001    //$HeadURL: svn+ssh://rbezema@svn.wald.intevation.org/deegree/base/branches/2.2_testing/src/org/deegree/ogcwebservices/wass/wss/operation/DoServicePasswordHandler.java $
002    /*----------------    FILE HEADER  ------------------------------------------
003    
004     This file is part of deegree.
005     Copyright (C) 2001-2008 by:
006     EXSE, Department of Geography, University of Bonn
007     http://www.giub.uni-bonn.de/deegree/
008     lat/lon GmbH
009     http://www.lat-lon.de
010    
011     This library is free software; you can redistribute it and/or
012     modify it under the terms of the GNU Lesser General Public
013     License as published by the Free Software Foundation; either
014     version 2.1 of the License, or (at your option) any later version.
015    
016     This library is distributed in the hope that it will be useful,
017     but WITHOUT ANY WARRANTY; without even the implied warranty of
018     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
019     Lesser General Public License for more details.
020    
021     You should have received a copy of the GNU Lesser General Public
022     License along with this library; if not, write to the Free Software
023     Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
024    
025     Contact:
026    
027     Andreas Poth
028     lat/lon GmbH
029     Aennchenstr. 19
030     53115 Bonn
031     Germany
032     E-Mail: poth@lat-lon.de
033    
034     Prof. Dr. Klaus Greve
035     Department of Geography
036     University of Bonn
037     Meckenheimer Allee 166
038     53115 Bonn
039     Germany
040     E-Mail: greve@giub.uni-bonn.de
041    
042     
043     ---------------------------------------------------------------------------*/
044    
045    package org.deegree.ogcwebservices.wass.wss.operation;
046    
047    import org.deegree.framework.log.ILogger;
048    import org.deegree.framework.log.LoggerFactory;
049    import org.deegree.i18n.Messages;
050    import org.deegree.ogcwebservices.wass.common.AuthenticationData;
051    import org.deegree.ogcwebservices.wass.common.WASSSecurityManager;
052    import org.deegree.ogcwebservices.wass.exceptions.DoServiceException;
053    import org.deegree.security.GeneralSecurityException;
054    import org.deegree.security.drm.SecurityAccessManager;
055    import org.deegree.security.drm.model.User;
056    
057    /**
058     * This class handles a webservice request which is . It's primary roles are to check if the user
059     * has (sufficient) credentials and to delegate the request to the service provider behind this
060     * proxy.
061     * 
062     * 
063     * @author <a href="mailto:bezema@lat-lon.de">Rutger Bezema</a>
064     * @author last edited by: $Author: apoth $
065     * 
066     * @version 2.0, $Revision: 9345 $, $Date: 2007-12-27 17:22:25 +0100 (Do, 27 Dez 2007) $
067     * 
068     * @since 2.0
069     */
070    
071    public class DoServicePasswordHandler extends DoServiceHandler {
072    
073        private static final ILogger LOG = LoggerFactory.getLogger( DoServicePasswordHandler.class );
074    
075        private final SecurityAccessManager manager;
076    
077        /**
078         * @param securityManager
079         * @throws GeneralSecurityException
080         */
081        public DoServicePasswordHandler( WASSSecurityManager securityManager )
082                                throws GeneralSecurityException {
083            manager = securityManager.getSecurityAccessManager();
084        }
085    
086        /**
087         * Checks if the request has sufficient credentials to request the feature, and if so request
088         * the feature at the service.
089         * 
090         * @throws DoServiceException
091         */
092        @Override
093        public void handleRequest( DoService request )
094                                throws DoServiceException {
095            
096            AuthenticationData authData = request.getAuthenticationData();
097            // password authentication used?
098            if ( authData.usesPasswordAuthentication() ) {
099                try {
100                    String user = authData.getUsername();
101                    String pass = authData.getPassword();
102                    User usr = manager.getUserByName( user );
103                    usr.authenticate( pass );
104                    // SecurityAccess secAccess = manager.acquireAccess( usr );
105                    // usr.hasRight( secAccess );
106                    /**
107                     * TODO Here it is specified that the wss should check if the user has the
108                     * sufficient right to do the service request. Deegree does these request in the
109                     * owsRequestvalidator package, which means we only support - for the moment - a
110                     * check if the user is registered. For Details on how to get the right for
111                     * particular object please look at the following method.
112                     * 
113                     * @see org.deegree.security.owsrequestvalidator.GetFeatureRequestValidator#validateAgainstRightsDB
114                     * 
115                     */
116                } catch ( GeneralSecurityException e ) {
117                    LOG.logError( e.getLocalizedMessage(), e );
118                    throw new DoServiceException( e.getLocalizedMessage(), e );
119                } catch ( StringIndexOutOfBoundsException e ) {
120                    LOG.logError( e.getLocalizedMessage(), e );
121                    throw new DoServiceException( Messages.getMessage( "WASS_ERROR_USERPASS_NOT_PARSED",
122                                                                   "WSS" ) );
123                }
124            }
125    
126            setRequestAllowed( true );
127            
128        }
129    
130    }