Coverage Report - org.mule.security.filters.MuleEncryptionEndpointSecurityFilter
 
Classes in this File Line Coverage Branch Coverage Complexity
MuleEncryptionEndpointSecurityFilter
0%
0/39
0%
0/16
3.333
 
 1  
 /*
 2  
  * $Id: MuleEncryptionEndpointSecurityFilter.java 10489 2008-01-23 17:53:38Z dfeist $
 3  
  * --------------------------------------------------------------------------------------
 4  
  * Copyright (c) MuleSource, Inc.  All rights reserved.  http://www.mulesource.com
 5  
  *
 6  
  * The software in this package is published under the terms of the CPAL v1.0
 7  
  * license, a copy of which has been included with this distribution in the
 8  
  * LICENSE.txt file.
 9  
  */
 10  
 
 11  
 package org.mule.security.filters;
 12  
 
 13  
 import org.mule.api.EncryptionStrategy;
 14  
 import org.mule.api.MuleEvent;
 15  
 import org.mule.api.lifecycle.InitialisationException;
 16  
 import org.mule.api.security.Authentication;
 17  
 import org.mule.api.security.Credentials;
 18  
 import org.mule.api.security.CredentialsNotSetException;
 19  
 import org.mule.api.security.CryptoFailureException;
 20  
 import org.mule.api.security.EncryptionStrategyNotFoundException;
 21  
 import org.mule.api.security.SecurityContext;
 22  
 import org.mule.api.security.SecurityException;
 23  
 import org.mule.api.security.SecurityProviderNotFoundException;
 24  
 import org.mule.api.security.UnauthorisedException;
 25  
 import org.mule.api.security.UnknownAuthenticationTypeException;
 26  
 import org.mule.config.i18n.CoreMessages;
 27  
 import org.mule.security.AbstractEndpointSecurityFilter;
 28  
 import org.mule.security.DefaultMuleAuthentication;
 29  
 import org.mule.security.MuleCredentials;
 30  
 import org.mule.security.MuleHeaderCredentialsAccessor;
 31  
 
 32  
 /**
 33  
  * <code>MuleEncryptionEndpointSecurityFilter</code> provides password-based
 34  
  * encryption
 35  
  */
 36  
 public class MuleEncryptionEndpointSecurityFilter extends AbstractEndpointSecurityFilter
 37  
 {
 38  
     private EncryptionStrategy strategy;
 39  
 
 40  
     public MuleEncryptionEndpointSecurityFilter()
 41  0
     {
 42  0
         setCredentialsAccessor(new MuleHeaderCredentialsAccessor());
 43  0
     }
 44  
 
 45  
     protected final void authenticateInbound(MuleEvent event)
 46  
         throws SecurityException, CryptoFailureException, EncryptionStrategyNotFoundException,
 47  
         UnknownAuthenticationTypeException
 48  
     {
 49  0
         String userHeader = (String) getCredentialsAccessor().getCredentials(event);
 50  0
         if (userHeader == null)
 51  
         {
 52  0
             throw new CredentialsNotSetException(event.getMessage(), event.getSession().getSecurityContext(),
 53  
                 event.getEndpoint(), this);
 54  
         }
 55  
 
 56  0
         Credentials user = new MuleCredentials(userHeader, getSecurityManager());
 57  
 
 58  
         Authentication authResult;
 59  0
         Authentication umoAuthentication = new DefaultMuleAuthentication(user);
 60  
         try
 61  
         {
 62  0
             authResult = getSecurityManager().authenticate(umoAuthentication);
 63  
         }
 64  0
         catch (Exception e)
 65  
         {
 66  
             // Authentication failed
 67  0
             if (logger.isDebugEnabled())
 68  
             {
 69  0
                 logger.debug("Authentication request for user: " + user.getUsername() 
 70  
                     + " failed: " + e.toString());
 71  
             }
 72  0
             throw new UnauthorisedException(CoreMessages.authFailedForUser(user.getUsername()),
 73  
                 event.getMessage(), e);
 74  0
         }
 75  
 
 76  
         // Authentication success
 77  0
         if (logger.isDebugEnabled())
 78  
         {
 79  0
             logger.debug("Authentication success: " + authResult.toString());
 80  
         }
 81  
 
 82  0
         SecurityContext context = getSecurityManager().createSecurityContext(authResult);
 83  0
         context.setAuthentication(authResult);
 84  0
         event.getSession().setSecurityContext(context);
 85  0
     }
 86  
 
 87  
     protected void authenticateOutbound(MuleEvent event)
 88  
         throws SecurityException, SecurityProviderNotFoundException, CryptoFailureException
 89  
     {
 90  0
         if (event.getSession().getSecurityContext() == null)
 91  
         {
 92  0
             if (isAuthenticate())
 93  
             {
 94  0
                 throw new UnauthorisedException(event.getMessage(), event.getSession().getSecurityContext(),
 95  
                     event.getEndpoint(), this);
 96  
             }
 97  
             else
 98  
             {
 99  0
                 return;
 100  
             }
 101  
         }
 102  0
         Authentication auth = event.getSession().getSecurityContext().getAuthentication();
 103  0
         if (isAuthenticate())
 104  
         {
 105  0
             auth = getSecurityManager().authenticate(auth);
 106  0
             if (logger.isDebugEnabled())
 107  
             {
 108  0
                 logger.debug("Authentication success: " + auth.toString());
 109  
             }
 110  
         }
 111  
 
 112  0
         String token = auth.getCredentials().toString();
 113  0
         String header = new String(strategy.encrypt(token.getBytes(), null));
 114  0
         getCredentialsAccessor().setCredentials(event, header);
 115  
 
 116  0
     }
 117  
 
 118  
     protected void doInitialise() throws InitialisationException
 119  
     {
 120  0
         if (strategy == null)
 121  
         {
 122  0
             throw new InitialisationException(CoreMessages.encryptionStrategyNotSet(), this);
 123  
         }
 124  0
     }
 125  
 
 126  
     public EncryptionStrategy getStrategy()
 127  
     {
 128  0
         return strategy;
 129  
     }
 130  
 
 131  
     public void setStrategy(EncryptionStrategy strategy)
 132  
     {
 133  0
         this.strategy = strategy;
 134  0
     }
 135  
 
 136  
 }