View Javadoc

1   /*
2    * $Id: MuleEncryptionEndpointSecurityFilter.java 10489 2008-01-23 17:53:38Z dfeist $
3    * --------------------------------------------------------------------------------------
4    * Copyright (c) MuleSource, Inc.  All rights reserved.  http://www.mulesource.com
5    *
6    * The software in this package is published under the terms of the CPAL v1.0
7    * license, a copy of which has been included with this distribution in the
8    * LICENSE.txt file.
9    */
10  
11  package org.mule.security.filters;
12  
13  import org.mule.api.EncryptionStrategy;
14  import org.mule.api.MuleEvent;
15  import org.mule.api.lifecycle.InitialisationException;
16  import org.mule.api.security.Authentication;
17  import org.mule.api.security.Credentials;
18  import org.mule.api.security.CredentialsNotSetException;
19  import org.mule.api.security.CryptoFailureException;
20  import org.mule.api.security.EncryptionStrategyNotFoundException;
21  import org.mule.api.security.SecurityContext;
22  import org.mule.api.security.SecurityException;
23  import org.mule.api.security.SecurityProviderNotFoundException;
24  import org.mule.api.security.UnauthorisedException;
25  import org.mule.api.security.UnknownAuthenticationTypeException;
26  import org.mule.config.i18n.CoreMessages;
27  import org.mule.security.AbstractEndpointSecurityFilter;
28  import org.mule.security.DefaultMuleAuthentication;
29  import org.mule.security.MuleCredentials;
30  import org.mule.security.MuleHeaderCredentialsAccessor;
31  
32  /**
33   * <code>MuleEncryptionEndpointSecurityFilter</code> provides password-based
34   * encryption
35   */
36  public class MuleEncryptionEndpointSecurityFilter extends AbstractEndpointSecurityFilter
37  {
38      private EncryptionStrategy strategy;
39  
40      public MuleEncryptionEndpointSecurityFilter()
41      {
42          setCredentialsAccessor(new MuleHeaderCredentialsAccessor());
43      }
44  
45      protected final void authenticateInbound(MuleEvent event)
46          throws SecurityException, CryptoFailureException, EncryptionStrategyNotFoundException,
47          UnknownAuthenticationTypeException
48      {
49          String userHeader = (String) getCredentialsAccessor().getCredentials(event);
50          if (userHeader == null)
51          {
52              throw new CredentialsNotSetException(event.getMessage(), event.getSession().getSecurityContext(),
53                  event.getEndpoint(), this);
54          }
55  
56          Credentials user = new MuleCredentials(userHeader, getSecurityManager());
57  
58          Authentication authResult;
59          Authentication umoAuthentication = new DefaultMuleAuthentication(user);
60          try
61          {
62              authResult = getSecurityManager().authenticate(umoAuthentication);
63          }
64          catch (Exception e)
65          {
66              // Authentication failed
67              if (logger.isDebugEnabled())
68              {
69                  logger.debug("Authentication request for user: " + user.getUsername() 
70                      + " failed: " + e.toString());
71              }
72              throw new UnauthorisedException(CoreMessages.authFailedForUser(user.getUsername()),
73                  event.getMessage(), e);
74          }
75  
76          // Authentication success
77          if (logger.isDebugEnabled())
78          {
79              logger.debug("Authentication success: " + authResult.toString());
80          }
81  
82          SecurityContext context = getSecurityManager().createSecurityContext(authResult);
83          context.setAuthentication(authResult);
84          event.getSession().setSecurityContext(context);
85      }
86  
87      protected void authenticateOutbound(MuleEvent event)
88          throws SecurityException, SecurityProviderNotFoundException, CryptoFailureException
89      {
90          if (event.getSession().getSecurityContext() == null)
91          {
92              if (isAuthenticate())
93              {
94                  throw new UnauthorisedException(event.getMessage(), event.getSession().getSecurityContext(),
95                      event.getEndpoint(), this);
96              }
97              else
98              {
99                  return;
100             }
101         }
102         Authentication auth = event.getSession().getSecurityContext().getAuthentication();
103         if (isAuthenticate())
104         {
105             auth = getSecurityManager().authenticate(auth);
106             if (logger.isDebugEnabled())
107             {
108                 logger.debug("Authentication success: " + auth.toString());
109             }
110         }
111 
112         String token = auth.getCredentials().toString();
113         String header = new String(strategy.encrypt(token.getBytes(), null));
114         getCredentialsAccessor().setCredentials(event, header);
115 
116     }
117 
118     protected void doInitialise() throws InitialisationException
119     {
120         if (strategy == null)
121         {
122             throw new InitialisationException(CoreMessages.encryptionStrategyNotSet(), this);
123         }
124     }
125 
126     public EncryptionStrategy getStrategy()
127     {
128         return strategy;
129     }
130 
131     public void setStrategy(EncryptionStrategy strategy)
132     {
133         this.strategy = strategy;
134     }
135 
136 }