1 | |
|
2 | |
|
3 | |
|
4 | |
|
5 | |
|
6 | |
|
7 | |
|
8 | |
|
9 | |
|
10 | |
|
11 | |
package org.mule.impl.security.filters; |
12 | |
|
13 | |
import org.mule.MuleManager; |
14 | |
import org.mule.config.i18n.CoreMessages; |
15 | |
import org.mule.impl.security.AbstractEndpointSecurityFilter; |
16 | |
import org.mule.impl.security.MuleAuthentication; |
17 | |
import org.mule.impl.security.MuleCredentials; |
18 | |
import org.mule.impl.security.MuleHeaderCredentialsAccessor; |
19 | |
import org.mule.umo.UMOEncryptionStrategy; |
20 | |
import org.mule.umo.UMOEvent; |
21 | |
import org.mule.umo.lifecycle.InitialisationException; |
22 | |
import org.mule.umo.security.CredentialsNotSetException; |
23 | |
import org.mule.umo.security.CryptoFailureException; |
24 | |
import org.mule.umo.security.EncryptionStrategyNotFoundException; |
25 | |
import org.mule.umo.security.SecurityException; |
26 | |
import org.mule.umo.security.SecurityProviderNotFoundException; |
27 | |
import org.mule.umo.security.UMOAuthentication; |
28 | |
import org.mule.umo.security.UMOCredentials; |
29 | |
import org.mule.umo.security.UMOSecurityContext; |
30 | |
import org.mule.umo.security.UnauthorisedException; |
31 | |
import org.mule.umo.security.UnknownAuthenticationTypeException; |
32 | |
|
33 | |
|
34 | |
|
35 | |
|
36 | |
|
37 | |
public class MuleEncryptionEndpointSecurityFilter extends AbstractEndpointSecurityFilter |
38 | |
{ |
39 | |
private UMOEncryptionStrategy strategy; |
40 | |
private String strategyName; |
41 | |
|
42 | |
public MuleEncryptionEndpointSecurityFilter() |
43 | 0 | { |
44 | 0 | setCredentialsAccessor(new MuleHeaderCredentialsAccessor()); |
45 | 0 | } |
46 | |
|
47 | |
protected final void authenticateInbound(UMOEvent event) |
48 | |
throws SecurityException, CryptoFailureException, EncryptionStrategyNotFoundException, |
49 | |
UnknownAuthenticationTypeException |
50 | |
{ |
51 | 0 | String userHeader = (String) getCredentialsAccessor().getCredentials(event); |
52 | 0 | if (userHeader == null) |
53 | |
{ |
54 | 0 | throw new CredentialsNotSetException(event.getMessage(), event.getSession().getSecurityContext(), |
55 | |
event.getEndpoint(), this); |
56 | |
} |
57 | |
|
58 | 0 | UMOCredentials user = new MuleCredentials(userHeader); |
59 | |
|
60 | |
UMOAuthentication authResult; |
61 | 0 | UMOAuthentication umoAuthentication = new MuleAuthentication(user); |
62 | |
try |
63 | |
{ |
64 | 0 | authResult = getSecurityManager().authenticate(umoAuthentication); |
65 | |
} |
66 | 0 | catch (Exception e) |
67 | |
{ |
68 | |
|
69 | 0 | if (logger.isDebugEnabled()) |
70 | |
{ |
71 | 0 | logger.debug("Authentication request for user: " + user.getUsername() |
72 | |
+ " failed: " + e.toString()); |
73 | |
} |
74 | 0 | throw new UnauthorisedException(CoreMessages.authFailedForUser(user.getUsername()), |
75 | |
event.getMessage(), e); |
76 | 0 | } |
77 | |
|
78 | |
|
79 | 0 | if (logger.isDebugEnabled()) |
80 | |
{ |
81 | 0 | logger.debug("Authentication success: " + authResult.toString()); |
82 | |
} |
83 | |
|
84 | 0 | UMOSecurityContext context = getSecurityManager().createSecurityContext(authResult); |
85 | 0 | context.setAuthentication(authResult); |
86 | 0 | event.getSession().setSecurityContext(context); |
87 | 0 | } |
88 | |
|
89 | |
protected void authenticateOutbound(UMOEvent event) |
90 | |
throws SecurityException, SecurityProviderNotFoundException, CryptoFailureException |
91 | |
{ |
92 | 0 | if (event.getSession().getSecurityContext() == null) |
93 | |
{ |
94 | 0 | if (isAuthenticate()) |
95 | |
{ |
96 | 0 | throw new UnauthorisedException(event.getMessage(), event.getSession().getSecurityContext(), |
97 | |
event.getEndpoint(), this); |
98 | |
} |
99 | |
else |
100 | |
{ |
101 | 0 | return; |
102 | |
} |
103 | |
} |
104 | 0 | UMOAuthentication auth = event.getSession().getSecurityContext().getAuthentication(); |
105 | 0 | if (isAuthenticate()) |
106 | |
{ |
107 | 0 | auth = getSecurityManager().authenticate(auth); |
108 | 0 | if (logger.isDebugEnabled()) |
109 | |
{ |
110 | 0 | logger.debug("Authentication success: " + auth.toString()); |
111 | |
} |
112 | |
} |
113 | |
|
114 | 0 | String token = auth.getCredentials().toString(); |
115 | 0 | String header = new String(strategy.encrypt(token.getBytes(), null)); |
116 | 0 | getCredentialsAccessor().setCredentials(event, header); |
117 | |
|
118 | 0 | } |
119 | |
|
120 | |
protected void doInitialise() throws InitialisationException |
121 | |
{ |
122 | 0 | if (strategyName != null) |
123 | |
{ |
124 | 0 | strategy = MuleManager.getInstance().getSecurityManager().getEncryptionStrategy(strategyName); |
125 | |
} |
126 | |
|
127 | 0 | if (strategy == null) |
128 | |
{ |
129 | 0 | throw new InitialisationException(CoreMessages.encryptionStrategyNotSet(), this); |
130 | |
} |
131 | 0 | } |
132 | |
|
133 | |
public UMOEncryptionStrategy getStrategy() |
134 | |
{ |
135 | 0 | return strategy; |
136 | |
} |
137 | |
|
138 | |
public void setStrategy(UMOEncryptionStrategy strategy) |
139 | |
{ |
140 | 0 | this.strategy = strategy; |
141 | 0 | } |
142 | |
|
143 | |
public void setStrategyName(String name) |
144 | |
{ |
145 | 0 | strategyName = name; |
146 | 0 | } |
147 | |
} |