <#assign username = requestParameters.USERNAME?default((sessionAttributes.autoUserLogin.userLoginId)?default(""))>
 <#if username != "">
   <#assign focusName = false>
@@ -36,7 +31,7 @@
       <h3>${uiLabelMap.CommonRegistered}</h3>
     </div>
     <div class="screenlet-body">
-      <form method="post" action="<@ofbizUrl>login${previousParams?if_exists}</@ofbizUrl>" name="loginform">
+      <form method="post" action="<@ofbizUrl>login</@ofbizUrl>" name="loginform">
         <table class="basic-table" cellspacing="0">
           <tr>
             <td class="label">${uiLabelMap.CommonUsername}</td>

Modified: ofbiz/trunk/framework/example/webapp/example/WEB-INF/controller.xml
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/example/webapp/example/WEB-INF/controller.xml?rev=741374&r1=741373&r2=741374&view=diff
==============================================================================
--- ofbiz/trunk/framework/example/webapp/example/WEB-INF/controller.xml (original)
+++ ofbiz/trunk/framework/example/webapp/example/WEB-INF/controller.xml Fri Feb  6 02:14:19 2009
@@ -60,20 +60,24 @@
     <request-map uri="createExample">
         <security https="true" auth="true"/>
         <event type="service" invoke="createExample"/>
-        <response name="success" type="view" value="EditExample"/>
+        <response name="success" type="request-redirect" value="EditExample">
+            <redirect-parameter name="exampleId"/>
+        </response>
         <response name="error" type="view" value="EditExample"/>
     </request-map>
     <request-map uri="updateExample">
         <security https="true" auth="true"/>
         <event type="service" invoke="updateExample"/>
-        <response name="success" type="view" value="EditExample"/>
+        <response name="success" type="request-redirect" value="EditExample">
+            <redirect-parameter name="exampleId"/>
+        </response>
         <response name="error" type="view" value="EditExample"/>
     </request-map>
     <request-map uri="createExampleAjax">
         <security https="true" auth="true"/>
         <event type="jsonservice" invoke="createExample"/>
-        <response name="success" type="none" value="findExampleAjax"/>
-        <response name="error" type="none" value="findExampleAjax"/>
+        <response name="success" type="none"/>
+        <response name="error" type="none"/>
     </request-map>
     <request-map uri="updateExampleAjax">
         <security https="true" auth="true"/>
@@ -86,19 +90,25 @@
     <request-map uri="createExampleItem">
         <security https="true" auth="true"/>
         <event type="service" invoke="createExampleItem"/>
-        <response name="success" type="view" value="EditExampleItems"/>
+        <response name="success" type="request-redirect" value="EditExampleItems">
+            <redirect-parameter name="exampleId"/>
+        </response>
         <response name="error" type="view" value="EditExampleItems"/>
     </request-map>
     <request-map uri="updateExampleItem">
         <security https="true" auth="true"/>
         <event type="service" invoke="updateExampleItem"/>
-        <response name="success" type="view" value="EditExampleItems"/>
+        <response name="success" type="request-redirect" value="EditExampleItems">
+            <redirect-parameter name="exampleId"/>
+        </response>
         <response name="error" type="view" value="EditExampleItems"/>
     </request-map>
     <request-map uri="deleteExampleItem">
         <security https="true" auth="true"/>
         <event type="service" invoke="deleteExampleItem"/>
-        <response name="success" type="view" value="EditExampleItems"/>
+        <response name="success" type="request-redirect" value="EditExampleItems">
+            <redirect-parameter name="exampleId"/>
+        </response>
         <response name="error" type="view" value="EditExampleItems"/>
     </request-map>
 
@@ -106,19 +116,25 @@
     <request-map uri="example_createExampleFeatureAppl">
         <security https="true" auth="true"/>
         <event type="service" invoke="createExampleFeatureAppl"/>
-        <response name="success" type="view" value="EditExampleFeatureAppls"/>
+        <response name="success" type="request-redirect" value="EditExampleFeatureAppls">
+            <redirect-parameter name="exampleId"/>
+        </response>
         <response name="error" type="view" value="EditExampleFeatureAppls"/>
     </request-map>
     <request-map uri="example_updateExampleFeatureAppl">
         <security https="true" auth="true"/>
         <event type="service" invoke="updateExampleFeatureAppl"/>
-        <response name="success" type="view" value="EditExampleFeatureAppls"/>
+        <response name="success" type="request-redirect" value="EditExampleFeatureAppls">
+            <redirect-parameter name="exampleId"/>
+        </response>
         <response name="error" type="view" value="EditExampleFeatureAppls"/>
     </request-map>
     <request-map uri="example_deleteExampleFeatureAppl">
         <security https="true" auth="true"/>
         <event type="service" invoke="deleteExampleFeatureAppl"/>
-        <response name="success" type="view" value="EditExampleFeatureAppls"/>
+        <response name="success" type="request-redirect" value="EditExampleFeatureAppls">
+            <redirect-parameter name="exampleId"/>
+        </response>
         <response name="error" type="view" value="EditExampleFeatureAppls"/>
     </request-map>
 
@@ -128,13 +144,17 @@
     <request-map uri="createExampleFeature">
         <security https="true" auth="true"/>
         <event type="service" invoke="createExampleFeature"/>
-        <response name="success" type="view" value="EditExampleFeature"/>
+        <response name="success" type="request-redirect" value="EditExampleFeature">
+            <redirect-parameter name="exampleId"/>
+        </response>
         <response name="error" type="view" value="EditExampleFeature"/>
     </request-map>
     <request-map uri="updateExampleFeature">
         <security https="true" auth="true"/>
         <event type="service" invoke="updateExampleFeature"/>
-        <response name="success" type="view" value="EditExampleFeature"/>
+        <response name="success" type="request-redirect" value="EditExampleFeature">
+            <redirect-parameter name="exampleId"/>
+        </response>
         <response name="error" type="view" value="EditExampleFeature"/>
     </request-map>
     
@@ -142,19 +162,25 @@
     <request-map uri="feature_createExampleFeatureAppl">
         <security https="true" auth="true"/>
         <event type="service" invoke="createExampleFeatureAppl"/>
-        <response name="success" type="view" value="EditExampleFeatureExampleAppls"/>
+        <response name="success" type="request-redirect" value="EditExampleFeatureExampleAppls">
+            <redirect-parameter name="exampleId"/>
+        </response>
         <response name="error" type="view" value="EditExampleFeatureExampleAppls"/>
     </request-map>
     <request-map uri="feature_updateExampleFeatureAppl">
         <security https="true" auth="true"/>
         <event type="service" invoke="updateExampleFeatureAppl"/>
-        <response name="success" type="view" value="EditExampleFeatureExampleAppls"/>
+        <response name="success" type="request-redirect" value="EditExampleFeatureExampleAppls">
+            <redirect-parameter name="exampleId"/>
+        </response>
         <response name="error" type="view" value="EditExampleFeatureExampleAppls"/>
     </request-map>
     <request-map uri="feature_deleteExampleFeatureAppl">
         <security https="true" auth="true"/>
         <event type="service" invoke="deleteExampleFeatureAppl"/>
-        <response name="success" type="view" value="EditExampleFeatureExampleAppls"/>
+        <response name="success" type="request-redirect" value="EditExampleFeatureExampleAppls">
+            <redirect-parameter name="exampleId"/>
+        </response>
         <response name="error" type="view" value="EditExampleFeatureExampleAppls"/>
     </request-map>
     <request-map uri="findExampleFeatures">

Modified: ofbiz/trunk/framework/webapp/dtd/site-conf.xsd
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/webapp/dtd/site-conf.xsd?rev=741374&r1=741373&r2=741374&view=diff
==============================================================================
--- ofbiz/trunk/framework/webapp/dtd/site-conf.xsd (original)
+++ ofbiz/trunk/framework/webapp/dtd/site-conf.xsd Fri Feb  6 02:14:19 2009
@@ -231,6 +231,9 @@
     </xs:attributeGroup>
     <xs:element name="response">
         <xs:complexType>
+            <xs:sequence>
+                <xs:element minOccurs="0" maxOccurs="unbounded" ref="redirect-parameter"/>
+            </xs:sequence>
             <xs:attributeGroup ref="attlist.response"/>
         </xs:complexType>
     </xs:element>
@@ -250,6 +253,18 @@
         </xs:attribute>
         <xs:attribute type="xs:string" name="value"/>
     </xs:attributeGroup>
+    <xs:element name="redirect-parameter">
+        <xs:annotation><xs:documentation>Adds a parameter with the given name to the redirect. Finds value in a request attribute if exists, or a request parameter if no attribute is found.</xs:documentation></xs:annotation>
+        <xs:complexType>
+            <xs:attributeGroup ref="attlist.redirect-parameter"/>
+        </xs:complexType>
+    </xs:element>
+    <xs:attributeGroup name="attlist.redirect-parameter">
+        <xs:attribute type="xs:string" name="name" use="required"/>
+        <xs:attribute type="xs:string" name="from" use="optional">
+            <xs:annotation><xs:documentation>If specified used instead of the value of name for the key to find a request attribute or parameter.</xs:documentation></xs:annotation>
+        </xs:attribute>
+    </xs:attributeGroup>
     <xs:element name="view-map">
         <xs:complexType>
             <xs:sequence>

Modified: ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/ConfigXMLReader.java
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/ConfigXMLReader.java?rev=741374&r1=741373&r2=741374&view=diff
==============================================================================
--- ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/ConfigXMLReader.java (original)
+++ ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/ConfigXMLReader.java Fri Feb  6 02:14:19 2009
@@ -22,11 +22,12 @@
 import java.io.IOException;
 import java.net.MalformedURLException;
 import java.net.URL;
-import java.util.Iterator;
 import java.util.List;
 import java.util.Map;
 import java.util.Set;
 
+import javax.servlet.ServletContext;
+
 import javolution.util.FastList;
 import javolution.util.FastMap;
 import javolution.util.FastSet;
@@ -35,7 +36,6 @@
 import org.ofbiz.base.util.Debug;
 import org.ofbiz.base.util.FileUtil;
 import org.ofbiz.base.util.GeneralException;
-import static org.ofbiz.base.util.UtilGenerics.checkMap;
 import org.ofbiz.base.util.UtilHttp;
 import org.ofbiz.base.util.UtilValidate;
 import org.ofbiz.base.util.UtilXml;
@@ -49,9 +49,20 @@
 public class ConfigXMLReader {
 
     public static final String module = ConfigXMLReader.class.getName();
+    public static final String controllerXmlFileName = "/WEB-INF/controller.xml";
+    
     public static UtilCache<URL, ControllerConfig> controllerCache = new UtilCache<URL, ControllerConfig>("webapp.ControllerConfig");
     public static UtilCache<String, List<ControllerConfig>> controllerSearchResultsCache = new UtilCache<String, List<ControllerConfig>>("webapp.ControllerSearchResults");
 
+    public static URL getControllerConfigURL(ServletContext context) {
+        try {
+            return context.getResource(controllerXmlFileName);
+        } catch(MalformedURLException e) {
+            Debug.logError(e, "Error Finding XML Config File: " + controllerXmlFileName, module);
+            return null;
+        }
+    }
+    
     public static ControllerConfig getControllerConfig(URL url) {
         ControllerConfig controllerConfig = controllerCache.get(url);
         if (controllerConfig == null) { // don't want to block here
@@ -70,24 +81,193 @@
     public static class ControllerConfig {
         public URL url;
         
-        public Map<String, Object> configMap = FastMap.newInstance();
-        public Map<String, Map<String, String>> handlerMap = FastMap.newInstance();
-        public Map<String, Map<String, Object>> requestMap = FastMap.newInstance();
-        public Map<String, Map<String, String>> viewMap = FastMap.newInstance();
-        public String defaultRequest = null;
+        public String errorpage;
+        public String protectView;
+        public String owner;
+        public String securityClass;
+        public String defaultRequest;
+        
+        public List<Event> firstVisitEventList = FastList.newInstance();
+        public List<Event> preprocessorEventList = FastList.newInstance();
+        public List<Event> postprocessorEventList = FastList.newInstance();
+        public List<Event> afterLoginEventList = FastList.newInstance();
+        public List<Event> beforeLogoutEventList = FastList.newInstance();
+        
+        public Map<String, String> eventHandlerMap = FastMap.newInstance();
+        public Map<String, String> viewHandlerMap = FastMap.newInstance();
+
+        public Map<String, RequestMap> requestMapMap = FastMap.newInstance();
+        public Map<String, ViewMap> viewMapMap = FastMap.newInstance();
 
         public ControllerConfig(URL url) {
             this.url = url;
             
             Element rootElement = loadDocument(url);
             if (rootElement != null) {
-                this.configMap = loadConfigMap(rootElement, url);
-                this.handlerMap = loadHandlerMap(rootElement, url);
-                this.requestMap = loadRequestMap(rootElement, url);
-                this.viewMap = loadViewMap(rootElement, url);
-                this.defaultRequest = loadDefaultRequest(rootElement, url);
+                loadIncludes(rootElement);
+                
+                loadGeneralConfig(rootElement);
+                loadHandlerMap(rootElement);
+                loadRequestMap(rootElement);
+                loadViewMap(rootElement);
+            }
+        }
+        
+        protected void absorbControllerConfig(ControllerConfig controllerConfig) {
+            // copy/add all data except the url
+            
+            this.errorpage = controllerConfig.errorpage;
+            this.protectView = controllerConfig.protectView;
+            this.owner = controllerConfig.owner;
+            this.securityClass = controllerConfig.securityClass;
+            this.defaultRequest = controllerConfig.defaultRequest;
+            
+            this.firstVisitEventList.addAll(controllerConfig.firstVisitEventList);
+            this.preprocessorEventList.addAll(controllerConfig.preprocessorEventList);
+            this.postprocessorEventList.addAll(controllerConfig.postprocessorEventList);
+            this.afterLoginEventList.addAll(controllerConfig.afterLoginEventList);
+            this.beforeLogoutEventList.addAll(controllerConfig.beforeLogoutEventList);
+            
+            this.eventHandlerMap.putAll(controllerConfig.eventHandlerMap);
+            this.viewHandlerMap.putAll(controllerConfig.viewHandlerMap);
+            
+            this.requestMapMap.putAll(controllerConfig.requestMapMap);
+            this.viewMapMap.putAll(controllerConfig.viewMapMap);
+        }
+        
+        protected void loadIncludes(Element rootElement) {
+            for (Element includeElement: UtilXml.childElementList(rootElement, "include")) {
+                String includeLocation = includeElement.getAttribute("location");
+                if (UtilValidate.isNotEmpty(includeLocation)) {
+                    try {
+                        ControllerConfig controllerConfig = getControllerConfig(FlexibleLocation.resolveLocation(includeLocation));
+                        this.absorbControllerConfig(controllerConfig);
+                    } catch (MalformedURLException mue) {
+                        Debug.logError(mue, "Error processing include at [" + includeLocation + "]:" + mue.toString(), module);
+                    }
+                }
             }
         }
+
+        protected void loadGeneralConfig(Element rootElement) {
+            long startTime = System.currentTimeMillis();
+            if (rootElement == null) {
+                rootElement = loadDocument(this.url);
+            }
+            
+            this.errorpage = UtilXml.childElementValue(rootElement, "errorpage");
+            Element protectElement = UtilXml.firstChildElement(rootElement, "protect");
+            if (protectElement != null) {
+                this.protectView = protectElement.getAttribute("view");
+            }
+            this.owner = UtilXml.childElementValue(rootElement, "owner");
+            this.securityClass = UtilXml.childElementValue(rootElement, "security-class");
+            Element defaultRequestElement = UtilXml.firstChildElement(rootElement, "default-request");
+            if (defaultRequestElement != null) {
+                this.defaultRequest = defaultRequestElement.getAttribute("request-uri");
+            }
+            
+            // first visit event
+            Element firstvisitElement = UtilXml.firstChildElement(rootElement, "firstvisit");
+            if (firstvisitElement != null) {
+                for (Element eventElement: UtilXml.childElementList(firstvisitElement, "event")) {
+                    this.firstVisitEventList.add(new Event(eventElement));
+                }
+            }
+
+            // preprocessor events
+            Element preprocessorElement = UtilXml.firstChildElement(rootElement, "preprocessor");
+            if (preprocessorElement != null) {
+                for (Element eventElement: UtilXml.childElementList(preprocessorElement, "event")) {
+                    this.preprocessorEventList.add(new Event(eventElement));
+                }
+            }
+
+            // postprocessor events
+            Element postprocessorElement = UtilXml.firstChildElement(rootElement, "postprocessor");
+            if (postprocessorElement != null) {
+                for (Element eventElement: UtilXml.childElementList(postprocessorElement, "event")) {
+                    this.postprocessorEventList.add(new Event(eventElement));
+                }
+            }
+
+            // after-login events
+            Element afterLoginElement = UtilXml.firstChildElement(rootElement, "after-login");
+            if (afterLoginElement != null) {
+                for (Element eventElement: UtilXml.childElementList(afterLoginElement, "event")) {
+                    this.afterLoginEventList.add(new Event(eventElement));
+                }
+            }
+
+            // before-logout events
+            Element beforeLogoutElement = UtilXml.firstChildElement(rootElement, "before-logout");
+            if (beforeLogoutElement != null) {
+                for (Element eventElement: UtilXml.childElementList(beforeLogoutElement, "event")) {
+                    this.beforeLogoutEventList.add(new Event(eventElement));
+                }
+            }
+
+            double totalSeconds = (System.currentTimeMillis() - startTime)/1000.0;
+            long totalRecords = this.firstVisitEventList.size() + this.preprocessorEventList.size() + this.postprocessorEventList.size() + this.afterLoginEventList.size() + this.beforeLogoutEventList.size();
+            if (Debug.infoOn()) Debug.logInfo("General Configuration Loaded: (" + totalRecords + ") records in " + totalSeconds + "s", module);
+        }
+        
+        public void loadHandlerMap(Element rootElement) {
+            long startTime = System.currentTimeMillis();
+            if (rootElement == null) {
+                rootElement = loadDocument(this.url);
+            }
+            if (rootElement == null) return;
+
+            for (Element handlerElement: UtilXml.childElementList(rootElement, "handler")) {
+                String name = handlerElement.getAttribute("name");
+                String type = handlerElement.getAttribute("type");
+                String className = handlerElement.getAttribute("class");
+                
+                if ("view".equals(type)) {
+                    this.viewHandlerMap.put(name, className);
+                } else {
+                    this.eventHandlerMap.put(name, className);
+                }
+            }
+
+            double totalSeconds = (System.currentTimeMillis() - startTime)/1000.0;
+            if (Debug.infoOn()) Debug.logInfo("View and Event Handler Maps Created: (" + this.viewHandlerMap.size() + ") view handlers and (" + this.eventHandlerMap.size() + ") request/event handlers in " + totalSeconds + "s", module);
+        }
+
+        public void loadRequestMap(Element root) {
+            long startTime = System.currentTimeMillis();
+            if (root == null) {
+                root = loadDocument(this.url);
+            }
+            if (root == null) return;
+
+            for (Element requestMapElement: UtilXml.childElementList(root, "request-map")) {
+                RequestMap requestMap = new RequestMap(requestMapElement);
+                this.requestMapMap.put(requestMap.uri, requestMap);
+            }
+
+            double totalSeconds = (System.currentTimeMillis() - startTime)/1000.0;
+            if (Debug.infoOn()) Debug.logInfo("RequestMap Created: (" + this.requestMapMap.size() + ") records in " + totalSeconds + "s", module);
+        }
+        
+        public void loadViewMap(Element rootElement) {
+            long startTime = System.currentTimeMillis();
+            if (rootElement == null) {
+                rootElement = loadDocument(this.url);
+            }
+
+            if (rootElement == null) return;
+
+            for (Element viewMapElement: UtilXml.childElementList(rootElement, "view-map")) {
+                ViewMap viewMap = new ViewMap(viewMapElement);
+                this.viewMapMap.put(viewMap.name, viewMap);
+            }
+
+            double totalSeconds = (System.currentTimeMillis() - startTime)/1000.0;
+            if (Debug.infoOn()) Debug.logInfo("ViewMap Created: (" + this.viewMapMap.size() + ") records in " + totalSeconds + "s", module);
+        }
+
     }
     
     public static Set<String> findControllerFilesWithRequest(String requestUri, String controllerPartialPath) throws GeneralException {
@@ -126,7 +306,7 @@
         if (controllerConfigs != null) {
             for (ControllerConfig cc: controllerConfigs) {
                 // make sure it has the named request in it
-                if (cc.requestMap.get(requestUri) != null) {
+                if (cc.requestMapMap.get(requestUri) != null) {
                     String requestUniqueId = cc.url.toExternalForm() + "#" + requestUri;
                     allControllerRequestSet.add(requestUniqueId);
                     // Debug.logInfo("========== In findControllerFilesWithRequest found controller with request here [" + requestUniqueId + "]", module);
@@ -169,65 +349,6 @@
         }
     }
 
-    /** Site Config Variables */
-    public static final String DEFAULT_ERROR_PAGE = "errorpage";
-    public static final String DEFAULT_PROTECT_VIEW = "protect";
-    public static final String SITE_OWNER = "owner";
-    public static final String SECURITY_CLASS = "security-class";
-    public static final String FIRSTVISIT = "firstvisit";
-    public static final String PREPROCESSOR = "preprocessor";
-    public static final String POSTPROCESSOR = "postprocessor";
-
-    /** URI Config Variables */
-    public static final String INCLUDE = "include";
-    public static final String INCLUDE_LOCATION = "location";
-
-    public static final String DEFAULT_REQUEST = "default-request";
-    public static final String REQUEST_MAPPING = "request-map";
-    public static final String REQUEST_URI = "uri";
-    public static final String REQUEST_EDIT = "edit";
-    public static final String REQUEST_TRACK_STATS = "track-serverhit";
-    public static final String REQUEST_TRACK_VISIT = "track-visit";
-
-    public static final String REQUEST_DESCRIPTION = "description";
-    public static final String ERROR_PAGE_DEFAULT = "error";
-    public static final String NEXT_PAGE_DEFAULT = "success";
-
-    public static final String SECURITY = "security";
-    public static final String SECURITY_HTTPS = "https";
-    public static final String SECURITY_AUTH = "auth";
-    public static final String SECURITY_CERT = "cert";    
-    public static final String SECURITY_EXTVIEW = "external-view";
-    public static final String SECURITY_DIRECT = "direct-request";
-
-    public static final String EVENT = "event";
-    public static final String EVENT_PATH = "path";
-    public static final String EVENT_TYPE = "type";
-    public static final String EVENT_METHOD = "invoke";
-    public static final String EVENT_GLOBAL_TRANSACTION = "global-transaction";
-
-    public static final String RESPONSE = "response";
-    public static final String RESPONSE_NAME = "name";
-    public static final String RESPONSE_TYPE = "type";
-    public static final String RESPONSE_VALUE = "value";
-    public static final String RESPONSE_MAP = "response-map";
-
-    /** View Config Variables */
-    public static final String VIEW_MAPPING = "view-map";
-    public static final String VIEW_NAME = "name";
-    public static final String VIEW_PAGE = "page";
-    public static final String VIEW_TYPE = "type";
-    public static final String VIEW_INFO = "info";
-    public static final String VIEW_CONTENT_TYPE = "content-type";
-    public static final String VIEW_ENCODING = "encoding";
-    public static final String VIEW_DESCRIPTION = "description";
-
-    /** Handler Config Variables */
-    public static final String HANDLER = "handler";
-    public static final String HANDLER_NAME = "name";
-    public static final String HANDLER_TYPE = "type";
-    public static final String HANDLER_CLASS = "class";
-    
     /** Loads the XML file and returns the root element */
     public static Element loadDocument(URL location) {
         Document document;
@@ -242,543 +363,128 @@
         }
         return null;
     }
+    
+    public static class RequestMap {
+        public String uri;
+        public boolean edit;
+        public boolean trackVisit;
+        public boolean trackServerHit;
+        public String description;
+        
+        public Event event;
+        
+        public boolean securityHttps;
+        public boolean securityAuth;
+        public boolean securityCert;
+        public boolean securityExternalView;
+        public boolean securityDirectRequest;
+                
+        public Map<String, RequestResponse> requestResponseMap = FastMap.newInstance();
 
-    /** Gets a Map of request mappings. */
-    public static Map<String, Map<String, Object>> getRequestMap(URL xml) {
-        ControllerConfig controllerConfig = getControllerConfig(xml);
-        return controllerConfig != null ? controllerConfig.requestMap : null;
-    }
-
-    /** Gets a FastMap of request mappings. */
-    public static Map<String, Map<String, Object>> loadRequestMap(Element root, URL xml) {
-        long startTime = System.currentTimeMillis();
-        Map<String, Map<String, Object>> map = FastMap.newInstance();
-        if (root == null) {
-            root = loadDocument(xml);
-        }
-
-        if (root == null) return map;
-
-        for (Element includeElement: UtilXml.childElementList(root, INCLUDE)) {
-            String includeLocation = includeElement.getAttribute(INCLUDE_LOCATION);
-            if ((includeLocation != null) && (includeLocation.length() > 0)) {
-                try {
-                    Map<String, Map<String, Object>> subMap = loadRequestMap(null, FlexibleLocation.resolveLocation(includeLocation));
-                    map.putAll(subMap);
-                } catch (MalformedURLException mue) {
-                    Debug.logError(mue, "Error processing include at [" + includeLocation + "]:" + mue.toString(), module);
-                }
-            }
-        }
-
-        for (Element requestMapElement: UtilXml.childElementList(root, REQUEST_MAPPING)) {
-            
-            // Create a URI-MAP for each element found.
-            Map<String, Object> uriMap = FastMap.newInstance();
+        /*
+        public static final String ERROR_PAGE_DEFAULT = "error";
+        public static final String NEXT_PAGE_DEFAULT = "success";
+        */
+        
+        public RequestMap(Element requestMapElement) {
 
-            // Get the URI info.
-            String uri = requestMapElement.getAttribute(REQUEST_URI);
-            String edit = requestMapElement.getAttribute(REQUEST_EDIT);
-            String stats = requestMapElement.getAttribute(REQUEST_TRACK_STATS);
-            String visit = requestMapElement.getAttribute(REQUEST_TRACK_VISIT);
-
-            if (edit == null || edit.equals(""))
-                edit = "true";
-            if (uri != null) {
-                uriMap.put(REQUEST_URI, uri);
-                uriMap.put(REQUEST_EDIT, edit);
-                uriMap.put(REQUEST_TRACK_STATS, stats);
-                uriMap.put(REQUEST_TRACK_VISIT, visit);
-            }
+            // Get the URI info
+            this.uri = requestMapElement.getAttribute("uri");
+            this.edit = !"false".equals(requestMapElement.getAttribute("edit"));
+            this.trackServerHit = !"false".equals(requestMapElement.getAttribute("track-serverhit"));
+            this.trackVisit = !"false".equals(requestMapElement.getAttribute("track-visit"));
 
-            // Check for security.
-            Element securityElement = UtilXml.firstChildElement(requestMapElement, SECURITY);
+            // Check for security
+            Element securityElement = UtilXml.firstChildElement(requestMapElement, "security");
             if (securityElement != null) {
-                String securityHttps = securityElement.getAttribute(SECURITY_HTTPS);
-                String securityAuth = securityElement.getAttribute(SECURITY_AUTH);
-                String securityCert = securityElement.getAttribute(SECURITY_CERT);
-                String securityExtView = securityElement.getAttribute(SECURITY_EXTVIEW);
-                String securityDirectRequest = securityElement.getAttribute(SECURITY_DIRECT);
-
-                // if x509 is required so is https
-                if ("true".equalsIgnoreCase(securityCert)) {
-                    securityHttps = "true";
-                }
-                
-                uriMap.put(SECURITY_HTTPS, securityHttps);
-                uriMap.put(SECURITY_AUTH, securityAuth);
-                uriMap.put(SECURITY_CERT, securityCert);              
-                uriMap.put(SECURITY_EXTVIEW, securityExtView);
-                uriMap.put(SECURITY_DIRECT, securityDirectRequest);
+                this.securityHttps = "true".equals(securityElement.getAttribute("https"));
+                this.securityAuth = "true".equals(securityElement.getAttribute("auth"));
+                this.securityCert = "true".equals(securityElement.getAttribute("cert"));
+                this.securityExternalView = !"false".equals(securityElement.getAttribute("external-view"));
+                this.securityDirectRequest = !"false".equals(securityElement.getAttribute("direct-request"));
             }
 
-            // Check for an event.
-            Element eventElement = UtilXml.firstChildElement(requestMapElement, EVENT);
+            // Check for event
+            Element eventElement = UtilXml.firstChildElement(requestMapElement, "event");
             if (eventElement != null) {
-                String type = eventElement.getAttribute(EVENT_TYPE);
-                String path = eventElement.getAttribute(EVENT_PATH);
-                String invoke = eventElement.getAttribute(EVENT_METHOD);
-
-                uriMap.put(EVENT_TYPE, type);
-                uriMap.put(EVENT_PATH, path);
-                uriMap.put(EVENT_METHOD, invoke);
-                
-                // Check for a global-transaction attribute - default to true
-                uriMap.put(EVENT_GLOBAL_TRANSACTION, eventElement.hasAttribute(EVENT_GLOBAL_TRANSACTION) ? eventElement.getAttribute(EVENT_GLOBAL_TRANSACTION) : "true");
-            }
-
-            // Check for a description.
-            String description = UtilXml.childElementValue(requestMapElement, REQUEST_DESCRIPTION);
-            uriMap.put(REQUEST_DESCRIPTION, UtilValidate.isNotEmpty(description) ? description : "");
-
-            // Get the response(s).
-            Map<String, String> responseMap = FastMap.newInstance();
-            uriMap.put(RESPONSE_MAP, responseMap);
-            
-            for (Element responseElement: UtilXml.childElementList(requestMapElement, RESPONSE)) {
-                String name = responseElement.getAttribute(RESPONSE_NAME);
-                String type = responseElement.getAttribute(RESPONSE_TYPE);
-                String value = responseElement.getAttribute(RESPONSE_VALUE);
-                
-                responseMap.put(name, type + ":" + value);
+                this.event = new Event(eventElement);
             }
 
-            if (uri != null) {
-                map.put(uri, uriMap);
-            }
-        }
+            // Check for description
+            this.description = UtilXml.childElementValue(requestMapElement, "description");
 
-        /* Debugging */
-        if (Debug.verboseOn()) {
-            Debug.logVerbose("-------- Request Mappings --------", module);
-            //FastMap debugMap = map;
-            Set<String> debugSet = map.keySet();
-            Iterator<String> i = debugSet.iterator();
-            while (i.hasNext()) {
-                Object o = i.next();
-                String request = (String) o;
-                Map<String, Object> thisURI = map.get(o);
-
-                StringBuilder verboseMessageBuffer = new StringBuilder();
-
-                Iterator<String> debugIter = thisURI.keySet().iterator();
-                while (debugIter.hasNext()) {
-                    Object lo = debugIter.next();
-                    String name = (String) lo;
-                    String value = thisURI.get(lo).toString();
-
-                    verboseMessageBuffer.append("[").append(name).append("=>").append(value).append("]");
-                }
-                Debug.logVerbose(request + " :: " + verboseMessageBuffer.toString(), module);
+            // Get the response(s)
+            for (Element responseElement: UtilXml.childElementList(requestMapElement, "response")) {
+                RequestResponse response = new RequestResponse(responseElement);
+                requestResponseMap.put(response.name, response);
             }
-            Debug.logVerbose("------ End Request Mappings ------", module);
         }
-        /* End Debugging */
-
-        double totalSeconds = (System.currentTimeMillis() - startTime)/1000.0;
-        if (Debug.infoOn()) Debug.logInfo("RequestMap Created: (" + map.size() + ") records in " + totalSeconds + "s", module);
-        return map;
     }
-
-    /** Gets a FastMap of view mappings. */
-    public static Map<String, Map<String, String>> getViewMap(URL xml) {
-        ControllerConfig controllerConfig = getControllerConfig(xml);
-        return controllerConfig != null ? controllerConfig.viewMap : null;
-    }
-
-    /** Gets a FastMap of view mappings. */
-    public static Map<String, Map<String, String>> loadViewMap(Element root, URL xml) {
-        long startTime = System.currentTimeMillis();
-        Map<String, Map<String, String>> map = FastMap.newInstance();
-        if (root == null) {
-            root = loadDocument(xml);
-        }
-
-        if (root == null) {
-            return map;
-        }
-
-        for (Element includeElement: UtilXml.childElementList(root, INCLUDE)) {
-            String includeLocation = includeElement.getAttribute(INCLUDE_LOCATION);
-            if ((includeLocation != null) && (includeLocation.length() > 0)) {
-                try {
-                    Map<String, Map<String, String>> subMap = loadViewMap(null, FlexibleLocation.resolveLocation(includeLocation));
-                    map.putAll(subMap);
-                } catch (MalformedURLException mue) {
-                    Debug.logError(mue, "Error processing include at [" + includeLocation + "]:" + mue.toString(), module);
-                }
-            }
-        }
-
-        for (Element viewMapElement: UtilXml.childElementList(root, VIEW_MAPPING)) {
-            // Create a URI-MAP for each element found.
-            Map<String, String> uriMap = FastMap.newInstance();
-
-            // Get the view info.
-            String name = viewMapElement.getAttribute(VIEW_NAME);
-            String page = viewMapElement.getAttribute(VIEW_PAGE);
-            if (page == null || page.length() == 0) {
-                page = name;
-            }
-
-            uriMap.put(VIEW_NAME, name);
-            uriMap.put(VIEW_PAGE, page);
-            uriMap.put(VIEW_TYPE, viewMapElement.getAttribute(VIEW_TYPE));
-            uriMap.put(VIEW_INFO, viewMapElement.getAttribute(VIEW_INFO));
-            uriMap.put(VIEW_CONTENT_TYPE, viewMapElement.getAttribute(VIEW_CONTENT_TYPE));
-            uriMap.put(VIEW_ENCODING, viewMapElement.getAttribute(VIEW_ENCODING));
-
-            // Check for a description.
-            String description = UtilXml.childElementValue(viewMapElement, VIEW_DESCRIPTION);
-            uriMap.put(VIEW_DESCRIPTION, UtilValidate.isNotEmpty(description) ? description : "");
-
-            if (name != null) map.put(name, uriMap);
-        }
-
-        /* Debugging */
-        if (Debug.verboseOn()) {
-            Debug.logVerbose("-------- View Mappings --------", module);
-            //FastMap debugMap = map;
-            Set debugSet = map.keySet();
-            Iterator i = debugSet.iterator();
-    
-            while (i.hasNext()) {
-                Object o = i.next();
-                String request = (String) o;
-                Map thisURI = (Map) map.get(o);
-    
-                StringBuilder verboseMessageBuffer = new StringBuilder();
-    
-                Iterator debugIter = thisURI.keySet().iterator();
-                while (debugIter.hasNext()) {
-                    Object lo = debugIter.next();
-                    String name = (String) lo;
-                    String value = (String) thisURI.get(lo);
     
-                    verboseMessageBuffer.append("[").append(name).append("=>").append(value).append("]");
-                }
-                Debug.logVerbose(request + " :: " + verboseMessageBuffer.toString(), module);
-            }
-            Debug.logVerbose("------ End View Mappings ------", module);
+    public static class Event {
+        public String type;
+        public String path;
+        public String invoke;
+        public boolean globalTransaction;
+
+        public Event(Element eventElement) {
+            this.type = eventElement.getAttribute("type");
+            this.path = eventElement.getAttribute("path");
+            this.invoke = eventElement.getAttribute("invoke");
+            this.globalTransaction = !"false".equals(eventElement.getAttribute("global-transaction"));
         }
-        /* End Debugging */
-
-        double totalSeconds = (System.currentTimeMillis() - startTime)/1000.0;
-        if (Debug.infoOn()) Debug.logInfo("ViewMap Created: (" + map.size() + ") records in " + totalSeconds + "s", module);
-        return map;
     }
-
-    /** Gets a FastMap of site configuration variables. */
-    public static Map<String, Object> getConfigMap(URL xml) {
-        ControllerConfig controllerConfig = getControllerConfig(xml);
-        return controllerConfig != null ? controllerConfig.configMap : null;
-    }
-
-    /** Gets a FastMap of site configuration variables. */
-    public static Map<String, Object> loadConfigMap(Element root, URL xml) {
-        long startTime = System.currentTimeMillis();
-        FastMap<String, Object> map = FastMap.newInstance();
-        if (root == null) {
-            root = loadDocument(xml);
-        }
-        
-        if (root == null) {
-            return map;
-        }
-
-        for (Element includeElement: UtilXml.childElementList(root, INCLUDE)) {
-            String includeLocation = includeElement.getAttribute(INCLUDE_LOCATION);
-            if ((includeLocation != null) && (includeLocation.length() > 0)) {
-                try {
-                    Map<String, Object> subMap = loadConfigMap(null, FlexibleLocation.resolveLocation(includeLocation));
-                    map.putAll(subMap);
-                } catch (MalformedURLException mue) {
-                    Debug.logError(mue, "Error processing include at [" + includeLocation + "]:" + mue.toString(), module);
-                }
-            }
-        }
-
-        // default error page
-        String errorpage = UtilXml.childElementValue(root, DEFAULT_ERROR_PAGE);
-        if (UtilValidate.isNotEmpty(errorpage)) map.put(DEFAULT_ERROR_PAGE, errorpage);
-
-        // default protect view
-        Element protectElement = UtilXml.firstChildElement(root, DEFAULT_PROTECT_VIEW);
-        String protectview;
-        if (protectElement != null) {
-            protectview = protectElement.getAttribute("view");
-            if (protectview != null) map.put(DEFAULT_PROTECT_VIEW, protectview);
-        }
-        
-        // site owner
-        String owner = UtilXml.childElementValue(root, SITE_OWNER);
-        if (UtilValidate.isNotEmpty(owner)) map.put(SITE_OWNER, owner);
-
-        // security class
-        String securityClass = UtilXml.childElementValue(root, SECURITY_CLASS);
-        if (UtilValidate.isNotEmpty(securityClass)) map.put(SECURITY_CLASS, securityClass);
-
-        // first visit event
-        Element firstvisitElement = UtilXml.firstChildElement(root, FIRSTVISIT);
-        if (firstvisitElement != null) {
-            List<Map<String, String>> eventList = FastList.newInstance();
-            for (Element eventElement: UtilXml.childElementList(firstvisitElement, EVENT)) {
-                Map<String, String> eventMap = FastMap.newInstance();
-                eventMap.put(EVENT_TYPE, eventElement.getAttribute(EVENT_TYPE));
-                eventMap.put(EVENT_PATH, eventElement.getAttribute(EVENT_PATH));
-                eventMap.put(EVENT_METHOD, eventElement.getAttribute(EVENT_METHOD));
-            
-                // Check for a global-transaction attribute - default to true
-                eventMap.put(EVENT_GLOBAL_TRANSACTION, eventElement.hasAttribute(EVENT_GLOBAL_TRANSACTION) ? eventElement.getAttribute(EVENT_GLOBAL_TRANSACTION) : "true");
-                eventList.add(eventMap);
-            }
-            map.put(FIRSTVISIT, eventList);
-        }
-
-        // preprocessor events
-        Element preprocessorElement = UtilXml.firstChildElement(root, PREPROCESSOR);
-        if (preprocessorElement != null) {
-            List<Map<String, String>> eventList = FastList.newInstance();
-            for (Element eventElement: UtilXml.childElementList(preprocessorElement, EVENT)) {
-                Map<String, String> eventMap = FastMap.newInstance();
-                eventMap.put(EVENT_TYPE, eventElement.getAttribute(EVENT_TYPE));
-                eventMap.put(EVENT_PATH, eventElement.getAttribute(EVENT_PATH));
-                eventMap.put(EVENT_METHOD, eventElement.getAttribute(EVENT_METHOD));
-            
-                // Check for a global-transaction attribute - default to true
-                eventMap.put(EVENT_GLOBAL_TRANSACTION, eventElement.hasAttribute(EVENT_GLOBAL_TRANSACTION) ? eventElement.getAttribute(EVENT_GLOBAL_TRANSACTION) : "true");
-                eventList.add(eventMap);
-            }
-            map.put(PREPROCESSOR, eventList);
-        }
-
-        // postprocessor events
-        Element postprocessorElement = UtilXml.firstChildElement(root, POSTPROCESSOR);
-        if (postprocessorElement != null) {
-            List<Map<String, String>> eventList = FastList.newInstance();
-            for (Element eventElement: UtilXml.childElementList(postprocessorElement, EVENT)) {
-                Map<String, String> eventMap = FastMap.newInstance();
-                eventMap.put(EVENT_TYPE, eventElement.getAttribute(EVENT_TYPE));
-                eventMap.put(EVENT_PATH, eventElement.getAttribute(EVENT_PATH));
-                eventMap.put(EVENT_METHOD, eventElement.getAttribute(EVENT_METHOD));
-            
-                // Check for a global-transaction attribute - default to true
-                eventMap.put(EVENT_GLOBAL_TRANSACTION, eventElement.hasAttribute(EVENT_GLOBAL_TRANSACTION) ? eventElement.getAttribute(EVENT_GLOBAL_TRANSACTION) : "true");
-                eventList.add(eventMap);
-            }
-            map.put(POSTPROCESSOR, eventList);
-        }
-
-        // after-login events
-        Element afterLoginElement = UtilXml.firstChildElement(root, "after-login");
-        if (afterLoginElement != null) {
-            List<Map<String, String>> eventList = FastList.newInstance();
-            for (Element eventElement: UtilXml.childElementList(afterLoginElement, EVENT)) {
-                Map<String, String> eventMap = FastMap.newInstance();
-                eventMap.put(EVENT_TYPE, eventElement.getAttribute(EVENT_TYPE));
-                eventMap.put(EVENT_PATH, eventElement.getAttribute(EVENT_PATH));
-                eventMap.put(EVENT_METHOD, eventElement.getAttribute(EVENT_METHOD));
-            
-                // Check for a global-transaction attribute - default to true
-                eventMap.put(EVENT_GLOBAL_TRANSACTION, eventElement.hasAttribute(EVENT_GLOBAL_TRANSACTION) ? eventElement.getAttribute(EVENT_GLOBAL_TRANSACTION) : "true");
-                eventList.add(eventMap);
-            }
-            map.put("after-login", eventList);
-        }
-
-        // before-logout events
-        Element beforeLogoutElement = UtilXml.firstChildElement(root, "before-logout");
-        if (beforeLogoutElement != null) {
-            List<Map<String, String>> eventList = FastList.newInstance();
-            List<? extends Element> eventElementList = UtilXml.childElementList(beforeLogoutElement, EVENT);
-            for (Element eventElement: UtilXml.childElementList(beforeLogoutElement, EVENT)) {
-                Map<String, String> eventMap = FastMap.newInstance();
-                eventMap.put(EVENT_TYPE, eventElement.getAttribute(EVENT_TYPE));
-                eventMap.put(EVENT_PATH, eventElement.getAttribute(EVENT_PATH));
-                eventMap.put(EVENT_METHOD, eventElement.getAttribute(EVENT_METHOD));
-            
-                // Check for a global-transaction attribute - default to true
-                eventMap.put(EVENT_GLOBAL_TRANSACTION, eventElement.hasAttribute(EVENT_GLOBAL_TRANSACTION) ? eventElement.getAttribute(EVENT_GLOBAL_TRANSACTION) : "true");
-                eventList.add(eventMap);
-            }
-            map.put("before-logout", eventList);
-        }
-
-        /* Debugging */
-        /*
-         Debug.logVerbose("-------- Config Mappings --------", module);
-         FastMap debugMap = map;
-         Set debugSet = debugMap.keySet();
-         Iterator i = debugSet.iterator();
-         while (i.hasNext()) {
-         Object o = i.next();
-         String request = (String) o;
-         FastMap thisURI = (FastMap) debugMap.get(o);
-         Debug.logVerbose(request, module);
-         Iterator debugIter = ((Set) thisURI.keySet()).iterator();
-         while (debugIter.hasNext()) {
-         Object lo = debugIter.next();
-         String name = (String) lo;
-         String value = (String) thisURI.get(lo);
-         if (Debug.verboseOn()) Debug.logVerbose("\t" + name + " -> " + value, module);
-         }
-         }
-         Debug.logVerbose("------ End Config Mappings ------", module);
-         */
-        /* End Debugging */
-
-        double totalSeconds = (System.currentTimeMillis() - startTime)/1000.0;
-        if (Debug.infoOn()) Debug.logInfo("ConfigMap Created: (" + map.size() + ") records in " + totalSeconds + "s", module);
-        return map;
-    }
-
-    /** Gets the default-request from the configuration */
-    public static String getDefaultRequest(URL xml) {
-        ControllerConfig controllerConfig = getControllerConfig(xml);
-        return controllerConfig != null ? controllerConfig.defaultRequest : null;
-    }
-
-    public static String loadDefaultRequest(Element root, URL xml) {
-        if (root == null) {
-            root = loadDocument(xml);
-        }
-        if (root == null) {
-            return null;
-        }
-
-        // holder for the default-request
-        String defaultRequest = null;
-
-        for (Element includeElement: UtilXml.childElementList(root, INCLUDE)) {
-            String includeLocation = includeElement.getAttribute(INCLUDE_LOCATION);
-            if ((includeLocation != null) && (includeLocation.length() > 0)) {
-                try {
-                    defaultRequest = loadDefaultRequest(null, FlexibleLocation.resolveLocation(includeLocation));
-                } catch (MalformedURLException mue) {
-                    Debug.logError(mue, "Error processing include at [" + includeLocation + "]:" + mue.toString(), module);
-                }
+    
+    public static final RequestResponse emptyNoneRequestResponse = RequestResponse.createEmptyNoneRequestResponse();
+    public static class RequestResponse {
+        public String name;
+        public String type;
+        public String value;
+        public Map<String, String> redirectParameterMap = FastMap.newInstance();
+        
+        public RequestResponse(Element responseElement) {
+            this.name = responseElement.getAttribute("name");
+            this.type = responseElement.getAttribute("type");
+            this.value = responseElement.getAttribute("value");
+            for (Element redirectParameterElement: UtilXml.childElementList(responseElement, "redirect-parameter")) {
+                String from = redirectParameterElement.getAttribute("from");
+                if (UtilValidate.isEmpty(from)) from = redirectParameterElement.getAttribute("name");
+                this.redirectParameterMap.put(redirectParameterElement.getAttribute("name"), from);
             }
         }
-
-        Element e = UtilXml.firstChildElement(root, "default-request");
-        if (e != null) {
-            defaultRequest = e.getAttribute("request-uri");
+        
+        public RequestResponse() { }
+        
+        public static RequestResponse createEmptyNoneRequestResponse() {
+            RequestResponse requestResponse = new RequestResponse();
+            requestResponse.name = "empty-none";
+            requestResponse.type = "none";
+            requestResponse.value = null;
+            return requestResponse;
         }
-        return defaultRequest;
     }
-
-    /** Gets a FastMap of handler mappings. */
-    public static Map<String, Map<String, String>> getHandlerMap(URL xml) {
-        ControllerConfig controllerConfig = getControllerConfig(xml);
-        return controllerConfig != null ? controllerConfig.handlerMap : null;
-    }
-
-    public static Map<String, Map<String, String>> loadHandlerMap(Element root, URL xml) {
-        long startTime = System.currentTimeMillis();
-        Map<String, Map<String, String>> map = FastMap.newInstance();
-        if (root == null) {
-            root = loadDocument(xml);
-        }
-        if (root == null) {
-            return map;
-        }
-
-        for (Element includeElement: UtilXml.childElementList(root, INCLUDE)) {
-            String includeLocation = includeElement.getAttribute(INCLUDE_LOCATION);
-            if ((includeLocation != null) && (includeLocation.length() > 0)) {
-                try {
-                    Map<String, Map<String, String>> subMap = loadHandlerMap(null, FlexibleLocation.resolveLocation(includeLocation));
-
-                    Map<String, String> newViewHandlerMap = checkMap(subMap.get("view"), String.class, String.class);
-                    Map<String, String> viewHandlerMap = checkMap(map.get("view"), String.class, String.class);
-                    if (viewHandlerMap == null) {
-                        map.put("view", newViewHandlerMap);
-                    } else {
-                        if (newViewHandlerMap != null) {
-                            viewHandlerMap.putAll(newViewHandlerMap);
-                        }
-                    }
-
-                    Map<String, String> newEventHandlerMap = checkMap(subMap.get("event"), String.class, String.class);
-                    Map<String, String> eventHandlerMap = checkMap(map.get("event"), String.class, String.class);
-                    if (eventHandlerMap == null) {
-                        map.put("event", newEventHandlerMap);
-                    } else {
-                        if (newEventHandlerMap != null) {
-                            eventHandlerMap.putAll(newEventHandlerMap);
-                        }
-                    }
-                } catch (MalformedURLException mue) {
-                    Debug.logError(mue, "Error processing include at [" + includeLocation + "]:" + mue.toString(), module);
-                }
-            }
-        }
-
-        Map<String, String> eventMap = FastMap.newInstance();
-        Map<String, String> viewMap = FastMap.newInstance();
-
-        for (Element handlerElement: UtilXml.childElementList(root, HANDLER)) {
-            String hName = checkEmpty(handlerElement.getAttribute(HANDLER_NAME));
-            String hClass = checkEmpty(handlerElement.getAttribute(HANDLER_CLASS));
-            String hType = checkEmpty(handlerElement.getAttribute(HANDLER_TYPE));
-            if (hType.equals("view")) {
-                viewMap.put(hName, hClass);
-            } else {
-                eventMap.put(hName, hClass);
-            }
-        }
-
-        Map<String, String> viewHandlerMap = checkMap(map.get("view"), String.class, String.class);
-        if (viewHandlerMap == null) {
-            map.put("view", viewMap);
-        } else {
-            if (viewMap != null) {
-                viewHandlerMap.putAll(viewMap);
-            }
-        }
-        Map<String, String> eventHandlerMap = checkMap(map.get("event"), String.class, String.class);
-        if (eventHandlerMap == null) {
-            map.put("event", eventMap);
-        } else {
-            if (eventMap != null) {
-                eventHandlerMap.putAll(eventMap);
-            }
-        }
-
-        /* Debugging */
-        if (Debug.verboseOn()) {
-            Debug.logVerbose("-------- Handler Mappings --------", module);
-            Map<String, String> debugMap = checkMap(map.get("event"), String.class, String.class);
-
-            if (UtilValidate.isNotEmpty(debugMap)) {
-                Debug.logVerbose("-------------- EVENT -------------", module);
-                for (Map.Entry<String, String> entry: debugMap.entrySet()) {
-                    String handlerName = entry.getKey();
-                    String className = entry.getValue();
-                    Debug.logVerbose("[EH] : " + handlerName + " => " + className, module);
-                }
-            }
-            debugMap = checkMap(map.get("view"), String.class, String.class);
-            if (UtilValidate.isNotEmpty(debugMap)) {
-                Debug.logVerbose("-------------- VIEW --------------", module);
-                for (Map.Entry<String, String> entry: debugMap.entrySet()) {
-                    String handlerName = entry.getKey();
-                    String className = entry.getValue();
-                    Debug.logVerbose("[VH] : " + handlerName + " => " + className, module);
-                }
+    
+    public static class ViewMap {
+        public String viewMap;
+        public String name;
+        public String page;
+        public String type;
+        public String info;
+        public String contentType;
+        public String encoding;
+        public String description;
+
+        public ViewMap(Element viewMapElement) {
+            this.name = viewMapElement.getAttribute("name");
+            this.page = viewMapElement.getAttribute("page");
+            this.type = viewMapElement.getAttribute("type");
+            this.info = viewMapElement.getAttribute("info");
+            this.contentType = viewMapElement.getAttribute("content-type");
+            this.encoding = viewMapElement.getAttribute("encoding");
+            this.description = UtilXml.childElementValue(viewMapElement, "description");
+            if (UtilValidate.isEmpty(this.page)) {
+                this.page = this.name;
             }
-            Debug.logVerbose("------ End Handler Mappings ------", module);
         }
-
-        double totalSeconds = (System.currentTimeMillis() - startTime)/1000.0;
-        if (Debug.infoOn()) Debug.logInfo("HandlerMap Created: (" + ((Map) map.get("view")).size() + ") view handlers and (" + ((Map) map.get("event")).size() + ") request/event handlers in " + totalSeconds + "s", module);
-        return map;
-    }
-
-    private static String checkEmpty(String string) {
-        if (string != null && string.length() > 0)
-            return string;
-        else
-            return "";
     }
 }

Modified: ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java?rev=741374&r1=741373&r2=741374&view=diff
==============================================================================
--- ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java (original)
+++ ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java Fri Feb  6 02:14:19 2009
@@ -18,12 +18,10 @@
  *******************************************************************************/
 package org.ofbiz.webapp.control;
 
-import java.io.UnsupportedEncodingException;
+import static org.ofbiz.base.util.UtilGenerics.checkMap;
+
 import java.math.BigInteger;
-import java.net.URLEncoder;
 import java.security.cert.X509Certificate;
-import java.util.Enumeration;
-import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
 import java.util.regex.Matcher;
@@ -31,7 +29,6 @@
 
 import javax.security.auth.x500.X500Principal;
 import javax.servlet.ServletContext;
-import javax.servlet.ServletRequest;
 import javax.servlet.http.Cookie;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
@@ -47,7 +44,6 @@
 import org.ofbiz.base.util.GeneralException;
 import org.ofbiz.base.util.KeyStoreUtil;
 import org.ofbiz.base.util.UtilFormatOut;
-import static org.ofbiz.base.util.UtilGenerics.checkMap;
 import org.ofbiz.base.util.UtilHttp;
 import org.ofbiz.base.util.UtilMisc;
 import org.ofbiz.base.util.UtilProperties;
@@ -58,7 +54,6 @@
 import org.ofbiz.entity.GenericValue;
 import org.ofbiz.entity.condition.EntityCondition;
 import org.ofbiz.entity.condition.EntityConditionList;
-import org.ofbiz.entity.condition.EntityExpr;
 import org.ofbiz.entity.condition.EntityOperator;
 import org.ofbiz.entity.model.ModelEntity;
 import org.ofbiz.entity.transaction.GenericTransactionException;
@@ -88,43 +83,28 @@
         return makeLoginUrl(pageContext, "checkLogin");
     }
 
-    public static String makeLoginUrl(ServletRequest request) {
+    public static String makeLoginUrl(HttpServletRequest request) {
         return makeLoginUrl(request, "checkLogin");
     }
     
     public static String makeLoginUrl(PageContext pageContext, String requestName) {
-        return makeLoginUrl(pageContext.getRequest(), requestName);
+        return makeLoginUrl((HttpServletRequest) pageContext.getRequest(), requestName);
     }
-    public static String makeLoginUrl(ServletRequest request, String requestName) {
-        String queryString = null;
-
-        Enumeration parameterNames = request.getParameterNames();
-
-        while (parameterNames != null && parameterNames.hasMoreElements()) {
-            String paramName = (String) parameterNames.nextElement();
-
-            if (paramName != null) {
-                String sane_paramName, sane_value;
-                try {
-                    sane_paramName = URLEncoder.encode((String) paramName, "UTF-8");
-                    sane_value = URLEncoder.encode(request.getParameter(paramName), "UTF-8");
-                } catch (UnsupportedEncodingException ex) {
-                    Debug.logError(ex, module);
-                    sane_paramName = paramName;
-                    sane_value = request.getParameter(paramName);
-                }
-
-                if (queryString == null) {
-                    queryString = sane_paramName + "=" + sane_value;
-                } else {
-                    queryString = queryString + "&" + sane_paramName + "=" + sane_value;
-                }
-            }
+    public static String makeLoginUrl(HttpServletRequest request, String requestName) {
+        Map<String, Object> urlParams = UtilHttp.getUrlOnlyParameterMap(request);
+        String queryString = UtilHttp.urlEncodeArgs(urlParams, false);
+        String currentView = UtilFormatOut.checkNull((String) request.getAttribute("_CURRENT_VIEW_"));
+
+        String loginUrl = "/" + requestName;
+        if ("login".equals(currentView)) {
+            return loginUrl;
+        }
+        if (UtilValidate.isNotEmpty(currentView)) {
+            loginUrl += "/" + currentView;
+        }
+        if (UtilValidate.isNotEmpty(queryString)) {
+            loginUrl += "?" + queryString;
         }
-
-        String loginUrl = "/" + requestName + "/" + UtilFormatOut.checkNull((String) request.getAttribute("_CURRENT_VIEW_"));
-
-        if (queryString != null) loginUrl = loginUrl + "?" + UtilFormatOut.checkNull(queryString);
 
         return loginUrl;
     }
@@ -231,8 +211,8 @@
      * @return String
      */
     public static String checkLogin(HttpServletRequest request, HttpServletResponse response) {
-        GenericValue userLogin = (GenericValue) request.getSession().getAttribute("userLogin");
         HttpSession session = request.getSession();
+        GenericValue userLogin = (GenericValue) session.getAttribute("userLogin");
 
         // anonymous shoppers are not logged in
         if (userLogin != null && "anonymous".equals(userLogin.getString("userLoginId"))) {
@@ -272,21 +252,25 @@
 
             // in this condition log them in if not already; if not logged in or can't log in, save parameters and return error
             if ((username == null) || (password == null) || ("error".equals(login(request, response)))) {
-                Map<String, Object> reqParams = UtilHttp.getParameterMap(request);
-                String queryString = UtilHttp.urlEncodeArgs(reqParams);
-                Debug.logInfo("reqParams Map: " + reqParams, module);
-                Debug.logInfo("queryString: " + queryString, module);
 
                 // make sure this attribute is not in the request; this avoids infinite recursion when a login by less stringent criteria (like not checkout the hasLoggedOut field) passes; this is not a normal circumstance but can happen with custom code or in funny error situations when the userLogin service gets the userLogin object but runs into another problem and fails to return an error
                 request.removeAttribute("_LOGIN_PASSED_");
-
+                
+                // keep the previous request name in the session
                 session.setAttribute("_PREVIOUS_REQUEST_", request.getPathInfo());
-                if (queryString != null && queryString.length() > 0) {
-                    session.setAttribute("_PREVIOUS_PARAMS_", queryString);
+                
+                // NOTE: not using the old _PREVIOUS_PARAMS_ attribute at all because it was a security hole as it was used to put data in the URL (never encrypted) that was originally in a form field that may have been encrypted
+                // keep 2 maps: one for URL parameters and one for form parameters
+                Map<String, Object> urlParams = UtilHttp.getUrlOnlyParameterMap(request);
+                if (urlParams != null && urlParams.size() > 0) {
+                    session.setAttribute("_PREVIOUS_PARAM_MAP_URL_", urlParams);
+                }
+                Map<String, Object> formParams = UtilHttp.getParameterMap(request, urlParams.keySet(), false);
+                if (formParams != null && formParams.size() > 0) {
+                    session.setAttribute("_PREVIOUS_PARAM_MAP_FORM_", formParams);
                 }
 
-                if (Debug.infoOn()) Debug.logInfo("checkLogin: queryString=" + queryString, module);
-                if (Debug.infoOn()) Debug.logInfo("checkLogin: PathInfo=" + request.getPathInfo(), module);
+                //if (Debug.infoOn()) Debug.logInfo("checkLogin: PathInfo=" + request.getPathInfo(), module);
 
                 return "error";
             }
@@ -305,6 +289,11 @@
      */
     public static String login(HttpServletRequest request, HttpServletResponse response) {
         HttpSession session = request.getSession();
+        
+        if (session.getAttribute("userLogin") != null) {
+            // already logged in, do nothing...
+            return "success";
+        }
 
         String username = request.getParameter("USERNAME");
         String password = request.getParameter("PASSWORD");