View Javadoc

1   /*
2    * $Id: JaasSecurityFilter.java 10789 2008-02-12 20:04:43Z dfeist $
3    * --------------------------------------------------------------------------------------
4    * Copyright (c) MuleSource, Inc.  All rights reserved.  http://www.mulesource.com
5    *
6    * The software in this package is published under the terms of the CPAL v1.0
7    * license, a copy of which has been included with this distribution in the
8    * LICENSE.txt file.
9    */
10  
11  package org.mule.module.jaas.filters;
12  
13  import org.mule.api.MuleEvent;
14  import org.mule.api.lifecycle.InitialisationException;
15  import org.mule.api.security.CredentialsNotSetException;
16  import org.mule.api.security.CryptoFailureException;
17  import org.mule.api.security.EncryptionStrategyNotFoundException;
18  import org.mule.api.security.SecurityException;
19  import org.mule.api.security.SecurityProviderNotFoundException;
20  import org.mule.api.security.Authentication;
21  import org.mule.api.security.Credentials;
22  import org.mule.api.security.SecurityContext;
23  import org.mule.api.security.UnauthorisedException;
24  import org.mule.api.security.UnknownAuthenticationTypeException;
25  import org.mule.config.i18n.CoreMessages;
26  import org.mule.module.jaas.JaasAuthentication;
27  import org.mule.security.AbstractEndpointSecurityFilter;
28  import org.mule.security.MuleCredentials;
29  import org.mule.security.MuleHeaderCredentialsAccessor;
30  
31  public class JaasSecurityFilter extends AbstractEndpointSecurityFilter
32  {
33  
34      public JaasSecurityFilter()
35      {
36          setCredentialsAccessor(new MuleHeaderCredentialsAccessor());
37      }
38  
39      protected final void authenticateInbound(MuleEvent event)
40          throws SecurityException, CryptoFailureException, EncryptionStrategyNotFoundException,
41          UnknownAuthenticationTypeException
42      {
43          String userHeader = (String) getCredentialsAccessor().getCredentials(event);
44          if (userHeader == null)
45          {
46              throw new CredentialsNotSetException(event.getMessage(), event.getSession().getSecurityContext(),
47                  event.getEndpoint(), this);
48          }
49  
50          Credentials user = new MuleCredentials(userHeader, getSecurityManager());
51          Authentication authResult;
52          Authentication umoAuthentication = new JaasAuthentication(user);
53          try
54          {
55              authResult = getSecurityManager().authenticate(umoAuthentication);
56          }
57          catch (SecurityException se)
58          {
59              // Security Exception occurred
60              if (logger.isDebugEnabled())
61              {
62                  logger.debug("Security Exception raised. Authentication request for user: " + user.getUsername() 
63                      + " failed: " + se.toString());
64              }
65              throw se;
66          }
67          catch (Exception e)
68          {
69              // Authentication failed
70              if (logger.isDebugEnabled())
71              {
72                  logger.debug("Authentication request for user: " + user.getUsername() 
73                      + " failed: " + e.toString());
74              }
75              throw new UnauthorisedException(CoreMessages.authFailedForUser(user.getUsername()),
76                  event.getMessage(), e);
77          }
78  
79          // Authentication success
80          if (logger.isDebugEnabled())
81          {
82              logger.debug("Authentication success: " + authResult.toString());
83          }
84  
85          SecurityContext context = getSecurityManager().createSecurityContext(authResult);
86          context.setAuthentication(authResult);
87          event.getSession().setSecurityContext(context);
88      }
89  
90      protected void authenticateOutbound(MuleEvent event)
91          throws SecurityException, SecurityProviderNotFoundException, CryptoFailureException
92      {
93          if (event.getSession().getSecurityContext() == null)
94          {
95              if (isAuthenticate())
96              {
97                  throw new UnauthorisedException(event.getMessage(), event.getSession().getSecurityContext(),
98                      event.getEndpoint(), this);
99              }
100             else
101             {
102                 return;
103             }
104         }
105         Authentication auth = event.getSession().getSecurityContext().getAuthentication();
106         if (isAuthenticate())
107         {
108             auth = getSecurityManager().authenticate(auth);
109             if (logger.isDebugEnabled())
110             {
111                 logger.debug("Authentication success: " + auth.toString());
112             }
113         }
114 
115         String token = auth.getCredentials().toString();
116         getCredentialsAccessor().setCredentials(event, token);
117 
118     }
119 
120     protected void doInitialise() throws InitialisationException
121     {
122         // empty constructor
123     }
124 }
125