001: //$HeadURL: https://svn.wald.intevation.org/svn/deegree/base/trunk/src/org/deegree/ogcwebservices/wass/wss/operation/DoServicePasswordHandler.java $
002: /*---------------- FILE HEADER ------------------------------------------
003:
004: This file is part of deegree.
005: Copyright (C) 2001-2008 by:
006: EXSE, Department of Geography, University of Bonn
007: http://www.giub.uni-bonn.de/deegree/
008: lat/lon GmbH
009: http://www.lat-lon.de
010:
011: This library is free software; you can redistribute it and/or
012: modify it under the terms of the GNU Lesser General Public
013: License as published by the Free Software Foundation; either
014: version 2.1 of the License, or (at your option) any later version.
015:
016: This library is distributed in the hope that it will be useful,
017: but WITHOUT ANY WARRANTY; without even the implied warranty of
018: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
019: Lesser General Public License for more details.
020:
021: You should have received a copy of the GNU Lesser General Public
022: License along with this library; if not, write to the Free Software
023: Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
024:
025: Contact:
026:
027: Andreas Poth
028: lat/lon GmbH
029: Aennchenstr. 19
030: 53115 Bonn
031: Germany
032: E-Mail: poth@lat-lon.de
033:
034: Prof. Dr. Klaus Greve
035: Department of Geography
036: University of Bonn
037: Meckenheimer Allee 166
038: 53115 Bonn
039: Germany
040: E-Mail: greve@giub.uni-bonn.de
041:
042:
043: ---------------------------------------------------------------------------*/
044:
045: package org.deegree.ogcwebservices.wass.wss.operation;
046:
047: import org.deegree.framework.log.ILogger;
048: import org.deegree.framework.log.LoggerFactory;
049: import org.deegree.i18n.Messages;
050: import org.deegree.ogcwebservices.wass.common.AuthenticationData;
051: import org.deegree.ogcwebservices.wass.common.WASSSecurityManager;
052: import org.deegree.ogcwebservices.wass.exceptions.DoServiceException;
053: import org.deegree.security.GeneralSecurityException;
054: import org.deegree.security.drm.SecurityAccessManager;
055: import org.deegree.security.drm.model.User;
056:
057: /**
058: * This class handles a webservice request which is . It's primary roles are to check if the user
059: * has (sufficient) credentials and to delegate the request to the service provider behind this
060: * proxy.
061: *
062: *
063: * @author <a href="mailto:bezema@lat-lon.de">Rutger Bezema</a>
064: * @author last edited by: $Author: apoth $
065: *
066: * @version 2.0, $Revision: 9345 $, $Date: 2007-12-27 08:22:25 -0800 (Thu, 27 Dec 2007) $
067: *
068: * @since 2.0
069: */
070:
071: public class DoServicePasswordHandler extends DoServiceHandler {
072:
073: private static final ILogger LOG = LoggerFactory
074: .getLogger(DoServicePasswordHandler.class);
075:
076: private final SecurityAccessManager manager;
077:
078: /**
079: * @param securityManager
080: * @throws GeneralSecurityException
081: */
082: public DoServicePasswordHandler(WASSSecurityManager securityManager)
083: throws GeneralSecurityException {
084: manager = securityManager.getSecurityAccessManager();
085: }
086:
087: /**
088: * Checks if the request has sufficient credentials to request the feature, and if so request
089: * the feature at the service.
090: *
091: * @throws DoServiceException
092: */
093: @Override
094: public void handleRequest(DoService request)
095: throws DoServiceException {
096:
097: AuthenticationData authData = request.getAuthenticationData();
098: // password authentication used?
099: if (authData.usesPasswordAuthentication()) {
100: try {
101: String user = authData.getUsername();
102: String pass = authData.getPassword();
103: User usr = manager.getUserByName(user);
104: usr.authenticate(pass);
105: // SecurityAccess secAccess = manager.acquireAccess( usr );
106: // usr.hasRight( secAccess );
107: /**
108: * TODO Here it is specified that the wss should check if the user has the
109: * sufficient right to do the service request. Deegree does these request in the
110: * owsRequestvalidator package, which means we only support - for the moment - a
111: * check if the user is registered. For Details on how to get the right for
112: * particular object please look at the following method.
113: *
114: * @see org.deegree.security.owsrequestvalidator.GetFeatureRequestValidator#validateAgainstRightsDB
115: *
116: */
117: } catch (GeneralSecurityException e) {
118: LOG.logError(e.getLocalizedMessage(), e);
119: throw new DoServiceException(e.getLocalizedMessage(), e);
120: } catch (StringIndexOutOfBoundsException e) {
121: LOG.logError(e.getLocalizedMessage(), e);
122: throw new DoServiceException(Messages.getMessage(
123: "WASS_ERROR_USERPASS_NOT_PARSED", "WSS"));
124: }
125: }
126:
127: setRequestAllowed(true);
128:
129: }
130:
131: }
|