001    //$HeadURL: svn+ssh://jwilden@svn.wald.intevation.org/deegree/base/branches/2.5_testing/src/org/deegree/ogcwebservices/wass/common/GetSessionWASHandler.java $
002    /*----------------------------------------------------------------------------
003     This file is part of deegree, http://deegree.org/
004     Copyright (C) 2001-2009 by:
005       Department of Geography, University of Bonn
006     and
007       lat/lon GmbH
008    
009     This library is free software; you can redistribute it and/or modify it under
010     the terms of the GNU Lesser General Public License as published by the Free
011     Software Foundation; either version 2.1 of the License, or (at your option)
012     any later version.
013     This library is distributed in the hope that it will be useful, but WITHOUT
014     ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
015     FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
016     details.
017     You should have received a copy of the GNU Lesser General Public License
018     along with this library; if not, write to the Free Software Foundation, Inc.,
019     59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
020    
021     Contact information:
022    
023     lat/lon GmbH
024     Aennchenstr. 19, 53177 Bonn
025     Germany
026     http://lat-lon.de/
027    
028     Department of Geography, University of Bonn
029     Prof. Dr. Klaus Greve
030     Postfach 1147, 53001 Bonn
031     Germany
032     http://www.geographie.uni-bonn.de/deegree/
033    
034     e-mail: info@deegree.org
035    ----------------------------------------------------------------------------*/
036    package org.deegree.ogcwebservices.wass.common;
037    
038    import static org.deegree.framework.log.LoggerFactory.getLogger;
039    
040    import java.io.BufferedReader;
041    import java.io.IOException;
042    import java.io.InputStreamReader;
043    import java.net.URL;
044    import java.net.URLConnection;
045    
046    import org.deegree.framework.log.ILogger;
047    import org.deegree.framework.xml.XMLFragment;
048    import org.deegree.model.metadata.iso19115.OnlineResource;
049    import org.deegree.security.GeneralSecurityException;
050    import org.deegree.security.session.MemoryBasedSessionManager;
051    import org.deegree.security.session.Session;
052    import org.deegree.security.session.SessionID;
053    import org.deegree.security.session.SessionStatusException;
054    import org.xml.sax.SAXException;
055    
056    /**
057     * GetSession handler that handles the password method using a remote WAS.
058     *
059     * @author <a href="mailto:schmitz@lat-lon.de">Andreas Schmitz</a>
060     * @author last edited by: $Author: mschneider $
061     *
062     * @version 2.0, $Revision: 18195 $, $Date: 2009-06-18 17:55:39 +0200 (Do, 18 Jun 2009) $
063     *
064     * @since 2.0
065     */
066    
067    public class GetSessionWASHandler implements GetSessionHandler {
068    
069        private static final ILogger LOG = getLogger( GetSessionWASHandler.class );
070    
071        private String url;
072    
073        private MemoryBasedSessionManager sessionManager;
074    
075        private int sessionLifetime;
076    
077        /**
078         * Creates new instance using a wass SecurityAccessManager instance to create and instantiate the deegree
079         * SecurityAccessManager.
080         *
081         * @param address
082         * @param sessionLifetime
083         *
084         * @throws GeneralSecurityException
085         */
086        public GetSessionWASHandler( OnlineResource address, int sessionLifetime ) throws GeneralSecurityException {
087            url = address.getLinkage().getHref().toExternalForm();
088            sessionManager = MemoryBasedSessionManager.getInstance();
089            this.sessionLifetime = sessionLifetime;
090        }
091    
092        /**
093         * Handles only requests with password authentication method.
094         *
095         * @return a string with a session ID or null, if the method of the request is not password
096         * @see org.deegree.ogcwebservices.wass.common.GetSessionHandler#handleRequest(org.deegree.ogcwebservices.wass.common.GetSession)
097         */
098        public String handleRequest( GetSession request )
099                                throws SessionStatusException, GeneralSecurityException {
100    
101            AuthenticationData authData = request.getAuthenticationData();
102    
103            if ( authData.usesPasswordAuthentication() ) {
104    
105                String url = this.url;
106                url += ( url.endsWith( "?" ) || url.endsWith( "&" ) ) ? "" : "?";
107                url += "request=GetSession&service=WAS&version=1.0.0&authmethod=urn:x-gdi-nrw:authnMethod:1.0:password&credentials=";
108                url += authData.getUsername() + "," + authData.getPassword();
109    
110                try {
111                    URLConnection conn = new URL( url ).openConnection();
112                    String contentType = conn.getContentType();
113                    if ( contentType != null && contentType.startsWith( "application/vnd.ogc.se_xml" ) ) {
114                        LOG.logError( "Could not connect to remote WAS service. Service exception was:" );
115                        try {
116                            LOG.logError( new XMLFragment( new InputStreamReader( conn.getInputStream() ), url ).getAsPrettyString() );
117                        } catch ( SAXException e ) {
118                            LOG.logError( "(the service exception could not be parsed)" );
119                        }
120    
121                        return null;
122                    }
123    
124                    BufferedReader in = new BufferedReader( new InputStreamReader( conn.getInputStream() ) );
125                    String sessionId = in.readLine().trim();
126                    if ( sessionId.length() == 0 ) {
127                        LOG.logError( "The configured WAS address probably points to a non-existing Tomcat context. The given location returns empty content." );
128                        return null;
129                    }
130    
131                    sessionManager.addSession( new Session( new SessionID( sessionId, sessionLifetime ) ) );
132    
133                    return sessionId;
134    
135                } catch ( IOException e ) {
136                    LOG.logError( "Could not connect to remote WAS service. IO exception that occured: ", e );
137                }
138            }
139    
140            return null;
141        }
142    
143    }