001: package de.latlon.adv;
002:
003: import java.io.File;
004: import java.io.IOException;
005: import java.io.OutputStream;
006: import java.net.MalformedURLException;
007: import java.net.URL;
008: import java.security.InvalidParameterException;
009:
010: import javax.servlet.FilterConfig;
011: import javax.servlet.ServletException;
012:
013: import org.deegree.enterprise.servlet.ServletRequestWrapper;
014: import org.deegree.enterprise.servlet.ServletResponseWrapper;
015: import org.deegree.framework.log.ILogger;
016: import org.deegree.framework.log.LoggerFactory;
017: import org.deegree.framework.xml.XMLParsingException;
018: import org.deegree.ogcwebservices.InvalidParameterValueException;
019: import org.deegree.ogcwebservices.OGCRequestFactory;
020: import org.deegree.ogcwebservices.OGCWebServiceException;
021: import org.deegree.ogcwebservices.OGCWebServiceRequest;
022: import org.deegree.security.GeneralSecurityException;
023: import org.deegree.security.SecurityConfigurationException;
024: import org.deegree.security.UnauthorizedException;
025: import org.deegree.security.drm.SecurityAccessManager;
026: import org.deegree.security.drm.model.User;
027: import org.deegree.security.owsproxy.OWSProxyPolicyFilter;
028: import org.deegree.security.owsrequestvalidator.PolicyDocument;
029: import org.deegree.security.owsrequestvalidator.csw.CSWValidator;
030:
031: /**
032: *
033: *
034: *
035: * @author <a href="mailto:poth@lat-lon.de">Andreas Poth</a>
036: * @author last edited by: $Author: bezema $
037: *
038: * @version. $Revision: 1.3 $, $Date: 2007-06-21 13:54:48 $
039: */
040: public class OWSProxyHandler {
041:
042: private static final ILogger LOG = LoggerFactory
043: .getLogger(OWSProxyHandler.class);
044:
045: private OWSProxyPolicyFilter pFilter;
046:
047: /**
048: * initialize the filter with parameters from the deployment descriptor
049: *
050: * @param config
051: * @throws Exception
052: */
053: public OWSProxyHandler(FilterConfig config) {
054:
055: pFilter = new OWSProxyPolicyFilter();
056: String proxyURL = "http://127.0.0.1/owsproxy/proxy";
057: if (config.getInitParameter("PROXYURL") != null) {
058: proxyURL = config.getInitParameter("PROXYURL");
059: }
060: LOG.logDebug(" found 'PROXYURL' param: " + proxyURL);
061: String paramValue = config.getInitParameter("CSW:POLICY");
062: LOG.logDebug(" found 'CSW:POLICY' param: " + paramValue);
063: paramValue = config.getServletContext().getRealPath(paramValue);
064: LOG.logDebug(" 'CSW:POLICY' param converted to realPath: "
065: + paramValue);
066:
067: try {
068: URL fileURL = new File(paramValue).toURI().toURL();
069: PolicyDocument doc = new PolicyDocument(fileURL);
070: CSWValidator validator = new CSWValidator(doc.getPolicy(),
071: proxyURL);
072: pFilter.addValidator("CSW", validator);
073: pFilter
074: .addValidator(
075: "urn:x-ogc:specification:cswebrim:Service:OGC-CSW:ebRIM",
076: validator);
077: LOG.logDebug(" added the CSW validator from: " + paramValue
078: + " to the OWSProxyPolicyFilter.");
079: } catch (MalformedURLException e) {
080: LOG.logDebug(" couldn't create a fileURL from: "
081: + paramValue + " because: " + e.getMessage());
082: throw new InvalidParameterException(
083: "Couldn't create an OWSProxyhandler because: "
084: + e.getMessage());
085: } catch (SecurityConfigurationException e) {
086: LOG.logDebug(" couldn't create a PolicyDocument from: "
087: + paramValue + " because: " + e.getMessage());
088: throw new InvalidParameterException(
089: "Couldn't create an OWSProxyhandler because: "
090: + e.getMessage());
091: } catch (XMLParsingException e) {
092: LOG
093: .logDebug(" couldn't get an Policy fromt the PolicyDocument from location: "
094: + paramValue
095: + " because: "
096: + e.getMessage());
097: throw new InvalidParameterException(
098: "Couldn't create an OWSProxyhandler because: "
099: + e.getMessage());
100: }
101: }
102:
103: /**
104: *
105: * @param request
106: * @return a request created fromt the http servlet request (e.g. calling the {@link OGCRequestFactory#create(javax.servlet.ServletRequest)}.
107: * @throws OGCWebServiceException
108: * @throws ServletException
109: */
110: public OGCWebServiceRequest createOWSRequest(
111: ServletRequestWrapper request)
112: throws OGCWebServiceException {
113: OGCWebServiceRequest owsReq = null;
114: try {
115: owsReq = OGCRequestFactory.create(request);
116: } catch (OGCWebServiceException e) {
117: LOG.logDebug(
118: " Couln't create an OGCWebserviceRequest because: "
119: + e.getMessage(), e);
120: throw e;
121: }
122: return owsReq;
123: }
124:
125: /**
126: * Validates if a given user may send the given request
127: * @param request
128: * @param user
129: * @param owsRequest created of the stream.
130: * @throws UnauthorizedException if the user is not authorized to do the given request.
131: * @throws InvalidParameterValueException
132: */
133: public void doRequestValidation(ServletRequestWrapper request,
134: User user, OGCWebServiceRequest owsRequest)
135: throws UnauthorizedException,
136: InvalidParameterValueException {
137: LOG.logDebug(" validating credentials for user: "
138: + user.toString());
139: pFilter.validateGeneralConditions(request, request
140: .getContentLength(), user);
141: pFilter.validate(owsRequest, user);
142:
143: }
144:
145: /**
146: *
147: * @param response
148: * @param user
149: * @param owsRequest
150: * @throws IOException
151: * @throws UnauthorizedException
152: * @throws InvalidParameterValueException
153: * @throws Exception
154: */
155: public void doResponseValidation(ServletResponseWrapper response,
156: User user, OGCWebServiceRequest owsRequest)
157: throws IOException, InvalidParameterValueException,
158: UnauthorizedException {
159: // forward request to the next filter or servlet
160: // get result from performing the request
161: OutputStream os = response.getOutputStream();
162: byte[] b = ((ServletResponseWrapper.ProxyServletOutputStream) os)
163: .toByteArray();
164: if (LOG.getLevel() == ILogger.LOG_DEBUG) {
165: LOG.logDebug(" response bytes as a string: \n"
166: + new String(b));
167: }
168:
169: // validate the result of a request performing
170: String mime = response.getContentType();
171: LOG.logDebug(" resonse mime type: " + mime);
172: pFilter.validate(owsRequest, b, mime, user);
173:
174: }
175:
176: /**
177: *
178: * @param user
179: * @param password
180: * @return a User identified by the user and password.
181: * @throws GeneralSecurityException
182: */
183: public User authentificateFromUserPw(String user, String password)
184: throws GeneralSecurityException {
185: User usr = null;
186: SecurityAccessManager sam;
187: // try {
188: sam = SecurityAccessManager.getInstance();
189: usr = sam.getUserByName(user);
190: usr.authenticate(password);
191: // } catch ( GeneralSecurityException e ) {
192: // // TODO Auto-generated catch block
193: // if ( !( user.equals( "anonymous" ) ) ) {
194: // throw new UnauthorizedException( "OWSProxyServletFilter.USERERROR" );
195: // }
196: //
197: // }
198:
199: // } catch ( Exception e ) {
200: // LOG.logError( e.getMessage(), e );
201: // }
202:
203: return usr;
204: }
205:
206: // public static void main( String[] args )
207: // throws Exception {
208: // // just for demonstration how to use
209: // FilterConfig config = null;
210: // OWSProxyHandler fil = new OWSProxyHandler( config );
211: //
212: // ServletRequestWrapper request = null;
213: // OGCWebServiceRequest owsReq = fil.createOWSRequest( request );
214: // User user = fil.authentificateFromUserPw( "poth", "myPassword" );
215: // fil.doRequestValidation( request, user, owsReq );
216: //
217: // /*
218: // * here the magic of the program must be added ...
219: // */
220: //
221: // // kann sein, dass wir die response validierung nicht brauchen
222: // // daher erst mal ohne versuchen ...
223: // /*
224: // * ServletResponseWrapper response = null; fil.doResponseValidation( response, user, owsReq );
225: // */
226: //
227: // }
228:
229: }
|