View Javadoc

1   /*
2    * $Id: AbstractEndpointSecurityFilter.java 19191 2010-08-25 21:05:23Z tcarlson $
3    * --------------------------------------------------------------------------------------
4    * Copyright (c) MuleSoft, Inc.  All rights reserved.  http://www.mulesoft.com
5    *
6    * The software in this package is published under the terms of the CPAL v1.0
7    * license, a copy of which has been included with this distribution in the
8    * LICENSE.txt file.
9    */
10  
11  package org.mule.security;
12  
13  import org.mule.api.MuleContext;
14  import org.mule.api.MuleEvent;
15  import org.mule.api.MuleException;
16  import org.mule.api.MuleMessage;
17  import org.mule.api.context.MuleContextAware;
18  import org.mule.api.endpoint.ImmutableEndpoint;
19  import org.mule.api.endpoint.InboundEndpoint;
20  import org.mule.api.endpoint.OutboundEndpoint;
21  import org.mule.api.lifecycle.InitialisationException;
22  import org.mule.api.security.CredentialsAccessor;
23  import org.mule.api.security.CryptoFailureException;
24  import org.mule.api.security.EncryptionStrategyNotFoundException;
25  import org.mule.api.security.EndpointSecurityFilter;
26  import org.mule.api.security.SecurityException;
27  import org.mule.api.security.SecurityManager;
28  import org.mule.api.security.SecurityProvider;
29  import org.mule.api.security.SecurityProviderNotFoundException;
30  import org.mule.api.security.UnknownAuthenticationTypeException;
31  import org.mule.config.i18n.CoreMessages;
32  import org.mule.transformer.TransformerTemplate;
33  import org.mule.util.StringUtils;
34  
35  import org.apache.commons.logging.Log;
36  import org.apache.commons.logging.LogFactory;
37  
38  /**
39   * <code>AbstractEndpointSecurityFilter</code> provides basic initialisation for
40   * all security filters, namely configuring the SecurityManager for this instance
41   */
42  
43  public abstract class AbstractEndpointSecurityFilter implements EndpointSecurityFilter, MuleContextAware
44  {
45  
46      protected transient Log logger = LogFactory.getLog(getClass());
47  
48      protected SecurityManager securityManager;
49      private String securityProviders;
50      protected ImmutableEndpoint endpoint;
51      private boolean inbound = false;
52      private boolean authenticate;
53      private CredentialsAccessor credentialsAccessor;
54      private boolean isInitialised = false;
55  
56      protected MuleContext muleContext;
57  
58      public void setMuleContext(MuleContext context)
59      {
60          this.muleContext = context;
61      }
62  
63      public final void initialise() throws InitialisationException
64      {
65          if (securityManager == null)
66          {
67              securityManager = muleContext.getSecurityManager();
68          }
69          if (securityManager == null)
70          {
71              throw new InitialisationException(CoreMessages.authSecurityManagerNotSet(), this);
72          }
73  
74          // This filter may only allow authentication on a subset of registered
75          // security providers
76          if (securityProviders != null)
77          {
78              SecurityManager localManager = new MuleSecurityManager();
79              String[] securityProviders = StringUtils.splitAndTrim(this.securityProviders, ",");
80              for (String sp : securityProviders)
81              {
82                  SecurityProvider provider = securityManager.getProvider(sp);
83                  if (provider != null)
84                  {
85                      localManager.addProvider(provider);
86                  }
87                  else
88                  {
89                      throw new InitialisationException(
90                              CoreMessages.objectNotRegistered(
91                                      "Security Provider", sp), this);
92                  }
93              }
94              securityManager = localManager;
95          }
96      }
97  
98      protected final synchronized void lazyInit(ImmutableEndpoint endpoint) throws InitialisationException
99      {
100         if (!isInitialised)
101         {
102             initialiseEndpoint(endpoint);
103             isInitialised = true;
104         }
105     }
106 
107     protected final void initialiseEndpoint(ImmutableEndpoint endpoint) throws InitialisationException
108     {
109         if (endpoint != null)
110         {
111             this.endpoint = endpoint;
112         }
113         else
114         {
115             throw new InitialisationException(CoreMessages.objectIsNull("Endpoint"), this);
116         }
117 
118         if (endpoint instanceof InboundEndpoint)
119         {
120             inbound = true;
121         }
122         else if (endpoint instanceof OutboundEndpoint)
123         {
124             inbound = false;
125         }
126         else
127         {
128             throw new InitialisationException(CoreMessages.authEndpointMustSendOrReceive(), this);
129         }
130         doInitialise();
131     }
132 
133     public boolean isAuthenticate()
134     {
135         return authenticate;
136     }
137 
138     public void setAuthenticate(boolean authenticate)
139     {
140         this.authenticate = authenticate;
141     }
142 
143     /** @param manager  */
144     public void setSecurityManager(SecurityManager manager)
145     {
146         securityManager = manager;
147     }
148 
149     public SecurityManager getSecurityManager()
150     {
151         return securityManager;
152     }
153 
154     public String getSecurityProviders()
155     {
156         return securityProviders;
157     }
158 
159     public void setSecurityProviders(String providers)
160     {
161         securityProviders = providers;
162     }
163 
164     public ImmutableEndpoint getEndpoint()
165     {
166         return endpoint;
167     }
168 
169     public synchronized void setEndpoint(ImmutableEndpoint endpoint)
170     {
171         this.endpoint = endpoint;
172         isInitialised = false;
173     }
174 
175     public void authenticate(MuleEvent event)
176             throws SecurityException, UnknownAuthenticationTypeException, CryptoFailureException,
177             SecurityProviderNotFoundException, EncryptionStrategyNotFoundException,
178             InitialisationException
179     {
180         lazyInit(event.getEndpoint());
181         if (inbound)
182         {
183             authenticateInbound(event);
184         }
185         else
186         {
187             authenticateOutbound(event);
188         }
189     }
190 
191     public CredentialsAccessor getCredentialsAccessor()
192     {
193         return credentialsAccessor;
194     }
195 
196     public void setCredentialsAccessor(CredentialsAccessor credentialsAccessor)
197     {
198         this.credentialsAccessor = credentialsAccessor;
199     }
200 
201     protected void updatePayload(MuleMessage message, final Object payload, MuleEvent event) throws MuleException
202     {
203         TransformerTemplate trans = new TransformerTemplate(new TransformerTemplate.TransformerCallback()
204         {
205             public Object doTransform(MuleMessage message) throws Exception
206             {
207                 return payload;
208             }
209         });
210 
211         message.applyTransformers(event, trans);
212     }
213 
214     protected abstract void authenticateInbound(MuleEvent event)
215             throws SecurityException, CryptoFailureException, SecurityProviderNotFoundException,
216             EncryptionStrategyNotFoundException, UnknownAuthenticationTypeException;
217 
218     protected abstract void authenticateOutbound(MuleEvent event)
219             throws SecurityException, SecurityProviderNotFoundException, CryptoFailureException;
220 
221     protected abstract void doInitialise() throws InitialisationException;
222 
223 }