001    //$HeadURL$
002    /*----------------------------------------------------------------------------
003     This file is part of deegree, http://deegree.org/
004     Copyright (C) 2001-2009 by:
005       Department of Geography, University of Bonn
006     and
007       lat/lon GmbH
008    
009     This library is free software; you can redistribute it and/or modify it under
010     the terms of the GNU Lesser General Public License as published by the Free
011     Software Foundation; either version 2.1 of the License, or (at your option)
012     any later version.
013     This library is distributed in the hope that it will be useful, but WITHOUT
014     ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
015     FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
016     details.
017     You should have received a copy of the GNU Lesser General Public License
018     along with this library; if not, write to the Free Software Foundation, Inc.,
019     59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
020    
021     Contact information:
022    
023     lat/lon GmbH
024     Aennchenstr. 19, 53177 Bonn
025     Germany
026     http://lat-lon.de/
027    
028     Department of Geography, University of Bonn
029     Prof. Dr. Klaus Greve
030     Postfach 1147, 53001 Bonn
031     Germany
032     http://www.geographie.uni-bonn.de/deegree/
033    
034     e-mail: info@deegree.org
035    ----------------------------------------------------------------------------*/
036    package org.deegree.security;
037    
038    import java.net.URL;
039    import java.util.Map;
040    
041    import javax.servlet.http.HttpServletRequest;
042    
043    import org.deegree.framework.log.ILogger;
044    import org.deegree.framework.log.LoggerFactory;
045    import org.deegree.framework.xml.NamespaceContext;
046    import org.deegree.framework.xml.XMLFragment;
047    import org.deegree.framework.xml.XMLTools;
048    import org.deegree.i18n.Messages;
049    import org.deegree.ogcbase.CommonNamespaces;
050    import org.deegree.security.drm.SecurityAccessManager;
051    import org.deegree.security.drm.WrongCredentialsException;
052    import org.deegree.security.drm.model.User;
053    import org.w3c.dom.Document;
054    
055    /**
056     *
057     *
058     * @author <a href="mailto:poth@lat-lon.de">Andreas Poth</a>
059     * @author last edited by: $Author: poth $
060     *
061     * @version $Revision: 6251 $, $Date: 2007-03-19 16:59:28 +0100 (Mo, 19 Mrz 2007) $
062     */
063    public class WASAuthentication extends AbstractAuthentication {
064    
065        private static final ILogger LOG = LoggerFactory.getLogger( WASAuthentication.class );
066    
067        private static final NamespaceContext nsContext = CommonNamespaces.getNamespaceContext();
068    
069        protected static final String AUTH_PARAM_SESSIONID = "SESSIONID";
070    
071        protected static final String INIT_PARAM_WAS = "WAS";
072    
073        protected static final String INIT_PARAM_BASEREQUEST = "WAS";
074    
075        /**
076         *
077         * @param authenticationName
078         * @param initParams
079         */
080        public WASAuthentication( String authenticationName, Map<String, String> initParams ) {
081            super( authenticationName, initParams );
082        }
083        
084        /*
085         * (non-Javadoc)
086         * 
087         * @see org.deegree.security.AbstractAuthentication#authenticate(java.util.Map,
088         * javax.servlet.http.HttpServletRequest)
089         */
090        public User authenticate( Map<String, String> params, HttpServletRequest request )
091                                throws WrongCredentialsException {
092            String sessionID = params.get( AUTH_PARAM_SESSIONID );
093            User usr = null;
094            if ( sessionID != null ) {
095                String[] user = new String[3];
096                String urlStr = initParams.get( INIT_PARAM_WAS );
097                urlStr = urlStr.replaceFirst( "\\[SESSIONID\\]", sessionID );
098                LOG.logDebug( "request WAS for user information: " + urlStr );
099                Document doc = null;
100                try {
101                    URL url = new URL( urlStr );
102                    XMLFragment xml = new XMLFragment( url );
103                    doc = xml.getRootElement().getOwnerDocument();
104                    user[0] = XMLTools.getNodeAsString( doc, "/User/UserName", nsContext, null );
105                    user[1] = XMLTools.getNodeAsString( doc, "/User/Password", nsContext, null );
106                } catch ( Exception e ) {
107                    LOG.logError( e.getMessage(), e );
108                    throw new WrongCredentialsException( Messages.getMessage( "OWSProxyServletFilter.WASACCESS" ) );
109                }
110    
111                if ( user[0] != null ) {
112                    try {
113                        SecurityAccessManager sam = SecurityAccessManager.getInstance();
114                        usr = sam.getUserByName( user[0] );
115                        usr.authenticate( user[1] );
116                    } catch ( Exception e ) {
117                        throw new WrongCredentialsException( Messages.getMessage( "OWSPROXY_USER_AUTH_ERROR", user[0] ) );
118                    }
119                } else {
120                    String msg = "undefined error";
121                    try {
122                        msg = XMLTools.getNodeAsString( doc, "//ServiceException", nsContext, "general error" );
123                    } catch ( Exception e ) {
124                        // should never happen
125                    }
126                    throw new WrongCredentialsException( msg );
127                }
128            }
129    
130            return usr;
131        }
132    
133    
134    
135    }