001 //$HeadURL$
002 /*---------------- FILE HEADER ------------------------------------------
003 This file is part of deegree.
004 Copyright (C) 2001-2008 by:
005 Department of Geography, University of Bonn
006 http://www.giub.uni-bonn.de/deegree/
007 lat/lon GmbH
008 http://www.lat-lon.de
009
010 This library is free software; you can redistribute it and/or
011 modify it under the terms of the GNU Lesser General Public
012 License as published by the Free Software Foundation; either
013 version 2.1 of the License, or (at your option) any later version.
014 This library is distributed in the hope that it will be useful,
015 but WITHOUT ANY WARRANTY; without even the implied warranty of
016 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
017 Lesser General Public License for more details.
018 You should have received a copy of the GNU Lesser General Public
019 License along with this library; if not, write to the Free Software
020 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
021 Contact:
022
023 Andreas Poth
024 lat/lon GmbH
025 Aennchenstr. 19
026 53177 Bonn
027 Germany
028 E-Mail: poth@lat-lon.de
029
030 Prof. Dr. Klaus Greve
031 Department of Geography
032 University of Bonn
033 Meckenheimer Allee 166
034 53115 Bonn
035 Germany
036 E-Mail: greve@giub.uni-bonn.de
037 ---------------------------------------------------------------------------*/
038 package org.deegree.tools.security;
039
040 import java.net.URL;
041 import java.util.HashMap;
042 import java.util.Map;
043 import java.util.Properties;
044
045 import org.deegree.framework.log.ILogger;
046 import org.deegree.framework.log.LoggerFactory;
047 import org.deegree.ogcwebservices.wms.capabilities.Layer;
048 import org.deegree.ogcwebservices.wms.capabilities.WMSCapabilities;
049 import org.deegree.ogcwebservices.wms.capabilities.WMSCapabilitiesDocument;
050 import org.deegree.ogcwebservices.wms.capabilities.WMSCapabilitiesDocumentFactory;
051 import org.deegree.security.GeneralSecurityException;
052 import org.deegree.security.UnauthorizedException;
053 import org.deegree.security.drm.SecurityAccessManager;
054 import org.deegree.security.drm.SecurityTransaction;
055 import org.deegree.security.drm.UnknownException;
056 import org.deegree.security.drm.model.User;
057
058 /**
059 * Tool for adding all requestable layers of a WMS into deegree's user and rights management system
060 *
061 * @author <a href="mailto:poth@lat-lon.de">Andreas Poth</a>
062 * @author last edited by: $Author: poth $
063 *
064 * @version. $Revision: 6251 $, $Date: 2007-03-19 16:59:28 +0100 (Mo, 19 Mrz 2007) $
065 */
066 public class WMSLayerImporter {
067
068 private static final ILogger LOG = LoggerFactory.getLogger( WMSLayerImporter.class );
069
070 private Configuration configuration;
071
072 private SecurityAccessManager manager;
073
074 /**
075 *
076 * @param configuration
077 */
078 public WMSLayerImporter( Configuration configuration ) {
079 this.configuration = configuration;
080 }
081
082 /**
083 *
084 * @param param
085 * @throws Exception
086 */
087 public WMSLayerImporter( Map<String, String> param ) throws Exception {
088 this.configuration = new Configuration( param );
089 }
090
091 /**
092 * initializes access to the security and rights db
093 *
094 * @throws GeneralSecurityException
095 * @return admin user
096 */
097 private User setUp()
098 throws GeneralSecurityException {
099 Properties properties = new Properties();
100 properties.setProperty( "driver", configuration.getSecDBDriver() );
101 properties.setProperty( "url", configuration.secDBURL );
102 properties.setProperty( "user", configuration.getSecDBUserName() );
103 properties.setProperty( "password", configuration.getSecDBUserPw() );
104 System.out.println( properties );
105 try {
106 manager = SecurityAccessManager.getInstance();
107 } catch ( GeneralSecurityException e ) {
108 try {
109 System.out.println( properties );
110 SecurityAccessManager.initialize( "org.deegree.security.drm.SQLRegistry", properties, 60 * 1000 );
111 manager = SecurityAccessManager.getInstance();
112 } catch ( GeneralSecurityException e1 ) {
113 e1.printStackTrace();
114 }
115 }
116 User user = manager.getUserByName( "SEC_ADMIN" );
117 user.authenticate( configuration.getSecAdminPw() );
118 return user;
119 }
120
121 /**
122 * start reading, parsing WMSCapabilites and adding requestable layers into rights DB
123 *
124 * @throws Exception
125 */
126 public void perform()
127 throws Exception {
128
129 // initialize access to rights DB
130 User user = setUp();
131
132 URL url = new URL( configuration.getWmsAddress() + "?request=GetCapabilities&service=WMS" );
133 WMSCapabilitiesDocument doc = WMSCapabilitiesDocumentFactory.getWMSCapabilitiesDocument( url );
134
135 WMSCapabilities caps = (WMSCapabilities) doc.parseCapabilities();
136 Layer layer = caps.getLayer();
137 traverseLayer( layer, user );
138 }
139
140 /**
141 *
142 * @param layer
143 * @throws GeneralSecurityException
144 * @throws UnauthorizedException
145 */
146 private void traverseLayer( Layer layer, User user )
147 throws UnauthorizedException, GeneralSecurityException {
148 if ( layer.getName() != null ) {
149 // just layers having a name can be considered because just these layers
150 // can be requests in a GetMap or GetFeatureInfo request
151 addLayerToRightsDB( layer, user );
152 }
153 Layer[] layers = layer.getLayer();
154 if ( layers != null ) {
155 for ( int i = 0; i < layers.length; i++ ) {
156 traverseLayer( layers[i], user );
157 }
158 }
159 }
160
161 /**
162 *
163 * @param layer
164 * @param user
165 * @throws UnauthorizedException
166 * @throws GeneralSecurityException
167 */
168 private void addLayerToRightsDB( Layer layer, User user )
169 throws UnauthorizedException, GeneralSecurityException {
170
171 SecurityTransaction transaction = manager.acquireTransaction( user );
172 try {
173 transaction.getSecuredObjectByName( layer.getName(), "Layer" );
174 } catch ( UnknownException e ) {
175 LOG.logInfo( "add layer: " + layer.getName() );
176 transaction.registerSecuredObject( "Layer", layer.getName(), layer.getTitle() );
177 return;
178 } finally {
179 manager.commitTransaction( transaction );
180 }
181
182 LOG.logInfo( "skip layer: " + layer.getName() + " because it is already registered to rights DB" );
183
184 }
185
186 private static void printHelp() {
187 System.out.println( "following parameters must be set: " );
188 System.out.println( "-WMSAddress : must be a valid URL to a WMS" );
189 System.out.println( "-Driver : JDBC database driver class" );
190 System.out.println( "-URL : JDBC URL of the rights managment DB " );
191 System.out.println( "-DBUserName : name of DB-user" );
192 System.out.println( "-DBUserPassword : password of DB-user" );
193 System.out.println( "-SecAdminPassword : password of rights managment admin" );
194 System.out.println();
195 System.out.println( "example:" );
196 System.out.println( "java -classpath .;$ADD LIBS HERE org.deegree.tools.security.WMSLayerImporter " );
197 System.out.println( " -WMSAddress http://demo.deegree.org/deegree-wms/services " );
198 System.out.println( " -Driver org.postgresql.Driver -URL jdbc:postgresql://localhost:5432/security " );
199 System.out.println( " -DBUserName postgres -DBUserPassword postgres -SecAdminPassword JOSE67" );
200 }
201
202 /**
203 * @param args
204 * @throws Exception
205 */
206 public static void main( String[] args )
207 throws Exception {
208
209 Map<String, String> map = new HashMap<String, String>();
210 for ( int i = 0; i < args.length; i += 2 ) {
211 if ( args[i].equals( "-h" ) || args[i].equals( "-?" ) ) {
212 printHelp();
213 return;
214 }
215 map.put( args[i], args[i + 1] );
216 }
217 WMSLayerImporter imp = new WMSLayerImporter( map );
218 imp.perform();
219 System.exit( 0 );
220 }
221
222 public class Configuration {
223
224 private String wmsAddress;
225
226 private String secDBDriver;
227
228 private String secDBURL;
229
230 private String secDBUserPw;
231
232 private String secDBUserName;
233
234 private String secAdminPw;
235
236 /**
237 *
238 * @param wmsAddress
239 * @param secDBDriver
240 * @param secDBURL
241 * @param secDBAdminPw
242 */
243 public Configuration( String wmsAddress, String secDBDriver, String secDBURL, String secDBUserName,
244 String secDBUserPw, String secAdminPw ) {
245 this.wmsAddress = wmsAddress;
246 this.secDBDriver = secDBDriver;
247 this.secDBURL = secDBURL;
248 this.secDBUserName = secDBUserName;
249 this.secDBUserPw = secDBUserPw;
250 this.secAdminPw = secAdminPw;
251 }
252
253 /**
254 *
255 * @param args
256 * @throws Exception
257 */
258 public Configuration( Map<String, String> map ) throws Exception {
259 validate( map );
260 wmsAddress = map.get( "-WMSAddress" );
261 secDBDriver = map.get( "-Driver" );
262 secDBURL = map.get( "-URL" );
263 secDBUserName = map.get( "-DBUserName" );
264 secDBUserPw = map.get( "-DBUserPassword" );
265 secAdminPw = map.get( "-SecAdminPassword" );
266 }
267
268 private void validate( Map<String, String> map )
269 throws Exception {
270 if ( map.get( "-WMSAddress" ) == null ) {
271 throw new Exception( "Parameter -WMSAddress must be set" );
272 }
273 try {
274 new URL( map.get( "-WMSAddress" ) );
275 } catch ( Exception e ) {
276 throw new Exception( "Parameter -WMSAddress must be a valid URL" );
277 }
278 if ( map.get( "-Driver" ) == null ) {
279 throw new Exception( "Parameter -Driver must be set" );
280 }
281 if ( map.get( "-URL" ) == null ) {
282 throw new Exception( "Parameter -URL must be set" );
283 }
284 if ( map.get( "-DBUserName" ) == null ) {
285 throw new Exception( "Parameter -DBUserName must be set" );
286 }
287 if ( map.get( "-DBUserPassword" ) == null ) {
288 throw new Exception( "Parameter -DBUserPassword must be set" );
289 }
290 if ( map.get( "-SecAdminPassword" ) == null ) {
291 throw new Exception( "Parameter -SecAdminPassword must be set" );
292 }
293 }
294
295 /**
296 *
297 * @return database driver class
298 */
299 public String getSecDBDriver() {
300 return secDBDriver;
301 }
302
303 /**
304 *
305 * @return database URL
306 */
307 public String getSecDBURL() {
308 return secDBURL;
309 }
310
311 /**
312 *
313 * @return address/URL of the WMS
314 */
315 public String getWmsAddress() {
316 return wmsAddress;
317 }
318
319 /**
320 *
321 * @return rights management admin password
322 */
323 public String getSecAdminPw() {
324 return secAdminPw;
325 }
326
327 /**
328 *
329 * @return rights db user name
330 */
331 public String getSecDBUserName() {
332 return secDBUserName;
333 }
334
335 /**
336 *
337 * @return rights db user's passowrod
338 */
339 public String getSecDBUserPw() {
340 return secDBUserPw;
341 }
342
343 }
344
345 }