001 //$HeadURL: https://sushibar/svn/deegree/base/trunk/src/org/deegree/framework/xml/Arc2ISO.java $
002 /*----------------------------------------------------------------------------
003 This file is part of deegree, http://deegree.org/
004 Copyright (C) 2001-2009 by:
005 Department of Geography, University of Bonn
006 and
007 lat/lon GmbH
008
009 This library is free software; you can redistribute it and/or modify it under
010 the terms of the GNU Lesser General Public License as published by the Free
011 Software Foundation; either version 2.1 of the License, or (at your option)
012 any later version.
013 This library is distributed in the hope that it will be useful, but WITHOUT
014 ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
015 FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
016 details.
017 You should have received a copy of the GNU Lesser General Public License
018 along with this library; if not, write to the Free Software Foundation, Inc.,
019 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
020
021 Contact information:
022
023 lat/lon GmbH
024 Aennchenstr. 19, 53177 Bonn
025 Germany
026 http://lat-lon.de/
027
028 Department of Geography, University of Bonn
029 Prof. Dr. Klaus Greve
030 Postfach 1147, 53001 Bonn
031 Germany
032 http://www.geographie.uni-bonn.de/deegree/
033
034 e-mail: info@deegree.org
035 ----------------------------------------------------------------------------*/
036
037 package org.deegree.ogcwebservices.csw.iso_profile.ebrim;
038
039 import java.io.File;
040 import java.io.IOException;
041 import java.io.OutputStream;
042 import java.net.MalformedURLException;
043 import java.net.URL;
044 import java.security.InvalidParameterException;
045
046 import javax.servlet.FilterConfig;
047
048 import org.deegree.enterprise.servlet.ServletRequestWrapper;
049 import org.deegree.enterprise.servlet.ServletResponseWrapper;
050 import org.deegree.framework.log.ILogger;
051 import org.deegree.framework.log.LoggerFactory;
052 import org.deegree.framework.xml.XMLParsingException;
053 import org.deegree.ogcwebservices.InvalidParameterValueException;
054 import org.deegree.ogcwebservices.OGCRequestFactory;
055 import org.deegree.ogcwebservices.OGCWebServiceException;
056 import org.deegree.ogcwebservices.OGCWebServiceRequest;
057 import org.deegree.security.GeneralSecurityException;
058 import org.deegree.security.SecurityConfigurationException;
059 import org.deegree.security.UnauthorizedException;
060 import org.deegree.security.drm.SecurityAccessManager;
061 import org.deegree.security.drm.model.User;
062 import org.deegree.security.owsproxy.OWSProxyPolicyFilter;
063 import org.deegree.security.owsrequestvalidator.PolicyDocument;
064 import org.deegree.security.owsrequestvalidator.csw.CSWValidator;
065
066 /**
067 *
068 *
069 *
070 * @author <a href="mailto:poth@lat-lon.de">Andreas Poth</a>
071 * @author last edited by: $Author: bezema $
072 *
073 * @version $Revision: 1.3 $, $Date: 2007-06-21 13:54:48 $
074 */
075 public class OWSProxyHandler {
076
077 private static final ILogger LOG = LoggerFactory.getLogger( OWSProxyHandler.class );
078
079 private OWSProxyPolicyFilter pFilter;
080
081 /**
082 * initialize the filter with parameters from the deployment descriptor
083 *
084 * @param config
085 */
086 public OWSProxyHandler( FilterConfig config ) {
087
088 pFilter = new OWSProxyPolicyFilter();
089 String proxyURL = "http://127.0.0.1/owsproxy/proxy";
090 if ( config.getInitParameter( "PROXYURL" ) != null ) {
091 proxyURL = config.getInitParameter( "PROXYURL" );
092 }
093 LOG.logDebug( " found 'PROXYURL' param: " + proxyURL );
094 String paramValue = config.getInitParameter( "CSW:POLICY" );
095 LOG.logDebug( " found 'CSW:POLICY' param: " + paramValue );
096 paramValue = config.getServletContext().getRealPath( paramValue );
097 LOG.logDebug( " 'CSW:POLICY' param converted to realPath: " + paramValue );
098
099 try {
100 URL fileURL = new File( paramValue ).toURI().toURL();
101 PolicyDocument doc = new PolicyDocument( fileURL );
102 CSWValidator validator = new CSWValidator( doc.getPolicy(), proxyURL );
103 pFilter.addValidator( "CSW", validator );
104 pFilter.addValidator( "urn:x-ogc:specification:cswebrim:Service:OGC-CSW:ebRIM", validator );
105 LOG.logDebug( " added the CSW validator from: " + paramValue + " to the OWSProxyPolicyFilter." );
106 } catch ( MalformedURLException e ) {
107 LOG.logDebug( " couldn't create a fileURL from: " + paramValue + " because: " + e.getMessage() );
108 throw new InvalidParameterException( "Couldn't create an OWSProxyhandler because: " + e.getMessage() );
109 } catch ( SecurityConfigurationException e ) {
110 LOG.logDebug( " couldn't create a PolicyDocument from: " + paramValue + " because: " + e.getMessage() );
111 throw new InvalidParameterException( "Couldn't create an OWSProxyhandler because: " + e.getMessage() );
112 } catch ( XMLParsingException e ) {
113 LOG.logDebug( " couldn't get an Policy fromt the PolicyDocument from location: " + paramValue
114 + " because: " + e.getMessage() );
115 throw new InvalidParameterException( "Couldn't create an OWSProxyhandler because: " + e.getMessage() );
116 }
117 }
118
119 /**
120 *
121 * @param request
122 * @return a request created from the http servlet request (e.g. calling the
123 * {@link OGCRequestFactory#create(javax.servlet.ServletRequest)}.
124 * @throws OGCWebServiceException
125 */
126 public OGCWebServiceRequest createOWSRequest( ServletRequestWrapper request )
127 throws OGCWebServiceException {
128 OGCWebServiceRequest owsReq = null;
129 try {
130 owsReq = OGCRequestFactory.create( request );
131 } catch ( OGCWebServiceException e ) {
132 LOG.logDebug( "Couldn't create an OGCWebserviceRequest because: " + e.getMessage(), e );
133 throw e;
134 }
135 return owsReq;
136 }
137
138 /**
139 * Validates if a given user may send the given request
140 *
141 * @param request
142 * @param user
143 * @param owsRequest
144 * created of the stream.
145 * @throws UnauthorizedException
146 * if the user is not authorized to do the given request.
147 * @throws InvalidParameterValueException
148 */
149 public void doRequestValidation( ServletRequestWrapper request, User user, OGCWebServiceRequest owsRequest )
150 throws UnauthorizedException, InvalidParameterValueException {
151 LOG.logDebug( "Validating credentials for user: " + user.toString() );
152 pFilter.validateGeneralConditions( request, request.getContentLength(), user );
153 pFilter.validate( owsRequest, user );
154
155 }
156
157 /**
158 *
159 * @param response
160 * @param user
161 * @param owsRequest
162 * @throws IOException
163 * @throws UnauthorizedException
164 * @throws InvalidParameterValueException
165 */
166 public void doResponseValidation( ServletResponseWrapper response, User user, OGCWebServiceRequest owsRequest )
167 throws IOException, InvalidParameterValueException, UnauthorizedException {
168 // forward request to the next filter or servlet
169 // get result from performing the request
170 OutputStream os = response.getOutputStream();
171 byte[] b = ( (ServletResponseWrapper.ProxyServletOutputStream) os ).toByteArray();
172 if ( LOG.getLevel() == ILogger.LOG_DEBUG ) {
173 LOG.logDebug( " response bytes as a string: \n" + new String( b ) );
174 }
175
176 // validate the result of a request performing
177 String mime = response.getContentType();
178 LOG.logDebug( " resonse mime type: " + mime );
179 pFilter.validate( owsRequest, b, mime, user );
180
181 }
182
183 /**
184 *
185 * @param user
186 * @param password
187 * @return a User identified by the user and password.
188 * @throws GeneralSecurityException
189 */
190 public User authentificateFromUserPw( String user, String password )
191 throws GeneralSecurityException {
192 User usr = null;
193 SecurityAccessManager sam;
194 // try {
195 sam = SecurityAccessManager.getInstance();
196 usr = sam.getUserByName( user );
197 usr.authenticate( password );
198 // } catch ( GeneralSecurityException e ) {
199 // // TODO Auto-generated catch block
200 // if ( !( user.equals( "anonymous" ) ) ) {
201 // throw new UnauthorizedException( "OWSProxyServletFilter.USERERROR" );
202 // }
203 //
204 // }
205
206 // } catch ( Exception e ) {
207 // LOG.logError( e.getMessage(), e );
208 // }
209
210 return usr;
211 }
212
213 // public static void main( String[] args )
214 // throws Exception {
215 // // just for demonstration how to use
216 // FilterConfig config = null;
217 // OWSProxyHandler fil = new OWSProxyHandler( config );
218 //
219 // ServletRequestWrapper request = null;
220 // OGCWebServiceRequest owsReq = fil.createOWSRequest( request );
221 // User user = fil.authentificateFromUserPw( "poth", "myPassword" );
222 // fil.doRequestValidation( request, user, owsReq );
223 //
224 // /*
225 // * here the magic of the program must be added ...
226 // */
227 //
228 // // kann sein, dass wir die response validierung nicht brauchen
229 // // daher erst mal ohne versuchen ...
230 // /*
231 // * ServletResponseWrapper response = null; fil.doResponseValidation( response, user, owsReq );
232 // */
233 //
234 // }
235
236 }