001 //$HeadURL: https://svn.wald.intevation.org/svn/deegree/base/branches/2.3_testing/src/org/deegree/security/owsproxy/OWSProxyPolicyFilter.java $ 002 /*---------------------------------------------------------------------------- 003 This file is part of deegree, http://deegree.org/ 004 Copyright (C) 2001-2009 by: 005 Department of Geography, University of Bonn 006 and 007 lat/lon GmbH 008 009 This library is free software; you can redistribute it and/or modify it under 010 the terms of the GNU Lesser General Public License as published by the Free 011 Software Foundation; either version 2.1 of the License, or (at your option) 012 any later version. 013 This library is distributed in the hope that it will be useful, but WITHOUT 014 ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS 015 FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more 016 details. 017 You should have received a copy of the GNU Lesser General Public License 018 along with this library; if not, write to the Free Software Foundation, Inc., 019 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 020 021 Contact information: 022 023 lat/lon GmbH 024 Aennchenstr. 19, 53177 Bonn 025 Germany 026 http://lat-lon.de/ 027 028 Department of Geography, University of Bonn 029 Prof. Dr. Klaus Greve 030 Postfach 1147, 53001 Bonn 031 Germany 032 http://www.geographie.uni-bonn.de/deegree/ 033 034 e-mail: info@deegree.org 035 ----------------------------------------------------------------------------*/ 036 package org.deegree.security.owsproxy; 037 038 import java.util.Enumeration; 039 import java.util.HashMap; 040 import java.util.Map; 041 042 import javax.servlet.http.HttpServletRequest; 043 044 import org.deegree.framework.trigger.TriggerProvider; 045 import org.deegree.ogcwebservices.InvalidParameterValueException; 046 import org.deegree.ogcwebservices.OGCWebServiceRequest; 047 import org.deegree.security.UnauthorizedException; 048 import org.deegree.security.drm.model.User; 049 import org.deegree.security.owsrequestvalidator.GeneralPolicyValidator; 050 import org.deegree.security.owsrequestvalidator.OWSValidator; 051 052 /** 053 * 054 * 055 * @author <a href="mailto:poth@lat-lon.de">Andreas Poth </a> 056 * @author last edited by: $Author: mschneider $ 057 * 058 * @version 1.1, $Revision: 18195 $, $Date: 2009-06-18 17:55:39 +0200 (Do, 18. Jun 2009) $ 059 * 060 * @since 1.1 061 * 062 */ 063 public class OWSProxyPolicyFilter { 064 065 private static TriggerProvider TP = TriggerProvider.create( OWSProxyPolicyFilter.class ); 066 067 private Map<String, OWSValidator> validators = null; 068 069 /** 070 * if this constructor is used the OWSProxyPolicyFilter doesn't constain a Validator. Validators 071 * must be set using the addValidator(OWSPolicyValidator) method 072 */ 073 public OWSProxyPolicyFilter() { 074 validators = new HashMap<String, OWSValidator>(); 075 } 076 077 /** 078 * adds a <tt>OWSPolicyValidator</tt> to the <tt>OWSProxyPolicyFilter</tt> 079 * 080 * @param service 081 * 082 * @param validator 083 */ 084 public void addValidator( String service, OWSValidator validator ) { 085 validators.put( service, validator ); 086 } 087 088 /** 089 * validate the passed <tt>OGCWebServiceRequest</tt> againsted the Policy encapsulated by the 090 * <tt>OWSProxyPolicyFilter</tt> 091 * 092 * @param request 093 * @param length 094 * length (characters) of the request 095 * @param user 096 * @throws InvalidParameterValueException 097 * @throws UnauthorizedException 098 */ 099 public void validateGeneralConditions( HttpServletRequest request, int length, User user ) 100 throws InvalidParameterValueException, UnauthorizedException { 101 102 Object o = validators.keySet().iterator().next(); 103 OWSValidator validator = validators.get( o ); 104 // create GeneralPolicyValidatora and perform validation of 105 // general request parameters 106 GeneralPolicyValidator gpValidator = new GeneralPolicyValidator( validator.getGeneralCondtion() ); 107 validateGeneralConditions( gpValidator, request, length, user ); 108 } 109 110 /** 111 * validate the passed <tt>OGCWebServiceRequest</tt> againsted the Policy encapsulated by the 112 * <tt>OWSProxyPolicyFilter</tt> 113 * 114 * @param request 115 * @param user 116 * @throws InvalidParameterValueException 117 * @throws UnauthorizedException 118 */ 119 public void validate( OGCWebServiceRequest request, User user ) 120 throws InvalidParameterValueException, UnauthorizedException { 121 122 Object[] o = TP.doPreTrigger( this, request, user ); 123 request = (OGCWebServiceRequest) o[0]; 124 user = (User) o[1]; 125 126 String service = request.getServiceName(); 127 if ( service.equals( "urn:x-ogc:specification:cswebrim:Service:OGC-CSW:ebRIM" ) ) { 128 service = "CSW"; 129 } 130 // get validator assigned to the requested service 131 OWSValidator validator = validators.get( service ); 132 133 if ( validator == null ) { 134 throw new InvalidParameterValueException( "No Validator registered for service: " + service ); 135 } 136 // validate the OWS request 137 validator.validateRequest( request, user ); 138 139 TP.doPostTrigger( this, request, user ); 140 141 } 142 143 /** 144 * validates the general conditions of a Http request. validated are: 145 * <ul> 146 * <li>content length 147 * <li>request method 148 * <li>header fields 149 * </ul> 150 * 151 * @param gpValidator 152 * @param request 153 * @param length 154 * length (characters) of the request 155 * @param user 156 * @throws InvalidParameterValueException 157 * @throws UnauthorizedException 158 */ 159 private void validateGeneralConditions( GeneralPolicyValidator gpValidator, HttpServletRequest request, int length, 160 User user ) 161 throws InvalidParameterValueException, UnauthorizedException { 162 163 gpValidator.validateRequestMethod( request.getMethod() ); 164 if ( request.getContentLength() > 0 ) 165 length = request.getContentLength(); 166 if ( request.getMethod().equalsIgnoreCase( "GET" ) ) { 167 gpValidator.validateGetContentLength( length ); 168 } else { 169 gpValidator.validatePostContentLength( length ); 170 } 171 Enumeration<?> iterator = request.getHeaderNames(); 172 Map<String, Object> header = new HashMap<String, Object>(); 173 while ( iterator.hasMoreElements() ) { 174 String key = (String) iterator.nextElement(); 175 Object value = request.getHeaders( key ); 176 header.put( key, value ); 177 } 178 gpValidator.validateHeader( header, user ); 179 } 180 181 /** 182 * validates the response (data) to a request 183 * 184 * @param request 185 * @param data 186 * @param mime 187 * @param user 188 * @return the response data 189 * @throws InvalidParameterValueException 190 * @throws UnauthorizedException 191 */ 192 public byte[] validate( OGCWebServiceRequest request, byte[] data, String mime, User user ) 193 throws InvalidParameterValueException, UnauthorizedException { 194 195 Object[] o = TP.doPreTrigger( this, request, data, mime, user ); 196 request = (OGCWebServiceRequest) o[0]; 197 data = (byte[]) o[1]; 198 mime = (String) o[2]; 199 user = (User) o[3]; 200 201 String service = request.getServiceName(); 202 if ( service.equals( "urn:x-ogc:specification:cswebrim:Service:OGC-CSW:ebRIM" ) ) { 203 service = "CSW"; 204 } 205 // get validator assigned to the requested service 206 OWSValidator validator = validators.get( service ); 207 if ( validator == null ) { 208 throw new InvalidParameterValueException( "No Validator registered for service: " + service ); 209 } 210 // validate the OWS request 211 data = validator.validateResponse( request, data, mime, user ); 212 o = TP.doPostTrigger( this, request, data, mime, user ); 213 data = (byte[]) o[1]; 214 return data; 215 216 } 217 218 }