001 //$HeadURL: svn+ssh://rbezema@svn.wald.intevation.org/deegree/base/branches/2.2_testing/src/org/deegree/ogcwebservices/wass/wss/WSService.java $
002 /*---------------- FILE HEADER ------------------------------------------
003
004 This file is part of deegree.
005 Copyright (C) 2001-2008 by:
006 Department of Geography, University of Bonn
007 http://www.giub.uni-bonn.de/deegree/
008 lat/lon GmbH
009 http://www.lat-lon.de
010
011 This library is free software; you can redistribute it and/or
012 modify it under the terms of the GNU Lesser General Public
013 License as published by the Free Software Foundation; either
014 version 2.1 of the License, or (at your option) any later version.
015
016 This library is distributed in the hope that it will be useful,
017 but WITHOUT ANY WARRANTY; without even the implied warranty of
018 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
019 Lesser General Public License for more details.
020
021 You should have received a copy of the GNU Lesser General Public
022 License along with this library; if not, write to the Free Software
023 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
024
025 Contact:
026
027 Andreas Poth
028 lat/lon GmbH
029 Aennchenstr. 19
030 53177 Bonn
031 Germany
032 E-Mail: poth@lat-lon.de
033
034 Prof. Dr. Klaus Greve
035 Department of Geography
036 University of Bonn
037 Meckenheimer Allee 166
038 53115 Bonn
039 Germany
040 E-Mail: greve@giub.uni-bonn.de
041
042 ---------------------------------------------------------------------------*/
043
044 package org.deegree.ogcwebservices.wass.wss;
045
046 import java.util.ArrayList;
047
048 import org.deegree.framework.log.ILogger;
049 import org.deegree.framework.log.LoggerFactory;
050 import org.deegree.framework.trigger.TriggerProvider;
051 import org.deegree.i18n.Messages;
052 import org.deegree.ogcwebservices.OGCWebService;
053 import org.deegree.ogcwebservices.OGCWebServiceException;
054 import org.deegree.ogcwebservices.OGCWebServiceRequest;
055 import org.deegree.ogcwebservices.getcapabilities.OGCCapabilities;
056 import org.deegree.ogcwebservices.wass.common.AuthenticationData;
057 import org.deegree.ogcwebservices.wass.common.CloseSession;
058 import org.deegree.ogcwebservices.wass.common.CloseSessionHandler;
059 import org.deegree.ogcwebservices.wass.common.GetSession;
060 import org.deegree.ogcwebservices.wass.common.GetSessionAnonymousHandler;
061 import org.deegree.ogcwebservices.wass.common.GetSessionDispatcher;
062 import org.deegree.ogcwebservices.wass.common.GetSessionHandler;
063 import org.deegree.ogcwebservices.wass.common.GetSessionPasswordHandler;
064 import org.deegree.ogcwebservices.wass.common.Operation_1_0;
065 import org.deegree.ogcwebservices.wass.common.WASSSecurityManager;
066 import org.deegree.ogcwebservices.wass.exceptions.DoServiceException;
067 import org.deegree.ogcwebservices.wass.wss.configuration.WSSConfiguration;
068 import org.deegree.ogcwebservices.wass.wss.configuration.WSSDeegreeParams;
069 import org.deegree.ogcwebservices.wass.wss.operation.DoService;
070 import org.deegree.ogcwebservices.wass.wss.operation.DoServiceAnonymousHandler;
071 import org.deegree.ogcwebservices.wass.wss.operation.DoServiceHandler;
072 import org.deegree.ogcwebservices.wass.wss.operation.DoServicePasswordHandler;
073 import org.deegree.ogcwebservices.wass.wss.operation.DoServiceSessionHandler;
074 import org.deegree.ogcwebservices.wass.wss.operation.WSSGetCapabilities;
075 import org.deegree.security.GeneralSecurityException;
076 import org.deegree.security.session.SessionStatusException;
077
078 /**
079 * The Web Security Service - <code>WSService</code> - is the dispatcher of the entire WSS. It
080 * calls the appropriate classes according to a given request.
081 *
082 * @author <a href="mailto:bezema@lat-lon.de">Rutger Bezema</a>
083 * @author last edited by: $Author: apoth $
084 *
085 * @version $Revision: 9345 $, $Date: 2007-12-27 17:22:25 +0100 (Do, 27 Dez 2007) $
086 */
087 public class WSService implements OGCWebService {
088
089 private WSSConfiguration configuration = null;
090
091 private static final ILogger LOG = LoggerFactory.getLogger( WSService.class );
092
093 private static final TriggerProvider TP = TriggerProvider.create( WSService.class );
094
095 private GetSessionHandler getSessionHandler = null;
096
097 private CloseSessionHandler closeSessionHandler = null;
098
099 private DoServiceHandler doServiceHandler = null;
100
101 private WASSSecurityManager secManager = null;
102
103 /**
104 * Creates a new WebSecurityService with the given configuration( = capabilities) bean.
105 *
106 * @param config
107 * @throws OGCWebServiceException
108 */
109 public WSService( WSSConfiguration config ) throws OGCWebServiceException {
110 configuration = config;
111
112 WSSDeegreeParams dgParams = configuration.getDeegreeParams();
113 if ( configuration.isSessionAuthenticationSupported() ) {
114 for ( Operation_1_0 operation : configuration.getOperationsMetadata().getAllOperations() ) {
115 if ( "GetSession".equals( operation.getName() ) ) {
116 try {
117 ArrayList<GetSessionHandler> handlers = new ArrayList<GetSessionHandler>();
118 int lifetime = dgParams.getSessionLifetime();
119 if ( configuration.isPasswordAuthenticationSupported() ) {
120 secManager = new WASSSecurityManager( dgParams.getDatabaseConnection() );
121 handlers.add( new GetSessionPasswordHandler( secManager, lifetime ) );
122 }
123 if ( configuration.isAnonymousAuthenticationSupported() ) {
124 handlers.add( new GetSessionAnonymousHandler( lifetime ) );
125 }
126 if ( handlers.size() == 0 )
127 throw new OGCWebServiceException( Messages.getMessage( "WASS_ERROR_NO_AUTHMETHOD_HANDLER",
128 "WSS" ) );
129 getSessionHandler = new GetSessionDispatcher( handlers );
130
131 } catch ( GeneralSecurityException e ) {
132 LOG.logError( e.getLocalizedMessage(), e );
133 throw new OGCWebServiceException( e.getLocalizedMessage() );
134 }
135 } else if ( "CloseSession".equals( operation.getName() ) ) {
136 closeSessionHandler = new CloseSessionHandler();
137 }
138 }
139 }
140 }
141
142 /*
143 * Returns the capabilities of the WSS. This is not the correct default behaviour, for a
144 * GetCapabalities request must be able to request only parts of the capabilies of this wss .
145 *
146 * @see org.deegree.ogcwebservices.OGCWebService#getCapabilities()
147 */
148 public OGCCapabilities getCapabilities() {
149 return configuration;
150 }
151
152 /*
153 * The core method. It dispatches the request to the appropriate classes which handle them.
154 *
155 * @see org.deegree.ogcwebservices.OGCWebService#doService(org.deegree.ogcwebservices.OGCWebServiceRequest)
156 */
157 public Object doService( OGCWebServiceRequest request )
158 throws OGCWebServiceException {
159
160 request = (OGCWebServiceRequest) TP.doPreTrigger( this, request )[0];
161
162 Object response = null;
163
164 // TODO exception handling: throw e after each different occasion with descriptive msg
165 try {
166 if ( request instanceof WSSGetCapabilities ) {
167 response = getCapabilities();
168 } else if ( ( getSessionHandler != null ) && ( request instanceof GetSession ) ) {
169 response = getSessionHandler.handleRequest( (GetSession) request );
170 } else if ( ( closeSessionHandler != null ) && ( request instanceof CloseSession ) ) {
171 closeSessionHandler.handleRequest( (CloseSession) request );
172 } else if ( request instanceof DoService ) {
173 AuthenticationData authData = ( (DoService) request ).getAuthenticationData();
174 // password authentication used?
175 if ( authData.usesPasswordAuthentication() ) {
176 if ( configuration.isPasswordAuthenticationSupported() )
177 doServiceHandler = new DoServicePasswordHandler( secManager );
178 else
179 response = new OGCWebServiceException( Messages.getMessage( "WASS_ERROR_AUTHENTICATION_PASSWORD_NOT_SUPPORTED",
180 "WSS" ) );
181 } else if ( authData.usesSessionAuthentication() ) {
182 if ( configuration.isSessionAuthenticationSupported() )
183 doServiceHandler = new DoServiceSessionHandler();
184 else
185 response = new OGCWebServiceException( Messages.getMessage( "WASS_ERROR_AUTHENTICATION_SESSION_NOT_SUPPORTED",
186 "WSS" ) );
187 } else if ( authData.usesAnonymousAuthentication() ) {
188 if ( configuration.isAnonymousAuthenticationSupported() )
189 doServiceHandler = new DoServiceAnonymousHandler();
190 else
191 response = new OGCWebServiceException( Messages.getMessage( "WASS_ERROR_AUTHENTICATION_ANONYMOUS_NOT_SUPPORTED",
192 "WSS" ) );
193 }
194 if ( response == null ) {
195 doServiceHandler.handleRequest( (DoService) request );
196 if ( doServiceHandler.requestAllowed() )
197 response = doServiceHandler.sendRequest( (DoService) request,
198 ( configuration.getDeegreeParams() ).getSecuredServiceAddress().getLinkage().getHref(),
199 /* configuration.getDeegreeParams().getCharacterSet() */null,
200 /* configuration.getDeegreeParams().getRequestTimeLimit() */0,
201 configuration.getSecuredServiceType() );
202 }
203 } else {
204 LOG.logError( Messages.getMessage( "WASS_ERROR_UNKNOWN_REQUEST",
205 new Object[] { "WSS", request.getClass().getName() } ) );
206 throw new OGCWebServiceException( Messages.getMessage( "WASS_ERROR_UNKNOWN_REQUEST",
207 new Object[] {"WSS",
208 request.getClass().getName() } ) );
209 }
210 } catch ( DoServiceException e ) {
211 LOG.logError( e.getLocalizedMessage(), e );
212 response = new OGCWebServiceException( e.getLocalizedMessage() );
213 } catch ( SessionStatusException e ) {
214 LOG.logError( e.getLocalizedMessage(), e );
215 // TODO Check if this particular message is needed for the GDI NRW spec V1.0.
216 // Otherwise delete it and use e.getLocalizedMessage() instead.
217 response = new OGCWebServiceException( Messages.getMessage( "WASS_ERROR_INVALID_SESSION",
218 "WSService" ) );
219 } catch ( GeneralSecurityException e ) {
220 LOG.logError( e.getLocalizedMessage(), e );
221 // TODO Check if this particular message is needed for the GDI NRW spec V1.0.
222 // Otherwise delete it and use e.getMessage() instead.
223 // throw new OGCWebServiceException( e.getLocalizedMessage() );
224 throw new OGCWebServiceException( Messages.getMessage( "WASS_ERROR_SECURITY_SYSTEM",
225 "WSService" ) );
226 }
227
228 return TP.doPostTrigger( this, response )[0];
229 }
230
231 }