1
2
3
4
5
6
7
8
9
10
11 package org.mule.module.jaas.filters;
12
13 import org.mule.api.MuleEvent;
14 import org.mule.api.lifecycle.InitialisationException;
15 import org.mule.api.security.CredentialsNotSetException;
16 import org.mule.api.security.CryptoFailureException;
17 import org.mule.api.security.EncryptionStrategyNotFoundException;
18 import org.mule.api.security.SecurityException;
19 import org.mule.api.security.SecurityProviderNotFoundException;
20 import org.mule.api.security.Authentication;
21 import org.mule.api.security.Credentials;
22 import org.mule.api.security.SecurityContext;
23 import org.mule.api.security.UnauthorisedException;
24 import org.mule.api.security.UnknownAuthenticationTypeException;
25 import org.mule.config.i18n.CoreMessages;
26 import org.mule.module.jaas.JaasAuthentication;
27 import org.mule.security.AbstractEndpointSecurityFilter;
28 import org.mule.security.MuleCredentials;
29 import org.mule.security.MuleHeaderCredentialsAccessor;
30
31 public class JaasSecurityFilter extends AbstractEndpointSecurityFilter
32 {
33
34 public JaasSecurityFilter()
35 {
36 setCredentialsAccessor(new MuleHeaderCredentialsAccessor());
37 }
38
39 protected final void authenticateInbound(MuleEvent event)
40 throws SecurityException, CryptoFailureException, EncryptionStrategyNotFoundException,
41 UnknownAuthenticationTypeException
42 {
43 String userHeader = (String) getCredentialsAccessor().getCredentials(event);
44 if (userHeader == null)
45 {
46 throw new CredentialsNotSetException(event.getMessage(), event.getSession().getSecurityContext(),
47 event.getEndpoint(), this);
48 }
49
50 Credentials user = new MuleCredentials(userHeader, getSecurityManager());
51 Authentication authResult;
52 Authentication umoAuthentication = new JaasAuthentication(user);
53 try
54 {
55 authResult = getSecurityManager().authenticate(umoAuthentication);
56 }
57 catch (SecurityException se)
58 {
59
60 if (logger.isDebugEnabled())
61 {
62 logger.debug("Security Exception raised. Authentication request for user: " + user.getUsername()
63 + " failed: " + se.toString());
64 }
65 throw se;
66 }
67 catch (Exception e)
68 {
69
70 if (logger.isDebugEnabled())
71 {
72 logger.debug("Authentication request for user: " + user.getUsername()
73 + " failed: " + e.toString());
74 }
75 throw new UnauthorisedException(CoreMessages.authFailedForUser(user.getUsername()),
76 event.getMessage(), e);
77 }
78
79
80 if (logger.isDebugEnabled())
81 {
82 logger.debug("Authentication success: " + authResult.toString());
83 }
84
85 SecurityContext context = getSecurityManager().createSecurityContext(authResult);
86 context.setAuthentication(authResult);
87 event.getSession().setSecurityContext(context);
88 }
89
90 protected void authenticateOutbound(MuleEvent event)
91 throws SecurityException, SecurityProviderNotFoundException, CryptoFailureException
92 {
93 if (event.getSession().getSecurityContext() == null)
94 {
95 if (isAuthenticate())
96 {
97 throw new UnauthorisedException(event.getMessage(), event.getSession().getSecurityContext(),
98 event.getEndpoint(), this);
99 }
100 else
101 {
102 return;
103 }
104 }
105 Authentication auth = event.getSession().getSecurityContext().getAuthentication();
106 if (isAuthenticate())
107 {
108 auth = getSecurityManager().authenticate(auth);
109 if (logger.isDebugEnabled())
110 {
111 logger.debug("Authentication success: " + auth.toString());
112 }
113 }
114
115 String token = auth.getCredentials().toString();
116 getCredentialsAccessor().setCredentials(event, token);
117
118 }
119
120 protected void doInitialise() throws InitialisationException
121 {
122
123 }
124 }
125