001 //$HeadURL$
002 /*----------------------------------------------------------------------------
003 This file is part of deegree, http://deegree.org/
004 Copyright (C) 2001-2009 by:
005 Department of Geography, University of Bonn
006 and
007 lat/lon GmbH
008
009 This library is free software; you can redistribute it and/or modify it under
010 the terms of the GNU Lesser General Public License as published by the Free
011 Software Foundation; either version 2.1 of the License, or (at your option)
012 any later version.
013 This library is distributed in the hope that it will be useful, but WITHOUT
014 ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
015 FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
016 details.
017 You should have received a copy of the GNU Lesser General Public License
018 along with this library; if not, write to the Free Software Foundation, Inc.,
019 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
020
021 Contact information:
022
023 lat/lon GmbH
024 Aennchenstr. 19, 53177 Bonn
025 Germany
026 http://lat-lon.de/
027
028 Department of Geography, University of Bonn
029 Prof. Dr. Klaus Greve
030 Postfach 1147, 53001 Bonn
031 Germany
032 http://www.geographie.uni-bonn.de/deegree/
033
034 e-mail: info@deegree.org
035 ----------------------------------------------------------------------------*/
036 package org.deegree.tools.security;
037
038 import java.net.URL;
039 import java.util.HashMap;
040 import java.util.Map;
041 import java.util.Properties;
042
043 import org.deegree.datatypes.QualifiedName;
044 import org.deegree.framework.log.ILogger;
045 import org.deegree.framework.log.LoggerFactory;
046 import org.deegree.ogcwebservices.wfs.capabilities.WFSCapabilities;
047 import org.deegree.ogcwebservices.wfs.capabilities.WFSCapabilitiesDocument;
048 import org.deegree.ogcwebservices.wfs.capabilities.WFSFeatureType;
049 import org.deegree.security.GeneralSecurityException;
050 import org.deegree.security.UnauthorizedException;
051 import org.deegree.security.drm.SecurityAccessManager;
052 import org.deegree.security.drm.SecurityTransaction;
053 import org.deegree.security.drm.UnknownException;
054 import org.deegree.security.drm.model.User;
055
056 /**
057 * Tool for adding all requestable featuretypes of a WFS into deegree's user and rights management
058 * system
059 *
060 * @author <a href="mailto:poth@lat-lon.de">Andreas Poth</a>
061 * @author last edited by: $Author: poth $
062 *
063 * @version $Revision: 6251 $, $Date: 2007-03-19 16:59:28 +0100 (Mo, 19 Mrz 2007) $
064 */
065 public class WFSFeatureTypeImporter {
066
067 private static final ILogger LOG = LoggerFactory.getLogger( WFSFeatureTypeImporter.class );
068
069 private Configuration configuration;
070
071 private SecurityAccessManager manager;
072
073 /**
074 *
075 * @param configuration
076 */
077 public WFSFeatureTypeImporter( Configuration configuration ) {
078 this.configuration = configuration;
079 }
080
081 /**
082 *
083 * @param param
084 * @throws Exception
085 */
086 public WFSFeatureTypeImporter( Map<String, String> param ) throws Exception {
087 this.configuration = new Configuration( param );
088 }
089
090 /**
091 * initializes access to the security and rights db
092 *
093 * @throws GeneralSecurityException
094 * @return admin user
095 */
096 private User setUp()
097 throws GeneralSecurityException {
098 Properties properties = new Properties();
099 properties.setProperty( "driver", configuration.getSecDBDriver() );
100 properties.setProperty( "url", configuration.secDBURL );
101 properties.setProperty( "user", configuration.getSecDBUserName() );
102 properties.setProperty( "password", configuration.getSecDBUserPw() );
103 System.out.println( properties );
104 try {
105 manager = SecurityAccessManager.getInstance();
106 } catch ( GeneralSecurityException e ) {
107 try {
108 System.out.println( properties );
109 SecurityAccessManager.initialize( "org.deegree.security.drm.SQLRegistry", properties, 60 * 1000 );
110 manager = SecurityAccessManager.getInstance();
111 } catch ( GeneralSecurityException e1 ) {
112 e1.printStackTrace();
113 }
114 }
115 User user = manager.getUserByName( "SEC_ADMIN" );
116 user.authenticate( configuration.getSecAdminPw() );
117 return user;
118 }
119
120 /**
121 * start reading, parsing WFSCapabilites and adding requestable featuretypes into rights DB
122 *
123 * @throws Exception
124 */
125 public void perform()
126 throws Exception {
127
128 // initialize access to rights DB
129 User user = setUp();
130
131 URL url = new URL( configuration.getWfsAddress() + "?request=GetCapabilities&service=WFS" );
132 WFSCapabilitiesDocument doc = new WFSCapabilitiesDocument();
133 doc.load( url );
134
135 WFSCapabilities caps = (WFSCapabilities) doc.parseCapabilities();
136 WFSFeatureType[] fts = caps.getFeatureTypeList().getFeatureTypes();
137 for ( int i = 0; i < fts.length; i++ ) {
138 addFeatureTypeToRightsDB( fts[i], user );
139 }
140 }
141
142 /**
143 *
144 * @param ft
145 * @param user
146 * @throws UnauthorizedException
147 * @throws GeneralSecurityException
148 */
149 private void addFeatureTypeToRightsDB( WFSFeatureType ft, User user )
150 throws UnauthorizedException, GeneralSecurityException {
151 QualifiedName qn = ft.getName();
152 SecurityTransaction transaction = manager.acquireTransaction( user );
153 try {
154 transaction.getSecuredObjectByName( qn.getFormattedString(), "Featuretype" );
155 } catch ( UnknownException e ) {
156 LOG.logInfo( "add featuretype: " + qn.getFormattedString() );
157 transaction.registerSecuredObject( "Featuretype", qn.getFormattedString(), ft.getTitle() );
158 return;
159 } finally {
160 manager.commitTransaction( transaction );
161 }
162
163 LOG.logInfo( "skip featuretype: " + qn.getFormattedString() + " because it is already registered to rights DB" );
164
165 }
166
167 private static void printHelp() {
168 System.out.println( "following parameters must be set: " );
169 System.out.println( "-WFSAddress : must be a valid URL to a WFS" );
170 System.out.println( "-Driver : JDBC database driver class" );
171 System.out.println( "-URL : JDBC URL of the rights managment DB " );
172 System.out.println( "-DBUserName : name of DB-user" );
173 System.out.println( "-DBUserPassword : password of DB-user" );
174 System.out.println( "-SecAdminPassword : password of rights managment admin" );
175 System.out.println();
176 System.out.println( "example:" );
177 System.out.println( "java -classpath .;$ADD LIBS HERE org.deegree.tools.security.WFSFeatureTypeImporter " );
178 System.out.println( " -WFSAddress http://demo.deegree.org/deegree-wfs/services " );
179 System.out.println( " -Driver org.postgresql.Driver -URL jdbc:postgresql://localhost:5432/security " );
180 System.out.println( " -DBUserName postgres -DBUserPassword postgres -SecAdminPassword JOSE67" );
181 }
182
183 /**
184 * @param args
185 * @throws Exception
186 */
187 public static void main( String[] args )
188 throws Exception {
189
190 Map<String, String> map = new HashMap<String, String>();
191 for ( int i = 0; i < args.length; i += 2 ) {
192 if ( args[i].equals( "-h" ) || args[i].equals( "-?" ) ) {
193 printHelp();
194 return;
195 }
196 map.put( args[i], args[i + 1] );
197 }
198 WFSFeatureTypeImporter imp = new WFSFeatureTypeImporter( map );
199 imp.perform();
200 System.exit( 0 );
201 }
202
203 /**
204 * <code>Configuration</code> bean to hold relevant data of an underlying datasource.
205 *
206 * @author <a href="mailto:bezema@lat-lon.de">Rutger Bezema</a>
207 *
208 * @author last edited by: $Author:$
209 *
210 * @version $Revision:$, $Date:$
211 *
212 */
213 public class Configuration {
214
215 private String wfsAddress;
216
217 private String secDBDriver;
218
219 String secDBURL;
220
221 private String secDBUserPw;
222
223 private String secDBUserName;
224
225 private String secAdminPw;
226
227 /**
228 * @param wfsAddress
229 * @param secDBDriver
230 * @param secDBURL
231 * @param secDBUserName
232 * @param secDBUserPw
233 * @param secAdminPw
234 */
235 public Configuration( String wfsAddress, String secDBDriver, String secDBURL, String secDBUserName,
236 String secDBUserPw, String secAdminPw ) {
237 this.wfsAddress = wfsAddress;
238 this.secDBDriver = secDBDriver;
239 this.secDBURL = secDBURL;
240 this.secDBUserName = secDBUserName;
241 this.secDBUserPw = secDBUserPw;
242 this.secAdminPw = secAdminPw;
243 }
244
245 /**
246 * @param map
247 * map with commandline options (eg. key: "-URL", value: "http://...")
248 * @throws Exception
249 */
250 public Configuration( Map<String, String> map ) throws Exception {
251 validate( map );
252 wfsAddress = map.get( "-WFSAddress" );
253 secDBDriver = map.get( "-Driver" );
254 secDBURL = map.get( "-URL" );
255 secDBUserName = map.get( "-DBUserName" );
256 secDBUserPw = map.get( "-DBUserPassword" );
257 secAdminPw = map.get( "-SecAdminPassword" );
258 }
259
260 private void validate( Map<String, String> map )
261 throws Exception {
262 if ( map.get( "-WFSAddress" ) == null ) {
263 throw new Exception( "Parameter -WFSAddress must be set" );
264 }
265 try {
266 new URL( map.get( "-WFSAddress" ) );
267 } catch ( Exception e ) {
268 throw new Exception( "Parameter -WFSAddress must be a valid URL" );
269 }
270 if ( map.get( "-Driver" ) == null ) {
271 throw new Exception( "Parameter -Driver must be set" );
272 }
273 if ( map.get( "-URL" ) == null ) {
274 throw new Exception( "Parameter -URL must be set" );
275 }
276 if ( map.get( "-DBUserName" ) == null ) {
277 throw new Exception( "Parameter -DBUserName must be set" );
278 }
279 if ( map.get( "-DBUserPassword" ) == null ) {
280 throw new Exception( "Parameter -DBUserPassword must be set" );
281 }
282 if ( map.get( "-SecAdminPassword" ) == null ) {
283 throw new Exception( "Parameter -SecAdminPassword must be set" );
284 }
285 }
286
287 /**
288 *
289 * @return database driver class
290 */
291 public String getSecDBDriver() {
292 return secDBDriver;
293 }
294
295 /**
296 *
297 * @return database URL
298 */
299 public String getSecDBURL() {
300 return secDBURL;
301 }
302
303 /**
304 *
305 * @return address/URL of the WFS
306 */
307 public String getWfsAddress() {
308 return wfsAddress;
309 }
310
311 /**
312 *
313 * @return rights management admin password
314 */
315 public String getSecAdminPw() {
316 return secAdminPw;
317 }
318
319 /**
320 *
321 * @return rights db user name
322 */
323 public String getSecDBUserName() {
324 return secDBUserName;
325 }
326
327 /**
328 *
329 * @return rights db user's passowrod
330 */
331 public String getSecDBUserPw() {
332 return secDBUserPw;
333 }
334
335 }
336
337 }