001    //$HeadURL$
002    /*----------------    FILE HEADER  ------------------------------------------
003     This file is part of deegree.
004     Copyright (C) 2001-2008 by:
005     Department of Geography, University of Bonn
006     http://www.giub.uni-bonn.de/deegree/
007     lat/lon GmbH
008     http://www.lat-lon.de
009    
010     This library is free software; you can redistribute it and/or
011     modify it under the terms of the GNU Lesser General Public
012     License as published by the Free Software Foundation; either
013     version 2.1 of the License, or (at your option) any later version.
014     This library is distributed in the hope that it will be useful,
015     but WITHOUT ANY WARRANTY; without even the implied warranty of
016     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
017     Lesser General Public License for more details.
018     You should have received a copy of the GNU Lesser General Public
019     License along with this library; if not, write to the Free Software
020     Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
021     Contact:
022    
023     Andreas Poth
024     lat/lon GmbH
025     Aennchenstr. 19
026     53177 Bonn
027     Germany
028     E-Mail: poth@lat-lon.de
029    
030     Prof. Dr. Klaus Greve
031     Department of Geography
032     University of Bonn
033     Meckenheimer Allee 166
034     53115 Bonn
035     Germany
036     E-Mail: greve@giub.uni-bonn.de
037     ---------------------------------------------------------------------------*/
038    package org.deegree.security;
039    
040    import java.net.URL;
041    import java.util.Map;
042    
043    import org.deegree.framework.log.ILogger;
044    import org.deegree.framework.log.LoggerFactory;
045    import org.deegree.framework.xml.NamespaceContext;
046    import org.deegree.framework.xml.XMLFragment;
047    import org.deegree.framework.xml.XMLTools;
048    import org.deegree.i18n.Messages;
049    import org.deegree.ogcbase.CommonNamespaces;
050    import org.deegree.security.drm.SecurityAccessManager;
051    import org.deegree.security.drm.WrongCredentialsException;
052    import org.deegree.security.drm.model.User;
053    import org.w3c.dom.Document;
054    
055    /**
056     * 
057     * 
058     * @author <a href="mailto:poth@lat-lon.de">Andreas Poth</a>
059     * @author last edited by: $Author: poth $
060     * 
061     * @version. $Revision: 6251 $, $Date: 2007-03-19 16:59:28 +0100 (Mo, 19 Mrz 2007) $
062     */
063    public class WASAuthentication extends AbstractAuthentication {
064    
065        private static final ILogger LOG = LoggerFactory.getLogger( WASAuthentication.class );
066    
067        private static final NamespaceContext nsContext = CommonNamespaces.getNamespaceContext();
068        
069        protected static final String AUTH_PARAM_SESSIONID = "SESSIONID";
070        
071        protected static final String INIT_PARAM_WAS = "WAS";
072        
073        protected static final String INIT_PARAM_BASEREQUEST = "WAS";
074    
075        /**
076         * 
077         * @param authenticationName
078         * @param initParams
079         */
080        public WASAuthentication( String authenticationName, Map<String, String> initParams ) {
081            super( authenticationName, initParams );
082        }
083    
084        /**
085         * authenticates a user and returns an instance of
086         * 
087         * @see {@link User} if authentication has been successfull. Otherwise a
088         *      WrongCredentialsException will be thrown
089         * @return an instance of User
090         * @throws WrongCredentialsException
091         */
092        public User authenticate( Map<String, String> params )
093                                throws WrongCredentialsException {
094    
095            String sessionID = params.get( AUTH_PARAM_SESSIONID );
096            User usr = null;
097            if ( sessionID != null ) {
098                String[] user = new String[3];
099                String urlStr = initParams.get( INIT_PARAM_WAS );
100                urlStr = urlStr.replaceFirst( "\\[SESSIONID\\]", sessionID );
101                LOG.logDebug( "request WAS for user information: " + urlStr );
102                Document doc = null;
103                try {                
104                    URL url = new URL( urlStr );
105                    XMLFragment xml = new XMLFragment( url );
106                    doc = xml.getRootElement().getOwnerDocument();
107                    user[0] = XMLTools.getNodeAsString( doc, "/User/UserName", nsContext, null );
108                    user[1] = XMLTools.getNodeAsString( doc, "/User/Password", nsContext, null );
109                } catch ( Exception e ) {
110                    LOG.logError( e.getMessage(), e );
111                    throw new WrongCredentialsException( Messages.getMessage( "OWSProxyServletFilter.WASACCESS" ) );
112                }
113    
114                if ( user[0] != null ) {
115                    try {
116                        SecurityAccessManager sam = SecurityAccessManager.getInstance();
117                        usr = sam.getUserByName( user[0] );
118                        usr.authenticate( user[1] );
119                    } catch ( Exception e ) {
120                        throw new WrongCredentialsException( Messages.getMessage( "OWSPROXY_USER_AUTH_ERROR", user[0] ) );
121                    }
122                } else {
123                    String msg = "undefined error";
124                    try {
125                        msg = XMLTools.getNodeAsString( doc, "//ServiceException", nsContext, "general error" );
126                    } catch ( Exception e ) {
127                        // should never happen
128                    }
129                    throw new WrongCredentialsException( msg );
130                }
131            }
132    
133            return usr;
134        }
135    
136    }