View Javadoc
1   /*
2    * Copyright 2001-2008 The Apache Software Foundation.
3    * 
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    * 
8    *      http://www.apache.org/licenses/LICENSE-2.0
9    * 
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   *
16   */
17  
18  package org.apache.juddi.api.impl;
19  
20  import java.util.Date;
21  import java.util.UUID;
22  
23  import javax.jws.WebService;
24  import javax.persistence.EntityManager;
25  import javax.persistence.EntityTransaction;
26  import javax.xml.ws.WebServiceContext;
27  
28  import org.uddi.api_v3.AuthToken;
29  import org.uddi.api_v3.DiscardAuthToken;
30  import org.uddi.api_v3.GetAuthToken;
31  import org.uddi.v3_service.DispositionReportFaultMessage;
32  import org.uddi.v3_service.UDDISecurityPortType;
33  
34  import org.apache.juddi.api.util.QueryStatus;
35  import org.apache.juddi.api.util.SecurityQuery;
36  import org.apache.juddi.config.PersistenceManager;
37  import org.apache.juddi.mapping.MappingModelToApi;
38  import org.apache.juddi.model.Publisher;
39  import org.apache.juddi.v3.auth.Authenticator;
40  import org.apache.juddi.v3.auth.AuthenticatorFactory;
41  import org.apache.juddi.v3.error.ErrorMessage;
42  import org.apache.juddi.v3.error.UnknownUserException;
43  
44  /**
45   * This class implements the UDDI Security Service and basically handles all authentication requests
46   * for jUDDI. These authentication requests are routed to the appropriately configured
47   * authenticator for validation, then persisted in the database until they either
48   * expire or are discarded.
49   * @author <a href="mailto:jfaath@apache.org">Jeff Faath</a> (and many others)
50   */
51  @WebService(serviceName="UDDISecurityService", 
52  			endpointInterface="org.uddi.v3_service.UDDISecurityPortType",
53  			targetNamespace = "urn:uddi-org:api_v3_portType")
54  public class UDDISecurityImpl extends AuthenticatedService implements UDDISecurityPortType {
55  
56  	public static final String AUTH_TOKEN_PREFIX = "authtoken:";
57          private UDDIServiceCounter serviceCounter;
58  
59          public UDDISecurityImpl() {
60              super();
61              serviceCounter = ServiceCounterLifecycleResource.getServiceCounter(UDDISecurityImpl.class);
62          }
63          
64          /**
65           * used for unit tests only
66           * @param ctx 
67           */
68          protected UDDISecurityImpl(WebServiceContext ctx) {
69              super();
70              this.ctx = ctx;
71              serviceCounter = ServiceCounterLifecycleResource.getServiceCounter(UDDISecurityImpl.class);
72          }
73  	
74  	public void discardAuthToken(DiscardAuthToken body)
75  			throws DispositionReportFaultMessage {
76  	        long startTime = System.currentTimeMillis();
77  	    
78  		EntityManager em = PersistenceManager.getEntityManager();
79  		EntityTransaction tx = em.getTransaction();
80  		try {
81  			tx.begin();
82  			
83  			this.getEntityPublisher(em, body.getAuthInfo());
84  			
85  			org.apache.juddi.model.AuthToken modelAuthToken = em.find(org.apache.juddi.model.AuthToken.class, body.getAuthInfo());
86  			if (modelAuthToken != null) {
87  				modelAuthToken.setLastUsed(new Date());
88  				modelAuthToken.setNumberOfUses(modelAuthToken.getNumberOfUses() + 1);
89  				modelAuthToken.setTokenState(AUTHTOKEN_RETIRED);
90                                  logger.info("AUDIT: AuthToken discarded for " + modelAuthToken.getAuthorizedName() + " from " + getRequestorsIPAddress());
91  			}
92  	
93  			tx.commit();
94                          
95                          long procTime = System.currentTimeMillis() - startTime;
96                          serviceCounter.update(SecurityQuery.DISCARD_AUTHTOKEN, 
97                                  QueryStatus.SUCCESS, procTime);
98                  } catch (DispositionReportFaultMessage drfm) {
99                      logger.info("AUDIT: AuthToken discard request aborted, issued from " + getRequestorsIPAddress());
100                     long procTime = System.currentTimeMillis() - startTime;
101                     serviceCounter.update(SecurityQuery.DISCARD_AUTHTOKEN, 
102                             QueryStatus.FAILED, procTime);                      
103                     throw drfm;                                                                                                 
104 		} finally {
105 			if (tx.isActive()) {
106 				tx.rollback();
107 			}
108 			em.close();
109 		}
110 	}
111 
112 
113 	public AuthToken getAuthToken(GetAuthToken body)
114 			throws DispositionReportFaultMessage {
115             
116                 logger.info("AUDIT: AuthToken request for " + body.getUserID() + " from " + getRequestorsIPAddress());
117 		Authenticator authenticator = AuthenticatorFactory.getAuthenticator();
118 		
119 		String publisherId = authenticator.authenticate(body.getUserID(), body.getCred());
120 		
121 		return getAuthToken(publisherId);
122 	}
123 	
124 	public AuthToken getAuthToken(String publisherId) throws DispositionReportFaultMessage {
125 	        long startTime = System.currentTimeMillis();
126 
127 		if (publisherId == null || publisherId.length() == 0)
128 			throw new UnknownUserException(new ErrorMessage("errors.auth.InvalidCredentials", publisherId));
129 
130 		EntityManager em = PersistenceManager.getEntityManager();
131 		EntityTransaction tx = em.getTransaction();
132 		try {
133 			tx.begin();
134 			//Check if this publisher exists 
135 			Publisher publisher = em.find(Publisher.class, publisherId);
136 			if (publisher == null)
137 				throw new UnknownUserException(new ErrorMessage("errors.auth.InvalidCredentials", publisherId));
138 
139 			// Generate auth token and store it!
140 			String authInfo = AUTH_TOKEN_PREFIX + UUID.randomUUID();
141 			org.apache.juddi.model.AuthToken modelAuthToken = new org.apache.juddi.model.AuthToken();
142                         modelAuthToken.setAuthToken(authInfo);
143                         modelAuthToken.setCreated(new Date());
144                         modelAuthToken.setLastUsed(new Date());
145                         modelAuthToken.setAuthorizedName(publisherId);
146                         modelAuthToken.setNumberOfUses(0);
147                         modelAuthToken.setTokenState(AUTHTOKEN_ACTIVE);
148                         modelAuthToken.setIPAddress(this.getRequestorsIPAddress());
149                         em.persist(modelAuthToken);
150 
151 			org.uddi.api_v3.AuthToken apiAuthToken = new org.uddi.api_v3.AuthToken();
152 
153 			MappingModelToApi.mapAuthToken(modelAuthToken, apiAuthToken);
154 
155 			tx.commit();
156                         logger.info("AUDIT: AuthToken issued for " + modelAuthToken.getAuthorizedName() + " from " + getRequestorsIPAddress());
157 	                long procTime = System.currentTimeMillis() - startTime;
158 	                serviceCounter.update(SecurityQuery.GET_AUTHTOKEN, 
159 	                        QueryStatus.SUCCESS, procTime);
160 
161 			return apiAuthToken;
162                 } catch (DispositionReportFaultMessage drfm) {
163                     long procTime = System.currentTimeMillis() - startTime;
164                     serviceCounter.update(SecurityQuery.GET_AUTHTOKEN, 
165                             QueryStatus.FAILED, procTime);                      
166                     logger.info("AUDIT: AuthToken issue FAILED " + publisherId + " from " + getRequestorsIPAddress());
167                     throw drfm;                                                                                                 
168 		} finally {
169 			if (tx.isActive()) {
170 				tx.rollback();
171 			}
172 			em.close();
173 		}
174 	}
175 }