teichmann@5861: /* Copyright (C) 2011, 2012, 2013 by Bundesanstalt für Gewässerkunde teichmann@5861: * Software engineering by Intevation GmbH teichmann@5861: * teichmann@5993: * This file is Free Software under the GNU AGPL (>=v3) teichmann@5861: * and comes with ABSOLUTELY NO WARRANTY! Check out the teichmann@5993: * documentation coming with Dive4Elements River for details. teichmann@5861: */ teichmann@5861: teichmann@5835: package org.dive4elements.river.client.server.auth.was; bjoern@2956: bjoern@2956: import java.io.IOException; bjoern@2956: import java.security.GeneralSecurityException; bh@5933: import javax.servlet.ServletContext; bjoern@2956: bjoern@2956: import org.apache.http.HttpEntity; bjoern@2956: import org.apache.http.HttpResponse; bjoern@4488: import org.apache.http.StatusLine; bjoern@2956: import org.apache.http.client.HttpClient; bjoern@2956: import org.apache.http.conn.scheme.Scheme; bjoern@2956: import org.apache.http.conn.ssl.SSLSocketFactory; bjoern@2956: import org.apache.http.impl.client.DefaultHttpClient; bjoern@2956: teichmann@5835: import org.dive4elements.river.client.server.GGInATrustStrategy; teichmann@5835: import org.dive4elements.river.client.server.auth.Authentication; teichmann@5835: import org.dive4elements.river.client.server.auth.AuthenticationException; teichmann@5835: import org.dive4elements.river.client.server.features.Features; bjoern@2956: bjoern@3486: public class Authenticator teichmann@5835: implements org.dive4elements.river.client.server.auth.Authenticator { bjoern@2956: bjoern@3485: @Override bjoern@3486: public Authentication auth( bjoern@3486: String username, bjoern@3486: String password, bjoern@3486: String encoding, bh@5933: Features features, bh@5933: ServletContext context bjoern@3486: ) throws bjoern@3486: AuthenticationException, bjoern@3486: IOException bjoern@3486: { bjoern@2956: try { bjoern@2956: SSLSocketFactory sf = new SSLSocketFactory( bjoern@2956: new GGInATrustStrategy()); bjoern@2956: Scheme https = new Scheme("https", 443, sf); bjoern@2956: HttpClient httpclient = new DefaultHttpClient(); bjoern@3486: httpclient.getConnectionManager().getSchemeRegistry().register( bjoern@3486: https); bjoern@2956: bjoern@2956: Request httpget = new Request("https://geoportal.bafg.de/" + bjoern@2956: "administration/WAS", username, password, encoding); bjoern@2956: HttpResponse response = httpclient.execute(httpget); bjoern@4488: StatusLine stline = response.getStatusLine(); bjoern@4488: if (stline.getStatusCode() != 200) { bjoern@4488: throw new AuthenticationException("GGInA Server Error. " + bjoern@4488: "Statuscode: " + stline.getStatusCode() + bjoern@4488: ". Reason: " + stline.getReasonPhrase()); bjoern@4488: } bjoern@2956: HttpEntity entity = response.getEntity(); bjoern@2956: if (entity == null) { bjoern@2956: //FIXME throw AuthenticationException bjoern@2956: return null; bjoern@2956: } bjoern@2956: else { bh@5943: String trustedKey = bh@5943: (String)context.getInitParameter("saml-trusted-public-key"); tom@8839: String timeEpsilon = context.getInitParameter( tom@8839: "saml-time-tolerance"); bh@5943: return new Response(entity, username, password, features, tom@8839: context.getRealPath(trustedKey), timeEpsilon); bjoern@2956: } bjoern@2956: } bjoern@2956: catch(GeneralSecurityException e) { bjoern@2956: throw new AuthenticationException(e); bjoern@2956: } bjoern@2956: } bjoern@2956: }