View Javadoc
1   /*
2    * Copyright (c) MuleSoft, Inc.  All rights reserved.  http://www.mulesoft.com
3    * The software in this package is published under the terms of the CPAL v1.0
4    * license, a copy of which has been included with this distribution in the
5    * LICENSE.txt file.
6    */
7   package org.mule.security;
8   
9   import org.mule.api.EncryptionStrategy;
10  import org.mule.api.lifecycle.Initialisable;
11  import org.mule.api.lifecycle.InitialisationException;
12  import org.mule.api.lifecycle.LifecycleTransitionResult;
13  import org.mule.api.security.Authentication;
14  import org.mule.api.security.SecurityContext;
15  import org.mule.api.security.SecurityException;
16  import org.mule.api.security.SecurityManager;
17  import org.mule.api.security.SecurityProvider;
18  import org.mule.api.security.SecurityProviderNotFoundException;
19  import org.mule.api.security.UnauthorisedException;
20  import org.mule.api.security.UnknownAuthenticationTypeException;
21  import org.mule.config.i18n.CoreMessages;
22  
23  import java.util.ArrayList;
24  import java.util.Collection;
25  import java.util.Collections;
26  import java.util.Iterator;
27  import java.util.LinkedList;
28  import java.util.List;
29  import java.util.Map;
30  
31  import edu.emory.mathcs.backport.java.util.concurrent.ConcurrentHashMap;
32  
33  import org.apache.commons.logging.Log;
34  import org.apache.commons.logging.LogFactory;
35  
36  /**
37   * <code>MuleSecurityManager</code> is a default implementation security manager
38   * for a Mule instance.
39   */
40  
41  public class MuleSecurityManager implements SecurityManager
42  {
43      /**
44       * logger used by this class
45       */
46      protected static final Log logger = LogFactory.getLog(MuleSecurityManager.class);
47  
48      @SuppressWarnings("unchecked")
49      private Map<String, SecurityProvider> providers = new ConcurrentHashMap();
50  
51      @SuppressWarnings("unchecked")
52      private Map<String, EncryptionStrategy> cryptoStrategies = new ConcurrentHashMap();
53  
54      public MuleSecurityManager()
55      {
56          super();
57      }
58  
59      public void initialise() throws InitialisationException
60      {
61          List<Initialisable> all = new LinkedList<Initialisable>(providers.values());
62          // ordering: appends
63          all.addAll(cryptoStrategies.values());
64          LifecycleTransitionResult.initialiseAll(all.iterator());
65      }
66  
67      public Authentication authenticate(Authentication authentication)
68          throws SecurityException, SecurityProviderNotFoundException
69      {
70          Iterator<SecurityProvider> iter = providers.values().iterator();
71          Class<? extends Authentication> toTest = authentication.getClass();
72  
73          while (iter.hasNext())
74          {
75              SecurityProvider provider = iter.next();
76  
77              if (provider.supports(toTest))
78              {
79                  if (logger.isDebugEnabled())
80                  {
81                      logger.debug("Authentication attempt using " + provider.getClass().getName());
82                  }
83  
84                  Authentication result = null;
85                  try
86                  {
87                      result = provider.authenticate(authentication);
88                  }
89                  catch (Exception e)
90                  {
91                      if (!iter.hasNext())
92                      {
93                          throw new UnauthorisedException(CoreMessages.authorizationAttemptFailed(), e);
94                      }
95                  }
96  
97                  if (result != null)
98                  {
99                      return result;
100                 }
101             }
102         }
103 
104         throw new SecurityProviderNotFoundException(toTest.getName());
105     }
106 
107     public void addProvider(SecurityProvider provider)
108     {
109         if (getProvider(provider.getName()) != null)
110         {
111             throw new IllegalArgumentException("Provider already registered: " + provider.getName());
112         }
113         providers.put(provider.getName(), provider);
114     }
115 
116     public SecurityProvider getProvider(String name)
117     {
118         if (name == null)
119         {
120             throw new IllegalArgumentException("provider Name cannot be null");
121         }
122         return providers.get(name);
123     }
124 
125     public SecurityProvider removeProvider(String name)
126     {
127         return providers.remove(name);
128     }
129 
130     public Collection<SecurityProvider> getProviders()
131     {
132         ArrayList<SecurityProvider> providersList = new ArrayList<SecurityProvider>(providers.values());
133         return Collections.unmodifiableCollection(providersList);
134     }
135 
136     public void setProviders(Collection<SecurityProvider> providers)
137     {
138         for (SecurityProvider provider : providers)
139         {
140             addProvider(provider);
141         }
142     }
143 
144     public SecurityContext createSecurityContext(Authentication authentication)
145         throws UnknownAuthenticationTypeException
146     {
147         Iterator<SecurityProvider> iter = providers.values().iterator();
148         Class<? extends Authentication> toTest = authentication.getClass();
149 
150         while (iter.hasNext())
151         {
152             SecurityProvider provider = iter.next();
153             if (provider.supports(toTest))
154             {
155                 return provider.createSecurityContext(authentication);
156             }
157         }
158         throw new UnknownAuthenticationTypeException(authentication);
159     }
160 
161     public EncryptionStrategy getEncryptionStrategy(String name)
162     {
163         return cryptoStrategies.get(name);
164     }
165 
166     public void addEncryptionStrategy(EncryptionStrategy strategy)
167     {
168         cryptoStrategies.put(strategy.getName(), strategy);
169     }
170 
171     public EncryptionStrategy removeEncryptionStrategy(String name)
172     {
173         return cryptoStrategies.remove(name);
174     }
175 
176     public Collection<EncryptionStrategy> getEncryptionStrategies()
177     {
178         List<EncryptionStrategy> allStrategies = new ArrayList<EncryptionStrategy>(cryptoStrategies.values());
179         return Collections.unmodifiableCollection(allStrategies);
180     }
181 
182     public void setEncryptionStrategies(Collection<EncryptionStrategy> strategies)
183     {
184         for (EncryptionStrategy strategy : strategies)
185         {
186             addEncryptionStrategy(strategy);
187         }
188     }
189 }