Coverage Report - org.mule.security.UsernamePasswordAuthenticationFilter
 
Classes in this File Line Coverage Branch Coverage Complexity
UsernamePasswordAuthenticationFilter
0%
0/33
0%
0/8
0
 
 1  
 /*
 2  
  * Copyright (c) MuleSoft, Inc.  All rights reserved.  http://www.mulesoft.com
 3  
  * The software in this package is published under the terms of the CPAL v1.0
 4  
  * license, a copy of which has been included with this distribution in the
 5  
  * LICENSE.txt file.
 6  
  */
 7  
 package org.mule.security;
 8  
 
 9  
 import org.mule.api.MuleEvent;
 10  
 import org.mule.api.MuleMessage;
 11  
 import org.mule.api.expression.ExpressionManager;
 12  
 import org.mule.api.security.Authentication;
 13  
 import org.mule.api.security.SecurityContext;
 14  
 import org.mule.api.security.SecurityException;
 15  
 import org.mule.api.security.SecurityManager;
 16  
 import org.mule.api.security.SecurityProviderNotFoundException;
 17  
 import org.mule.api.security.UnauthorisedException;
 18  
 import org.mule.api.security.UnknownAuthenticationTypeException;
 19  
 import org.mule.config.i18n.CoreMessages;
 20  
 
 21  
 import org.apache.commons.logging.Log;
 22  
 import org.apache.commons.logging.LogFactory;
 23  
 
 24  
 /**
 25  
  * Performs authentication based on a username and password. The username and password are retrieved from the 
 26  
  * {@link MuleMessage} based on expressions specified via the username and password setters. These
 27  
  * are then used to create a DefaultMuleAuthentication object which is passed to the authenticate method of the
 28  
  * {@link SecurityManager}.
 29  
  */
 30  
 public class UsernamePasswordAuthenticationFilter extends AbstractAuthenticationFilter
 31  
 {
 32  
     /**
 33  
      * logger used by this class
 34  
      */
 35  0
     protected static final Log logger = LogFactory.getLog(UsernamePasswordAuthenticationFilter.class);
 36  
 
 37  0
     private String username = "#[header:inbound:username]";
 38  0
     private String password = "#[header:inbound:password]";
 39  
 
 40  
     public UsernamePasswordAuthenticationFilter()
 41  
     {
 42  0
         super();
 43  0
     }
 44  
 
 45  
     /**
 46  
      * Authenticates the current message.
 47  
      * 
 48  
      * @param event the current message recieved
 49  
      * @throws org.mule.api.security.SecurityException if authentication fails
 50  
      */
 51  
     @Override
 52  
     public void authenticateInbound(MuleEvent event)
 53  
         throws SecurityException, SecurityProviderNotFoundException, UnknownAuthenticationTypeException
 54  
     {
 55  0
         Authentication authentication = getAuthenticationToken(event);
 56  
         Authentication authResult;
 57  
         try
 58  
         {
 59  0
             authResult = getSecurityManager().authenticate(authentication);
 60  
         }
 61  0
         catch (UnauthorisedException e)
 62  
         {
 63  
             // Authentication failed
 64  0
             if (logger.isDebugEnabled())
 65  
             {
 66  0
                 logger.debug("Authentication request for user: " + username + " failed: " + e.toString());
 67  
             }
 68  0
             throw new UnauthorisedException(CoreMessages.authFailedForUser(authentication.getPrincipal().toString()), e);
 69  0
         }
 70  
 
 71  
         // Authentication success
 72  0
         if (logger.isDebugEnabled())
 73  
         {
 74  0
             logger.debug("Authentication success: " + authResult.toString());
 75  
         }
 76  
 
 77  0
         SecurityContext context = getSecurityManager().createSecurityContext(authResult);
 78  0
         context.setAuthentication(authResult);
 79  0
         event.getSession().setSecurityContext(context);
 80  
         
 81  0
     }
 82  
 
 83  
     protected Authentication getAuthenticationToken(MuleEvent event) throws UnauthorisedException
 84  
     {   
 85  0
         ExpressionManager expressionManager = event.getMuleContext().getExpressionManager();
 86  
         
 87  0
         Object usernameEval = expressionManager.evaluate(username, event.getMessage());
 88  0
         Object passwordEval = expressionManager.evaluate(password, event.getMessage());
 89  
      
 90  0
         if (usernameEval == null) {
 91  0
             throw new UnauthorisedException(CoreMessages.authNoCredentials());
 92  
         }
 93  
         
 94  0
         if (passwordEval == null) {
 95  0
             throw new UnauthorisedException(CoreMessages.authNoCredentials());
 96  
         }
 97  
         
 98  0
         return new DefaultMuleAuthentication(new MuleCredentials(usernameEval.toString(), passwordEval.toString().toCharArray()));
 99  
     }
 100  
     
 101  
 
 102  
     /**
 103  
      * Authenticates the current message if authenticate is set to true. This method
 104  
      * will always populate the secure context in the session
 105  
      * 
 106  
      * @param event the current event being dispatched
 107  
      * @throws org.mule.api.security.SecurityException if authentication fails
 108  
      */
 109  
     @Override
 110  
     public void authenticateOutbound(MuleEvent event)
 111  
         throws SecurityException, SecurityProviderNotFoundException
 112  
     {
 113  0
     }
 114  
 
 115  
     public String getUsername()
 116  
     {
 117  0
         return username;
 118  
     }
 119  
 
 120  
     public void setUsername(String username)
 121  
     {
 122  0
         this.username = username;
 123  0
     }
 124  
 
 125  
     public String getPassword()
 126  
     {
 127  0
         return password;
 128  
     }
 129  
 
 130  
     public void setPassword(String password)
 131  
     {
 132  0
         this.password = password;
 133  0
     }
 134  
 
 135  
 }