001    //$HeadURL: http://svn.wald.intevation.org/svn/deegree/base/trunk/src/org/deegree/ogcwebservices/wass/wss/operation/DoServicePasswordHandler.java $
002    /*----------------------------------------------------------------------------
003     This file is part of deegree, http://deegree.org/
004     Copyright (C) 2001-2009 by:
005       Department of Geography, University of Bonn
006     and
007       lat/lon GmbH
008    
009     This library is free software; you can redistribute it and/or modify it under
010     the terms of the GNU Lesser General Public License as published by the Free
011     Software Foundation; either version 2.1 of the License, or (at your option)
012     any later version.
013     This library is distributed in the hope that it will be useful, but WITHOUT
014     ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
015     FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
016     details.
017     You should have received a copy of the GNU Lesser General Public License
018     along with this library; if not, write to the Free Software Foundation, Inc.,
019     59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
020    
021     Contact information:
022    
023     lat/lon GmbH
024     Aennchenstr. 19, 53177 Bonn
025     Germany
026     http://lat-lon.de/
027    
028     Department of Geography, University of Bonn
029     Prof. Dr. Klaus Greve
030     Postfach 1147, 53001 Bonn
031     Germany
032     http://www.geographie.uni-bonn.de/deegree/
033    
034     e-mail: info@deegree.org
035    ----------------------------------------------------------------------------*/
036    
037    package org.deegree.ogcwebservices.wass.wss.operation;
038    
039    import org.deegree.framework.log.ILogger;
040    import org.deegree.framework.log.LoggerFactory;
041    import org.deegree.i18n.Messages;
042    import org.deegree.ogcwebservices.wass.common.AuthenticationData;
043    import org.deegree.ogcwebservices.wass.common.WASSSecurityManager;
044    import org.deegree.ogcwebservices.wass.exceptions.DoServiceException;
045    import org.deegree.security.GeneralSecurityException;
046    import org.deegree.security.drm.SecurityAccessManager;
047    import org.deegree.security.drm.model.User;
048    
049    /**
050     * This class handles a webservice request which is . It's primary roles are to check if the user
051     * has (sufficient) credentials and to delegate the request to the service provider behind this
052     * proxy.
053     *
054     *
055     * @author <a href="mailto:bezema@lat-lon.de">Rutger Bezema</a>
056     * @author last edited by: $Author: mschneider $
057     *
058     * @version 2.0, $Revision: 18195 $, $Date: 2009-06-18 17:55:39 +0200 (Thu, 18 Jun 2009) $
059     *
060     * @since 2.0
061     */
062    
063    public class DoServicePasswordHandler extends DoServiceHandler {
064    
065        private static final ILogger LOG = LoggerFactory.getLogger( DoServicePasswordHandler.class );
066    
067        private final SecurityAccessManager manager;
068    
069        /**
070         * @param securityManager
071         * @throws GeneralSecurityException
072         */
073        public DoServicePasswordHandler( WASSSecurityManager securityManager )
074                                throws GeneralSecurityException {
075            manager = securityManager.getSecurityAccessManager();
076        }
077    
078        /**
079         * Checks if the request has sufficient credentials to request the feature, and if so request
080         * the feature at the service.
081         *
082         * @throws DoServiceException
083         */
084        @Override
085        public void handleRequest( DoService request )
086                                throws DoServiceException {
087    
088            AuthenticationData authData = request.getAuthenticationData();
089            // password authentication used?
090            if ( authData.usesPasswordAuthentication() ) {
091                try {
092                    String user = authData.getUsername();
093                    String pass = authData.getPassword();
094                    User usr = manager.getUserByName( user );
095                    usr.authenticate( pass );
096                    // SecurityAccess secAccess = manager.acquireAccess( usr );
097                    // usr.hasRight( secAccess );
098                    /**
099                     * TODO Here it is specified that the wss should check if the user has the
100                     * sufficient right to do the service request. Deegree does these request in the
101                     * owsRequestvalidator package, which means we only support - for the moment - a
102                     * check if the user is registered. For Details on how to get the right for
103                     * particular object please look at the following method.
104                     *
105                     * @see org.deegree.security.owsrequestvalidator.GetFeatureRequestValidator#validateAgainstRightsDB
106                     *
107                     */
108                } catch ( GeneralSecurityException e ) {
109                    LOG.logError( e.getLocalizedMessage(), e );
110                    throw new DoServiceException( e.getLocalizedMessage(), e );
111                } catch ( StringIndexOutOfBoundsException e ) {
112                    LOG.logError( e.getLocalizedMessage(), e );
113                    throw new DoServiceException( Messages.getMessage( "WASS_ERROR_USERPASS_NOT_PARSED",
114                                                                   "WSS" ) );
115                }
116            }
117    
118            setRequestAllowed( true );
119    
120        }
121    
122    }