1 | |
|
2 | |
|
3 | |
|
4 | |
|
5 | |
|
6 | |
|
7 | |
|
8 | |
|
9 | |
|
10 | |
|
11 | |
package org.mule.module.jaas.filters; |
12 | |
|
13 | |
import org.mule.api.MuleEvent; |
14 | |
import org.mule.api.lifecycle.InitialisationException; |
15 | |
import org.mule.api.security.Authentication; |
16 | |
import org.mule.api.security.Credentials; |
17 | |
import org.mule.api.security.CredentialsNotSetException; |
18 | |
import org.mule.api.security.CryptoFailureException; |
19 | |
import org.mule.api.security.EncryptionStrategyNotFoundException; |
20 | |
import org.mule.api.security.SecurityContext; |
21 | |
import org.mule.api.security.SecurityException; |
22 | |
import org.mule.api.security.SecurityProviderNotFoundException; |
23 | |
import org.mule.api.security.UnauthorisedException; |
24 | |
import org.mule.api.security.UnknownAuthenticationTypeException; |
25 | |
import org.mule.config.i18n.CoreMessages; |
26 | |
import org.mule.module.jaas.JaasAuthentication; |
27 | |
import org.mule.security.AbstractEndpointSecurityFilter; |
28 | |
import org.mule.security.MuleCredentials; |
29 | |
import org.mule.security.MuleHeaderCredentialsAccessor; |
30 | |
|
31 | |
public class JaasSecurityFilter extends AbstractEndpointSecurityFilter |
32 | |
{ |
33 | |
|
34 | |
public JaasSecurityFilter() |
35 | 0 | { |
36 | 0 | setCredentialsAccessor(new MuleHeaderCredentialsAccessor()); |
37 | 0 | } |
38 | |
|
39 | |
@Override |
40 | |
protected final void authenticateInbound(MuleEvent event) |
41 | |
throws SecurityException, CryptoFailureException, EncryptionStrategyNotFoundException, |
42 | |
UnknownAuthenticationTypeException |
43 | |
{ |
44 | 0 | String userHeader = (String) getCredentialsAccessor().getCredentials(event); |
45 | 0 | if (userHeader == null) |
46 | |
{ |
47 | 0 | throw new CredentialsNotSetException(event, event.getSession().getSecurityContext(), |
48 | |
event.getEndpoint(), this); |
49 | |
} |
50 | |
|
51 | 0 | Credentials user = new MuleCredentials(userHeader, getSecurityManager()); |
52 | |
Authentication authResult; |
53 | 0 | Authentication authentication = new JaasAuthentication(user); |
54 | |
try |
55 | |
{ |
56 | 0 | authResult = getSecurityManager().authenticate(authentication); |
57 | |
} |
58 | 0 | catch (SecurityException se) |
59 | |
{ |
60 | |
|
61 | 0 | if (logger.isDebugEnabled()) |
62 | |
{ |
63 | 0 | logger.debug("Security Exception raised. Authentication request for user: " + user.getUsername() |
64 | |
+ " failed: " + se.toString()); |
65 | |
} |
66 | 0 | throw se; |
67 | |
} |
68 | 0 | catch (Exception e) |
69 | |
{ |
70 | |
|
71 | 0 | if (logger.isDebugEnabled()) |
72 | |
{ |
73 | 0 | logger.debug("Authentication request for user: " + user.getUsername() |
74 | |
+ " failed: " + e.toString()); |
75 | |
} |
76 | 0 | throw new UnauthorisedException( |
77 | |
CoreMessages.authFailedForUser(user.getUsername()), event, e); |
78 | 0 | } |
79 | |
|
80 | |
|
81 | 0 | if (logger.isDebugEnabled()) |
82 | |
{ |
83 | 0 | logger.debug("Authentication success: " + authResult.toString()); |
84 | |
} |
85 | |
|
86 | 0 | SecurityContext context = getSecurityManager().createSecurityContext(authResult); |
87 | 0 | context.setAuthentication(authResult); |
88 | 0 | event.getSession().setSecurityContext(context); |
89 | 0 | } |
90 | |
|
91 | |
@Override |
92 | |
protected void authenticateOutbound(MuleEvent event) |
93 | |
throws SecurityException, SecurityProviderNotFoundException, CryptoFailureException |
94 | |
{ |
95 | 0 | if (event.getSession().getSecurityContext() == null) |
96 | |
{ |
97 | 0 | if (isAuthenticate()) |
98 | |
{ |
99 | 0 | throw new UnauthorisedException(event, event.getSession().getSecurityContext(), |
100 | |
event.getEndpoint(), this); |
101 | |
} |
102 | |
else |
103 | |
{ |
104 | 0 | return; |
105 | |
} |
106 | |
} |
107 | 0 | Authentication auth = event.getSession().getSecurityContext().getAuthentication(); |
108 | 0 | if (isAuthenticate()) |
109 | |
{ |
110 | 0 | auth = getSecurityManager().authenticate(auth); |
111 | 0 | if (logger.isDebugEnabled()) |
112 | |
{ |
113 | 0 | logger.debug("Authentication success: " + auth.toString()); |
114 | |
} |
115 | |
} |
116 | |
|
117 | 0 | String token = auth.getCredentials().toString(); |
118 | 0 | getCredentialsAccessor().setCredentials(event, token); |
119 | |
|
120 | 0 | } |
121 | |
|
122 | |
@Override |
123 | |
protected void doInitialise() throws InitialisationException |
124 | |
{ |
125 | |
|
126 | 0 | } |
127 | |
} |
128 | |
|