001: //$HeadURL: https://svn.wald.intevation.org/svn/deegree/base/trunk/src/org/deegree/security/owsproxy/OWSProxyPolicyFilter.java $
002: /*---------------- FILE HEADER ------------------------------------------
003:
004: This file is part of deegree.
005: Copyright (C) 2001-2008 by:
006: EXSE, Department of Geography, University of Bonn
007: http://www.giub.uni-bonn.de/deegree/
008: lat/lon GmbH
009: http://www.lat-lon.de
010:
011: This library is free software; you can redistribute it and/or
012: modify it under the terms of the GNU Lesser General Public
013: License as published by the Free Software Foundation; either
014: version 2.1 of the License, or (at your option) any later version.
015:
016: This library is distributed in the hope that it will be useful,
017: but WITHOUT ANY WARRANTY; without even the implied warranty of
018: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
019: Lesser General Public License for more details.
020:
021: You should have received a copy of the GNU Lesser General Public
022: License along with this library; if not, write to the Free Software
023: Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
024:
025: Contact:
026:
027: Andreas Poth
028: lat/lon GmbH
029: Aennchenstr. 19
030: 53177 Bonn
031: Germany
032: E-Mail: poth@lat-lon.de
033:
034: Prof. Dr. Klaus Greve
035: Department of Geography
036: University of Bonn
037: Meckenheimer Allee 166
038: 53115 Bonn
039: Germany
040: E-Mail: greve@giub.uni-bonn.de
041:
042: ---------------------------------------------------------------------------*/
043: package org.deegree.security.owsproxy;
044:
045: import java.util.Enumeration;
046: import java.util.HashMap;
047: import java.util.Map;
048:
049: import javax.servlet.http.HttpServletRequest;
050:
051: import org.deegree.framework.trigger.TriggerProvider;
052: import org.deegree.ogcwebservices.InvalidParameterValueException;
053: import org.deegree.ogcwebservices.OGCWebServiceRequest;
054: import org.deegree.security.UnauthorizedException;
055: import org.deegree.security.drm.model.User;
056: import org.deegree.security.owsrequestvalidator.GeneralPolicyValidator;
057: import org.deegree.security.owsrequestvalidator.OWSValidator;
058:
059: /**
060: *
061: *
062: * @author <a href="mailto:poth@lat-lon.de">Andreas Poth </a>
063: * @author last edited by: $Author: aschmitz $
064: *
065: * @version 1.1, $Revision: 10496 $, $Date: 2008-03-06 08:16:52 -0800 (Thu, 06 Mar 2008) $
066: *
067: * @since 1.1
068: *
069: */
070: public class OWSProxyPolicyFilter {
071:
072: private static TriggerProvider TP = TriggerProvider
073: .create(OWSProxyPolicyFilter.class);
074:
075: private Map<String, OWSValidator> validators = null;
076:
077: /**
078: * if this constructor is used the OWSProxyPolicyFilter doesn't constain a Validator. Validators
079: * must be set using the addValidator(OWSPolicyValidator) method
080: */
081: public OWSProxyPolicyFilter() {
082: validators = new HashMap<String, OWSValidator>();
083: }
084:
085: /**
086: * adds a <tt>OWSPolicyValidator</tt> to the <tt>OWSProxyPolicyFilter</tt>
087: * @param service
088: *
089: * @param validator
090: */
091: public void addValidator(String service, OWSValidator validator) {
092: validators.put(service, validator);
093: }
094:
095: /**
096: * validate the passed <tt>OGCWebServiceRequest</tt> againsted the Policy encapsulated by the
097: * <tt>OWSProxyPolicyFilter</tt>
098: *
099: * @param request
100: * @param length
101: * length (characters) of the request
102: * @param user
103: * @throws InvalidParameterValueException
104: * @throws UnauthorizedException
105: */
106: public void validateGeneralConditions(HttpServletRequest request,
107: int length, User user)
108: throws InvalidParameterValueException,
109: UnauthorizedException {
110:
111: Object o = validators.keySet().iterator().next();
112: OWSValidator validator = validators.get(o);
113: // create GeneralPolicyValidatora and perform validation of
114: // general request parameters
115: GeneralPolicyValidator gpValidator = new GeneralPolicyValidator(
116: validator.getGeneralCondtion());
117: validateGeneralConditions(gpValidator, request, length, user);
118: }
119:
120: /**
121: * validate the passed <tt>OGCWebServiceRequest</tt> againsted the Policy encapsulated by the
122: * <tt>OWSProxyPolicyFilter</tt>
123: *
124: * @param request
125: * @param user
126: * @throws InvalidParameterValueException
127: * @throws UnauthorizedException
128: */
129: public void validate(OGCWebServiceRequest request, User user)
130: throws InvalidParameterValueException,
131: UnauthorizedException {
132:
133: Object[] o = TP.doPreTrigger(this , request, user);
134: request = (OGCWebServiceRequest) o[0];
135: user = (User) o[1];
136:
137: String service = request.getServiceName();
138: if (service
139: .equals("urn:x-ogc:specification:cswebrim:Service:OGC-CSW:ebRIM")) {
140: service = "CSW";
141: }
142: // get validator assigned to the requested service
143: OWSValidator validator = validators.get(service);
144:
145: if (validator == null) {
146: throw new InvalidParameterValueException(
147: "No Validator registered for service: " + service);
148: }
149: // validate the OWS request
150: validator.validateRequest(request, user);
151:
152: TP.doPostTrigger(this , request, user);
153:
154: }
155:
156: /**
157: * validates the general conditions of a Http request. validated are:
158: * <ul>
159: * <li>content length
160: * <li>request method
161: * <li>header fields
162: * </ul>
163: *
164: * @param gpValidator
165: * @param request
166: * @param length
167: * length (characters) of the request
168: * @param user
169: * @throws InvalidParameterValueException
170: * @throws UnauthorizedException
171: */
172: private void validateGeneralConditions(
173: GeneralPolicyValidator gpValidator,
174: HttpServletRequest request, int length, User user)
175: throws InvalidParameterValueException,
176: UnauthorizedException {
177:
178: gpValidator.validateRequestMethod(request.getMethod());
179: if (request.getContentLength() > 0)
180: length = request.getContentLength();
181: if (request.getMethod().equalsIgnoreCase("GET")) {
182: gpValidator.validateGetContentLength(length);
183: } else {
184: gpValidator.validatePostContentLength(length);
185: }
186: Enumeration<?> iterator = request.getHeaderNames();
187: Map<String, Object> header = new HashMap<String, Object>();
188: while (iterator.hasMoreElements()) {
189: String key = (String) iterator.nextElement();
190: Object value = request.getHeaders(key);
191: header.put(key, value);
192: }
193: gpValidator.validateHeader(header, user);
194: }
195:
196: /**
197: * validates the response (data) to a request
198: *
199: * @param request
200: * @param data
201: * @param mime
202: * @param user
203: * @return the response data
204: * @throws InvalidParameterValueException
205: * @throws UnauthorizedException
206: */
207: public byte[] validate(OGCWebServiceRequest request, byte[] data,
208: String mime, User user)
209: throws InvalidParameterValueException,
210: UnauthorizedException {
211:
212: Object[] o = TP.doPreTrigger(this , request, data, mime, user);
213: request = (OGCWebServiceRequest) o[0];
214: data = (byte[]) o[1];
215: mime = (String) o[2];
216: user = (User) o[3];
217:
218: String service = request.getServiceName();
219: if (service
220: .equals("urn:x-ogc:specification:cswebrim:Service:OGC-CSW:ebRIM")) {
221: service = "CSW";
222: }
223: // get validator assigned to the requested service
224: OWSValidator validator = validators.get(service);
225: if (validator == null) {
226: throw new InvalidParameterValueException(
227: "No Validator registered for service: " + service);
228: }
229: // validate the OWS request
230: data = validator.validateResponse(request, data, mime, user);
231: o = TP.doPostTrigger(this , request, data, mime, user);
232: data = (byte[]) o[1];
233: return data;
234:
235: }
236:
237: }
|