Coverage Report - org.mule.module.jaas.filters.JaasSecurityFilter
 
Classes in this File Line Coverage Branch Coverage Complexity
JaasSecurityFilter
49%
18/37
19%
3/16
4.75
 
 1  
 /*
 2  
  * $Id: JaasSecurityFilter.java 10789 2008-02-12 20:04:43Z dfeist $
 3  
  * --------------------------------------------------------------------------------------
 4  
  * Copyright (c) MuleSource, Inc.  All rights reserved.  http://www.mulesource.com
 5  
  *
 6  
  * The software in this package is published under the terms of the CPAL v1.0
 7  
  * license, a copy of which has been included with this distribution in the
 8  
  * LICENSE.txt file.
 9  
  */
 10  
 
 11  
 package org.mule.module.jaas.filters;
 12  
 
 13  
 import org.mule.api.MuleEvent;
 14  
 import org.mule.api.lifecycle.InitialisationException;
 15  
 import org.mule.api.security.CredentialsNotSetException;
 16  
 import org.mule.api.security.CryptoFailureException;
 17  
 import org.mule.api.security.EncryptionStrategyNotFoundException;
 18  
 import org.mule.api.security.SecurityException;
 19  
 import org.mule.api.security.SecurityProviderNotFoundException;
 20  
 import org.mule.api.security.Authentication;
 21  
 import org.mule.api.security.Credentials;
 22  
 import org.mule.api.security.SecurityContext;
 23  
 import org.mule.api.security.UnauthorisedException;
 24  
 import org.mule.api.security.UnknownAuthenticationTypeException;
 25  
 import org.mule.config.i18n.CoreMessages;
 26  
 import org.mule.module.jaas.JaasAuthentication;
 27  
 import org.mule.security.AbstractEndpointSecurityFilter;
 28  
 import org.mule.security.MuleCredentials;
 29  
 import org.mule.security.MuleHeaderCredentialsAccessor;
 30  
 
 31  
 public class JaasSecurityFilter extends AbstractEndpointSecurityFilter
 32  
 {
 33  
 
 34  
     public JaasSecurityFilter()
 35  20
     {
 36  20
         setCredentialsAccessor(new MuleHeaderCredentialsAccessor());
 37  20
     }
 38  
 
 39  
     protected final void authenticateInbound(MuleEvent event)
 40  
         throws SecurityException, CryptoFailureException, EncryptionStrategyNotFoundException,
 41  
         UnknownAuthenticationTypeException
 42  
     {
 43  20
         String userHeader = (String) getCredentialsAccessor().getCredentials(event);
 44  20
         if (userHeader == null)
 45  
         {
 46  0
             throw new CredentialsNotSetException(event.getMessage(), event.getSession().getSecurityContext(),
 47  
                 event.getEndpoint(), this);
 48  
         }
 49  
 
 50  20
         Credentials user = new MuleCredentials(userHeader, getSecurityManager());
 51  
         Authentication authResult;
 52  20
         Authentication umoAuthentication = new JaasAuthentication(user);
 53  
         try
 54  
         {
 55  20
             authResult = getSecurityManager().authenticate(umoAuthentication);
 56  
         }
 57  12
         catch (SecurityException se)
 58  
         {
 59  
             // Security Exception occurred
 60  12
             if (logger.isDebugEnabled())
 61  
             {
 62  0
                 logger.debug("Security Exception raised. Authentication request for user: " + user.getUsername() 
 63  
                     + " failed: " + se.toString());
 64  
             }
 65  12
             throw se;
 66  
         }
 67  0
         catch (Exception e)
 68  
         {
 69  
             // Authentication failed
 70  0
             if (logger.isDebugEnabled())
 71  
             {
 72  0
                 logger.debug("Authentication request for user: " + user.getUsername() 
 73  
                     + " failed: " + e.toString());
 74  
             }
 75  0
             throw new UnauthorisedException(CoreMessages.authFailedForUser(user.getUsername()),
 76  
                 event.getMessage(), e);
 77  8
         }
 78  
 
 79  
         // Authentication success
 80  8
         if (logger.isDebugEnabled())
 81  
         {
 82  0
             logger.debug("Authentication success: " + authResult.toString());
 83  
         }
 84  
 
 85  8
         SecurityContext context = getSecurityManager().createSecurityContext(authResult);
 86  8
         context.setAuthentication(authResult);
 87  8
         event.getSession().setSecurityContext(context);
 88  8
     }
 89  
 
 90  
     protected void authenticateOutbound(MuleEvent event)
 91  
         throws SecurityException, SecurityProviderNotFoundException, CryptoFailureException
 92  
     {
 93  0
         if (event.getSession().getSecurityContext() == null)
 94  
         {
 95  0
             if (isAuthenticate())
 96  
             {
 97  0
                 throw new UnauthorisedException(event.getMessage(), event.getSession().getSecurityContext(),
 98  
                     event.getEndpoint(), this);
 99  
             }
 100  
             else
 101  
             {
 102  0
                 return;
 103  
             }
 104  
         }
 105  0
         Authentication auth = event.getSession().getSecurityContext().getAuthentication();
 106  0
         if (isAuthenticate())
 107  
         {
 108  0
             auth = getSecurityManager().authenticate(auth);
 109  0
             if (logger.isDebugEnabled())
 110  
             {
 111  0
                 logger.debug("Authentication success: " + auth.toString());
 112  
             }
 113  
         }
 114  
 
 115  0
         String token = auth.getCredentials().toString();
 116  0
         getCredentialsAccessor().setCredentials(event, token);
 117  
 
 118  0
     }
 119  
 
 120  
     protected void doInitialise() throws InitialisationException
 121  
     {
 122  
         // empty constructor
 123  20
     }
 124  
 }
 125