View Javadoc
1   /*
2    * Copyright (c) MuleSoft, Inc.  All rights reserved.  http://www.mulesoft.com
3    * The software in this package is published under the terms of the CPAL v1.0
4    * license, a copy of which has been included with this distribution in the
5    * LICENSE.txt file.
6    */
7   package org.mule.module.jaas.filters;
8   
9   import org.mule.api.MuleEvent;
10  import org.mule.api.lifecycle.InitialisationException;
11  import org.mule.api.security.Authentication;
12  import org.mule.api.security.Credentials;
13  import org.mule.api.security.CredentialsNotSetException;
14  import org.mule.api.security.CryptoFailureException;
15  import org.mule.api.security.EncryptionStrategyNotFoundException;
16  import org.mule.api.security.SecurityContext;
17  import org.mule.api.security.SecurityException;
18  import org.mule.api.security.SecurityProviderNotFoundException;
19  import org.mule.api.security.UnauthorisedException;
20  import org.mule.api.security.UnknownAuthenticationTypeException;
21  import org.mule.config.i18n.CoreMessages;
22  import org.mule.module.jaas.JaasAuthentication;
23  import org.mule.security.AbstractEndpointSecurityFilter;
24  import org.mule.security.MuleCredentials;
25  import org.mule.security.MuleHeaderCredentialsAccessor;
26  
27  public class JaasSecurityFilter extends AbstractEndpointSecurityFilter
28  {
29  
30      public JaasSecurityFilter()
31      {
32          setCredentialsAccessor(new MuleHeaderCredentialsAccessor());
33      }
34  
35      @Override
36      protected final void authenticateInbound(MuleEvent event)
37          throws SecurityException, CryptoFailureException, EncryptionStrategyNotFoundException,
38          UnknownAuthenticationTypeException
39      {
40          String userHeader = (String) getCredentialsAccessor().getCredentials(event);
41          if (userHeader == null)
42          {
43              throw new CredentialsNotSetException(event, event.getSession().getSecurityContext(), this);
44          }
45  
46          Credentials user = new MuleCredentials(userHeader, getSecurityManager());
47          Authentication authResult;
48          Authentication authentication = new JaasAuthentication(user);
49          try
50          {
51              authResult = getSecurityManager().authenticate(authentication);
52          }
53          catch (SecurityException se)
54          {
55              // Security Exception occurred
56              if (logger.isDebugEnabled())
57              {
58                  logger.debug("Security Exception raised. Authentication request for user: " + user.getUsername()
59                      + " failed: " + se.toString());
60              }
61              throw se;
62          }
63          catch (Exception e)
64          {
65              // Authentication failed
66              if (logger.isDebugEnabled())
67              {
68                  logger.debug("Authentication request for user: " + user.getUsername()
69                      + " failed: " + e.toString());
70              }
71              throw new UnauthorisedException(
72                  CoreMessages.authFailedForUser(user.getUsername()), event, e);
73          }
74  
75          // Authentication success
76          if (logger.isDebugEnabled())
77          {
78              logger.debug("Authentication success: " + authResult.toString());
79          }
80  
81          SecurityContext context = getSecurityManager().createSecurityContext(authResult);
82          context.setAuthentication(authResult);
83          event.getSession().setSecurityContext(context);
84      }
85  
86      @Override
87      protected void authenticateOutbound(MuleEvent event)
88          throws SecurityException, SecurityProviderNotFoundException, CryptoFailureException
89      {
90          SecurityContext securityContext = event.getSession().getSecurityContext();
91          if (securityContext == null)
92          {
93              if (isAuthenticate())
94              {
95                  throw new UnauthorisedException(event, securityContext, this);
96              }
97              else
98              {
99                  return;
100             }
101         }
102 
103         Authentication auth = securityContext.getAuthentication();
104         if (isAuthenticate())
105         {
106             auth = getSecurityManager().authenticate(auth);
107             if (logger.isDebugEnabled())
108             {
109                 logger.debug("Authentication success: " + auth.toString());
110             }
111         }
112 
113         String token = auth.getCredentials().toString();
114         getCredentialsAccessor().setCredentials(event, token);
115 
116     }
117 
118     @Override
119     protected void doInitialise() throws InitialisationException
120     {
121         // empty constructor
122     }
123 }
124