View Javadoc
1   /*
2    * Copyright 2014 The Apache Software Foundation.
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    *      http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  package org.apache.juddi.v3.auth;
17  
18  import javax.persistence.EntityManager;
19  import javax.persistence.EntityTransaction;
20  import javax.servlet.http.HttpServletRequest;
21  import javax.xml.ws.WebServiceContext;
22  import javax.xml.ws.handler.MessageContext;
23  import org.apache.commons.logging.Log;
24  import org.apache.commons.logging.LogFactory;
25  import org.apache.juddi.config.AppConfig;
26  import org.apache.juddi.config.PersistenceManager;
27  import org.apache.juddi.config.Property;
28  import org.apache.juddi.model.Publisher;
29  import org.apache.juddi.model.UddiEntityPublisher;
30  import org.apache.juddi.v3.error.AuthenticationException;
31  import org.apache.juddi.v3.error.ErrorMessage;
32  import org.apache.juddi.v3.error.FatalErrorException;
33  import org.apache.juddi.v3.error.UnknownUserException;
34  
35  /**
36   * Authenticates via a trusted web proxy via an HTTP HEADER. <br>
37   * Examples:<ul>
38   * <li>via Apache HTTPD</li>
39   * <li>Bluecoat</li>
40   * <li>Reverse SSL Proxies</li>
41   * </ul>
42   * Requires the config setting:
43   * {@link Property#JUDDI_AUTHENTICATOR_HTTP_HEADER_NAME}
44   *
45   * @author Alex O'Ree
46   */
47  public class HTTPHeaderAuthenticator implements Authenticator {
48  
49          private Log log = LogFactory.getLog(this.getClass());
50  
51          @Override
52          public String authenticate(String authorizedName, String cred) throws AuthenticationException, FatalErrorException {
53                  throw new UnknownUserException(new ErrorMessage("errros.UnsupportedAuthenticator"));
54          }
55  
56          @Override
57          public UddiEntityPublisher identify(String notusedauthtoken, String notusedusername, WebServiceContext ctx) throws AuthenticationException, FatalErrorException {
58                  int MaxBindingsPerService = -1;
59                  int MaxServicesPerBusiness = -1;
60                  int MaxTmodels = -1;
61                  int MaxBusinesses = -1;
62                  String http_header_name = null;
63                  try {
64                          http_header_name = AppConfig.getConfiguration().getString(Property.JUDDI_AUTHENTICATOR_HTTP_HEADER_NAME);
65                          MaxBindingsPerService = AppConfig.getConfiguration().getInt(Property.JUDDI_MAX_BINDINGS_PER_SERVICE, -1);
66                          MaxServicesPerBusiness = AppConfig.getConfiguration().getInt(Property.JUDDI_MAX_SERVICES_PER_BUSINESS, -1);
67                          MaxTmodels = AppConfig.getConfiguration().getInt(Property.JUDDI_MAX_TMODELS_PER_PUBLISHER, -1);
68                          MaxBusinesses = AppConfig.getConfiguration().getInt(Property.JUDDI_MAX_BUSINESSES_PER_PUBLISHER, -1);
69                  } catch (Exception ex) {
70                          MaxBindingsPerService = -1;
71                          MaxServicesPerBusiness = -1;
72                          MaxTmodels = -1;
73                          MaxBusinesses = -1;
74                          log.error("config exception! ", ex);
75                  }
76                  if (http_header_name == null) {
77                          throw new UnknownUserException(new ErrorMessage("errors.auth.NoPublisher", "misconfiguration!"));
78                  }
79                  EntityManager em = PersistenceManager.getEntityManager();
80                  EntityTransaction tx = em.getTransaction();
81                  try {
82                          String user = null;
83  
84                          MessageContext mc = ctx.getMessageContext();
85                          HttpServletRequest req = null;
86                          if (mc != null) {
87                                  req = (HttpServletRequest) mc.get(MessageContext.SERVLET_REQUEST);
88                                  user = req.getHeader(http_header_name);
89                          }
90                          
91                          if (user == null || user.length() == 0) {
92                                  throw new UnknownUserException(new ErrorMessage("errors.auth.NoPublisher"));
93                          }
94                          tx.begin();
95                          Publisher publisher = em.find(Publisher.class, user);
96                          if (publisher == null) {
97                                  log.warn("Publisher \"" + user + "\" was not found in the database, adding the publisher in on the fly.");
98                                  publisher = new Publisher();
99                                  publisher.setAuthorizedName(user);
100                                 publisher.setIsAdmin("false");
101                                 publisher.setIsEnabled("true");
102                                 publisher.setMaxBindingsPerService(MaxBindingsPerService);
103                                 publisher.setMaxBusinesses(MaxBusinesses);
104                                 publisher.setMaxServicesPerBusiness(MaxServicesPerBusiness);
105                                 publisher.setMaxTmodels(MaxTmodels);
106                                 publisher.setPublisherName("Unknown");
107                                 em.persist(publisher);
108                                 tx.commit();
109                         }
110 
111                         return publisher;
112                 } finally {
113                         if (tx.isActive()) {
114                                 tx.rollback();
115                         }
116                         em.close();
117                 }
118         }
119 
120 }