001 //$HeadURL: svn+ssh://rbezema@svn.wald.intevation.org/deegree/base/branches/2.2_testing/src/org/deegree/ogcwebservices/wass/wss/operation/DoServiceSessionHandler.java $
002 /*---------------- FILE HEADER ------------------------------------------
003
004 This file is part of deegree.
005 Copyright (C) 2001-2008 by:
006 EXSE, Department of Geography, University of Bonn
007 http://www.giub.uni-bonn.de/deegree/
008 lat/lon GmbH
009 http://www.lat-lon.de
010
011 This library is free software; you can redistribute it and/or
012 modify it under the terms of the GNU Lesser General Public
013 License as published by the Free Software Foundation; either
014 version 2.1 of the License, or (at your option) any later version.
015
016 This library is distributed in the hope that it will be useful,
017 but WITHOUT ANY WARRANTY; without even the implied warranty of
018 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
019 Lesser General Public License for more details.
020
021 You should have received a copy of the GNU Lesser General Public
022 License along with this library; if not, write to the Free Software
023 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
024
025 Contact:
026
027 Andreas Poth
028 lat/lon GmbH
029 Aennchenstr. 19
030 53115 Bonn
031 Germany
032 E-Mail: poth@lat-lon.de
033
034 Prof. Dr. Klaus Greve
035 Department of Geography
036 University of Bonn
037 Meckenheimer Allee 166
038 53115 Bonn
039 Germany
040 E-Mail: greve@giub.uni-bonn.de
041
042
043 ---------------------------------------------------------------------------*/
044
045 package org.deegree.ogcwebservices.wass.wss.operation;
046
047 import org.deegree.framework.log.ILogger;
048 import org.deegree.framework.log.LoggerFactory;
049 import org.deegree.i18n.Messages;
050 import org.deegree.ogcwebservices.wass.common.AuthenticationData;
051 import org.deegree.ogcwebservices.wass.exceptions.DoServiceException;
052 import org.deegree.security.session.MemoryBasedSessionManager;
053 import org.deegree.security.session.Session;
054 import org.deegree.security.session.SessionStatusException;
055
056 /**
057 * Checks if the session presented from a client is valid.
058 *
059 * @author <a href="mailto:bezema@lat-lon.de">Rutger Bezema</a>
060 *
061 * @author last edited by: $Author: apoth $
062 *
063 * @version 2.0, $Revision: 9345 $, $Date: 2007-12-27 17:22:25 +0100 (Do, 27 Dez 2007) $
064 *
065 * @since 2.0
066 */
067
068 public class DoServiceSessionHandler extends DoServiceHandler {
069
070 private static final ILogger LOG = LoggerFactory.getLogger( DoServiceSessionHandler.class );
071
072 private final MemoryBasedSessionManager sessionManager;
073
074 /**
075 *
076 */
077 public DoServiceSessionHandler() {
078 sessionManager = MemoryBasedSessionManager.getInstance();
079 }
080
081 @Override
082 public void handleRequest( DoService request )
083 throws DoServiceException {
084
085 AuthenticationData authData = request.getAuthenticationData();
086 if ( authData.usesSessionAuthentication() ) {
087 try {
088 Session ses = sessionManager.getSessionByID( authData.getCredentials() );
089 if ( ses == null || !ses.isAlive() ){
090 throw new DoServiceException(
091 Messages.getMessage(
092 "WASS_ERROR_INVALID_SESSION",
093 "WSS" ) );
094
095 }
096 setRequestAllowed( true );
097 } catch ( SessionStatusException e ) {
098 LOG.logError( e.getLocalizedMessage(), e );
099 throw new DoServiceException( e.getLocalizedMessage(), e );
100 }
101 }
102
103 }
104
105 }