View Javadoc

1   /*
2    * $Id: JaasSecurityFilter.java 19191 2010-08-25 21:05:23Z tcarlson $
3    * --------------------------------------------------------------------------------------
4    * Copyright (c) MuleSoft, Inc.  All rights reserved.  http://www.mulesoft.com
5    *
6    * The software in this package is published under the terms of the CPAL v1.0
7    * license, a copy of which has been included with this distribution in the
8    * LICENSE.txt file.
9    */
10  
11  package org.mule.module.jaas.filters;
12  
13  import org.mule.api.MuleEvent;
14  import org.mule.api.lifecycle.InitialisationException;
15  import org.mule.api.security.Authentication;
16  import org.mule.api.security.Credentials;
17  import org.mule.api.security.CredentialsNotSetException;
18  import org.mule.api.security.CryptoFailureException;
19  import org.mule.api.security.EncryptionStrategyNotFoundException;
20  import org.mule.api.security.SecurityContext;
21  import org.mule.api.security.SecurityException;
22  import org.mule.api.security.SecurityProviderNotFoundException;
23  import org.mule.api.security.UnauthorisedException;
24  import org.mule.api.security.UnknownAuthenticationTypeException;
25  import org.mule.config.i18n.CoreMessages;
26  import org.mule.module.jaas.JaasAuthentication;
27  import org.mule.security.AbstractEndpointSecurityFilter;
28  import org.mule.security.MuleCredentials;
29  import org.mule.security.MuleHeaderCredentialsAccessor;
30  
31  public class JaasSecurityFilter extends AbstractEndpointSecurityFilter
32  {
33  
34      public JaasSecurityFilter()
35      {
36          setCredentialsAccessor(new MuleHeaderCredentialsAccessor());
37      }
38  
39      @Override
40      protected final void authenticateInbound(MuleEvent event)
41          throws SecurityException, CryptoFailureException, EncryptionStrategyNotFoundException,
42          UnknownAuthenticationTypeException
43      {
44          String userHeader = (String) getCredentialsAccessor().getCredentials(event);
45          if (userHeader == null)
46          {
47              throw new CredentialsNotSetException(event, event.getSession().getSecurityContext(),
48                  event.getEndpoint(), this);
49          }
50  
51          Credentials user = new MuleCredentials(userHeader, getSecurityManager());
52          Authentication authResult;
53          Authentication authentication = new JaasAuthentication(user);
54          try
55          {
56              authResult = getSecurityManager().authenticate(authentication);
57          }
58          catch (SecurityException se)
59          {
60              // Security Exception occurred
61              if (logger.isDebugEnabled())
62              {
63                  logger.debug("Security Exception raised. Authentication request for user: " + user.getUsername() 
64                      + " failed: " + se.toString());
65              }
66              throw se;
67          }
68          catch (Exception e)
69          {
70              // Authentication failed
71              if (logger.isDebugEnabled())
72              {
73                  logger.debug("Authentication request for user: " + user.getUsername() 
74                      + " failed: " + e.toString());
75              }
76              throw new UnauthorisedException(
77                  CoreMessages.authFailedForUser(user.getUsername()), event, e);
78          }
79  
80          // Authentication success
81          if (logger.isDebugEnabled())
82          {
83              logger.debug("Authentication success: " + authResult.toString());
84          }
85  
86          SecurityContext context = getSecurityManager().createSecurityContext(authResult);
87          context.setAuthentication(authResult);
88          event.getSession().setSecurityContext(context);
89      }
90  
91      @Override
92      protected void authenticateOutbound(MuleEvent event)
93          throws SecurityException, SecurityProviderNotFoundException, CryptoFailureException
94      {
95          if (event.getSession().getSecurityContext() == null)
96          {
97              if (isAuthenticate())
98              {
99                  throw new UnauthorisedException(event, event.getSession().getSecurityContext(),
100                     event.getEndpoint(), this);
101             }
102             else
103             {
104                 return;
105             }
106         }
107         Authentication auth = event.getSession().getSecurityContext().getAuthentication();
108         if (isAuthenticate())
109         {
110             auth = getSecurityManager().authenticate(auth);
111             if (logger.isDebugEnabled())
112             {
113                 logger.debug("Authentication success: " + auth.toString());
114             }
115         }
116 
117         String token = auth.getCredentials().toString();
118         getCredentialsAccessor().setCredentials(event, token);
119 
120     }
121 
122     @Override
123     protected void doInitialise() throws InitialisationException
124     {
125         // empty constructor
126     }
127 }
128