View Javadoc

1   /*
2    * $Id: AbstractEndpointSecurityFilter.java 11517 2008-03-31 21:34:19Z dirk.olmes $
3    * --------------------------------------------------------------------------------------
4    * Copyright (c) MuleSource, Inc.  All rights reserved.  http://www.mulesource.com
5    *
6    * The software in this package is published under the terms of the CPAL v1.0
7    * license, a copy of which has been included with this distribution in the
8    * LICENSE.txt file.
9    */
10  
11  package org.mule.security;
12  
13  import org.mule.api.MuleContext;
14  import org.mule.api.MuleEvent;
15  import org.mule.api.MuleMessage;
16  import org.mule.api.context.MuleContextAware;
17  import org.mule.api.endpoint.ImmutableEndpoint;
18  import org.mule.api.endpoint.InboundEndpoint;
19  import org.mule.api.endpoint.OutboundEndpoint;
20  import org.mule.api.lifecycle.InitialisationException;
21  import org.mule.api.security.CredentialsAccessor;
22  import org.mule.api.security.CryptoFailureException;
23  import org.mule.api.security.EncryptionStrategyNotFoundException;
24  import org.mule.api.security.EndpointSecurityFilter;
25  import org.mule.api.security.SecurityException;
26  import org.mule.api.security.SecurityManager;
27  import org.mule.api.security.SecurityProvider;
28  import org.mule.api.security.SecurityProviderNotFoundException;
29  import org.mule.api.security.UnknownAuthenticationTypeException;
30  import org.mule.api.transformer.TransformerException;
31  import org.mule.config.i18n.CoreMessages;
32  import org.mule.transformer.TransformerTemplate;
33  import org.mule.util.StringUtils;
34  
35  import java.util.Arrays;
36  
37  import org.apache.commons.logging.Log;
38  import org.apache.commons.logging.LogFactory;
39  
40  /**
41   * <code>AbstractEndpointSecurityFilter</code> provides basic initialisation for
42   * all security filters, namely configuring the SecurityManager for this instance
43   */
44  
45  public abstract class AbstractEndpointSecurityFilter implements EndpointSecurityFilter, MuleContextAware
46  {
47  
48      protected transient Log logger = LogFactory.getLog(getClass());
49  
50      protected SecurityManager securityManager;
51      private String securityProviders;
52      protected ImmutableEndpoint endpoint;
53      private boolean inbound = false;
54      private boolean authenticate;
55      private CredentialsAccessor credentialsAccessor;
56      private boolean isInitialised = false;
57  
58      protected MuleContext muleContext;
59  
60      public void setMuleContext(MuleContext context)
61      {
62          this.muleContext = context;
63      }
64  
65      public final void initialise() throws InitialisationException
66      {
67          if (securityManager == null)
68          {
69              securityManager = muleContext.getSecurityManager();
70          }
71          if (securityManager == null)
72          {
73              throw new InitialisationException(CoreMessages.authSecurityManagerNotSet(), this);
74          }
75  
76          // This filter may only allow authentication on a subset of registered
77          // security providers
78          if (securityProviders != null)
79          {
80              SecurityManager localManager = new MuleSecurityManager();
81              String[] sp = StringUtils.splitAndTrim(securityProviders, ",");
82              for (int i = 0; i < sp.length; i++)
83              {
84                  SecurityProvider provider = securityManager.getProvider(sp[i]);
85                  if (provider != null)
86                  {
87                      localManager.addProvider(provider);
88                  }
89                  else
90                  {
91                      throw new InitialisationException(
92                              CoreMessages.objectNotRegistered(
93                                      "Security Provider", sp[i]), this);
94                  }
95              }
96              securityManager = localManager;
97          }
98      }
99  
100     protected final synchronized void lazyInit() throws InitialisationException
101     {
102         if (!isInitialised)
103         {
104             initialiseEndpoint();
105             isInitialised = true;
106         }
107     }
108 
109     protected final void initialiseEndpoint() throws InitialisationException
110     {
111         if (endpoint == null)
112         {
113             throw new InitialisationException(CoreMessages.objectIsNull("Endpoint"), this);
114         }
115 
116         if (endpoint instanceof InboundEndpoint)
117         {
118             inbound = true;
119         }
120         else if (endpoint instanceof OutboundEndpoint)
121         {
122             inbound = false;
123         }
124         else
125         {
126             throw new InitialisationException(CoreMessages.authEndpointMustSendOrReceive(), this);
127         }
128         doInitialise();
129     }
130 
131     public boolean isAuthenticate()
132     {
133         return authenticate;
134     }
135 
136     public void setAuthenticate(boolean authenticate)
137     {
138         this.authenticate = authenticate;
139     }
140 
141     /** @param manager  */
142     public void setSecurityManager(SecurityManager manager)
143     {
144         securityManager = manager;
145     }
146 
147     public SecurityManager getSecurityManager()
148     {
149         return securityManager;
150     }
151 
152     public String getSecurityProviders()
153     {
154         return securityProviders;
155     }
156 
157     public void setSecurityProviders(String providers)
158     {
159         securityProviders = providers;
160     }
161 
162     public ImmutableEndpoint getEndpoint()
163     {
164         return endpoint;
165     }
166 
167     public synchronized void setEndpoint(ImmutableEndpoint endpoint)
168     {
169         this.endpoint = endpoint;
170         isInitialised = false;
171     }
172 
173     public void authenticate(MuleEvent event)
174             throws SecurityException, UnknownAuthenticationTypeException, CryptoFailureException,
175             SecurityProviderNotFoundException, EncryptionStrategyNotFoundException,
176             InitialisationException
177     {
178         lazyInit();
179         if (inbound)
180         {
181             authenticateInbound(event);
182         }
183         else
184         {
185             authenticateOutbound(event);
186         }
187     }
188 
189     public CredentialsAccessor getCredentialsAccessor()
190     {
191         return credentialsAccessor;
192     }
193 
194     public void setCredentialsAccessor(CredentialsAccessor credentialsAccessor)
195     {
196         this.credentialsAccessor = credentialsAccessor;
197     }
198 
199     protected void updatePayload(MuleMessage message, final Object payload) throws TransformerException
200     {
201         TransformerTemplate trans = new TransformerTemplate(new TransformerTemplate.TransformerCallback()
202         {
203             public Object doTransform(MuleMessage message) throws Exception
204             {
205                 return payload;
206             }
207         });
208 
209         message.applyTransformers(Arrays.asList(new Object[]{trans}));
210     }
211 
212     protected abstract void authenticateInbound(MuleEvent event)
213             throws SecurityException, CryptoFailureException, SecurityProviderNotFoundException,
214             EncryptionStrategyNotFoundException, UnknownAuthenticationTypeException;
215 
216     protected abstract void authenticateOutbound(MuleEvent event)
217             throws SecurityException, SecurityProviderNotFoundException, CryptoFailureException;
218 
219     protected abstract void doInitialise() throws InitialisationException;
220 
221 }