1
2
3
4
5
6
7
8
9
10
11 package org.mule.security;
12
13 import org.mule.api.MuleContext;
14 import org.mule.api.MuleEvent;
15 import org.mule.api.MuleMessage;
16 import org.mule.api.context.MuleContextAware;
17 import org.mule.api.endpoint.ImmutableEndpoint;
18 import org.mule.api.endpoint.InboundEndpoint;
19 import org.mule.api.endpoint.OutboundEndpoint;
20 import org.mule.api.lifecycle.InitialisationException;
21 import org.mule.api.security.CredentialsAccessor;
22 import org.mule.api.security.CryptoFailureException;
23 import org.mule.api.security.EncryptionStrategyNotFoundException;
24 import org.mule.api.security.EndpointSecurityFilter;
25 import org.mule.api.security.SecurityException;
26 import org.mule.api.security.SecurityManager;
27 import org.mule.api.security.SecurityProvider;
28 import org.mule.api.security.SecurityProviderNotFoundException;
29 import org.mule.api.security.UnknownAuthenticationTypeException;
30 import org.mule.api.transformer.TransformerException;
31 import org.mule.config.i18n.CoreMessages;
32 import org.mule.transformer.TransformerTemplate;
33 import org.mule.util.StringUtils;
34
35 import java.util.Arrays;
36
37 import org.apache.commons.logging.Log;
38 import org.apache.commons.logging.LogFactory;
39
40
41
42
43
44
45 public abstract class AbstractEndpointSecurityFilter implements EndpointSecurityFilter, MuleContextAware
46 {
47
48 protected transient Log logger = LogFactory.getLog(getClass());
49
50 protected SecurityManager securityManager;
51 private String securityProviders;
52 protected ImmutableEndpoint endpoint;
53 private boolean inbound = false;
54 private boolean authenticate;
55 private CredentialsAccessor credentialsAccessor;
56 private boolean isInitialised = false;
57
58 protected MuleContext muleContext;
59
60 public void setMuleContext(MuleContext context)
61 {
62 this.muleContext = context;
63 }
64
65 public final void initialise() throws InitialisationException
66 {
67 if (securityManager == null)
68 {
69 securityManager = muleContext.getSecurityManager();
70 }
71 if (securityManager == null)
72 {
73 throw new InitialisationException(CoreMessages.authSecurityManagerNotSet(), this);
74 }
75
76
77
78 if (securityProviders != null)
79 {
80 SecurityManager localManager = new MuleSecurityManager();
81 String[] sp = StringUtils.splitAndTrim(securityProviders, ",");
82 for (int i = 0; i < sp.length; i++)
83 {
84 SecurityProvider provider = securityManager.getProvider(sp[i]);
85 if (provider != null)
86 {
87 localManager.addProvider(provider);
88 }
89 else
90 {
91 throw new InitialisationException(
92 CoreMessages.objectNotRegistered(
93 "Security Provider", sp[i]), this);
94 }
95 }
96 securityManager = localManager;
97 }
98 }
99
100 protected final synchronized void lazyInit() throws InitialisationException
101 {
102 if (!isInitialised)
103 {
104 initialiseEndpoint();
105 isInitialised = true;
106 }
107 }
108
109 protected final void initialiseEndpoint() throws InitialisationException
110 {
111 if (endpoint == null)
112 {
113 throw new InitialisationException(CoreMessages.objectIsNull("Endpoint"), this);
114 }
115
116 if (endpoint instanceof InboundEndpoint)
117 {
118 inbound = true;
119 }
120 else if (endpoint instanceof OutboundEndpoint)
121 {
122 inbound = false;
123 }
124 else
125 {
126 throw new InitialisationException(CoreMessages.authEndpointMustSendOrReceive(), this);
127 }
128 doInitialise();
129 }
130
131 public boolean isAuthenticate()
132 {
133 return authenticate;
134 }
135
136 public void setAuthenticate(boolean authenticate)
137 {
138 this.authenticate = authenticate;
139 }
140
141
142 public void setSecurityManager(SecurityManager manager)
143 {
144 securityManager = manager;
145 }
146
147 public SecurityManager getSecurityManager()
148 {
149 return securityManager;
150 }
151
152 public String getSecurityProviders()
153 {
154 return securityProviders;
155 }
156
157 public void setSecurityProviders(String providers)
158 {
159 securityProviders = providers;
160 }
161
162 public ImmutableEndpoint getEndpoint()
163 {
164 return endpoint;
165 }
166
167 public synchronized void setEndpoint(ImmutableEndpoint endpoint)
168 {
169 this.endpoint = endpoint;
170 isInitialised = false;
171 }
172
173 public void authenticate(MuleEvent event)
174 throws SecurityException, UnknownAuthenticationTypeException, CryptoFailureException,
175 SecurityProviderNotFoundException, EncryptionStrategyNotFoundException,
176 InitialisationException
177 {
178 lazyInit();
179 if (inbound)
180 {
181 authenticateInbound(event);
182 }
183 else
184 {
185 authenticateOutbound(event);
186 }
187 }
188
189 public CredentialsAccessor getCredentialsAccessor()
190 {
191 return credentialsAccessor;
192 }
193
194 public void setCredentialsAccessor(CredentialsAccessor credentialsAccessor)
195 {
196 this.credentialsAccessor = credentialsAccessor;
197 }
198
199 protected void updatePayload(MuleMessage message, final Object payload) throws TransformerException
200 {
201 TransformerTemplate trans = new TransformerTemplate(new TransformerTemplate.TransformerCallback()
202 {
203 public Object doTransform(MuleMessage message) throws Exception
204 {
205 return payload;
206 }
207 });
208
209 message.applyTransformers(Arrays.asList(new Object[]{trans}));
210 }
211
212 protected abstract void authenticateInbound(MuleEvent event)
213 throws SecurityException, CryptoFailureException, SecurityProviderNotFoundException,
214 EncryptionStrategyNotFoundException, UnknownAuthenticationTypeException;
215
216 protected abstract void authenticateOutbound(MuleEvent event)
217 throws SecurityException, SecurityProviderNotFoundException, CryptoFailureException;
218
219 protected abstract void doInitialise() throws InitialisationException;
220
221 }