View Javadoc

1   /*
2    * $Id: JaasSecurityFilter.java 22370 2011-07-11 08:31:38Z dirk.olmes $
3    * --------------------------------------------------------------------------------------
4    * Copyright (c) MuleSoft, Inc.  All rights reserved.  http://www.mulesoft.com
5    *
6    * The software in this package is published under the terms of the CPAL v1.0
7    * license, a copy of which has been included with this distribution in the
8    * LICENSE.txt file.
9    */
10  
11  package org.mule.module.jaas.filters;
12  
13  import org.mule.api.MuleEvent;
14  import org.mule.api.lifecycle.InitialisationException;
15  import org.mule.api.security.Authentication;
16  import org.mule.api.security.Credentials;
17  import org.mule.api.security.CredentialsNotSetException;
18  import org.mule.api.security.CryptoFailureException;
19  import org.mule.api.security.EncryptionStrategyNotFoundException;
20  import org.mule.api.security.SecurityContext;
21  import org.mule.api.security.SecurityException;
22  import org.mule.api.security.SecurityProviderNotFoundException;
23  import org.mule.api.security.UnauthorisedException;
24  import org.mule.api.security.UnknownAuthenticationTypeException;
25  import org.mule.config.i18n.CoreMessages;
26  import org.mule.module.jaas.JaasAuthentication;
27  import org.mule.security.AbstractEndpointSecurityFilter;
28  import org.mule.security.MuleCredentials;
29  import org.mule.security.MuleHeaderCredentialsAccessor;
30  
31  public class JaasSecurityFilter extends AbstractEndpointSecurityFilter
32  {
33  
34      public JaasSecurityFilter()
35      {
36          setCredentialsAccessor(new MuleHeaderCredentialsAccessor());
37      }
38  
39      @Override
40      protected final void authenticateInbound(MuleEvent event)
41          throws SecurityException, CryptoFailureException, EncryptionStrategyNotFoundException,
42          UnknownAuthenticationTypeException
43      {
44          String userHeader = (String) getCredentialsAccessor().getCredentials(event);
45          if (userHeader == null)
46          {
47              throw new CredentialsNotSetException(event, event.getSession().getSecurityContext(), this);
48          }
49  
50          Credentials user = new MuleCredentials(userHeader, getSecurityManager());
51          Authentication authResult;
52          JaasAuthentication authentication = new JaasAuthentication(user);
53          authentication.setEvent(event);
54          try
55          {
56              authResult = getSecurityManager().authenticate(authentication);
57          }
58          catch (SecurityException se)
59          {
60              // Security Exception occurred
61              if (logger.isDebugEnabled())
62              {
63                  logger.debug("Security Exception raised. Authentication request for user: " + user.getUsername()
64                      + " failed: " + se.toString());
65              }
66              throw se;
67          }
68          catch (Exception e)
69          {
70              // Authentication failed
71              if (logger.isDebugEnabled())
72              {
73                  logger.debug("Authentication request for user: " + user.getUsername()
74                      + " failed: " + e.toString());
75              }
76              throw new UnauthorisedException(
77                  CoreMessages.authFailedForUser(user.getUsername()), event, e);
78          }
79  
80          // Authentication success
81          if (logger.isDebugEnabled())
82          {
83              logger.debug("Authentication success: " + authResult.toString());
84          }
85  
86          SecurityContext context = getSecurityManager().createSecurityContext(authResult);
87          context.setAuthentication(authResult);
88          event.getSession().setSecurityContext(context);
89      }
90  
91      @Override
92      protected void authenticateOutbound(MuleEvent event)
93          throws SecurityException, SecurityProviderNotFoundException, CryptoFailureException
94      {
95          SecurityContext securityContext = event.getSession().getSecurityContext();
96          if (securityContext == null)
97          {
98              if (isAuthenticate())
99              {
100                 throw new UnauthorisedException(event, securityContext, this);
101             }
102             else
103             {
104                 return;
105             }
106         }
107 
108         Authentication auth = securityContext.getAuthentication();
109         if (isAuthenticate())
110         {
111             auth = getSecurityManager().authenticate(auth);
112             if (logger.isDebugEnabled())
113             {
114                 logger.debug("Authentication success: " + auth.toString());
115             }
116         }
117 
118         String token = auth.getCredentials().toString();
119         getCredentialsAccessor().setCredentials(event, token);
120 
121     }
122 
123     @Override
124     protected void doInitialise() throws InitialisationException
125     {
126         // empty constructor
127     }
128 }
129