1
2
3
4
5
6
7 package org.mule.security.filters;
8
9 import org.mule.api.EncryptionStrategy;
10 import org.mule.api.MuleEvent;
11 import org.mule.api.lifecycle.InitialisationException;
12 import org.mule.api.security.Authentication;
13 import org.mule.api.security.Credentials;
14 import org.mule.api.security.CredentialsNotSetException;
15 import org.mule.api.security.CryptoFailureException;
16 import org.mule.api.security.EncryptionStrategyNotFoundException;
17 import org.mule.api.security.SecurityContext;
18 import org.mule.api.security.SecurityException;
19 import org.mule.api.security.SecurityProviderNotFoundException;
20 import org.mule.api.security.UnauthorisedException;
21 import org.mule.api.security.UnknownAuthenticationTypeException;
22 import org.mule.config.i18n.CoreMessages;
23 import org.mule.security.AbstractEndpointSecurityFilter;
24 import org.mule.security.DefaultMuleAuthentication;
25 import org.mule.security.MuleCredentials;
26 import org.mule.security.MuleHeaderCredentialsAccessor;
27
28
29
30
31
32 public class MuleEncryptionEndpointSecurityFilter extends AbstractEndpointSecurityFilter
33 {
34 private EncryptionStrategy strategy;
35
36 public MuleEncryptionEndpointSecurityFilter()
37 {
38 setCredentialsAccessor(new MuleHeaderCredentialsAccessor());
39 }
40
41 @Override
42 protected final void authenticateInbound(MuleEvent event)
43 throws SecurityException, CryptoFailureException, EncryptionStrategyNotFoundException,
44 UnknownAuthenticationTypeException
45 {
46 String userHeader = (String) getCredentialsAccessor().getCredentials(event);
47 if (userHeader == null)
48 {
49 throw new CredentialsNotSetException(event, event.getSession().getSecurityContext(), this);
50 }
51
52 Credentials user = new MuleCredentials(userHeader, getSecurityManager());
53
54 Authentication authentication;
55 try
56 {
57 authentication = getSecurityManager().authenticate(new DefaultMuleAuthentication(user));
58 }
59 catch (Exception e)
60 {
61
62 if (logger.isDebugEnabled())
63 {
64 logger.debug("Authentication request for user: " + user.getUsername()
65 + " failed: " + e.toString());
66 }
67 throw new UnauthorisedException(
68 CoreMessages.authFailedForUser(user.getUsername()), event, e);
69 }
70
71
72 if (logger.isDebugEnabled())
73 {
74 logger.debug("Authentication success: " + authentication.toString());
75 }
76
77 SecurityContext context = getSecurityManager().createSecurityContext(authentication);
78 context.setAuthentication(authentication);
79 event.getSession().setSecurityContext(context);
80 }
81
82 @Override
83 protected void authenticateOutbound(MuleEvent event)
84 throws SecurityException, SecurityProviderNotFoundException, CryptoFailureException
85 {
86 SecurityContext securityContext = event.getSession().getSecurityContext();
87 if (securityContext == null)
88 {
89 if (isAuthenticate())
90 {
91 throw new UnauthorisedException(event, securityContext, this);
92 }
93 else
94 {
95 return;
96 }
97 }
98
99 Authentication auth = securityContext.getAuthentication();
100 if (isAuthenticate())
101 {
102 auth = getSecurityManager().authenticate(auth);
103 if (logger.isDebugEnabled())
104 {
105 logger.debug("Authentication success: " + auth.toString());
106 }
107 }
108
109 String token = auth.getCredentials().toString();
110 String header = new String(strategy.encrypt(token.getBytes(), null));
111 getCredentialsAccessor().setCredentials(event, header);
112
113 }
114
115 @Override
116 protected void doInitialise() throws InitialisationException
117 {
118 if (strategy == null)
119 {
120 throw new InitialisationException(CoreMessages.encryptionStrategyNotSet(), this);
121 }
122 }
123
124 public EncryptionStrategy getStrategy()
125 {
126 return strategy;
127 }
128
129 public void setStrategy(EncryptionStrategy strategy)
130 {
131 this.strategy = strategy;
132 }
133
134 }