org.viafirma.conector.security.SecurityServiceWebHandler.java Source code

Java tutorial

  1. HOME
  2. Java
  3. org.viafirma.conector.security.SecurityServiceWebHandler.java

Introduction

Here is the source code for org.viafirma.conector.security.SecurityServiceWebHandler.java

Source

/* Copyright (C) 2007 Flix Garca Borrego (borrego at gmail.com)
     
 This library is free software; you can redistribute it and/or
 modify it under the terms of the GNU Library General Public
 License as published by the Free Software Foundation; either
 version 2 of the License, or (at your option) any later version.
     
 This library is distributed in the hope that it will be useful,
 but WITHOUT ANY WARRANTY; without even the implied warranty of
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 Library General Public License for more details.
     
 You should have received a copy of the GNU Library General Public
 License along with this library; if not, write to the Free
 Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
 MA 02111-1307, USA 
 */
package org.viafirma.conector.security;

import java.util.LinkedList;
import java.util.List;
import java.util.Set;

import javax.servlet.ServletContext;
import javax.servlet.ServletRequest;
import javax.xml.namespace.QName;
import javax.xml.ws.WebServiceException;
import javax.xml.ws.handler.MessageContext;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.viafirma.util.Constantes;

import com.sun.xml.ws.api.handler.MessageHandler;
import com.sun.xml.ws.api.handler.MessageHandlerContext;

/**
 * Preprocesado de todas las peticiones Soap JAX-WS 2.x
 * 
 * @author Felix Garcia Borrego (borrego at gmail.com)
 * @author Alexis Castilla Armero (pencerval at gmail.com)
 * 
 */
public class SecurityServiceWebHandler implements MessageHandler<MessageHandlerContext> {

    private List<String> ipsAllowedList;

    private static Log log = LogFactory.getLog(SecurityServiceWebHandler.class);

    /*
     * (non-Javadoc)
     * 
     * @see com.sun.xml.ws.api.handler.MessageHandler#getHeaders()
     */
    public Set<QName> getHeaders() {
        // TODO Auto-generated method stub
        return null;
    }

    /*
     * (non-Javadoc)
     * 
     * @see
     * javax.xml.ws.handler.Handler#close(javax.xml.ws.handler.MessageContext)
     */
    public void close(MessageContext context) {
        // TODO Auto-generated method stub

    }

    /*
     * (non-Javadoc)
     * 
     * @see
     * javax.xml.ws.handler.Handler#handleFault(javax.xml.ws.handler.MessageContext
     * )
     */
    public boolean handleFault(MessageHandlerContext context) {
        // TODO Auto-generated method stub
        return true;
    }

    /**
     * Comprueba que las ips que acceden a la aplicacin son efectivamente ip
     * permitidas.
     * 
     * @see javax.xml.ws.handler.Handler#handleMessage(javax.xml.ws.handler.MessageContext)
     */
    public boolean handleMessage(MessageHandlerContext context) {
        ServletRequest servletRequest = ((ServletRequest) context.get(MessageContext.SERVLET_REQUEST));
        String remoteAddres = servletRequest.getRemoteAddr();
        if (ipsAllowedList == null) {
            ipCacheMaker(context, servletRequest);
        }
        String auxRemoteAddres = "";
        String auxIpAllowed = "";
        boolean allow = false;
        for (String ipAllowed : ipsAllowedList) {
            if (ipAllowed.contains("*") && allow == false) {
                int astPosition = ipAllowed.indexOf("*");
                auxRemoteAddres = remoteAddres.substring(0, astPosition);
                auxIpAllowed = ipAllowed.substring(0, astPosition);
                if (auxIpAllowed.equals(auxRemoteAddres)) {
                    if (log.isInfoEnabled())
                        log.info("Servicio Web solicitado desde ip: " + remoteAddres);
                    allow = true;
                }
            } else {
                if (ipAllowed.equals(remoteAddres) && allow == false) {
                    if (log.isInfoEnabled())
                        log.info("Servicio Web solicitado desde ip: " + remoteAddres);
                    allow = true;
                }
            }
        }
        if (!allow) {
            log.error("Acceso denegado. La ip " + remoteAddres + " no tiene permiso para acceder a los WS.");
            throw new WebServiceException(
                    "Acceso denegado. La ip " + remoteAddres + " no tiene permiso para acceder a los WS.");
        }

        return true;

    }

    private void ipCacheMaker(MessageHandlerContext context, ServletRequest servletRequest) {
        ipsAllowedList = new LinkedList<String>();
        ServletContext servletContext = ((ServletContext) context.get(MessageContext.SERVLET_CONTEXT));
        String allowed = (String) servletContext.getAttribute(Constantes.PARAM_ALLOWED);
        allowed = allowed.trim();
        int position;
        while (allowed.contains(",")) {
            position = allowed.indexOf(",");
            this.ipsAllowedList.add(allowed.substring(0, position));
            allowed = allowed.substring(position + 1);
            allowed = allowed.trim();
        }
        ipsAllowedList.add(allowed);
    }
}