1
2
3
4
5
6
7
8
9
10
11 package org.mule.security;
12
13 import org.mule.api.EncryptionStrategy;
14 import org.mule.api.lifecycle.Initialisable;
15 import org.mule.api.lifecycle.InitialisationException;
16 import org.mule.api.lifecycle.LifecycleTransitionResult;
17 import org.mule.api.security.Authentication;
18 import org.mule.api.security.SecurityContext;
19 import org.mule.api.security.SecurityException;
20 import org.mule.api.security.SecurityManager;
21 import org.mule.api.security.SecurityProvider;
22 import org.mule.api.security.SecurityProviderNotFoundException;
23 import org.mule.api.security.UnauthorisedException;
24 import org.mule.api.security.UnknownAuthenticationTypeException;
25 import org.mule.config.i18n.CoreMessages;
26
27 import java.util.ArrayList;
28 import java.util.Collection;
29 import java.util.Collections;
30 import java.util.Iterator;
31 import java.util.LinkedList;
32 import java.util.List;
33 import java.util.Map;
34 import java.util.concurrent.ConcurrentHashMap;
35
36 import org.apache.commons.logging.Log;
37 import org.apache.commons.logging.LogFactory;
38
39
40
41
42
43
44 public class MuleSecurityManager implements SecurityManager
45 {
46
47
48
49 protected static final Log logger = LogFactory.getLog(MuleSecurityManager.class);
50
51 @SuppressWarnings("unchecked")
52 private Map<String, SecurityProvider> providers = new ConcurrentHashMap();
53
54 @SuppressWarnings("unchecked")
55 private Map<String, EncryptionStrategy> cryptoStrategies = new ConcurrentHashMap();
56
57 public MuleSecurityManager()
58 {
59 super();
60 }
61
62 public void initialise() throws InitialisationException
63 {
64 List<Initialisable> all = new LinkedList<Initialisable>(providers.values());
65
66 all.addAll(cryptoStrategies.values());
67 LifecycleTransitionResult.initialiseAll(all.iterator());
68 }
69
70 public Authentication authenticate(Authentication authentication)
71 throws SecurityException, SecurityProviderNotFoundException
72 {
73 Iterator<SecurityProvider> iter = providers.values().iterator();
74 Class<? extends Authentication> toTest = authentication.getClass();
75
76 while (iter.hasNext())
77 {
78 SecurityProvider provider = iter.next();
79
80 if (provider.supports(toTest))
81 {
82 if (logger.isDebugEnabled())
83 {
84 logger.debug("Authentication attempt using " + provider.getClass().getName());
85 }
86
87 Authentication result = null;
88 try
89 {
90 result = provider.authenticate(authentication);
91 }
92 catch (Exception e)
93 {
94 if (!iter.hasNext())
95 {
96 throw new UnauthorisedException(CoreMessages.authorizationAttemptFailed(), e);
97 }
98 }
99
100 if (result != null)
101 {
102 return result;
103 }
104 }
105 }
106
107 throw new SecurityProviderNotFoundException(toTest.getName());
108 }
109
110 public void addProvider(SecurityProvider provider)
111 {
112 if (getProvider(provider.getName()) != null)
113 {
114 throw new IllegalArgumentException("Provider already registered: " + provider.getName());
115 }
116 providers.put(provider.getName(), provider);
117 }
118
119 public SecurityProvider getProvider(String name)
120 {
121 if (name == null)
122 {
123 throw new IllegalArgumentException("provider Name cannot be null");
124 }
125 return providers.get(name);
126 }
127
128 public SecurityProvider removeProvider(String name)
129 {
130 return providers.remove(name);
131 }
132
133 public Collection<SecurityProvider> getProviders()
134 {
135 ArrayList<SecurityProvider> providersList = new ArrayList<SecurityProvider>(providers.values());
136 return Collections.unmodifiableCollection(providersList);
137 }
138
139 public void setProviders(Collection<SecurityProvider> providers)
140 {
141 for (SecurityProvider provider : providers)
142 {
143 addProvider(provider);
144 }
145 }
146
147 public SecurityContext createSecurityContext(Authentication authentication)
148 throws UnknownAuthenticationTypeException
149 {
150 Iterator<SecurityProvider> iter = providers.values().iterator();
151 Class<? extends Authentication> toTest = authentication.getClass();
152
153 while (iter.hasNext())
154 {
155 SecurityProvider provider = iter.next();
156 if (provider.supports(toTest))
157 {
158 return provider.createSecurityContext(authentication);
159 }
160 }
161 throw new UnknownAuthenticationTypeException(authentication);
162 }
163
164 public EncryptionStrategy getEncryptionStrategy(String name)
165 {
166 return cryptoStrategies.get(name);
167 }
168
169 public void addEncryptionStrategy(EncryptionStrategy strategy)
170 {
171 cryptoStrategies.put(strategy.getName(), strategy);
172 }
173
174 public EncryptionStrategy removeEncryptionStrategy(String name)
175 {
176 return cryptoStrategies.remove(name);
177 }
178
179 public Collection<EncryptionStrategy> getEncryptionStrategies()
180 {
181 List<EncryptionStrategy> allStrategies = new ArrayList<EncryptionStrategy>(cryptoStrategies.values());
182 return Collections.unmodifiableCollection(allStrategies);
183 }
184
185 public void setEncryptionStrategies(Collection<EncryptionStrategy> strategies)
186 {
187 for (EncryptionStrategy strategy : strategies)
188 {
189 addEncryptionStrategy(strategy);
190 }
191 }
192 }