001 //$HeadURL$
002 /*----------------------------------------------------------------------------
003 This file is part of deegree, http://deegree.org/
004 Copyright (C) 2001-2009 by:
005 Department of Geography, University of Bonn
006 and
007 lat/lon GmbH
008
009 This library is free software; you can redistribute it and/or modify it under
010 the terms of the GNU Lesser General Public License as published by the Free
011 Software Foundation; either version 2.1 of the License, or (at your option)
012 any later version.
013 This library is distributed in the hope that it will be useful, but WITHOUT
014 ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
015 FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
016 details.
017 You should have received a copy of the GNU Lesser General Public License
018 along with this library; if not, write to the Free Software Foundation, Inc.,
019 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
020
021 Contact information:
022
023 lat/lon GmbH
024 Aennchenstr. 19, 53177 Bonn
025 Germany
026 http://lat-lon.de/
027
028 Department of Geography, University of Bonn
029 Prof. Dr. Klaus Greve
030 Postfach 1147, 53001 Bonn
031 Germany
032 http://www.geographie.uni-bonn.de/deegree/
033
034 e-mail: info@deegree.org
035 ----------------------------------------------------------------------------*/
036 package org.deegree.tools.security;
037
038 import java.net.URL;
039 import java.util.HashMap;
040 import java.util.Map;
041 import java.util.Properties;
042
043 import org.deegree.framework.log.ILogger;
044 import org.deegree.framework.log.LoggerFactory;
045 import org.deegree.ogcwebservices.wms.capabilities.Layer;
046 import org.deegree.ogcwebservices.wms.capabilities.WMSCapabilities;
047 import org.deegree.ogcwebservices.wms.capabilities.WMSCapabilitiesDocument;
048 import org.deegree.ogcwebservices.wms.capabilities.WMSCapabilitiesDocumentFactory;
049 import org.deegree.security.GeneralSecurityException;
050 import org.deegree.security.UnauthorizedException;
051 import org.deegree.security.drm.SecurityAccessManager;
052 import org.deegree.security.drm.SecurityTransaction;
053 import org.deegree.security.drm.UnknownException;
054 import org.deegree.security.drm.model.User;
055
056 /**
057 * Tool for adding all layers (which can be requested) of a WMS into deegree's user and rights
058 * management system
059 *
060 * @author <a href="mailto:poth@lat-lon.de">Andreas Poth</a>
061 * @author last edited by: $Author: poth $
062 *
063 * @version $Revision: 6251 $, $Date: 2007-03-19 16:59:28 +0100 (Mo, 19 Mrz 2007) $
064 */
065 public class WMSLayerImporter {
066
067 private static final ILogger LOG = LoggerFactory.getLogger( WMSLayerImporter.class );
068
069 private Configuration configuration;
070
071 private SecurityAccessManager manager;
072
073 /**
074 *
075 * @param configuration
076 */
077 public WMSLayerImporter( Configuration configuration ) {
078 this.configuration = configuration;
079 }
080
081 /**
082 *
083 * @param param
084 * @throws IllegalArgumentException
085 * if map is missing a required parameter
086 */
087 public WMSLayerImporter( Map<String, String> param ) throws IllegalArgumentException {
088 this.configuration = new Configuration( param );
089 }
090
091 /**
092 * initializes access to the security and rights db
093 *
094 * @throws GeneralSecurityException
095 * @return admin user
096 */
097 private User setUp()
098 throws GeneralSecurityException {
099 Properties properties = new Properties();
100 properties.setProperty( "driver", configuration.getSecDBDriver() );
101 properties.setProperty( "url", configuration.secDBURL );
102 properties.setProperty( "user", configuration.getSecDBUserName() );
103 properties.setProperty( "password", configuration.getSecDBUserPw() );
104 System.out.println( properties );
105 try {
106 manager = SecurityAccessManager.getInstance();
107 } catch ( GeneralSecurityException e ) {
108 try {
109 System.out.println( properties );
110 SecurityAccessManager.initialize( "org.deegree.security.drm.SQLRegistry", properties, 60 * 1000 );
111 manager = SecurityAccessManager.getInstance();
112 } catch ( GeneralSecurityException e1 ) {
113 e1.printStackTrace();
114 }
115 }
116 User user = manager.getUserByName( "SEC_ADMIN" );
117 user.authenticate( configuration.getSecAdminPw() );
118 return user;
119 }
120
121 /**
122 * start reading, parsing WMSCapabilites and adding requestable layers into rights DB
123 *
124 * @throws Exception
125 */
126 public void perform()
127 throws Exception {
128
129 // initialize access to rights DB
130 User user = setUp();
131
132 URL url = new URL( configuration.getWmsAddress() + "?request=GetCapabilities&service=WMS" );
133 WMSCapabilitiesDocument doc = WMSCapabilitiesDocumentFactory.getWMSCapabilitiesDocument( url );
134
135 WMSCapabilities caps = (WMSCapabilities) doc.parseCapabilities();
136 Layer layer = caps.getLayer();
137 traverseLayer( layer, user );
138 }
139
140 /**
141 *
142 * @param layer
143 * @throws GeneralSecurityException
144 * @throws UnauthorizedException
145 */
146 private void traverseLayer( Layer layer, User user )
147 throws UnauthorizedException, GeneralSecurityException {
148 if ( layer.getName() != null ) {
149 // just layers having a name can be considered because just these layers
150 // can be requests in a GetMap or GetFeatureInfo request
151 addLayerToRightsDB( layer, user );
152 }
153 Layer[] layers = layer.getLayer();
154 if ( layers != null ) {
155 for ( int i = 0; i < layers.length; i++ ) {
156 traverseLayer( layers[i], user );
157 }
158 }
159 }
160
161 /**
162 *
163 * @param layer
164 * @param user
165 * @throws UnauthorizedException
166 * @throws GeneralSecurityException
167 */
168 private void addLayerToRightsDB( Layer layer, User user )
169 throws UnauthorizedException, GeneralSecurityException {
170
171 SecurityTransaction transaction = manager.acquireTransaction( user );
172 try {
173 transaction.getSecuredObjectByName( layer.getName(), "Layer" );
174 } catch ( UnknownException e ) {
175 LOG.logInfo( "add layer: " + layer.getName() );
176 transaction.registerSecuredObject( "Layer", layer.getName(), layer.getTitle() );
177 return;
178 } finally {
179 manager.commitTransaction( transaction );
180 }
181
182 LOG.logInfo( "skip layer: " + layer.getName() + " because it is already registered to rights DB" );
183
184 }
185
186 private static void printHelp() {
187 System.out.println( "following parameters must be set: " );
188 System.out.println( "-WMSAddress : must be a valid URL to a WMS" );
189 System.out.println( "-Driver : JDBC database driver class" );
190 System.out.println( "-URL : JDBC URL of the rights managment DB " );
191 System.out.println( "-DBUserName : name of DB-user" );
192 System.out.println( "-DBUserPassword : password of DB-user" );
193 System.out.println( "-SecAdminPassword : password of rights managment admin" );
194 System.out.println();
195 System.out.println( "example:" );
196 System.out.println( "java -classpath .;$ADD LIBS HERE org.deegree.tools.security.WMSLayerImporter " );
197 System.out.println( " -WMSAddress http://demo.deegree.org/deegree-wms/services " );
198 System.out.println( " -Driver org.postgresql.Driver -URL jdbc:postgresql://localhost:5432/security " );
199 System.out.println( " -DBUserName postgres -DBUserPassword postgres -SecAdminPassword JOSE67" );
200 }
201
202 /**
203 * @param args
204 * @throws Exception
205 */
206 public static void main( String[] args )
207 throws Exception {
208
209 Map<String, String> map = new HashMap<String, String>();
210 for ( int i = 0; i < args.length; i += 2 ) {
211 if ( args[i].equals( "-h" ) || args[i].equals( "-?" ) ) {
212 printHelp();
213 return;
214 }
215 map.put( args[i], args[i + 1] );
216 }
217 WMSLayerImporter imp = new WMSLayerImporter( map );
218 imp.perform();
219 System.exit( 0 );
220 }
221
222 /**
223 *
224 * <code>Configuration</code> which holds values for a given layer.
225 *
226 * @author <a href="mailto:bezema@lat-lon.de">Rutger Bezema</a>
227 *
228 * @author last edited by: $Author:$
229 *
230 * @version $Revision:$, $Date:$
231 *
232 */
233 public class Configuration {
234
235 private String wmsAddress;
236
237 private String secDBDriver;
238
239 String secDBURL;
240
241 private String secDBUserPw;
242
243 private String secDBUserName;
244
245 private String secAdminPw;
246
247 /**
248 *
249 * @param wmsAddress
250 * the address of the remote wms.
251 * @param secDBDriver
252 * the type of database
253 * @param secDBURL
254 * database url
255 * @param secDBUserName
256 * of the database user.
257 * @param secDBUserPw
258 * password of the database user.
259 * @param secAdminPw
260 * password of the security administrator.
261 */
262 public Configuration( String wmsAddress, String secDBDriver, String secDBURL, String secDBUserName,
263 String secDBUserPw, String secAdminPw ) {
264 this.wmsAddress = wmsAddress;
265 this.secDBDriver = secDBDriver;
266 this.secDBURL = secDBURL;
267 this.secDBUserName = secDBUserName;
268 this.secDBUserPw = secDBUserPw;
269 this.secAdminPw = secAdminPw;
270 }
271
272 /**
273 *
274 * @param map
275 * containing the the arguments given to the main.
276 * @throws IllegalArgumentException
277 * if one of the required parameters was not set.
278 */
279 public Configuration( Map<String, String> map ) throws IllegalArgumentException {
280 validate( map );
281 wmsAddress = map.get( "-WMSAddress" );
282 secDBDriver = map.get( "-Driver" );
283 secDBURL = map.get( "-URL" );
284 secDBUserName = map.get( "-DBUserName" );
285 secDBUserPw = map.get( "-DBUserPassword" );
286 secAdminPw = map.get( "-SecAdminPassword" );
287 }
288
289 private void validate( Map<String, String> map )
290 throws IllegalArgumentException {
291 if ( map.get( "-WMSAddress" ) == null ) {
292 throw new IllegalArgumentException( "Parameter -WMSAddress must be set" );
293 }
294 try {
295 new URL( map.get( "-WMSAddress" ) );
296 } catch ( Exception e ) {
297 throw new IllegalArgumentException( "Parameter -WMSAddress must be a valid URL" );
298 }
299 if ( map.get( "-Driver" ) == null ) {
300 throw new IllegalArgumentException( "Parameter -Driver must be set" );
301 }
302 if ( map.get( "-URL" ) == null ) {
303 throw new IllegalArgumentException( "Parameter -URL must be set" );
304 }
305 if ( map.get( "-DBUserName" ) == null ) {
306 throw new IllegalArgumentException( "Parameter -DBUserName must be set" );
307 }
308 if ( map.get( "-DBUserPassword" ) == null ) {
309 throw new IllegalArgumentException( "Parameter -DBUserPassword must be set" );
310 }
311 if ( map.get( "-SecAdminPassword" ) == null ) {
312 throw new IllegalArgumentException( "Parameter -SecAdminPassword must be set" );
313 }
314 }
315
316 /**
317 *
318 * @return database driver class
319 */
320 public String getSecDBDriver() {
321 return secDBDriver;
322 }
323
324 /**
325 *
326 * @return database URL
327 */
328 public String getSecDBURL() {
329 return secDBURL;
330 }
331
332 /**
333 *
334 * @return address/URL of the WMS
335 */
336 public String getWmsAddress() {
337 return wmsAddress;
338 }
339
340 /**
341 *
342 * @return rights management administrator password
343 */
344 public String getSecAdminPw() {
345 return secAdminPw;
346 }
347
348 /**
349 *
350 * @return rights db user name
351 */
352 public String getSecDBUserName() {
353 return secDBUserName;
354 }
355
356 /**
357 *
358 * @return rights database user's password
359 */
360 public String getSecDBUserPw() {
361 return secDBUserPw;
362 }
363
364 }
365
366 }