/* | |
* Copyright 2001-2008 The Apache Software Foundation. | |
* | |
* Licensed under the Apache License, Version 2.0 (the "License"); | |
* you may not use this file except in compliance with the License. | |
* You may obtain a copy of the License at | |
* | |
* http://www.apache.org/licenses/LICENSE-2.0 | |
* | |
* Unless required by applicable law or agreed to in writing, software | |
* distributed under the License is distributed on an "AS IS" BASIS, | |
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
* See the License for the specific language governing permissions and | |
* limitations under the License. | |
* | |
*/ | |
package org.apache.juddi.api.impl; | |
import java.util.Date; | |
import java.util.UUID; | |
import javax.jws.WebService; | |
import javax.persistence.EntityManager; | |
import javax.persistence.EntityTransaction; | |
import javax.xml.ws.WebServiceContext; | |
import org.uddi.api_v3.AuthToken; | |
import org.uddi.api_v3.DiscardAuthToken; | |
import org.uddi.api_v3.GetAuthToken; | |
import org.uddi.v3_service.DispositionReportFaultMessage; | |
import org.uddi.v3_service.UDDISecurityPortType; | |
import org.apache.juddi.api.util.QueryStatus; | |
import org.apache.juddi.api.util.SecurityQuery; | |
import org.apache.juddi.config.PersistenceManager; | |
import org.apache.juddi.mapping.MappingModelToApi; | |
import org.apache.juddi.model.Publisher; | |
import org.apache.juddi.v3.auth.Authenticator; | |
import org.apache.juddi.v3.auth.AuthenticatorFactory; | |
import org.apache.juddi.v3.error.ErrorMessage; | |
import org.apache.juddi.v3.error.UnknownUserException; | |
/** | |
* This class implements the UDDI Security Service and basically handles all authentication requests | |
* for jUDDI. These authentication requests are routed to the appropriately configured | |
* authenticator for validation, then persisted in the database until they either | |
* expire or are discarded. | |
* @author <a href="mailto:jfaath@apache.org">Jeff Faath</a> (and many others) | |
*/ | |
@WebService(serviceName="UDDISecurityService", | |
endpointInterface="org.uddi.v3_service.UDDISecurityPortType", | |
targetNamespace = "urn:uddi-org:api_v3_portType") | |
public class UDDISecurityImpl extends AuthenticatedService implements UDDISecurityPortType { | |
public static final String AUTH_TOKEN_PREFIX = "authtoken:"; | |
private UDDIServiceCounter serviceCounter; | |
public UDDISecurityImpl() { | |
super(); | |
serviceCounter = ServiceCounterLifecycleResource.getServiceCounter(UDDISecurityImpl.class); | |
} | |
/** | |
* used for unit tests only | |
* @param ctx | |
*/ | |
protected UDDISecurityImpl(WebServiceContext ctx) { | |
super(); | |
this.ctx = ctx; | |
serviceCounter = ServiceCounterLifecycleResource.getServiceCounter(UDDISecurityImpl.class); | |
} | |
public void discardAuthToken(DiscardAuthToken body) | |
throws DispositionReportFaultMessage { | |
long startTime = System.currentTimeMillis(); | |
EntityManager em = PersistenceManager.getEntityManager(); | |
EntityTransaction tx = em.getTransaction(); | |
try { | |
tx.begin(); | |
this.getEntityPublisher(em, body.getAuthInfo()); | |
org.apache.juddi.model.AuthToken modelAuthToken = em.find(org.apache.juddi.model.AuthToken.class, body.getAuthInfo()); | |
if (modelAuthToken != null) { | |
modelAuthToken.setLastUsed(new Date()); | |
modelAuthToken.setNumberOfUses(modelAuthToken.getNumberOfUses() + 1); | |
modelAuthToken.setTokenState(AUTHTOKEN_RETIRED); | |
logger.info("AUDIT: AuthToken discarded for " + modelAuthToken.getAuthorizedName() + " from " + getRequestorsIPAddress()); | |
} | |
tx.commit(); | |
long procTime = System.currentTimeMillis() - startTime; | |
serviceCounter.update(SecurityQuery.DISCARD_AUTHTOKEN, | |
QueryStatus.SUCCESS, procTime); | |
} catch (DispositionReportFaultMessage drfm) { | |
logger.info("AUDIT: AuthToken discard request aborted, issued from " + getRequestorsIPAddress()); | |
long procTime = System.currentTimeMillis() - startTime; | |
serviceCounter.update(SecurityQuery.DISCARD_AUTHTOKEN, | |
QueryStatus.FAILED, procTime); | |
throw drfm; | |
} finally { | |
if (tx.isActive()) { | |
tx.rollback(); | |
} | |
em.close(); | |
} | |
} | |
public AuthToken getAuthToken(GetAuthToken body) | |
throws DispositionReportFaultMessage { | |
logger.info("AUDIT: AuthToken request for " + body.getUserID() + " from " + getRequestorsIPAddress()); | |
Authenticator authenticator = AuthenticatorFactory.getAuthenticator(); | |
String publisherId = authenticator.authenticate(body.getUserID(), body.getCred()); | |
return getAuthToken(publisherId); | |
} | |
public AuthToken getAuthToken(String publisherId) throws DispositionReportFaultMessage { | |
long startTime = System.currentTimeMillis(); | |
if (publisherId == null || publisherId.length() == 0) | |
throw new UnknownUserException(new ErrorMessage("errors.auth.InvalidCredentials", publisherId)); | |
EntityManager em = PersistenceManager.getEntityManager(); | |
EntityTransaction tx = em.getTransaction(); | |
try { | |
tx.begin(); | |
//Check if this publisher exists | |
Publisher publisher = em.find(Publisher.class, publisherId); | |
if (publisher == null) | |
throw new UnknownUserException(new ErrorMessage("errors.auth.InvalidCredentials", publisherId)); | |
// Generate auth token and store it! | |
String authInfo = AUTH_TOKEN_PREFIX + UUID.randomUUID(); | |
org.apache.juddi.model.AuthToken modelAuthToken = new org.apache.juddi.model.AuthToken(); | |
modelAuthToken.setAuthToken(authInfo); | |
modelAuthToken.setCreated(new Date()); | |
modelAuthToken.setLastUsed(new Date()); | |
modelAuthToken.setAuthorizedName(publisherId); | |
modelAuthToken.setNumberOfUses(0); | |
modelAuthToken.setTokenState(AUTHTOKEN_ACTIVE); | |
modelAuthToken.setIPAddress(this.getRequestorsIPAddress()); | |
em.persist(modelAuthToken); | |
org.uddi.api_v3.AuthToken apiAuthToken = new org.uddi.api_v3.AuthToken(); | |
MappingModelToApi.mapAuthToken(modelAuthToken, apiAuthToken); | |
tx.commit(); | |
logger.info("AUDIT: AuthToken issued for " + modelAuthToken.getAuthorizedName() + " from " + getRequestorsIPAddress()); | |
long procTime = System.currentTimeMillis() - startTime; | |
serviceCounter.update(SecurityQuery.GET_AUTHTOKEN, | |
QueryStatus.SUCCESS, procTime); | |
return apiAuthToken; | |
} catch (DispositionReportFaultMessage drfm) { | |
long procTime = System.currentTimeMillis() - startTime; | |
serviceCounter.update(SecurityQuery.GET_AUTHTOKEN, | |
QueryStatus.FAILED, procTime); | |
logger.info("AUDIT: AuthToken issue FAILED " + publisherId + " from " + getRequestorsIPAddress()); | |
throw drfm; | |
} finally { | |
if (tx.isActive()) { | |
tx.rollback(); | |
} | |
em.close(); | |
} | |
} | |
} |