1
2
3
4
5
6
7
8
9
10
11 package org.mule.security.filters;
12
13 import org.mule.api.EncryptionStrategy;
14 import org.mule.api.MuleEvent;
15 import org.mule.api.lifecycle.InitialisationException;
16 import org.mule.api.security.Authentication;
17 import org.mule.api.security.Credentials;
18 import org.mule.api.security.CredentialsNotSetException;
19 import org.mule.api.security.CryptoFailureException;
20 import org.mule.api.security.EncryptionStrategyNotFoundException;
21 import org.mule.api.security.SecurityContext;
22 import org.mule.api.security.SecurityException;
23 import org.mule.api.security.SecurityProviderNotFoundException;
24 import org.mule.api.security.UnauthorisedException;
25 import org.mule.api.security.UnknownAuthenticationTypeException;
26 import org.mule.config.i18n.CoreMessages;
27 import org.mule.security.AbstractEndpointSecurityFilter;
28 import org.mule.security.DefaultMuleAuthentication;
29 import org.mule.security.MuleCredentials;
30 import org.mule.security.MuleHeaderCredentialsAccessor;
31
32
33
34
35
36 public class MuleEncryptionEndpointSecurityFilter extends AbstractEndpointSecurityFilter
37 {
38 private EncryptionStrategy strategy;
39
40 public MuleEncryptionEndpointSecurityFilter()
41 {
42 setCredentialsAccessor(new MuleHeaderCredentialsAccessor());
43 }
44
45 @Override
46 protected final void authenticateInbound(MuleEvent event)
47 throws SecurityException, CryptoFailureException, EncryptionStrategyNotFoundException,
48 UnknownAuthenticationTypeException
49 {
50 String userHeader = (String) getCredentialsAccessor().getCredentials(event);
51 if (userHeader == null)
52 {
53 throw new CredentialsNotSetException(event, event.getSession().getSecurityContext(), this);
54 }
55
56 Credentials user = new MuleCredentials(userHeader, getSecurityManager());
57
58 Authentication authentication;
59 try
60 {
61 authentication = getSecurityManager().authenticate(new DefaultMuleAuthentication(user, event));
62 }
63 catch (Exception e)
64 {
65
66 if (logger.isDebugEnabled())
67 {
68 logger.debug("Authentication request for user: " + user.getUsername()
69 + " failed: " + e.toString());
70 }
71 throw new UnauthorisedException(
72 CoreMessages.authFailedForUser(user.getUsername()), event, e);
73 }
74
75
76 if (logger.isDebugEnabled())
77 {
78 logger.debug("Authentication success: " + authentication.toString());
79 }
80
81 SecurityContext context = getSecurityManager().createSecurityContext(authentication);
82 context.setAuthentication(authentication);
83 event.getSession().setSecurityContext(context);
84 }
85
86 @Override
87 protected void authenticateOutbound(MuleEvent event)
88 throws SecurityException, SecurityProviderNotFoundException, CryptoFailureException
89 {
90 SecurityContext securityContext = event.getSession().getSecurityContext();
91 if (securityContext == null)
92 {
93 if (isAuthenticate())
94 {
95 throw new UnauthorisedException(event, securityContext, this);
96 }
97 else
98 {
99 return;
100 }
101 }
102
103 Authentication auth = securityContext.getAuthentication();
104 if (isAuthenticate())
105 {
106 auth = getSecurityManager().authenticate(auth);
107 if (logger.isDebugEnabled())
108 {
109 logger.debug("Authentication success: " + auth.toString());
110 }
111 }
112
113 String token = auth.getCredentials().toString();
114 String header = new String(strategy.encrypt(token.getBytes(), null));
115 getCredentialsAccessor().setCredentials(event, header);
116
117 }
118
119 @Override
120 protected void doInitialise() throws InitialisationException
121 {
122 if (strategy == null)
123 {
124 throw new InitialisationException(CoreMessages.encryptionStrategyNotSet(), this);
125 }
126 }
127
128 public EncryptionStrategy getStrategy()
129 {
130 return strategy;
131 }
132
133 public void setStrategy(EncryptionStrategy strategy)
134 {
135 this.strategy = strategy;
136 }
137
138 }