001 //$HeadURL: https://svn.wald.intevation.org/svn/deegree/base/branches/2.3_testing/src/org/deegree/portal/standard/security/control/SecurityRequestDispatcher.java $
002 /*----------------------------------------------------------------------------
003 This file is part of deegree, http://deegree.org/
004 Copyright (C) 2001-2009 by:
005 Department of Geography, University of Bonn
006 and
007 lat/lon GmbH
008
009 This library is free software; you can redistribute it and/or modify it under
010 the terms of the GNU Lesser General Public License as published by the Free
011 Software Foundation; either version 2.1 of the License, or (at your option)
012 any later version.
013 This library is distributed in the hope that it will be useful, but WITHOUT
014 ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
015 FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
016 details.
017 You should have received a copy of the GNU Lesser General Public License
018 along with this library; if not, write to the Free Software Foundation, Inc.,
019 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
020
021 Contact information:
022
023 lat/lon GmbH
024 Aennchenstr. 19, 53177 Bonn
025 Germany
026 http://lat-lon.de/
027
028 Department of Geography, University of Bonn
029 Prof. Dr. Klaus Greve
030 Postfach 1147, 53001 Bonn
031 Germany
032 http://www.geographie.uni-bonn.de/deegree/
033
034 e-mail: info@deegree.org
035 ----------------------------------------------------------------------------*/
036 package org.deegree.portal.standard.security.control;
037
038 import java.io.File;
039 import java.io.IOException;
040 import java.io.InputStreamReader;
041 import java.io.Reader;
042 import java.net.URI;
043 import java.net.URL;
044 import java.util.Enumeration;
045 import java.util.Properties;
046
047 import javax.servlet.ServletConfig;
048 import javax.servlet.ServletException;
049 import javax.servlet.http.HttpServletRequest;
050 import javax.servlet.http.HttpServletResponse;
051
052 import org.deegree.enterprise.control.RequestDispatcher;
053 import org.deegree.framework.xml.NamespaceContext;
054 import org.deegree.framework.xml.XMLTools;
055 import org.deegree.i18n.Messages;
056 import org.deegree.io.IODocument;
057 import org.deegree.io.JDBCConnection;
058 import org.deegree.security.drm.SecurityAccessManager;
059 import org.w3c.dom.Document;
060 import org.w3c.dom.Element;
061
062 /**
063 *
064 * @author <a href="mailto:poth@lat-lon.de">Andreas Poth</a>
065 * @author last edited by: $Author: mschneider $
066 *
067 * @version $Revision: 18195 $, $Date: 2009-06-18 17:55:39 +0200 (Do, 18. Jun 2009) $
068 */
069 public class SecurityRequestDispatcher extends RequestDispatcher {
070
071 private static final long serialVersionUID = -5980332315176739271L;
072
073 private static String SECURITY_CONFIG = "Security.configFile";
074
075 private boolean supportManyServices = false;
076
077 /**
078 * This method initializes the servlet.
079 *
080 * @param cfg
081 * the servlet configuration
082 * @throws ServletException
083 * an exception
084 */
085 @Override
086 public void init( ServletConfig cfg )
087 throws ServletException {
088 super.init( cfg );
089
090 try {
091 // config file -> DOM
092 String s = getInitParameter( SECURITY_CONFIG );
093 File file = new File( s );
094 if ( !file.isAbsolute() ) {
095 file = new File( getServletContext().getRealPath( s ) );
096 }
097 URL url = file.toURL();
098 Reader reader = new InputStreamReader( url.openStream() );
099 Document doc = XMLTools.parse( reader );
100 Element element = doc.getDocumentElement();
101 reader.close();
102
103 // extract configuration information from DOM
104 String readWriteTimeoutString = XMLTools.getStringValue( "readWriteTimeout", null, element, "600" );
105 int readWriteTimeout = Integer.parseInt( readWriteTimeoutString );
106
107 String registryClass = XMLTools.getRequiredStringValue( "registryClass", null, element );
108 Element registryConfig = (Element) XMLTools.getRequiredNode( element, "registryConfig", null );
109
110 // required: <connection>
111 NamespaceContext nsc = new NamespaceContext();
112 nsc.addNamespace( "jdbc", new URI( "http://www.deegree.org/jdbc" ) );
113 element = (Element) XMLTools.getRequiredNode( registryConfig, "jdbc:JDBCConnection", nsc );
114 IODocument xml = new IODocument( element );
115 JDBCConnection jdbc = xml.parseJDBCConnection();
116
117 Properties properties = new Properties();
118
119 // required: <driver>
120 properties.put( "driver", jdbc.getDriver() );
121 // required: <logon>
122 properties.put( "url", jdbc.getURL() );
123 // required: <user>
124 properties.put( "user", jdbc.getUser() );
125 // required: <password>
126 properties.put( "password", jdbc.getPassword() );
127
128 if ( !SecurityAccessManager.isInitialized() ) {
129 SecurityAccessManager.initialize( registryClass, properties, readWriteTimeout * 1000 );
130 }
131
132 Enumeration<?> enumer = cfg.getInitParameterNames();
133 while ( enumer.hasMoreElements() ) {
134 String key = (String) enumer.nextElement();
135 if ( key.equalsIgnoreCase( "supportmanyservices" ) ) {
136 supportManyServices = cfg.getInitParameter( key ).equalsIgnoreCase( "true" );
137 }
138 }
139
140 } catch ( Exception e ) {
141 throw new ServletException( Messages.getMessage( "IGEO_STD_SEC_FAIL_INIT_SEC_DISPATCHER", e.getMessage() ) );
142 }
143
144 }
145
146 @Override
147 protected void service( HttpServletRequest request, HttpServletResponse response )
148 throws ServletException, IOException {
149 if ( supportManyServices ) {
150 request.setAttribute( "supportManyServices", "true" );
151 }
152
153 super.service( request, response );
154 }
155
156 }