001 //$HeadURL: https://svn.wald.intevation.org/svn/deegree/base/branches/2.3_testing/src/org/deegree/security/owsproxy/OWSProxyPolicyFilter.java $
002 /*----------------------------------------------------------------------------
003 This file is part of deegree, http://deegree.org/
004 Copyright (C) 2001-2009 by:
005 Department of Geography, University of Bonn
006 and
007 lat/lon GmbH
008
009 This library is free software; you can redistribute it and/or modify it under
010 the terms of the GNU Lesser General Public License as published by the Free
011 Software Foundation; either version 2.1 of the License, or (at your option)
012 any later version.
013 This library is distributed in the hope that it will be useful, but WITHOUT
014 ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
015 FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
016 details.
017 You should have received a copy of the GNU Lesser General Public License
018 along with this library; if not, write to the Free Software Foundation, Inc.,
019 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
020
021 Contact information:
022
023 lat/lon GmbH
024 Aennchenstr. 19, 53177 Bonn
025 Germany
026 http://lat-lon.de/
027
028 Department of Geography, University of Bonn
029 Prof. Dr. Klaus Greve
030 Postfach 1147, 53001 Bonn
031 Germany
032 http://www.geographie.uni-bonn.de/deegree/
033
034 e-mail: info@deegree.org
035 ----------------------------------------------------------------------------*/
036 package org.deegree.security.owsproxy;
037
038 import java.util.Enumeration;
039 import java.util.HashMap;
040 import java.util.Map;
041
042 import javax.servlet.http.HttpServletRequest;
043
044 import org.deegree.framework.trigger.TriggerProvider;
045 import org.deegree.ogcwebservices.InvalidParameterValueException;
046 import org.deegree.ogcwebservices.OGCWebServiceRequest;
047 import org.deegree.security.UnauthorizedException;
048 import org.deegree.security.drm.model.User;
049 import org.deegree.security.owsrequestvalidator.GeneralPolicyValidator;
050 import org.deegree.security.owsrequestvalidator.OWSValidator;
051
052 /**
053 *
054 *
055 * @author <a href="mailto:poth@lat-lon.de">Andreas Poth </a>
056 * @author last edited by: $Author: mschneider $
057 *
058 * @version 1.1, $Revision: 18195 $, $Date: 2009-06-18 17:55:39 +0200 (Do, 18. Jun 2009) $
059 *
060 * @since 1.1
061 *
062 */
063 public class OWSProxyPolicyFilter {
064
065 private static TriggerProvider TP = TriggerProvider.create( OWSProxyPolicyFilter.class );
066
067 private Map<String, OWSValidator> validators = null;
068
069 /**
070 * if this constructor is used the OWSProxyPolicyFilter doesn't constain a Validator. Validators
071 * must be set using the addValidator(OWSPolicyValidator) method
072 */
073 public OWSProxyPolicyFilter() {
074 validators = new HashMap<String, OWSValidator>();
075 }
076
077 /**
078 * adds a <tt>OWSPolicyValidator</tt> to the <tt>OWSProxyPolicyFilter</tt>
079 *
080 * @param service
081 *
082 * @param validator
083 */
084 public void addValidator( String service, OWSValidator validator ) {
085 validators.put( service, validator );
086 }
087
088 /**
089 * validate the passed <tt>OGCWebServiceRequest</tt> againsted the Policy encapsulated by the
090 * <tt>OWSProxyPolicyFilter</tt>
091 *
092 * @param request
093 * @param length
094 * length (characters) of the request
095 * @param user
096 * @throws InvalidParameterValueException
097 * @throws UnauthorizedException
098 */
099 public void validateGeneralConditions( HttpServletRequest request, int length, User user )
100 throws InvalidParameterValueException, UnauthorizedException {
101
102 Object o = validators.keySet().iterator().next();
103 OWSValidator validator = validators.get( o );
104 // create GeneralPolicyValidatora and perform validation of
105 // general request parameters
106 GeneralPolicyValidator gpValidator = new GeneralPolicyValidator( validator.getGeneralCondtion() );
107 validateGeneralConditions( gpValidator, request, length, user );
108 }
109
110 /**
111 * validate the passed <tt>OGCWebServiceRequest</tt> againsted the Policy encapsulated by the
112 * <tt>OWSProxyPolicyFilter</tt>
113 *
114 * @param request
115 * @param user
116 * @throws InvalidParameterValueException
117 * @throws UnauthorizedException
118 */
119 public void validate( OGCWebServiceRequest request, User user )
120 throws InvalidParameterValueException, UnauthorizedException {
121
122 Object[] o = TP.doPreTrigger( this, request, user );
123 request = (OGCWebServiceRequest) o[0];
124 user = (User) o[1];
125
126 String service = request.getServiceName();
127 if ( service.equals( "urn:x-ogc:specification:cswebrim:Service:OGC-CSW:ebRIM" ) ) {
128 service = "CSW";
129 }
130 // get validator assigned to the requested service
131 OWSValidator validator = validators.get( service );
132
133 if ( validator == null ) {
134 throw new InvalidParameterValueException( "No Validator registered for service: " + service );
135 }
136 // validate the OWS request
137 validator.validateRequest( request, user );
138
139 TP.doPostTrigger( this, request, user );
140
141 }
142
143 /**
144 * validates the general conditions of a Http request. validated are:
145 * <ul>
146 * <li>content length
147 * <li>request method
148 * <li>header fields
149 * </ul>
150 *
151 * @param gpValidator
152 * @param request
153 * @param length
154 * length (characters) of the request
155 * @param user
156 * @throws InvalidParameterValueException
157 * @throws UnauthorizedException
158 */
159 private void validateGeneralConditions( GeneralPolicyValidator gpValidator, HttpServletRequest request, int length,
160 User user )
161 throws InvalidParameterValueException, UnauthorizedException {
162
163 gpValidator.validateRequestMethod( request.getMethod() );
164 if ( request.getContentLength() > 0 )
165 length = request.getContentLength();
166 if ( request.getMethod().equalsIgnoreCase( "GET" ) ) {
167 gpValidator.validateGetContentLength( length );
168 } else {
169 gpValidator.validatePostContentLength( length );
170 }
171 Enumeration<?> iterator = request.getHeaderNames();
172 Map<String, Object> header = new HashMap<String, Object>();
173 while ( iterator.hasMoreElements() ) {
174 String key = (String) iterator.nextElement();
175 Object value = request.getHeaders( key );
176 header.put( key, value );
177 }
178 gpValidator.validateHeader( header, user );
179 }
180
181 /**
182 * validates the response (data) to a request
183 *
184 * @param request
185 * @param data
186 * @param mime
187 * @param user
188 * @return the response data
189 * @throws InvalidParameterValueException
190 * @throws UnauthorizedException
191 */
192 public byte[] validate( OGCWebServiceRequest request, byte[] data, String mime, User user )
193 throws InvalidParameterValueException, UnauthorizedException {
194
195 Object[] o = TP.doPreTrigger( this, request, data, mime, user );
196 request = (OGCWebServiceRequest) o[0];
197 data = (byte[]) o[1];
198 mime = (String) o[2];
199 user = (User) o[3];
200
201 String service = request.getServiceName();
202 if ( service.equals( "urn:x-ogc:specification:cswebrim:Service:OGC-CSW:ebRIM" ) ) {
203 service = "CSW";
204 }
205 // get validator assigned to the requested service
206 OWSValidator validator = validators.get( service );
207 if ( validator == null ) {
208 throw new InvalidParameterValueException( "No Validator registered for service: " + service );
209 }
210 // validate the OWS request
211 data = validator.validateResponse( request, data, mime, user );
212 o = TP.doPostTrigger( this, request, data, mime, user );
213 data = (byte[]) o[1];
214 return data;
215
216 }
217
218 }