This project has retired. For details please refer to its
Attic page.
UDDISecurityImpl.javaUDDISecurityImpl.java
/*
* Copyright 2001-2008 The Apache Software Foundation.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
*/
package org.apache.juddi.api.impl;
import java.util.Date;
import java.util.UUID;
import javax.jws.WebService;
import javax.persistence.EntityManager;
import javax.persistence.EntityTransaction;
import javax.xml.ws.WebServiceContext;
import org.uddi.api_v3.AuthToken;
import org.uddi.api_v3.DiscardAuthToken;
import org.uddi.api_v3.GetAuthToken;
import org.uddi.v3_service.DispositionReportFaultMessage;
import org.uddi.v3_service.UDDISecurityPortType;
import org.apache.juddi.api.util.QueryStatus;
import org.apache.juddi.api.util.SecurityQuery;
import org.apache.juddi.config.PersistenceManager;
import org.apache.juddi.mapping.MappingModelToApi;
import org.apache.juddi.model.Publisher;
import org.apache.juddi.v3.auth.Authenticator;
import org.apache.juddi.v3.auth.AuthenticatorFactory;
import org.apache.juddi.v3.error.ErrorMessage;
import org.apache.juddi.v3.error.UnknownUserException;
/**
* This class implements the UDDI Security Service and basically handles all authentication requests
* for jUDDI. These authentication requests are routed to the appropriately configured
* authenticator for validation, then persisted in the database until they either
* expire or are discarded.
* @author <a href="mailto:jfaath@apache.org">Jeff Faath</a> (and many others)
*/
@WebService(serviceName="UDDISecurityService",
endpointInterface="org.uddi.v3_service.UDDISecurityPortType",
targetNamespace = "urn:uddi-org:api_v3_portType")
public class UDDISecurityImpl extends AuthenticatedService implements UDDISecurityPortType {
public static final String AUTH_TOKEN_PREFIX = "authtoken:";
private UDDIServiceCounter serviceCounter;
public UDDISecurityImpl() {
super();
serviceCounter = ServiceCounterLifecycleResource.getServiceCounter(UDDISecurityImpl.class);
}
/**
* used for unit tests only
* @param ctx
*/
protected UDDISecurityImpl(WebServiceContext ctx) {
super();
this.ctx = ctx;
serviceCounter = ServiceCounterLifecycleResource.getServiceCounter(UDDISecurityImpl.class);
}
public void discardAuthToken(DiscardAuthToken body)
throws DispositionReportFaultMessage {
long startTime = System.currentTimeMillis();
EntityManager em = PersistenceManager.getEntityManager();
EntityTransaction tx = em.getTransaction();
try {
tx.begin();
this.getEntityPublisher(em, body.getAuthInfo());
org.apache.juddi.model.AuthToken modelAuthToken = em.find(org.apache.juddi.model.AuthToken.class, body.getAuthInfo());
if (modelAuthToken != null) {
modelAuthToken.setLastUsed(new Date());
modelAuthToken.setNumberOfUses(modelAuthToken.getNumberOfUses() + 1);
modelAuthToken.setTokenState(AUTHTOKEN_RETIRED);
logger.info("AUDIT: AuthToken discarded for " + modelAuthToken.getAuthorizedName() + " from " + getRequestorsIPAddress());
}
tx.commit();
long procTime = System.currentTimeMillis() - startTime;
serviceCounter.update(SecurityQuery.DISCARD_AUTHTOKEN,
QueryStatus.SUCCESS, procTime);
} catch (DispositionReportFaultMessage drfm) {
logger.info("AUDIT: AuthToken discard request aborted, issued from " + getRequestorsIPAddress());
long procTime = System.currentTimeMillis() - startTime;
serviceCounter.update(SecurityQuery.DISCARD_AUTHTOKEN,
QueryStatus.FAILED, procTime);
throw drfm;
} finally {
if (tx.isActive()) {
tx.rollback();
}
em.close();
}
}
public AuthToken getAuthToken(GetAuthToken body)
throws DispositionReportFaultMessage {
logger.info("AUDIT: AuthToken request for " + body.getUserID() + " from " + getRequestorsIPAddress());
Authenticator authenticator = AuthenticatorFactory.getAuthenticator();
String publisherId = authenticator.authenticate(body.getUserID(), body.getCred());
return getAuthToken(publisherId);
}
public AuthToken getAuthToken(String publisherId) throws DispositionReportFaultMessage {
long startTime = System.currentTimeMillis();
if (publisherId == null || publisherId.length() == 0)
throw new UnknownUserException(new ErrorMessage("errors.auth.InvalidCredentials", publisherId));
EntityManager em = PersistenceManager.getEntityManager();
EntityTransaction tx = em.getTransaction();
try {
tx.begin();
//Check if this publisher exists
Publisher publisher = em.find(Publisher.class, publisherId);
if (publisher == null)
throw new UnknownUserException(new ErrorMessage("errors.auth.InvalidCredentials", publisherId));
// Generate auth token and store it!
String authInfo = AUTH_TOKEN_PREFIX + UUID.randomUUID();
org.apache.juddi.model.AuthToken modelAuthToken = new org.apache.juddi.model.AuthToken();
modelAuthToken.setAuthToken(authInfo);
modelAuthToken.setCreated(new Date());
modelAuthToken.setLastUsed(new Date());
modelAuthToken.setAuthorizedName(publisherId);
modelAuthToken.setNumberOfUses(0);
modelAuthToken.setTokenState(AUTHTOKEN_ACTIVE);
modelAuthToken.setIPAddress(this.getRequestorsIPAddress());
em.persist(modelAuthToken);
org.uddi.api_v3.AuthToken apiAuthToken = new org.uddi.api_v3.AuthToken();
MappingModelToApi.mapAuthToken(modelAuthToken, apiAuthToken);
tx.commit();
logger.info("AUDIT: AuthToken issued for " + modelAuthToken.getAuthorizedName() + " from " + getRequestorsIPAddress());
long procTime = System.currentTimeMillis() - startTime;
serviceCounter.update(SecurityQuery.GET_AUTHTOKEN,
QueryStatus.SUCCESS, procTime);
return apiAuthToken;
} catch (DispositionReportFaultMessage drfm) {
long procTime = System.currentTimeMillis() - startTime;
serviceCounter.update(SecurityQuery.GET_AUTHTOKEN,
QueryStatus.FAILED, procTime);
logger.info("AUDIT: AuthToken issue FAILED " + publisherId + " from " + getRequestorsIPAddress());
throw drfm;
} finally {
if (tx.isActive()) {
tx.rollback();
}
em.close();
}
}
}