001    //$HeadURL$
002    /*----------------------------------------------------------------------------
003     This file is part of deegree, http://deegree.org/
004     Copyright (C) 2001-2009 by:
005     Department of Geography, University of Bonn
006     and
007     lat/lon GmbH
008    
009     This library is free software; you can redistribute it and/or modify it under
010     the terms of the GNU Lesser General Public License as published by the Free
011     Software Foundation; either version 2.1 of the License, or (at your option)
012     any later version.
013     This library is distributed in the hope that it will be useful, but WITHOUT
014     ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
015     FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
016     details.
017     You should have received a copy of the GNU Lesser General Public License
018     along with this library; if not, write to the Free Software Foundation, Inc.,
019     59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
020    
021     Contact information:
022    
023     lat/lon GmbH
024     Aennchenstr. 19, 53177 Bonn
025     Germany
026     http://lat-lon.de/
027    
028     Department of Geography, University of Bonn
029     Prof. Dr. Klaus Greve
030     Postfach 1147, 53001 Bonn
031     Germany
032     http://www.geographie.uni-bonn.de/deegree/
033    
034     e-mail: info@deegree.org
035     ----------------------------------------------------------------------------*/
036    package org.deegree.security;
037    
038    import java.util.List;
039    import java.util.Map;
040    
041    import javax.servlet.http.HttpServletRequest;
042    
043    import org.deegree.framework.log.ILogger;
044    import org.deegree.framework.log.LoggerFactory;
045    import org.deegree.framework.util.StringTools;
046    import org.deegree.i18n.Messages;
047    import org.deegree.security.drm.SecurityAccessManager;
048    import org.deegree.security.drm.WrongCredentialsException;
049    import org.deegree.security.drm.model.User;
050    
051    /**
052     * 
053     * 
054     * @author <a href="mailto:poth@lat-lon.de">Andreas Poth</a>
055     * @author last edited by: $Author: poth $
056     * 
057     * @version $Revision: 6251 $, $Date: 2007-03-19 16:59:28 +0100 (Mo, 19 Mrz 2007) $
058     */
059    public class IPAddressAuthentication extends AbstractAuthentication {
060    
061        private static final ILogger LOG = LoggerFactory.getLogger( IPAddressAuthentication.class );
062    
063        protected static final String AUTH_PARAM_IPADDRESS = "IPADDRESS";
064    
065        protected static final String INIT_PARAM_PATTERN = "pattern";
066    
067        /**
068         * 
069         * @param authenticationName
070         * @param initParams
071         */
072        public IPAddressAuthentication( String authenticationName, Map<String, String> initParams ) {
073            super( authenticationName, initParams );
074        }
075    
076        /*
077         * (non-Javadoc)
078         * 
079         * @see org.deegree.security.AbstractAuthentication#authenticate(java.util.Map,
080         * javax.servlet.http.HttpServletRequest)
081         */
082        public User authenticate( Map<String, String> params, HttpServletRequest request )
083                                throws WrongCredentialsException {
084            return authenticate( params );
085        }
086    
087        /*
088         * (non-Javadoc)
089         * 
090         * @see org.deegree.security.AbstractAuthentication#authenticate(java.util.Map)
091         */
092        public User authenticate( Map<String, String> params )
093                                throws WrongCredentialsException {
094    
095            String tmp = initParams.get( INIT_PARAM_PATTERN );
096            List<String> patterns = StringTools.toList( tmp, ",;", true );
097    
098            String ipAddress = params.get( AUTH_PARAM_IPADDRESS );
099            if ( ipAddress != null ) {
100                for ( String p : patterns ) {
101                    if ( ipAddress.matches( p ) ) {
102                        User usr = null;
103                        try {
104                            SecurityAccessManager sam = SecurityAccessManager.getInstance();
105                            // use matching pattern as username and password
106                            usr = sam.getUserByName( p );
107                            usr.authenticate( null );
108                        } catch ( Exception e ) {
109                            LOG.logError( e.getMessage() );
110                            String msg = Messages.getMessage( "OWSPROXY_USER_AUTH_ERROR", ipAddress );
111                            throw new WrongCredentialsException( msg );
112                        }
113                        return usr;
114                    }
115                }
116                throw new WrongCredentialsException( Messages.getMessage( "OWSPROXY_USER_AUTH_ERROR", ipAddress ) );
117            }
118            return null;
119    
120        }
121    
122    }