001 //$HeadURL: svn+ssh://jwilden@svn.wald.intevation.org/deegree/base/branches/2.5_testing/src/org/deegree/ogcwebservices/wass/common/GetSessionWASHandler.java $
002 /*----------------------------------------------------------------------------
003 This file is part of deegree, http://deegree.org/
004 Copyright (C) 2001-2009 by:
005 Department of Geography, University of Bonn
006 and
007 lat/lon GmbH
008
009 This library is free software; you can redistribute it and/or modify it under
010 the terms of the GNU Lesser General Public License as published by the Free
011 Software Foundation; either version 2.1 of the License, or (at your option)
012 any later version.
013 This library is distributed in the hope that it will be useful, but WITHOUT
014 ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
015 FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
016 details.
017 You should have received a copy of the GNU Lesser General Public License
018 along with this library; if not, write to the Free Software Foundation, Inc.,
019 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
020
021 Contact information:
022
023 lat/lon GmbH
024 Aennchenstr. 19, 53177 Bonn
025 Germany
026 http://lat-lon.de/
027
028 Department of Geography, University of Bonn
029 Prof. Dr. Klaus Greve
030 Postfach 1147, 53001 Bonn
031 Germany
032 http://www.geographie.uni-bonn.de/deegree/
033
034 e-mail: info@deegree.org
035 ----------------------------------------------------------------------------*/
036 package org.deegree.ogcwebservices.wass.common;
037
038 import static org.deegree.framework.log.LoggerFactory.getLogger;
039
040 import java.io.BufferedReader;
041 import java.io.IOException;
042 import java.io.InputStreamReader;
043 import java.net.URL;
044 import java.net.URLConnection;
045
046 import org.deegree.framework.log.ILogger;
047 import org.deegree.framework.xml.XMLFragment;
048 import org.deegree.model.metadata.iso19115.OnlineResource;
049 import org.deegree.security.GeneralSecurityException;
050 import org.deegree.security.session.MemoryBasedSessionManager;
051 import org.deegree.security.session.Session;
052 import org.deegree.security.session.SessionID;
053 import org.deegree.security.session.SessionStatusException;
054 import org.xml.sax.SAXException;
055
056 /**
057 * GetSession handler that handles the password method using a remote WAS.
058 *
059 * @author <a href="mailto:schmitz@lat-lon.de">Andreas Schmitz</a>
060 * @author last edited by: $Author: mschneider $
061 *
062 * @version 2.0, $Revision: 18195 $, $Date: 2009-06-18 17:55:39 +0200 (Do, 18 Jun 2009) $
063 *
064 * @since 2.0
065 */
066
067 public class GetSessionWASHandler implements GetSessionHandler {
068
069 private static final ILogger LOG = getLogger( GetSessionWASHandler.class );
070
071 private String url;
072
073 private MemoryBasedSessionManager sessionManager;
074
075 private int sessionLifetime;
076
077 /**
078 * Creates new instance using a wass SecurityAccessManager instance to create and instantiate the deegree
079 * SecurityAccessManager.
080 *
081 * @param address
082 * @param sessionLifetime
083 *
084 * @throws GeneralSecurityException
085 */
086 public GetSessionWASHandler( OnlineResource address, int sessionLifetime ) throws GeneralSecurityException {
087 url = address.getLinkage().getHref().toExternalForm();
088 sessionManager = MemoryBasedSessionManager.getInstance();
089 this.sessionLifetime = sessionLifetime;
090 }
091
092 /**
093 * Handles only requests with password authentication method.
094 *
095 * @return a string with a session ID or null, if the method of the request is not password
096 * @see org.deegree.ogcwebservices.wass.common.GetSessionHandler#handleRequest(org.deegree.ogcwebservices.wass.common.GetSession)
097 */
098 public String handleRequest( GetSession request )
099 throws SessionStatusException, GeneralSecurityException {
100
101 AuthenticationData authData = request.getAuthenticationData();
102
103 if ( authData.usesPasswordAuthentication() ) {
104
105 String url = this.url;
106 url += ( url.endsWith( "?" ) || url.endsWith( "&" ) ) ? "" : "?";
107 url += "request=GetSession&service=WAS&version=1.0.0&authmethod=urn:x-gdi-nrw:authnMethod:1.0:password&credentials=";
108 url += authData.getUsername() + "," + authData.getPassword();
109
110 try {
111 URLConnection conn = new URL( url ).openConnection();
112 String contentType = conn.getContentType();
113 if ( contentType != null && contentType.startsWith( "application/vnd.ogc.se_xml" ) ) {
114 LOG.logError( "Could not connect to remote WAS service. Service exception was:" );
115 try {
116 LOG.logError( new XMLFragment( new InputStreamReader( conn.getInputStream() ), url ).getAsPrettyString() );
117 } catch ( SAXException e ) {
118 LOG.logError( "(the service exception could not be parsed)" );
119 }
120
121 return null;
122 }
123
124 BufferedReader in = new BufferedReader( new InputStreamReader( conn.getInputStream() ) );
125 String sessionId = in.readLine().trim();
126 if ( sessionId.length() == 0 ) {
127 LOG.logError( "The configured WAS address probably points to a non-existing Tomcat context. The given location returns empty content." );
128 return null;
129 }
130
131 sessionManager.addSession( new Session( new SessionID( sessionId, sessionLifetime ) ) );
132
133 return sessionId;
134
135 } catch ( IOException e ) {
136 LOG.logError( "Could not connect to remote WAS service. IO exception that occured: ", e );
137 }
138 }
139
140 return null;
141 }
142
143 }