Coverage Report - org.mule.module.jaas.filters.JaasSecurityFilter
 
Classes in this File Line Coverage Branch Coverage Complexity
JaasSecurityFilter
0%
0/38
0%
0/16
0
 
 1  
 /*
 2  
  * Copyright (c) MuleSoft, Inc.  All rights reserved.  http://www.mulesoft.com
 3  
  * The software in this package is published under the terms of the CPAL v1.0
 4  
  * license, a copy of which has been included with this distribution in the
 5  
  * LICENSE.txt file.
 6  
  */
 7  
 package org.mule.module.jaas.filters;
 8  
 
 9  
 import org.mule.api.MuleEvent;
 10  
 import org.mule.api.lifecycle.InitialisationException;
 11  
 import org.mule.api.security.Authentication;
 12  
 import org.mule.api.security.Credentials;
 13  
 import org.mule.api.security.CredentialsNotSetException;
 14  
 import org.mule.api.security.CryptoFailureException;
 15  
 import org.mule.api.security.EncryptionStrategyNotFoundException;
 16  
 import org.mule.api.security.SecurityContext;
 17  
 import org.mule.api.security.SecurityException;
 18  
 import org.mule.api.security.SecurityProviderNotFoundException;
 19  
 import org.mule.api.security.UnauthorisedException;
 20  
 import org.mule.api.security.UnknownAuthenticationTypeException;
 21  
 import org.mule.config.i18n.CoreMessages;
 22  
 import org.mule.module.jaas.JaasAuthentication;
 23  
 import org.mule.security.AbstractEndpointSecurityFilter;
 24  
 import org.mule.security.MuleCredentials;
 25  
 import org.mule.security.MuleHeaderCredentialsAccessor;
 26  
 
 27  
 public class JaasSecurityFilter extends AbstractEndpointSecurityFilter
 28  
 {
 29  
 
 30  
     public JaasSecurityFilter()
 31  0
     {
 32  0
         setCredentialsAccessor(new MuleHeaderCredentialsAccessor());
 33  0
     }
 34  
 
 35  
     @Override
 36  
     protected final void authenticateInbound(MuleEvent event)
 37  
         throws SecurityException, CryptoFailureException, EncryptionStrategyNotFoundException,
 38  
         UnknownAuthenticationTypeException
 39  
     {
 40  0
         String userHeader = (String) getCredentialsAccessor().getCredentials(event);
 41  0
         if (userHeader == null)
 42  
         {
 43  0
             throw new CredentialsNotSetException(event, event.getSession().getSecurityContext(), this);
 44  
         }
 45  
 
 46  0
         Credentials user = new MuleCredentials(userHeader, getSecurityManager());
 47  
         Authentication authResult;
 48  0
         Authentication authentication = new JaasAuthentication(user);
 49  
         try
 50  
         {
 51  0
             authResult = getSecurityManager().authenticate(authentication);
 52  
         }
 53  0
         catch (SecurityException se)
 54  
         {
 55  
             // Security Exception occurred
 56  0
             if (logger.isDebugEnabled())
 57  
             {
 58  0
                 logger.debug("Security Exception raised. Authentication request for user: " + user.getUsername()
 59  
                     + " failed: " + se.toString());
 60  
             }
 61  0
             throw se;
 62  
         }
 63  0
         catch (Exception e)
 64  
         {
 65  
             // Authentication failed
 66  0
             if (logger.isDebugEnabled())
 67  
             {
 68  0
                 logger.debug("Authentication request for user: " + user.getUsername()
 69  
                     + " failed: " + e.toString());
 70  
             }
 71  0
             throw new UnauthorisedException(
 72  
                 CoreMessages.authFailedForUser(user.getUsername()), event, e);
 73  0
         }
 74  
 
 75  
         // Authentication success
 76  0
         if (logger.isDebugEnabled())
 77  
         {
 78  0
             logger.debug("Authentication success: " + authResult.toString());
 79  
         }
 80  
 
 81  0
         SecurityContext context = getSecurityManager().createSecurityContext(authResult);
 82  0
         context.setAuthentication(authResult);
 83  0
         event.getSession().setSecurityContext(context);
 84  0
     }
 85  
 
 86  
     @Override
 87  
     protected void authenticateOutbound(MuleEvent event)
 88  
         throws SecurityException, SecurityProviderNotFoundException, CryptoFailureException
 89  
     {
 90  0
         SecurityContext securityContext = event.getSession().getSecurityContext();
 91  0
         if (securityContext == null)
 92  
         {
 93  0
             if (isAuthenticate())
 94  
             {
 95  0
                 throw new UnauthorisedException(event, securityContext, this);
 96  
             }
 97  
             else
 98  
             {
 99  0
                 return;
 100  
             }
 101  
         }
 102  
 
 103  0
         Authentication auth = securityContext.getAuthentication();
 104  0
         if (isAuthenticate())
 105  
         {
 106  0
             auth = getSecurityManager().authenticate(auth);
 107  0
             if (logger.isDebugEnabled())
 108  
             {
 109  0
                 logger.debug("Authentication success: " + auth.toString());
 110  
             }
 111  
         }
 112  
 
 113  0
         String token = auth.getCredentials().toString();
 114  0
         getCredentialsAccessor().setCredentials(event, token);
 115  
 
 116  0
     }
 117  
 
 118  
     @Override
 119  
     protected void doInitialise() throws InitialisationException
 120  
     {
 121  
         // empty constructor
 122  0
     }
 123  
 }
 124