001    //$HeadURL: svn+ssh://rbezema@svn.wald.intevation.org/deegree/base/tags/2.1/src/org/deegree/ogcwebservices/wass/wss/operation/DoServicePasswordHandler.java $
002    /*----------------    FILE HEADER  ------------------------------------------
003    
004     This file is part of deegree.
005     Copyright (C) 2001-2006 by:
006     EXSE, Department of Geography, University of Bonn
007     http://www.giub.uni-bonn.de/exse/
008     lat/lon GmbH
009     http://www.lat-lon.de
010    
011     This library is free software; you can redistribute it and/or
012     modify it under the terms of the GNU Lesser General Public
013     License as published by the Free Software Foundation; either
014     version 2.1 of the License, or (at your option) any later version.
015    
016     This library is distributed in the hope that it will be useful,
017     but WITHOUT ANY WARRANTY; without even the implied warranty of
018     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
019     Lesser General Public License for more details.
020    
021     You should have received a copy of the GNU Lesser General Public
022     License along with this library; if not, write to the Free Software
023     Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
024    
025     Contact:
026    
027     Andreas Poth
028     lat/lon GmbH
029     Aennchenstraße 19
030     53177 Bonn
031     Germany
032     E-Mail: poth@lat-lon.de
033    
034     Jens Fitzke
035     lat/lon GmbH
036     Aennchenstraße 19
037     53177 Bonn
038     Germany
039     E-Mail: jens.fitzke@uni-bonn.de
040    
041     ---------------------------------------------------------------------------*/
042    
043    package org.deegree.ogcwebservices.wass.wss.operation;
044    
045    import org.deegree.framework.log.ILogger;
046    import org.deegree.framework.log.LoggerFactory;
047    import org.deegree.i18n.Messages;
048    import org.deegree.ogcwebservices.wass.common.AuthenticationData;
049    import org.deegree.ogcwebservices.wass.common.WASSSecurityManager;
050    import org.deegree.ogcwebservices.wass.exceptions.DoServiceException;
051    import org.deegree.security.GeneralSecurityException;
052    import org.deegree.security.drm.SecurityAccessManager;
053    import org.deegree.security.drm.model.User;
054    
055    /**
056     * This class handles a webservice request which is . It's primary roles are to check if the user
057     * has (sufficient) credentials and to delegate the request to the service provider behind this
058     * proxy.
059     * 
060     * 
061     * @author <a href="mailto:bezema@lat-lon.de">Rutger Bezema</a>
062     * @author last edited by: $Author: aschmitz $
063     * 
064     * @version 2.0, $Revision: 7341 $, $Date: 2007-05-29 14:03:14 +0200 (Di, 29 Mai 2007) $
065     * 
066     * @since 2.0
067     */
068    
069    public class DoServicePasswordHandler extends DoServiceHandler {
070    
071        private static final ILogger LOG = LoggerFactory.getLogger( DoServicePasswordHandler.class );
072    
073        private final SecurityAccessManager manager;
074    
075        /**
076         * @param securityManager
077         * @throws GeneralSecurityException
078         */
079        public DoServicePasswordHandler( WASSSecurityManager securityManager )
080                                throws GeneralSecurityException {
081            manager = securityManager.getSecurityAccessManager();
082        }
083    
084        /**
085         * Checks if the request has sufficient credentials to request the feature, and if so request
086         * the feature at the service.
087         * 
088         * @throws DoServiceException
089         */
090        @Override
091        public void handleRequest( DoService request )
092                                throws DoServiceException {
093            
094            AuthenticationData authData = request.getAuthenticationData();
095            // password authentication used?
096            if ( authData.usesPasswordAuthentication() ) {
097                try {
098                    String user = authData.getUsername();
099                    String pass = authData.getPassword();
100                    User usr = manager.getUserByName( user );
101                    usr.authenticate( pass );
102                    // SecurityAccess secAccess = manager.acquireAccess( usr );
103                    // usr.hasRight( secAccess );
104                    /**
105                     * TODO Here it is specified that the wss should check if the user has the
106                     * sufficient right to do the service request. Deegree does these request in the
107                     * owsRequestvalidator package, which means we only support - for the moment - a
108                     * check if the user is registered. For Details on how to get the right for
109                     * particular object please look at the following method.
110                     * 
111                     * @see org.deegree.security.owsrequestvalidator.GetFeatureRequestValidator#validateAgainstRightsDB
112                     * 
113                     */
114                } catch ( GeneralSecurityException e ) {
115                    LOG.logError( e.getLocalizedMessage(), e );
116                    throw new DoServiceException( e.getLocalizedMessage(), e );
117                } catch ( StringIndexOutOfBoundsException e ) {
118                    LOG.logError( e.getLocalizedMessage(), e );
119                    throw new DoServiceException( Messages.getMessage( "WASS_ERROR_USERPASS_NOT_PARSED",
120                                                                   "WSS" ) );
121                }
122            }
123    
124            setRequestAllowed( true );
125            
126        }
127    
128    }