1
2
3
4
5
6
7
8
9
10
11 package org.mule.security.filters;
12
13 import org.mule.api.EncryptionStrategy;
14 import org.mule.api.MuleEvent;
15 import org.mule.api.lifecycle.InitialisationException;
16 import org.mule.api.security.Authentication;
17 import org.mule.api.security.Credentials;
18 import org.mule.api.security.CredentialsNotSetException;
19 import org.mule.api.security.CryptoFailureException;
20 import org.mule.api.security.EncryptionStrategyNotFoundException;
21 import org.mule.api.security.SecurityContext;
22 import org.mule.api.security.SecurityException;
23 import org.mule.api.security.SecurityProviderNotFoundException;
24 import org.mule.api.security.UnauthorisedException;
25 import org.mule.api.security.UnknownAuthenticationTypeException;
26 import org.mule.config.i18n.CoreMessages;
27 import org.mule.security.AbstractEndpointSecurityFilter;
28 import org.mule.security.DefaultMuleAuthentication;
29 import org.mule.security.MuleCredentials;
30 import org.mule.security.MuleHeaderCredentialsAccessor;
31
32
33
34
35
36 public class MuleEncryptionEndpointSecurityFilter extends AbstractEndpointSecurityFilter
37 {
38 private EncryptionStrategy strategy;
39
40 public MuleEncryptionEndpointSecurityFilter()
41 {
42 setCredentialsAccessor(new MuleHeaderCredentialsAccessor());
43 }
44
45 protected final void authenticateInbound(MuleEvent event)
46 throws SecurityException, CryptoFailureException, EncryptionStrategyNotFoundException,
47 UnknownAuthenticationTypeException
48 {
49 String userHeader = (String) getCredentialsAccessor().getCredentials(event);
50 if (userHeader == null)
51 {
52 throw new CredentialsNotSetException(event.getMessage(), event.getSession().getSecurityContext(),
53 event.getEndpoint(), this);
54 }
55
56 Credentials user = new MuleCredentials(userHeader, getSecurityManager());
57
58 Authentication authResult;
59 Authentication umoAuthentication = new DefaultMuleAuthentication(user);
60 try
61 {
62 authResult = getSecurityManager().authenticate(umoAuthentication);
63 }
64 catch (Exception e)
65 {
66
67 if (logger.isDebugEnabled())
68 {
69 logger.debug("Authentication request for user: " + user.getUsername()
70 + " failed: " + e.toString());
71 }
72 throw new UnauthorisedException(CoreMessages.authFailedForUser(user.getUsername()),
73 event.getMessage(), e);
74 }
75
76
77 if (logger.isDebugEnabled())
78 {
79 logger.debug("Authentication success: " + authResult.toString());
80 }
81
82 SecurityContext context = getSecurityManager().createSecurityContext(authResult);
83 context.setAuthentication(authResult);
84 event.getSession().setSecurityContext(context);
85 }
86
87 protected void authenticateOutbound(MuleEvent event)
88 throws SecurityException, SecurityProviderNotFoundException, CryptoFailureException
89 {
90 if (event.getSession().getSecurityContext() == null)
91 {
92 if (isAuthenticate())
93 {
94 throw new UnauthorisedException(event.getMessage(), event.getSession().getSecurityContext(),
95 event.getEndpoint(), this);
96 }
97 else
98 {
99 return;
100 }
101 }
102 Authentication auth = event.getSession().getSecurityContext().getAuthentication();
103 if (isAuthenticate())
104 {
105 auth = getSecurityManager().authenticate(auth);
106 if (logger.isDebugEnabled())
107 {
108 logger.debug("Authentication success: " + auth.toString());
109 }
110 }
111
112 String token = auth.getCredentials().toString();
113 String header = new String(strategy.encrypt(token.getBytes(), null));
114 getCredentialsAccessor().setCredentials(event, header);
115
116 }
117
118 protected void doInitialise() throws InitialisationException
119 {
120 if (strategy == null)
121 {
122 throw new InitialisationException(CoreMessages.encryptionStrategyNotSet(), this);
123 }
124 }
125
126 public EncryptionStrategy getStrategy()
127 {
128 return strategy;
129 }
130
131 public void setStrategy(EncryptionStrategy strategy)
132 {
133 this.strategy = strategy;
134 }
135
136 }