001: //$HeadURL: https://svn.wald.intevation.org/svn/deegree/base/trunk/src/org/deegree/ogcwebservices/wass/wss/WSService.java $
002: /*---------------- FILE HEADER ------------------------------------------
003:
004: This file is part of deegree.
005: Copyright (C) 2001-2008 by:
006: Department of Geography, University of Bonn
007: http://www.giub.uni-bonn.de/deegree/
008: lat/lon GmbH
009: http://www.lat-lon.de
010:
011: This library is free software; you can redistribute it and/or
012: modify it under the terms of the GNU Lesser General Public
013: License as published by the Free Software Foundation; either
014: version 2.1 of the License, or (at your option) any later version.
015:
016: This library is distributed in the hope that it will be useful,
017: but WITHOUT ANY WARRANTY; without even the implied warranty of
018: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
019: Lesser General Public License for more details.
020:
021: You should have received a copy of the GNU Lesser General Public
022: License along with this library; if not, write to the Free Software
023: Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
024:
025: Contact:
026:
027: Andreas Poth
028: lat/lon GmbH
029: Aennchenstr. 19
030: 53177 Bonn
031: Germany
032: E-Mail: poth@lat-lon.de
033:
034: Prof. Dr. Klaus Greve
035: Department of Geography
036: University of Bonn
037: Meckenheimer Allee 166
038: 53115 Bonn
039: Germany
040: E-Mail: greve@giub.uni-bonn.de
041:
042: ---------------------------------------------------------------------------*/
043:
044: package org.deegree.ogcwebservices.wass.wss;
045:
046: import java.util.ArrayList;
047:
048: import org.deegree.framework.log.ILogger;
049: import org.deegree.framework.log.LoggerFactory;
050: import org.deegree.framework.trigger.TriggerProvider;
051: import org.deegree.i18n.Messages;
052: import org.deegree.ogcwebservices.OGCWebService;
053: import org.deegree.ogcwebservices.OGCWebServiceException;
054: import org.deegree.ogcwebservices.OGCWebServiceRequest;
055: import org.deegree.ogcwebservices.getcapabilities.OGCCapabilities;
056: import org.deegree.ogcwebservices.wass.common.AuthenticationData;
057: import org.deegree.ogcwebservices.wass.common.CloseSession;
058: import org.deegree.ogcwebservices.wass.common.CloseSessionHandler;
059: import org.deegree.ogcwebservices.wass.common.GetSession;
060: import org.deegree.ogcwebservices.wass.common.GetSessionAnonymousHandler;
061: import org.deegree.ogcwebservices.wass.common.GetSessionDispatcher;
062: import org.deegree.ogcwebservices.wass.common.GetSessionHandler;
063: import org.deegree.ogcwebservices.wass.common.GetSessionPasswordHandler;
064: import org.deegree.ogcwebservices.wass.common.Operation_1_0;
065: import org.deegree.ogcwebservices.wass.common.WASSSecurityManager;
066: import org.deegree.ogcwebservices.wass.exceptions.DoServiceException;
067: import org.deegree.ogcwebservices.wass.wss.configuration.WSSConfiguration;
068: import org.deegree.ogcwebservices.wass.wss.configuration.WSSDeegreeParams;
069: import org.deegree.ogcwebservices.wass.wss.operation.DoService;
070: import org.deegree.ogcwebservices.wass.wss.operation.DoServiceAnonymousHandler;
071: import org.deegree.ogcwebservices.wass.wss.operation.DoServiceHandler;
072: import org.deegree.ogcwebservices.wass.wss.operation.DoServicePasswordHandler;
073: import org.deegree.ogcwebservices.wass.wss.operation.DoServiceSessionHandler;
074: import org.deegree.ogcwebservices.wass.wss.operation.WSSGetCapabilities;
075: import org.deegree.security.GeneralSecurityException;
076: import org.deegree.security.session.SessionStatusException;
077:
078: /**
079: * The Web Security Service - <code>WSService</code> - is the dispatcher of the entire WSS. It
080: * calls the appropriate classes according to a given request.
081: *
082: * @author <a href="mailto:bezema@lat-lon.de">Rutger Bezema</a>
083: * @author last edited by: $Author: apoth $
084: *
085: * @version $Revision: 9345 $, $Date: 2007-12-27 08:22:25 -0800 (Thu, 27 Dec 2007) $
086: */
087: public class WSService implements OGCWebService {
088:
089: private WSSConfiguration configuration = null;
090:
091: private static final ILogger LOG = LoggerFactory
092: .getLogger(WSService.class);
093:
094: private static final TriggerProvider TP = TriggerProvider
095: .create(WSService.class);
096:
097: private GetSessionHandler getSessionHandler = null;
098:
099: private CloseSessionHandler closeSessionHandler = null;
100:
101: private DoServiceHandler doServiceHandler = null;
102:
103: private WASSSecurityManager secManager = null;
104:
105: /**
106: * Creates a new WebSecurityService with the given configuration( = capabilities) bean.
107: *
108: * @param config
109: * @throws OGCWebServiceException
110: */
111: public WSService(WSSConfiguration config)
112: throws OGCWebServiceException {
113: configuration = config;
114:
115: WSSDeegreeParams dgParams = configuration.getDeegreeParams();
116: if (configuration.isSessionAuthenticationSupported()) {
117: for (Operation_1_0 operation : configuration
118: .getOperationsMetadata().getAllOperations()) {
119: if ("GetSession".equals(operation.getName())) {
120: try {
121: ArrayList<GetSessionHandler> handlers = new ArrayList<GetSessionHandler>();
122: int lifetime = dgParams.getSessionLifetime();
123: if (configuration
124: .isPasswordAuthenticationSupported()) {
125: secManager = new WASSSecurityManager(
126: dgParams.getDatabaseConnection());
127: handlers.add(new GetSessionPasswordHandler(
128: secManager, lifetime));
129: }
130: if (configuration
131: .isAnonymousAuthenticationSupported()) {
132: handlers
133: .add(new GetSessionAnonymousHandler(
134: lifetime));
135: }
136: if (handlers.size() == 0)
137: throw new OGCWebServiceException(
138: Messages
139: .getMessage(
140: "WASS_ERROR_NO_AUTHMETHOD_HANDLER",
141: "WSS"));
142: getSessionHandler = new GetSessionDispatcher(
143: handlers);
144:
145: } catch (GeneralSecurityException e) {
146: LOG.logError(e.getLocalizedMessage(), e);
147: throw new OGCWebServiceException(e
148: .getLocalizedMessage());
149: }
150: } else if ("CloseSession".equals(operation.getName())) {
151: closeSessionHandler = new CloseSessionHandler();
152: }
153: }
154: }
155: }
156:
157: /*
158: * Returns the capabilities of the WSS. This is not the correct default behaviour, for a
159: * GetCapabalities request must be able to request only parts of the capabilies of this wss .
160: *
161: * @see org.deegree.ogcwebservices.OGCWebService#getCapabilities()
162: */
163: public OGCCapabilities getCapabilities() {
164: return configuration;
165: }
166:
167: /*
168: * The core method. It dispatches the request to the appropriate classes which handle them.
169: *
170: * @see org.deegree.ogcwebservices.OGCWebService#doService(org.deegree.ogcwebservices.OGCWebServiceRequest)
171: */
172: public Object doService(OGCWebServiceRequest request)
173: throws OGCWebServiceException {
174:
175: request = (OGCWebServiceRequest) TP.doPreTrigger(this , request)[0];
176:
177: Object response = null;
178:
179: // TODO exception handling: throw e after each different occasion with descriptive msg
180: try {
181: if (request instanceof WSSGetCapabilities) {
182: response = getCapabilities();
183: } else if ((getSessionHandler != null)
184: && (request instanceof GetSession)) {
185: response = getSessionHandler
186: .handleRequest((GetSession) request);
187: } else if ((closeSessionHandler != null)
188: && (request instanceof CloseSession)) {
189: closeSessionHandler
190: .handleRequest((CloseSession) request);
191: } else if (request instanceof DoService) {
192: AuthenticationData authData = ((DoService) request)
193: .getAuthenticationData();
194: // password authentication used?
195: if (authData.usesPasswordAuthentication()) {
196: if (configuration
197: .isPasswordAuthenticationSupported())
198: doServiceHandler = new DoServicePasswordHandler(
199: secManager);
200: else
201: response = new OGCWebServiceException(
202: Messages
203: .getMessage(
204: "WASS_ERROR_AUTHENTICATION_PASSWORD_NOT_SUPPORTED",
205: "WSS"));
206: } else if (authData.usesSessionAuthentication()) {
207: if (configuration
208: .isSessionAuthenticationSupported())
209: doServiceHandler = new DoServiceSessionHandler();
210: else
211: response = new OGCWebServiceException(
212: Messages
213: .getMessage(
214: "WASS_ERROR_AUTHENTICATION_SESSION_NOT_SUPPORTED",
215: "WSS"));
216: } else if (authData.usesAnonymousAuthentication()) {
217: if (configuration
218: .isAnonymousAuthenticationSupported())
219: doServiceHandler = new DoServiceAnonymousHandler();
220: else
221: response = new OGCWebServiceException(
222: Messages
223: .getMessage(
224: "WASS_ERROR_AUTHENTICATION_ANONYMOUS_NOT_SUPPORTED",
225: "WSS"));
226: }
227: if (response == null) {
228: doServiceHandler.handleRequest((DoService) request);
229: if (doServiceHandler.requestAllowed())
230: response = doServiceHandler
231: .sendRequest(
232: (DoService) request,
233: (configuration
234: .getDeegreeParams())
235: .getSecuredServiceAddress()
236: .getLinkage().getHref(),
237: /* configuration.getDeegreeParams().getCharacterSet() */null,
238: /* configuration.getDeegreeParams().getRequestTimeLimit() */0,
239: configuration
240: .getSecuredServiceType());
241: }
242: } else {
243: LOG.logError(Messages.getMessage(
244: "WASS_ERROR_UNKNOWN_REQUEST", new Object[] {
245: "WSS", request.getClass().getName() }));
246: throw new OGCWebServiceException(Messages.getMessage(
247: "WASS_ERROR_UNKNOWN_REQUEST", new Object[] {
248: "WSS", request.getClass().getName() }));
249: }
250: } catch (DoServiceException e) {
251: LOG.logError(e.getLocalizedMessage(), e);
252: response = new OGCWebServiceException(e
253: .getLocalizedMessage());
254: } catch (SessionStatusException e) {
255: LOG.logError(e.getLocalizedMessage(), e);
256: // TODO Check if this particular message is needed for the GDI NRW spec V1.0.
257: // Otherwise delete it and use e.getLocalizedMessage() instead.
258: response = new OGCWebServiceException(Messages.getMessage(
259: "WASS_ERROR_INVALID_SESSION", "WSService"));
260: } catch (GeneralSecurityException e) {
261: LOG.logError(e.getLocalizedMessage(), e);
262: // TODO Check if this particular message is needed for the GDI NRW spec V1.0.
263: // Otherwise delete it and use e.getMessage() instead.
264: // throw new OGCWebServiceException( e.getLocalizedMessage() );
265: throw new OGCWebServiceException(Messages.getMessage(
266: "WASS_ERROR_SECURITY_SYSTEM", "WSService"));
267: }
268:
269: return TP.doPostTrigger(this , response)[0];
270: }
271:
272: }
|