1
2
3
4
5
6
7
8
9
10
11 package org.mule.module.jaas.filters;
12
13 import org.mule.api.MuleEvent;
14 import org.mule.api.lifecycle.InitialisationException;
15 import org.mule.api.security.Authentication;
16 import org.mule.api.security.Credentials;
17 import org.mule.api.security.CredentialsNotSetException;
18 import org.mule.api.security.CryptoFailureException;
19 import org.mule.api.security.EncryptionStrategyNotFoundException;
20 import org.mule.api.security.SecurityContext;
21 import org.mule.api.security.SecurityException;
22 import org.mule.api.security.SecurityProviderNotFoundException;
23 import org.mule.api.security.UnauthorisedException;
24 import org.mule.api.security.UnknownAuthenticationTypeException;
25 import org.mule.config.i18n.CoreMessages;
26 import org.mule.module.jaas.JaasAuthentication;
27 import org.mule.security.AbstractEndpointSecurityFilter;
28 import org.mule.security.MuleCredentials;
29 import org.mule.security.MuleHeaderCredentialsAccessor;
30
31 public class JaasSecurityFilter extends AbstractEndpointSecurityFilter
32 {
33
34 public JaasSecurityFilter()
35 {
36 setCredentialsAccessor(new MuleHeaderCredentialsAccessor());
37 }
38
39 @Override
40 protected final void authenticateInbound(MuleEvent event)
41 throws SecurityException, CryptoFailureException, EncryptionStrategyNotFoundException,
42 UnknownAuthenticationTypeException
43 {
44 String userHeader = (String) getCredentialsAccessor().getCredentials(event);
45 if (userHeader == null)
46 {
47 throw new CredentialsNotSetException(event, event.getSession().getSecurityContext(), this);
48 }
49
50 Credentials user = new MuleCredentials(userHeader, getSecurityManager());
51 Authentication authResult;
52 JaasAuthentication authentication = new JaasAuthentication(user);
53 authentication.setEvent(event);
54 try
55 {
56 authResult = getSecurityManager().authenticate(authentication);
57 }
58 catch (SecurityException se)
59 {
60
61 if (logger.isDebugEnabled())
62 {
63 logger.debug("Security Exception raised. Authentication request for user: " + user.getUsername()
64 + " failed: " + se.toString());
65 }
66 throw se;
67 }
68 catch (Exception e)
69 {
70
71 if (logger.isDebugEnabled())
72 {
73 logger.debug("Authentication request for user: " + user.getUsername()
74 + " failed: " + e.toString());
75 }
76 throw new UnauthorisedException(
77 CoreMessages.authFailedForUser(user.getUsername()), event, e);
78 }
79
80
81 if (logger.isDebugEnabled())
82 {
83 logger.debug("Authentication success: " + authResult.toString());
84 }
85
86 SecurityContext context = getSecurityManager().createSecurityContext(authResult);
87 context.setAuthentication(authResult);
88 event.getSession().setSecurityContext(context);
89 }
90
91 @Override
92 protected void authenticateOutbound(MuleEvent event)
93 throws SecurityException, SecurityProviderNotFoundException, CryptoFailureException
94 {
95 SecurityContext securityContext = event.getSession().getSecurityContext();
96 if (securityContext == null)
97 {
98 if (isAuthenticate())
99 {
100 throw new UnauthorisedException(event, securityContext, this);
101 }
102 else
103 {
104 return;
105 }
106 }
107
108 Authentication auth = securityContext.getAuthentication();
109 if (isAuthenticate())
110 {
111 auth = getSecurityManager().authenticate(auth);
112 if (logger.isDebugEnabled())
113 {
114 logger.debug("Authentication success: " + auth.toString());
115 }
116 }
117
118 String token = auth.getCredentials().toString();
119 getCredentialsAccessor().setCredentials(event, token);
120
121 }
122
123 @Override
124 protected void doInitialise() throws InitialisationException
125 {
126
127 }
128 }
129