Mercurial > dive4elements > river

view gwt-client/src/main/java/org/dive4elements/river/client/server/auth/was/Authenticator.java @ 9648:c5a496bf1b0b

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Fixed: Duplizieren einer Fixierungsanalyse schlägt fehl.
author Gernot Belger <g.belger@bjoernsen.de>
date Wed, 04 Dec 2019 16:10:28 +0100
parents bc50ecfc58c5
children 295b3cb5ebc8
line wrap: on
line source
/* Copyright (C) 2011, 2012, 2013 by Bundesanstalt für Gewässerkunde
 * Software engineering by Intevation GmbH
 *
 * This file is Free Software under the GNU AGPL (>=v3)
 * and comes with ABSOLUTELY NO WARRANTY! Check out the
 * documentation coming with Dive4Elements River for details.
 */

package org.dive4elements.river.client.server.auth.was;

import java.io.IOException;
import java.security.GeneralSecurityException;
import javax.servlet.ServletContext;

import org.apache.http.HttpEntity;
import org.apache.http.HttpHost;
import org.apache.http.HttpResponse;
import org.apache.http.StatusLine;
import org.apache.http.client.HttpClient;
import org.apache.http.conn.params.ConnRoutePNames;
import org.apache.http.conn.scheme.Scheme;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.impl.client.DefaultHttpClient;

import org.dive4elements.river.client.server.GGInATrustStrategy;
import org.dive4elements.river.client.server.auth.Authentication;
import org.dive4elements.river.client.server.auth.AuthenticationException;
import org.dive4elements.river.client.server.features.Features;

public class Authenticator
implements org.dive4elements.river.client.server.auth.Authenticator {

    @Override
    public Authentication auth(
        String username,
        String password,
        String encoding,
        Features features,
        ServletContext context
    ) throws
        AuthenticationException,
        IOException
    {
            try {
                SSLSocketFactory sf = new SSLSocketFactory(
                        new GGInATrustStrategy());
                Scheme https = new Scheme("https", 443, sf);
                HttpClient httpclient = new DefaultHttpClient();
                httpclient.getConnectionManager().getSchemeRegistry().register(
                        https);

                HttpHost proxy = new HttpHost("proxy.bce01.de",8080);
                httpclient.getParams().setParameter(ConnRoutePNames.DEFAULT_PROXY,proxy);
                
                Request httpget = new Request("https://geoportal.bafg.de/" +
                        "administration/WAS", username, password, encoding);
                HttpResponse response = httpclient.execute(httpget);
                StatusLine stline = response.getStatusLine();
                if (stline.getStatusCode() != 200) {
                    throw new AuthenticationException("GGInA Server Error. " +
                            "Statuscode: " + stline.getStatusCode() +
                            ". Reason: " + stline.getReasonPhrase());
                }
                HttpEntity entity = response.getEntity();
                if (entity == null) {
                    //FIXME throw AuthenticationException
                    return null;
                }
                else {
                    String trustedKey =
                    (String)context.getInitParameter("saml-trusted-public-key");
                    String timeEpsilon = context.getInitParameter(
                        "saml-time-tolerance");
                    return new Response(entity, password, features,
                        context.getRealPath(trustedKey), timeEpsilon);
                }
            }
            catch(GeneralSecurityException e) {
                throw new AuthenticationException(e);
            }
    }
}
http://dive4elements.wald.intevation.org