Mercurial > hg > MetaDataManagerRestlet

view src/de/mpiwg/itgroup/metaDataManagerRestlet/RestServer.java @ 5:a59be29f06c8

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
cone
author dwinter
date Mon, 02 Jan 2012 18:12:57 +0100
parents aae47a713589
children
line wrap: on
line source

package de.mpiwg.itgroup.metaDataManagerRestlet;

import java.net.URI;
import java.net.URISyntaxException;

import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.Configuration;

import org.apache.log4j.BasicConfigurator;
import org.apache.log4j.Level;
import org.apache.log4j.Logger;
import org.restlet.Application;
import org.restlet.Context;
import org.restlet.Request;
import org.restlet.Response;
import org.restlet.Restlet;
import org.restlet.data.ChallengeScheme;
import org.restlet.ext.jaas.JaasVerifier;
import org.restlet.routing.Router;
import org.restlet.routing.Template;
import org.restlet.routing.TemplateRoute;
import org.restlet.security.ChallengeAuthenticator;

import com.sun.security.auth.login.ConfigFile;

import de.mpiwg.itgroup.metaDataManagerRestlet.pid.PIDcreator;
import de.mpiwg.itgroup.metaDataManagerRestlet.ui.GeneralInfo;
import de.mpiwg.itgroup.metaDataManagerRestlet.ui.SearchPersons;
import de.mpiwg.itgroup.metadataManager.indexMeta.server.IndexMetaProvider;
import de.mpiwg.itgroup.nimanager.cone.Mail2ConeService;
import de.mpiwg.itgroup.nimanager.edit.Editor;
import de.mpiwg.itgroup.nimanager.persons.PersonByNameService;
import de.mpiwg.itgroup.nimanager.persons.PersonByIDService;
import de.mpiwg.itgroup.nimanager.persons.PersonListService;
//import de.mpiwg.itgroup.nimanager.persons.PersonService;
import de.mpiwg.itgroup.nimanager.persons.PersonService;



public class RestServer extends Application {

	public RestServer(Context parentContext){
		super(parentContext);
		
		Logger rl = Logger.getRootLogger();
		BasicConfigurator.configure();
		rl.setLevel(Level.DEBUG);
		
		
	}
	
	
	private ChallengeAuthenticator authenticator;
	private CallbackHandler callbackHandler;

    /** Erzeuge einen Authenticator
     * @return
     */
    private ChallengeAuthenticator createAuthenticator() {
        Context context = getContext();
        boolean optional = true;
        ChallengeScheme challengeScheme = ChallengeScheme.HTTP_BASIC;
        String realm = "Annotation Service";

        JaasVerifier verifier = new JaasVerifier("BasicJaasAuthenticationApplication");
        //JaasVerifier verifier = new JaasVerifier("DummyAuthentication");
       
        Configuration jaasConfig;
        jaasConfig = createConfiguration();
        
        
		verifier.setConfiguration(jaasConfig);
        verifier.setUserPrincipalClassName("com.sun.security.auth.UserPrincipal");
        
        ChallengeAuthenticator auth = new ChallengeAuthenticator(context, optional, challengeScheme, realm, verifier) {
            @Override
            protected boolean authenticate(Request request, Response response) {
                if (request.getChallengeResponse() == null) {
                    return false;
                } else {
                    return super.authenticate(request, response);
                }
            }
        };

        return auth;
    }

	/**
	 * Konfiguration für den Authentificator in Jaas. Pfad zum JAAS-Konfigurationsfile liegt im Context-Parameter 
	 * "de.mpiwg.itgroup.annotationManager.jaas.configFilePath".
	 * @return
	 */
	protected Configuration createConfiguration() {
		Configuration jaasConfig;
		URI confUri;
	
		Context context = getContext();
		String configFilePath = context.getParameters().getFirstValue("de.mpiwg.itgroup.jaas.configFilePath");
		
		
		try {
			confUri = new URI(configFilePath);
		} catch (URISyntaxException e) {
			e.printStackTrace();
			confUri = null;
		}
		
		jaasConfig= new ConfigFile(confUri);
		return jaasConfig;
	}
	
	
	
	
	
	public synchronized Restlet createInboundRoot(){
		this.authenticator = createAuthenticator();

		Router router = new Router(getContext());
		
		router.attach("/",GeneralInfo.class);
		router.attach("/PID",PIDcreator.class);
		router.attach("/searchPersons",SearchPersons.class);
		router.attach("/person/name/{name}",PersonByNameService.class);
		router.attach("/persons",PersonListService.class);
		router.attach("/person/id/{personId}",PersonService.class);
		router.attach("/person/id/{personId}/{graphId}",PersonService.class);
		router.attach("/ids",PersonByIDService.class);
		router.attach("/edit",Editor.class);
		router.attach("/cone/{personId}",Mail2ConeService.class);
		TemplateRoute route = router.attach("/indexMeta", IndexMetaProvider.class);
		route.setMatchingMode(Template.MODE_STARTS_WITH);
		
		authenticator.setNext(router);
	    return authenticator;


		
	}
	
	 /**
	  * Authentifiziere den Benutzer aus dem Request (BasicAuthenfication)
	 * @param request
	 * @param response
	 * @return
	 */
	public boolean authenticate(Request request, Response response) {
	        if (!request.getClientInfo().isAuthenticated()) {
	            authenticator.challenge(response, false);
	            return false;
	        }
	 
	        if(request.getClientInfo().getUser()==null) //FIXME sometimes ist authenticated true, but no user
	        {
	        	authenticator.challenge(response, false);
	            return false;
	        }
	        
	        
	        return true;
	    }

}