1 | |
|
2 | |
|
3 | |
|
4 | |
|
5 | |
|
6 | |
|
7 | |
package org.mule.security; |
8 | |
|
9 | |
import org.mule.api.EncryptionStrategy; |
10 | |
import org.mule.api.lifecycle.Initialisable; |
11 | |
import org.mule.api.lifecycle.InitialisationException; |
12 | |
import org.mule.api.lifecycle.LifecycleTransitionResult; |
13 | |
import org.mule.api.security.Authentication; |
14 | |
import org.mule.api.security.SecurityContext; |
15 | |
import org.mule.api.security.SecurityException; |
16 | |
import org.mule.api.security.SecurityManager; |
17 | |
import org.mule.api.security.SecurityProvider; |
18 | |
import org.mule.api.security.SecurityProviderNotFoundException; |
19 | |
import org.mule.api.security.UnauthorisedException; |
20 | |
import org.mule.api.security.UnknownAuthenticationTypeException; |
21 | |
import org.mule.config.i18n.CoreMessages; |
22 | |
|
23 | |
import java.util.ArrayList; |
24 | |
import java.util.Collection; |
25 | |
import java.util.Collections; |
26 | |
import java.util.Iterator; |
27 | |
import java.util.LinkedList; |
28 | |
import java.util.List; |
29 | |
import java.util.Map; |
30 | |
|
31 | |
import edu.emory.mathcs.backport.java.util.concurrent.ConcurrentHashMap; |
32 | |
|
33 | |
import org.apache.commons.logging.Log; |
34 | |
import org.apache.commons.logging.LogFactory; |
35 | |
|
36 | |
|
37 | |
|
38 | |
|
39 | |
|
40 | |
|
41 | |
public class MuleSecurityManager implements SecurityManager |
42 | |
{ |
43 | |
|
44 | |
|
45 | |
|
46 | 0 | protected static final Log logger = LogFactory.getLog(MuleSecurityManager.class); |
47 | |
|
48 | 0 | @SuppressWarnings("unchecked") |
49 | |
private Map<String, SecurityProvider> providers = new ConcurrentHashMap(); |
50 | |
|
51 | 0 | @SuppressWarnings("unchecked") |
52 | |
private Map<String, EncryptionStrategy> cryptoStrategies = new ConcurrentHashMap(); |
53 | |
|
54 | |
public MuleSecurityManager() |
55 | |
{ |
56 | 0 | super(); |
57 | 0 | } |
58 | |
|
59 | |
public void initialise() throws InitialisationException |
60 | |
{ |
61 | 0 | List<Initialisable> all = new LinkedList<Initialisable>(providers.values()); |
62 | |
|
63 | 0 | all.addAll(cryptoStrategies.values()); |
64 | 0 | LifecycleTransitionResult.initialiseAll(all.iterator()); |
65 | 0 | } |
66 | |
|
67 | |
public Authentication authenticate(Authentication authentication) |
68 | |
throws SecurityException, SecurityProviderNotFoundException |
69 | |
{ |
70 | 0 | Iterator<SecurityProvider> iter = providers.values().iterator(); |
71 | 0 | Class<? extends Authentication> toTest = authentication.getClass(); |
72 | |
|
73 | 0 | while (iter.hasNext()) |
74 | |
{ |
75 | 0 | SecurityProvider provider = iter.next(); |
76 | |
|
77 | 0 | if (provider.supports(toTest)) |
78 | |
{ |
79 | 0 | if (logger.isDebugEnabled()) |
80 | |
{ |
81 | 0 | logger.debug("Authentication attempt using " + provider.getClass().getName()); |
82 | |
} |
83 | |
|
84 | 0 | Authentication result = null; |
85 | |
try |
86 | |
{ |
87 | 0 | result = provider.authenticate(authentication); |
88 | |
} |
89 | 0 | catch (Exception e) |
90 | |
{ |
91 | 0 | if (!iter.hasNext()) |
92 | |
{ |
93 | 0 | throw new UnauthorisedException(CoreMessages.authorizationAttemptFailed(), e); |
94 | |
} |
95 | 0 | } |
96 | |
|
97 | 0 | if (result != null) |
98 | |
{ |
99 | 0 | return result; |
100 | |
} |
101 | |
} |
102 | 0 | } |
103 | |
|
104 | 0 | throw new SecurityProviderNotFoundException(toTest.getName()); |
105 | |
} |
106 | |
|
107 | |
public void addProvider(SecurityProvider provider) |
108 | |
{ |
109 | 0 | if (getProvider(provider.getName()) != null) |
110 | |
{ |
111 | 0 | throw new IllegalArgumentException("Provider already registered: " + provider.getName()); |
112 | |
} |
113 | 0 | providers.put(provider.getName(), provider); |
114 | 0 | } |
115 | |
|
116 | |
public SecurityProvider getProvider(String name) |
117 | |
{ |
118 | 0 | if (name == null) |
119 | |
{ |
120 | 0 | throw new IllegalArgumentException("provider Name cannot be null"); |
121 | |
} |
122 | 0 | return providers.get(name); |
123 | |
} |
124 | |
|
125 | |
public SecurityProvider removeProvider(String name) |
126 | |
{ |
127 | 0 | return providers.remove(name); |
128 | |
} |
129 | |
|
130 | |
public Collection<SecurityProvider> getProviders() |
131 | |
{ |
132 | 0 | ArrayList<SecurityProvider> providersList = new ArrayList<SecurityProvider>(providers.values()); |
133 | 0 | return Collections.unmodifiableCollection(providersList); |
134 | |
} |
135 | |
|
136 | |
public void setProviders(Collection<SecurityProvider> providers) |
137 | |
{ |
138 | 0 | for (SecurityProvider provider : providers) |
139 | |
{ |
140 | 0 | addProvider(provider); |
141 | |
} |
142 | 0 | } |
143 | |
|
144 | |
public SecurityContext createSecurityContext(Authentication authentication) |
145 | |
throws UnknownAuthenticationTypeException |
146 | |
{ |
147 | 0 | Iterator<SecurityProvider> iter = providers.values().iterator(); |
148 | 0 | Class<? extends Authentication> toTest = authentication.getClass(); |
149 | |
|
150 | 0 | while (iter.hasNext()) |
151 | |
{ |
152 | 0 | SecurityProvider provider = iter.next(); |
153 | 0 | if (provider.supports(toTest)) |
154 | |
{ |
155 | 0 | return provider.createSecurityContext(authentication); |
156 | |
} |
157 | 0 | } |
158 | 0 | throw new UnknownAuthenticationTypeException(authentication); |
159 | |
} |
160 | |
|
161 | |
public EncryptionStrategy getEncryptionStrategy(String name) |
162 | |
{ |
163 | 0 | return cryptoStrategies.get(name); |
164 | |
} |
165 | |
|
166 | |
public void addEncryptionStrategy(EncryptionStrategy strategy) |
167 | |
{ |
168 | 0 | cryptoStrategies.put(strategy.getName(), strategy); |
169 | 0 | } |
170 | |
|
171 | |
public EncryptionStrategy removeEncryptionStrategy(String name) |
172 | |
{ |
173 | 0 | return cryptoStrategies.remove(name); |
174 | |
} |
175 | |
|
176 | |
public Collection<EncryptionStrategy> getEncryptionStrategies() |
177 | |
{ |
178 | 0 | List<EncryptionStrategy> allStrategies = new ArrayList<EncryptionStrategy>(cryptoStrategies.values()); |
179 | 0 | return Collections.unmodifiableCollection(allStrategies); |
180 | |
} |
181 | |
|
182 | |
public void setEncryptionStrategies(Collection<EncryptionStrategy> strategies) |
183 | |
{ |
184 | 0 | for (EncryptionStrategy strategy : strategies) |
185 | |
{ |
186 | 0 | addEncryptionStrategy(strategy); |
187 | |
} |
188 | 0 | } |
189 | |
} |