001 //$HeadURL$ 002 /*---------------------------------------------------------------------------- 003 This file is part of deegree, http://deegree.org/ 004 Copyright (C) 2001-2009 by: 005 Department of Geography, University of Bonn 006 and 007 lat/lon GmbH 008 009 This library is free software; you can redistribute it and/or modify it under 010 the terms of the GNU Lesser General Public License as published by the Free 011 Software Foundation; either version 2.1 of the License, or (at your option) 012 any later version. 013 This library is distributed in the hope that it will be useful, but WITHOUT 014 ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS 015 FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more 016 details. 017 You should have received a copy of the GNU Lesser General Public License 018 along with this library; if not, write to the Free Software Foundation, Inc., 019 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 020 021 Contact information: 022 023 lat/lon GmbH 024 Aennchenstr. 19, 53177 Bonn 025 Germany 026 http://lat-lon.de/ 027 028 Department of Geography, University of Bonn 029 Prof. Dr. Klaus Greve 030 Postfach 1147, 53001 Bonn 031 Germany 032 http://www.geographie.uni-bonn.de/deegree/ 033 034 e-mail: info@deegree.org 035 ----------------------------------------------------------------------------*/ 036 package org.deegree.tools.security; 037 038 import java.net.URL; 039 import java.util.HashMap; 040 import java.util.Map; 041 import java.util.Properties; 042 043 import org.deegree.datatypes.QualifiedName; 044 import org.deegree.framework.log.ILogger; 045 import org.deegree.framework.log.LoggerFactory; 046 import org.deegree.ogcwebservices.wfs.capabilities.WFSCapabilities; 047 import org.deegree.ogcwebservices.wfs.capabilities.WFSCapabilitiesDocument; 048 import org.deegree.ogcwebservices.wfs.capabilities.WFSFeatureType; 049 import org.deegree.security.GeneralSecurityException; 050 import org.deegree.security.UnauthorizedException; 051 import org.deegree.security.drm.SecurityAccessManager; 052 import org.deegree.security.drm.SecurityTransaction; 053 import org.deegree.security.drm.UnknownException; 054 import org.deegree.security.drm.model.User; 055 056 /** 057 * Tool for adding all requestable featuretypes of a WFS into deegree's user and rights management 058 * system 059 * 060 * @author <a href="mailto:poth@lat-lon.de">Andreas Poth</a> 061 * @author last edited by: $Author: poth $ 062 * 063 * @version $Revision: 6251 $, $Date: 2007-03-19 16:59:28 +0100 (Mo, 19 Mrz 2007) $ 064 */ 065 public class WFSFeatureTypeImporter { 066 067 private static final ILogger LOG = LoggerFactory.getLogger( WFSFeatureTypeImporter.class ); 068 069 private Configuration configuration; 070 071 private SecurityAccessManager manager; 072 073 /** 074 * 075 * @param configuration 076 */ 077 public WFSFeatureTypeImporter( Configuration configuration ) { 078 this.configuration = configuration; 079 } 080 081 /** 082 * 083 * @param param 084 * @throws Exception 085 */ 086 public WFSFeatureTypeImporter( Map<String, String> param ) throws Exception { 087 this.configuration = new Configuration( param ); 088 } 089 090 /** 091 * initializes access to the security and rights db 092 * 093 * @throws GeneralSecurityException 094 * @return admin user 095 */ 096 private User setUp() 097 throws GeneralSecurityException { 098 Properties properties = new Properties(); 099 properties.setProperty( "driver", configuration.getSecDBDriver() ); 100 properties.setProperty( "url", configuration.secDBURL ); 101 properties.setProperty( "user", configuration.getSecDBUserName() ); 102 properties.setProperty( "password", configuration.getSecDBUserPw() ); 103 System.out.println( properties ); 104 try { 105 manager = SecurityAccessManager.getInstance(); 106 } catch ( GeneralSecurityException e ) { 107 try { 108 System.out.println( properties ); 109 SecurityAccessManager.initialize( "org.deegree.security.drm.SQLRegistry", properties, 60 * 1000 ); 110 manager = SecurityAccessManager.getInstance(); 111 } catch ( GeneralSecurityException e1 ) { 112 e1.printStackTrace(); 113 } 114 } 115 User user = manager.getUserByName( "SEC_ADMIN" ); 116 user.authenticate( configuration.getSecAdminPw() ); 117 return user; 118 } 119 120 /** 121 * start reading, parsing WFSCapabilites and adding requestable featuretypes into rights DB 122 * 123 * @throws Exception 124 */ 125 public void perform() 126 throws Exception { 127 128 // initialize access to rights DB 129 User user = setUp(); 130 131 URL url = new URL( configuration.getWfsAddress() + "?request=GetCapabilities&service=WFS" ); 132 WFSCapabilitiesDocument doc = new WFSCapabilitiesDocument(); 133 doc.load( url ); 134 135 WFSCapabilities caps = (WFSCapabilities) doc.parseCapabilities(); 136 WFSFeatureType[] fts = caps.getFeatureTypeList().getFeatureTypes(); 137 for ( int i = 0; i < fts.length; i++ ) { 138 addFeatureTypeToRightsDB( fts[i], user ); 139 } 140 } 141 142 /** 143 * 144 * @param ft 145 * @param user 146 * @throws UnauthorizedException 147 * @throws GeneralSecurityException 148 */ 149 private void addFeatureTypeToRightsDB( WFSFeatureType ft, User user ) 150 throws UnauthorizedException, GeneralSecurityException { 151 QualifiedName qn = ft.getName(); 152 SecurityTransaction transaction = manager.acquireTransaction( user ); 153 try { 154 transaction.getSecuredObjectByName( qn.getFormattedString(), "Featuretype" ); 155 } catch ( UnknownException e ) { 156 LOG.logInfo( "add featuretype: " + qn.getFormattedString() ); 157 transaction.registerSecuredObject( "Featuretype", qn.getFormattedString(), ft.getTitle() ); 158 return; 159 } finally { 160 manager.commitTransaction( transaction ); 161 } 162 163 LOG.logInfo( "skip featuretype: " + qn.getFormattedString() + " because it is already registered to rights DB" ); 164 165 } 166 167 private static void printHelp() { 168 System.out.println( "following parameters must be set: " ); 169 System.out.println( "-WFSAddress : must be a valid URL to a WFS" ); 170 System.out.println( "-Driver : JDBC database driver class" ); 171 System.out.println( "-URL : JDBC URL of the rights managment DB " ); 172 System.out.println( "-DBUserName : name of DB-user" ); 173 System.out.println( "-DBUserPassword : password of DB-user" ); 174 System.out.println( "-SecAdminPassword : password of rights managment admin" ); 175 System.out.println(); 176 System.out.println( "example:" ); 177 System.out.println( "java -classpath .;$ADD LIBS HERE org.deegree.tools.security.WFSFeatureTypeImporter " ); 178 System.out.println( " -WFSAddress http://demo.deegree.org/deegree-wfs/services " ); 179 System.out.println( " -Driver org.postgresql.Driver -URL jdbc:postgresql://localhost:5432/security " ); 180 System.out.println( " -DBUserName postgres -DBUserPassword postgres -SecAdminPassword JOSE67" ); 181 } 182 183 /** 184 * @param args 185 * @throws Exception 186 */ 187 public static void main( String[] args ) 188 throws Exception { 189 190 Map<String, String> map = new HashMap<String, String>(); 191 for ( int i = 0; i < args.length; i += 2 ) { 192 if ( args[i].equals( "-h" ) || args[i].equals( "-?" ) ) { 193 printHelp(); 194 return; 195 } 196 map.put( args[i], args[i + 1] ); 197 } 198 WFSFeatureTypeImporter imp = new WFSFeatureTypeImporter( map ); 199 imp.perform(); 200 System.exit( 0 ); 201 } 202 203 /** 204 * <code>Configuration</code> bean to hold relevant data of an underlying datasource. 205 * 206 * @author <a href="mailto:bezema@lat-lon.de">Rutger Bezema</a> 207 * 208 * @author last edited by: $Author:$ 209 * 210 * @version $Revision:$, $Date:$ 211 * 212 */ 213 public class Configuration { 214 215 private String wfsAddress; 216 217 private String secDBDriver; 218 219 String secDBURL; 220 221 private String secDBUserPw; 222 223 private String secDBUserName; 224 225 private String secAdminPw; 226 227 /** 228 * @param wfsAddress 229 * @param secDBDriver 230 * @param secDBURL 231 * @param secDBUserName 232 * @param secDBUserPw 233 * @param secAdminPw 234 */ 235 public Configuration( String wfsAddress, String secDBDriver, String secDBURL, String secDBUserName, 236 String secDBUserPw, String secAdminPw ) { 237 this.wfsAddress = wfsAddress; 238 this.secDBDriver = secDBDriver; 239 this.secDBURL = secDBURL; 240 this.secDBUserName = secDBUserName; 241 this.secDBUserPw = secDBUserPw; 242 this.secAdminPw = secAdminPw; 243 } 244 245 /** 246 * @param map 247 * map with commandline options (eg. key: "-URL", value: "http://...") 248 * @throws Exception 249 */ 250 public Configuration( Map<String, String> map ) throws Exception { 251 validate( map ); 252 wfsAddress = map.get( "-WFSAddress" ); 253 secDBDriver = map.get( "-Driver" ); 254 secDBURL = map.get( "-URL" ); 255 secDBUserName = map.get( "-DBUserName" ); 256 secDBUserPw = map.get( "-DBUserPassword" ); 257 secAdminPw = map.get( "-SecAdminPassword" ); 258 } 259 260 private void validate( Map<String, String> map ) 261 throws Exception { 262 if ( map.get( "-WFSAddress" ) == null ) { 263 throw new Exception( "Parameter -WFSAddress must be set" ); 264 } 265 try { 266 new URL( map.get( "-WFSAddress" ) ); 267 } catch ( Exception e ) { 268 throw new Exception( "Parameter -WFSAddress must be a valid URL" ); 269 } 270 if ( map.get( "-Driver" ) == null ) { 271 throw new Exception( "Parameter -Driver must be set" ); 272 } 273 if ( map.get( "-URL" ) == null ) { 274 throw new Exception( "Parameter -URL must be set" ); 275 } 276 if ( map.get( "-DBUserName" ) == null ) { 277 throw new Exception( "Parameter -DBUserName must be set" ); 278 } 279 if ( map.get( "-DBUserPassword" ) == null ) { 280 throw new Exception( "Parameter -DBUserPassword must be set" ); 281 } 282 if ( map.get( "-SecAdminPassword" ) == null ) { 283 throw new Exception( "Parameter -SecAdminPassword must be set" ); 284 } 285 } 286 287 /** 288 * 289 * @return database driver class 290 */ 291 public String getSecDBDriver() { 292 return secDBDriver; 293 } 294 295 /** 296 * 297 * @return database URL 298 */ 299 public String getSecDBURL() { 300 return secDBURL; 301 } 302 303 /** 304 * 305 * @return address/URL of the WFS 306 */ 307 public String getWfsAddress() { 308 return wfsAddress; 309 } 310 311 /** 312 * 313 * @return rights management admin password 314 */ 315 public String getSecAdminPw() { 316 return secAdminPw; 317 } 318 319 /** 320 * 321 * @return rights db user name 322 */ 323 public String getSecDBUserName() { 324 return secDBUserName; 325 } 326 327 /** 328 * 329 * @return rights db user's passowrod 330 */ 331 public String getSecDBUserPw() { 332 return secDBUserPw; 333 } 334 335 } 336 337 }