1
2
3
4
5
6
7 package org.mule.module.jaas.filters;
8
9 import org.mule.api.MuleEvent;
10 import org.mule.api.lifecycle.InitialisationException;
11 import org.mule.api.security.Authentication;
12 import org.mule.api.security.Credentials;
13 import org.mule.api.security.CredentialsNotSetException;
14 import org.mule.api.security.CryptoFailureException;
15 import org.mule.api.security.EncryptionStrategyNotFoundException;
16 import org.mule.api.security.SecurityContext;
17 import org.mule.api.security.SecurityException;
18 import org.mule.api.security.SecurityProviderNotFoundException;
19 import org.mule.api.security.UnauthorisedException;
20 import org.mule.api.security.UnknownAuthenticationTypeException;
21 import org.mule.config.i18n.CoreMessages;
22 import org.mule.module.jaas.JaasAuthentication;
23 import org.mule.security.AbstractEndpointSecurityFilter;
24 import org.mule.security.MuleCredentials;
25 import org.mule.security.MuleHeaderCredentialsAccessor;
26
27 public class JaasSecurityFilter extends AbstractEndpointSecurityFilter
28 {
29
30 public JaasSecurityFilter()
31 {
32 setCredentialsAccessor(new MuleHeaderCredentialsAccessor());
33 }
34
35 @Override
36 protected final void authenticateInbound(MuleEvent event)
37 throws SecurityException, CryptoFailureException, EncryptionStrategyNotFoundException,
38 UnknownAuthenticationTypeException
39 {
40 String userHeader = (String) getCredentialsAccessor().getCredentials(event);
41 if (userHeader == null)
42 {
43 throw new CredentialsNotSetException(event, event.getSession().getSecurityContext(), this);
44 }
45
46 Credentials user = new MuleCredentials(userHeader, getSecurityManager());
47 Authentication authResult;
48 Authentication authentication = new JaasAuthentication(user);
49 try
50 {
51 authResult = getSecurityManager().authenticate(authentication);
52 }
53 catch (SecurityException se)
54 {
55
56 if (logger.isDebugEnabled())
57 {
58 logger.debug("Security Exception raised. Authentication request for user: " + user.getUsername()
59 + " failed: " + se.toString());
60 }
61 throw se;
62 }
63 catch (Exception e)
64 {
65
66 if (logger.isDebugEnabled())
67 {
68 logger.debug("Authentication request for user: " + user.getUsername()
69 + " failed: " + e.toString());
70 }
71 throw new UnauthorisedException(
72 CoreMessages.authFailedForUser(user.getUsername()), event, e);
73 }
74
75
76 if (logger.isDebugEnabled())
77 {
78 logger.debug("Authentication success: " + authResult.toString());
79 }
80
81 SecurityContext context = getSecurityManager().createSecurityContext(authResult);
82 context.setAuthentication(authResult);
83 event.getSession().setSecurityContext(context);
84 }
85
86 @Override
87 protected void authenticateOutbound(MuleEvent event)
88 throws SecurityException, SecurityProviderNotFoundException, CryptoFailureException
89 {
90 SecurityContext securityContext = event.getSession().getSecurityContext();
91 if (securityContext == null)
92 {
93 if (isAuthenticate())
94 {
95 throw new UnauthorisedException(event, securityContext, this);
96 }
97 else
98 {
99 return;
100 }
101 }
102
103 Authentication auth = securityContext.getAuthentication();
104 if (isAuthenticate())
105 {
106 auth = getSecurityManager().authenticate(auth);
107 if (logger.isDebugEnabled())
108 {
109 logger.debug("Authentication success: " + auth.toString());
110 }
111 }
112
113 String token = auth.getCredentials().toString();
114 getCredentialsAccessor().setCredentials(event, token);
115
116 }
117
118 @Override
119 protected void doInitialise() throws InitialisationException
120 {
121
122 }
123 }
124