View Javadoc

1   /*
2    * $Id: MuleSecurityManager.java 21939 2011-05-18 13:32:09Z aperepel $
3    * --------------------------------------------------------------------------------------
4    * Copyright (c) MuleSoft, Inc.  All rights reserved.  http://www.mulesoft.com
5    *
6    * The software in this package is published under the terms of the CPAL v1.0
7    * license, a copy of which has been included with this distribution in the
8    * LICENSE.txt file.
9    */
10  
11  package org.mule.security;
12  
13  import org.mule.api.EncryptionStrategy;
14  import org.mule.api.lifecycle.Initialisable;
15  import org.mule.api.lifecycle.InitialisationException;
16  import org.mule.api.lifecycle.LifecycleTransitionResult;
17  import org.mule.api.security.Authentication;
18  import org.mule.api.security.SecurityContext;
19  import org.mule.api.security.SecurityException;
20  import org.mule.api.security.SecurityManager;
21  import org.mule.api.security.SecurityProvider;
22  import org.mule.api.security.SecurityProviderNotFoundException;
23  import org.mule.api.security.UnauthorisedException;
24  import org.mule.api.security.UnknownAuthenticationTypeException;
25  import org.mule.config.i18n.CoreMessages;
26  
27  import java.util.ArrayList;
28  import java.util.Collection;
29  import java.util.Collections;
30  import java.util.Iterator;
31  import java.util.LinkedList;
32  import java.util.List;
33  import java.util.Map;
34  import java.util.concurrent.ConcurrentHashMap;
35  
36  import org.apache.commons.logging.Log;
37  import org.apache.commons.logging.LogFactory;
38  
39  /**
40   * <code>MuleSecurityManager</code> is a default implementation security manager
41   * for a Mule instance.
42   */
43  
44  public class MuleSecurityManager implements SecurityManager
45  {
46      /**
47       * logger used by this class
48       */
49      protected static final Log logger = LogFactory.getLog(MuleSecurityManager.class);
50  
51      @SuppressWarnings("unchecked")
52      private Map<String, SecurityProvider> providers = new ConcurrentHashMap();
53  
54      @SuppressWarnings("unchecked")
55      private Map<String, EncryptionStrategy> cryptoStrategies = new ConcurrentHashMap();
56  
57      public MuleSecurityManager()
58      {
59          super();
60      }
61  
62      public void initialise() throws InitialisationException
63      {
64          List<Initialisable> all = new LinkedList<Initialisable>(providers.values());
65          // ordering: appends
66          all.addAll(cryptoStrategies.values());
67          LifecycleTransitionResult.initialiseAll(all.iterator());
68      }
69  
70      public Authentication authenticate(Authentication authentication)
71          throws SecurityException, SecurityProviderNotFoundException
72      {
73          Iterator<SecurityProvider> iter = providers.values().iterator();
74          Class<? extends Authentication> toTest = authentication.getClass();
75  
76          while (iter.hasNext())
77          {
78              SecurityProvider provider = iter.next();
79  
80              if (provider.supports(toTest))
81              {
82                  if (logger.isDebugEnabled())
83                  {
84                      logger.debug("Authentication attempt using " + provider.getClass().getName());
85                  }
86  
87                  Authentication result = null;
88                  try
89                  {
90                      result = provider.authenticate(authentication);
91                  }
92                  catch (Exception e)
93                  {
94                      if (!iter.hasNext())
95                      {
96                          throw new UnauthorisedException(CoreMessages.authorizationAttemptFailed(), e);
97                      }
98                  }
99  
100                 if (result != null)
101                 {
102                     return result;
103                 }
104             }
105         }
106 
107         throw new SecurityProviderNotFoundException(toTest.getName());
108     }
109 
110     public void addProvider(SecurityProvider provider)
111     {
112         if (getProvider(provider.getName()) != null)
113         {
114             throw new IllegalArgumentException("Provider already registered: " + provider.getName());
115         }
116         providers.put(provider.getName(), provider);
117     }
118 
119     public SecurityProvider getProvider(String name)
120     {
121         if (name == null)
122         {
123             throw new IllegalArgumentException("provider Name cannot be null");
124         }
125         return providers.get(name);
126     }
127 
128     public SecurityProvider removeProvider(String name)
129     {
130         return providers.remove(name);
131     }
132 
133     public Collection<SecurityProvider> getProviders()
134     {
135         ArrayList<SecurityProvider> providersList = new ArrayList<SecurityProvider>(providers.values());
136         return Collections.unmodifiableCollection(providersList);
137     }
138 
139     public void setProviders(Collection<SecurityProvider> providers)
140     {
141         for (SecurityProvider provider : providers)
142         {
143             addProvider(provider);
144         }
145     }
146 
147     public SecurityContext createSecurityContext(Authentication authentication)
148         throws UnknownAuthenticationTypeException
149     {
150         Iterator<SecurityProvider> iter = providers.values().iterator();
151         Class<? extends Authentication> toTest = authentication.getClass();
152 
153         while (iter.hasNext())
154         {
155             SecurityProvider provider = iter.next();
156             if (provider.supports(toTest))
157             {
158                 return provider.createSecurityContext(authentication);
159             }
160         }
161         throw new UnknownAuthenticationTypeException(authentication);
162     }
163 
164     public EncryptionStrategy getEncryptionStrategy(String name)
165     {
166         return cryptoStrategies.get(name);
167     }
168 
169     public void addEncryptionStrategy(EncryptionStrategy strategy)
170     {
171         cryptoStrategies.put(strategy.getName(), strategy);
172     }
173 
174     public EncryptionStrategy removeEncryptionStrategy(String name)
175     {
176         return cryptoStrategies.remove(name);
177     }
178 
179     public Collection<EncryptionStrategy> getEncryptionStrategies()
180     {
181         List<EncryptionStrategy> allStrategies = new ArrayList<EncryptionStrategy>(cryptoStrategies.values());
182         return Collections.unmodifiableCollection(allStrategies);
183     }
184 
185     public void setEncryptionStrategies(Collection<EncryptionStrategy> strategies)
186     {
187         for (EncryptionStrategy strategy : strategies)
188         {
189             addEncryptionStrategy(strategy);
190         }
191     }
192 }