[Mapbender-commits] r2334 - in branches/nimix_dev: http/classes
http/php owsproxy/http
svn_mapbender at osgeo.org
svn_mapbender at osgeo.org
Thu Apr 3 11:14:36 EDT 2008
Author: nimix
Date: 2008-04-03 11:14:35 -0400 (Thu, 03 Apr 2008)
New Revision: 2334
Modified:
branches/nimix_dev/http/classes/class_connector.php
branches/nimix_dev/http/classes/class_wms.php
branches/nimix_dev/http/php/mod_loadCapabilities.php
branches/nimix_dev/http/php/mod_loadwms.php
branches/nimix_dev/http/php/mod_updateWMS.php
branches/nimix_dev/owsproxy/http/index.php
Log:
add capability to handle ssl conntions with client certificate
Modified: branches/nimix_dev/http/classes/class_connector.php
===================================================================
--- branches/nimix_dev/http/classes/class_connector.php 2008-04-03 15:10:00 UTC (rev 2333)
+++ branches/nimix_dev/http/classes/class_connector.php 2008-04-03 15:14:35 UTC (rev 2334)
@@ -32,18 +32,20 @@
var $file;
private $connectionType;
- private $httpType = "get";
+ private $httpType = "GET";
private $httpVersion = "1.0";
private $httpPostData;
private $httpContentType;
-
+ private $httpsCertificateFile = "";
+ private $httpsPassphrase = "";
/**
* @constructor
* @param String url the URL that will be loaded (optional)
*/
- public function __construct($url){
+ public function __construct($url=""){
$this->set("connectionType", CONNECTION);
- if ($url) {
+
+ if ($url&&$url!=="") {
$this->load($url);
}
}
@@ -53,13 +55,13 @@
*/
public function load($url) {
switch ($this->connectionType) {
- case "curl":
+ case "CURL":
$this->file = $this->getCURL($url);
break;
- case "http":
+ case "HTTP":
$this->file = $this->getHTTP($url);
break;
- case "socket":
+ case "SOCKET":
$this->file = $this->getSOCKET($url);
break;
}
@@ -80,7 +82,7 @@
switch ($key) {
case "connectionType":
if ($this->isValidConnectionType($value)) {
- $this->connectionType = $value;
+ $this->connectionType = mb_strtoupper($value);
}
break;
@@ -95,7 +97,7 @@
case "httpType":
if (in_array(mb_strtoupper($value), array("POST", "GET"))) {
- $this->httpType = $value;
+ $this->httpType = mb_strtoupper($value);
}
else {
$e = new mb_exception("class_connector.php: invalid http type '" . $value . "'");
@@ -111,6 +113,12 @@
$this->httpContentType = $value;
}
break;
+ case "certificateFile":
+ if(file_exists($value))
+ $this->httpsCertificateFile = $value;
+ break;
+ case "certificatePassphrase":
+ $this->httpsPassphrase = $value;
}
}
@@ -150,6 +158,13 @@
if(CONNECTION_PASSWORD != ""){
curl_setopt ($ch, CURLOPT_PROXYUSERPWD, CONNECTION_USER.':'.CONNECTION_PASSWORD);
}
+ //TODO test curl connection with certificate
+ if($this->httpsCertificateFile !== ""){
+ curl_setopt ($ch, CURLOPT_SSLCERT, $this->httpsCertificateFile);
+ }
+ if($this->httpsPassphrase !== ""){
+ curl_setopt ($ch, CURLOPT_SSLCERTPASSWD, $this->httpsPassphrase);
+ }
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
$file = curl_exec ($ch);
curl_close ($ch);
@@ -158,7 +173,34 @@
}
private function getHTTP($url){
- if ($this->httpType == "get") {
+ if($this->httpsCertificateFile !== "" && $this->httpsPassphrase !== ""){
+ $opts = Array();
+ $opts['http']['method'] = $this->httpType;
+
+ if($this->httpType == "POST"){
+ //TODO test post connection
+ $urlComponentArray = parse_url($url);
+ $host = $urlComponentArray["host"];
+ $path = $urlComponentArray["path"];
+
+ $header .= "Host: $host\\r\\n";
+ if ($this->isValidHttpContentType($this->httpContentType)) {
+ $header .= "Content-type: " . $this->httpContentType . "\r\n";
+ }
+ $header .= "Content-length: " . strlen($this->httpPostData) . "\r\n";
+ $header .= "Connection: close\r\n\r\n";
+
+ $opts['http']['header'] = $header;
+ $opts['http']['content'] = $this->httpPostData;
+ }
+ $opts['ssl']['local_cert'] = $this->httpsCertificateFile;
+ $opts['ssl']['passphrase'] = $this->httpsPassphrase;
+
+ $context = stream_context_create($opts);
+
+ return @file_get_contents($url, false, $context);
+ }
+ if ($this->httpType == "GET") {
return @file_get_contents($url);
}
else {
@@ -195,6 +237,18 @@
}
private function getSOCKET($url){
+ if($this->httpsCertificateFile !== "" && $this->httpsPassphrase !== ""){
+ //TODO test this connection type!!!
+ $opts = array();
+ $opts['socket']['bindto'] = CONNECTION_PROXY.':'.CONNECTION_PORT;
+ $opts['ssl']['local_cert'] = $this->httpsCertificateFile;
+ $opts['ssl']['passphrase'] = $this->httpsPassphrase;
+
+ $context = stream_context_create($opts);
+
+ return @file_get_contents($url, false, $context);
+ }
+
$r = "";
$fp = fsockopen (CONNECTION_PROXY, CONNECTION_PORT, $errno, $errstr, 30);
if (!$fp) {
Modified: branches/nimix_dev/http/classes/class_wms.php
===================================================================
--- branches/nimix_dev/http/classes/class_wms.php 2008-04-03 15:10:00 UTC (rev 2333)
+++ branches/nimix_dev/http/classes/class_wms.php 2008-04-03 15:14:35 UTC (rev 2334)
@@ -39,6 +39,8 @@
var $wms_getfeatureinfo;
var $wms_getlegendurl;
var $wms_upload_url;
+ var $wms_certificateFile;
+ var $wms_certificatePassphrase;
var $fees;
var $accessconstraints;
@@ -76,9 +78,15 @@
function wms() {
}
- function createObjFromXML($url){
+ function createObjFromXML($url, $cert = "", $pass = ""){
- $x = new connector($url);
+ $x = new connector();
+ if($cert!=="")
+ $x->set("certificateFile", $cert);
+ if($pass!=="")
+ $x->set("certificatePassphrase", $pass);
+
+ $x->load($url);
$data = $x->file;
if(!$data){
@@ -94,6 +102,8 @@
$admin = new administration();
$this->wms_getcapabilities_doc = $admin->char_encode($data);
$this->wms_upload_url = $url;
+ $this->wms_certificateFile = $cert;
+ $this->wms_certificatePassphrase = $pass;
$this->wms_id = "";
$parser = xml_parser_create("");
@@ -884,16 +894,16 @@
$sql .= "accessconstraints, contactperson, contactposition, contactorganization, address, city, ";
$sql .= "stateorprovince, postcode, country, contactvoicetelephone, contactfacsimiletelephone, contactelectronicmailaddress, ";
$sql .= "wms_owner,wms_timestamp, ";
- $sql .= "wms_supportsld, wms_userlayer, wms_userstyle, wms_remotewfs) ";
- $sql .= "VALUES($1,$2,$3,$4,$5,$6,$7,$8,$9,$10,$11,$12,$13,$14,$15,$16,$17,$18,$19,$20,$21,$22,$23,$24,$25,$26,$27,$28)";
+ $sql .= "wms_supportsld, wms_userlayer, wms_userstyle, wms_remotewfs, wms_certificatefile, wms_certificatepassphrase) ";
+ $sql .= "VALUES($1,$2,$3,$4,$5,$6,$7,$8,$9,$10,$11,$12,$13,$14,$15,$16,$17,$18,$19,$20,$21,$22,$23,$24,$25,$26,$27,$28, $29, $30)";
$v = array($this->wms_version,$this->wms_title,$this->wms_abstract,$this->wms_getcapabilities,
$this->wms_getmap,$this->wms_getfeatureinfo,$this->wms_getlegendurl,$this->wms_getcapabilities_doc,
$this->wms_upload_url,$this->fees,$this->accessconstraints,$this->contactperson,$this->contactposition,
$this->contactorganization,$this->address,$this->city,$this->stateorprovince,$this->postcode,$this->country,
$this->contactvoicetelephone,$this->contactfacsimiletelephone,$this->contactelectronicmailaddress,
$_SESSION['mb_user_id'],strtotime("now"),
- $this->wms_supportsld,$this->wms_userlayer,$this->wms_userstyle,$this->wms_remotewfs );
- $t = array('s','s','s','s','s','s','s','s','s','s','s','s','s','s','s','s','s','s','s','s','s','s','i','i','s','s','s','s');
+ $this->wms_supportsld,$this->wms_userlayer,$this->wms_userstyle,$this->wms_remotewfs, $this->wms_certificateFile, $this->wms_certificatePassphrase );
+ $t = array('s','s','s','s','s','s','s','s','s','s','s','s','s','s','s','s','s','s','s','s','s','s','i','i','s','s','s','s', 's', 's');
$res = db_prep_query($sql,$v,$t);
if(!$res){
db_rollback();
@@ -940,6 +950,13 @@
#Changes JW
$this->wms_id = $myWMS;
+
+ //if wms requires a cetificate set owsproxy string
+ if($this->wms_certificateFile !== "" && $this->wms_certificatePassphrase != "");
+ {
+ $admin = new administration();
+ $admin->setWMSOWSstring(intval($myWMS),"on");
+ }
}
function insertLayer($i,$myWMS){
global $con;
@@ -1221,14 +1238,17 @@
$sql .= "wms_supportsld = $10, ";
$sql .= "wms_userlayer = $11, ";
$sql .= "wms_userstyle = $12, ";
- $sql .= "wms_remotewfs = $13 ";
- $sql .= " WHERE wms_id = $14";
+ $sql .= "wms_remotewfs = $13, ";
+ $sql .= "wms_certificatefile = $14, ";
+ $sql .= "wms_certificatepassphrase = $15 ";
+ $sql .= " WHERE wms_id = $16";
$v = array($this->wms_version,$this->wms_getcapabilities,
$this->wms_getmap,$this->wms_getfeatureinfo,$this->wms_getlegendurl,
$this->wms_getcapabilities_doc,$this->wms_upload_url,$_SESSION["mb_user_id"],strtotime("now"),
- $this->wms_supportsld,$this->wms_userlayer,$this->wms_userstyle,$this->wms_remotewfs,$myWMS);
- $t = array('s','s','s','s','s','s','s','i','i','s','s','s','s','i');
+ $this->wms_supportsld,$this->wms_userlayer,$this->wms_userstyle,$this->wms_remotewfs,
+ $this->wms_certificateFile, $this->wms_certificatePassphrase,$myWMS);
+ $t = array('s','s','s','s','s','s','s','i','i','s','s','s','s','s','s','i');
$res = db_prep_query($sql,$v,$t);
if(!$res){
@@ -1343,6 +1363,14 @@
}
}
db_commit();
+
+ //if wms requires a cetificate set owsproxy string
+ if($this->wms_certificateFile !== "" && $this->wms_certificatePassphrase != "");
+ {
+ $admin = new administration();
+ $admin->setWMSOWSstring(intval($myWMS),"on");
+ }
+
return;
}
function updateGuiLayer($i,$myWMS,$gui_id){
Modified: branches/nimix_dev/http/php/mod_loadCapabilities.php
===================================================================
--- branches/nimix_dev/http/php/mod_loadCapabilities.php 2008-04-03 15:10:00 UTC (rev 2333)
+++ branches/nimix_dev/http/php/mod_loadCapabilities.php 2008-04-03 15:14:35 UTC (rev 2334)
@@ -156,11 +156,17 @@
#echo "Load WMS capabilities URL:<br>"
if (isset($xml_file)){
- echo"<input type='text' name='xml_file' size='50' value='".$xml_file."'>";
+ echo"<input type='text' name='xml_file' size='50' value='".$xml_file."'><br /><br />";
}else{
echo"<input type='text' name='xml_file' size='50' value='http://'>";
}
- echo"<input type='button' name='loadCap' value='Load' onClick='validate(\"guiList\")'>";
+ echo"<input type='button' name='loadCap' value='Load' onClick='validate(\"guiList\")'><br /><br />";
+ echo "<input type='button' onclick='javascript:document.getElementById(\"ssl\").style.display=\"block\";' value='Show advanced SSL options'/><br>";
+ echo "<div id='ssl' style='display:none'>";
+ echo "Certificate file (optional for SSL connection only):<br>";
+ echo "<input type='text' name='cert'><br /><br />";
+ echo "Certificate passphrase (optional for SSL connection only):<br>";
+ echo "<input type='text' name='pass'><br /></div>";
echo "</form>";
}
else{
Modified: branches/nimix_dev/http/php/mod_loadwms.php
===================================================================
--- branches/nimix_dev/http/php/mod_loadwms.php 2008-04-03 15:10:00 UTC (rev 2333)
+++ branches/nimix_dev/http/php/mod_loadwms.php 2008-04-03 15:14:35 UTC (rev 2334)
@@ -22,11 +22,13 @@
$guiList = $_REQUEST["guiList"];
$xml = $_REQUEST["xml_file"];
+$cert = $_REQUEST["cert"];
+$pass = $_REQUEST["pass"];
echo "file: ".$xml;
$mywms = new wms();
-$mywms->createObjFromXML($xml);
+$mywms->createObjFromXML($xml, $cert, $pass);
$mywms->writeObjInDB($guiList);
$mywms->displayWMS();
?>
\ No newline at end of file
Modified: branches/nimix_dev/http/php/mod_updateWMS.php
===================================================================
--- branches/nimix_dev/http/php/mod_updateWMS.php 2008-04-03 15:10:00 UTC (rev 2333)
+++ branches/nimix_dev/http/php/mod_updateWMS.php 2008-04-03 15:14:35 UTC (rev 2334)
@@ -95,13 +95,23 @@
echo "REQUEST=capabilities&WMTVER=1.0.0<br><br>";
echo "Link to new WMS Capabilities URL:<br><input size='120' type='text' name='myURL'><br>";
echo "<input type='button' value='Preview Capabilities' onclick='window.open(this.form.myURL.value,\"\",\"\")'> ";
- echo "<input type='button' value='Upload Capabilities' onclick='validate()'><br>";
-
+ echo "<input type='button' value='Upload Capabilities' onclick='validate()'><br><br>";
+ echo "<input type='button' onclick='javascript:document.getElementById(\"ssl\").style.display=\"block\";' value='Show advanced SSL options'/><br>";
+ echo "<div id='ssl' style='display:none'>";
+ echo "Certificate file (optional for SSL connection only):<br>";
+ echo "<input type='text' name='cert'><br /><br />";
+ echo "Certificate passphrase (optional for SSL connection only):<br>";
+ echo "<input type='text' name='pass'><br /></div>";
+
/**/
if(isset($myURL) && $myURL != ''){
-
+ if(!isset($cert))
+ $cert="";
+ if(!isset($pass))
+ $pass="";
+
$mywms = new wms();
- $mywms->createObjFromXML($myURL);
+ $mywms->createObjFromXML($myURL, $cert, $pass);
$mywms->optimizeWMS();
echo "<br />";
$mywms->updateObjInDB($myWMS);
Modified: branches/nimix_dev/owsproxy/http/index.php
===================================================================
--- branches/nimix_dev/owsproxy/http/index.php 2008-04-03 15:10:00 UTC (rev 2333)
+++ branches/nimix_dev/owsproxy/http/index.php 2008-04-03 15:14:35 UTC (rev 2334)
@@ -36,6 +36,10 @@
$owsproxyService = $_REQUEST['wms']; //ToDo: change this to 'service' in the apache url-rewriting
$query = new QueryHandler();
$n = new administration();
+
+//variables for connections with client certificate
+$certificateFile = "";
+$certPassphrase = "";
// an array with keys and values toLoserCase -> caseinsensitiv
$reqParams = $query->getRequestParams();
@@ -98,10 +102,6 @@
throwE("Permission denied");
die();
}
- if($layers===""){
- throwE("Permission denied");
- die();
- }
$query->setParam("layers",$layers);
$request = $query->getRequest();
getImage($request);
@@ -425,15 +425,19 @@
* @return string url to legend graphic
*/
function getLegendUrl($wms){
- global $reqParams;
+ global $reqParams, $certificateFile, $certPassphrase;
//get wms id
$sql = "SELECT * FROM wms WHERE wms_owsproxy = $1";
$v = array($wms);
$t = array("s");
$res = db_prep_query($sql, $v, $t);
- if($row = db_fetch_array($res))
+ if($row = db_fetch_array($res)){
+ $certificateFile = $row["wms_certificatefile"];
+ $certPassphrase = $row["wms_certificatepassphrase"];
+
$wmsid = $row["wms_id"];
+ }
else{
throwE(array("No wms data available."));
die();
@@ -464,7 +468,7 @@
* @return array array with detailed information about requested wms
*/
function checkWmsPermission($wms){
- global $con, $n, $user_id;
+ global $con, $n, $user_id, $certificateFile, $certPassphrase;
$myguis = $n->getGuisByPermission($user_id,true);
$mywms = $n->getWmsByOwnGuis($myguis);
@@ -478,7 +482,9 @@
$service["wms_getcapabilities"] = $row["wms_getcapabilities"];
$service["wms_getmap"] = $row["wms_getmap"];
$service["wms_getfeatureinfo"] = $row["wms_getfeatureinfo"];
- $service["wms_getcapabilities_doc"] = $row["wms_getcapabilities_doc"];
+ $service["wms_getcapabilities_doc"] = $row["wms_getcapabilities_doc"];
+ $certificateFile = $row["wms_certificatefile"];
+ $certPassphrase = $row["wms_certificatepassphrase"];
}
if(!$row || count($mywms) == 0){
throwE(array("No wms data available."));
@@ -571,7 +577,13 @@
return $ret;
}
function getDocumentContent($url){
- $d = new connector($url);
+ global $certificateFile, $certPassphrase;
+ $d = new connector();
+ if($certificateFile!=="")
+ $d->set("certificateFile", $certificateFile);
+ if($certPassphrase!=="")
+ $d->set("certificatePassphrase", $certPassphrase);
+ $d->load($url);
return $d->file;
}
?>
\ No newline at end of file
More information about the Mapbender_commits
mailing list