1
2
3
4
5
6
7
8
9
10
11 package org.mule.module.jaas.filters;
12
13 import org.mule.api.MuleEvent;
14 import org.mule.api.lifecycle.InitialisationException;
15 import org.mule.api.security.Authentication;
16 import org.mule.api.security.Credentials;
17 import org.mule.api.security.CredentialsNotSetException;
18 import org.mule.api.security.CryptoFailureException;
19 import org.mule.api.security.EncryptionStrategyNotFoundException;
20 import org.mule.api.security.SecurityContext;
21 import org.mule.api.security.SecurityException;
22 import org.mule.api.security.SecurityProviderNotFoundException;
23 import org.mule.api.security.UnauthorisedException;
24 import org.mule.api.security.UnknownAuthenticationTypeException;
25 import org.mule.config.i18n.CoreMessages;
26 import org.mule.module.jaas.JaasAuthentication;
27 import org.mule.security.AbstractEndpointSecurityFilter;
28 import org.mule.security.MuleCredentials;
29 import org.mule.security.MuleHeaderCredentialsAccessor;
30
31 public class JaasSecurityFilter extends AbstractEndpointSecurityFilter
32 {
33
34 public JaasSecurityFilter()
35 {
36 setCredentialsAccessor(new MuleHeaderCredentialsAccessor());
37 }
38
39 @Override
40 protected final void authenticateInbound(MuleEvent event)
41 throws SecurityException, CryptoFailureException, EncryptionStrategyNotFoundException,
42 UnknownAuthenticationTypeException
43 {
44 String userHeader = (String) getCredentialsAccessor().getCredentials(event);
45 if (userHeader == null)
46 {
47 throw new CredentialsNotSetException(event, event.getSession().getSecurityContext(),
48 event.getEndpoint(), this);
49 }
50
51 Credentials user = new MuleCredentials(userHeader, getSecurityManager());
52 Authentication authResult;
53 Authentication authentication = new JaasAuthentication(user);
54 try
55 {
56 authResult = getSecurityManager().authenticate(authentication);
57 }
58 catch (SecurityException se)
59 {
60
61 if (logger.isDebugEnabled())
62 {
63 logger.debug("Security Exception raised. Authentication request for user: " + user.getUsername()
64 + " failed: " + se.toString());
65 }
66 throw se;
67 }
68 catch (Exception e)
69 {
70
71 if (logger.isDebugEnabled())
72 {
73 logger.debug("Authentication request for user: " + user.getUsername()
74 + " failed: " + e.toString());
75 }
76 throw new UnauthorisedException(
77 CoreMessages.authFailedForUser(user.getUsername()), event, e);
78 }
79
80
81 if (logger.isDebugEnabled())
82 {
83 logger.debug("Authentication success: " + authResult.toString());
84 }
85
86 SecurityContext context = getSecurityManager().createSecurityContext(authResult);
87 context.setAuthentication(authResult);
88 event.getSession().setSecurityContext(context);
89 }
90
91 @Override
92 protected void authenticateOutbound(MuleEvent event)
93 throws SecurityException, SecurityProviderNotFoundException, CryptoFailureException
94 {
95 if (event.getSession().getSecurityContext() == null)
96 {
97 if (isAuthenticate())
98 {
99 throw new UnauthorisedException(event, event.getSession().getSecurityContext(),
100 event.getEndpoint(), this);
101 }
102 else
103 {
104 return;
105 }
106 }
107 Authentication auth = event.getSession().getSecurityContext().getAuthentication();
108 if (isAuthenticate())
109 {
110 auth = getSecurityManager().authenticate(auth);
111 if (logger.isDebugEnabled())
112 {
113 logger.debug("Authentication success: " + auth.toString());
114 }
115 }
116
117 String token = auth.getCredentials().toString();
118 getCredentialsAccessor().setCredentials(event, token);
119
120 }
121
122 @Override
123 protected void doInitialise() throws InitialisationException
124 {
125
126 }
127 }
128