001: /*
002: * $Id: MuleCredentials.java 10489 2008-01-23 17:53:38Z dfeist $
003: * --------------------------------------------------------------------------------------
004: * Copyright (c) MuleSource, Inc. All rights reserved. http://www.mulesource.com
005: *
006: * The software in this package is published under the terms of the CPAL v1.0
007: * license, a copy of which has been included with this distribution in the
008: * LICENSE.txt file.
009: */
010:
011: package org.mule.security;
012:
013: import org.mule.api.EncryptionStrategy;
014: import org.mule.api.config.MuleProperties;
015: import org.mule.api.security.Credentials;
016: import org.mule.api.security.CryptoFailureException;
017: import org.mule.api.security.EncryptionStrategyNotFoundException;
018: import org.mule.api.security.SecurityManager;
019: import org.mule.config.i18n.CoreMessages;
020: import org.mule.util.ArrayUtils;
021:
022: import java.util.StringTokenizer;
023:
024: /**
025: * <code>MuleCredentials</code> can be used to read and set Mule user information
026: * that can be stored in a message header.
027: */
028:
029: public class MuleCredentials implements Credentials {
030: public static final String TOKEN_DELIM = "::";
031:
032: private final String username;
033: private final char[] password;
034: private Object roles;
035:
036: public MuleCredentials(String username, char[] password) {
037: this .username = username;
038: this .password = ArrayUtils.clone(password);
039: }
040:
041: public MuleCredentials(String username, char[] password,
042: Object roles) {
043: this .username = username;
044: this .password = ArrayUtils.clone(password);
045: this .roles = roles;
046: }
047:
048: public MuleCredentials(String header, SecurityManager sm)
049: throws EncryptionStrategyNotFoundException,
050: CryptoFailureException {
051:
052: int i = header.indexOf(' ');
053: if (i == -1) {
054: throw new IllegalArgumentException(CoreMessages
055: .headerMalformedValueIs(
056: MuleProperties.MULE_USER_PROPERTY, header)
057: .toString());
058: }
059:
060: String scheme = header.substring(0, i);
061: String creds = header.substring(i + 1);
062:
063: if (!scheme.equalsIgnoreCase("plain")) {
064: EncryptionStrategy es = sm.getEncryptionStrategy(scheme);
065: if (es == null) {
066: throw new EncryptionStrategyNotFoundException(scheme);
067: } else {
068: creds = new String(es.decrypt(creds.getBytes(), null));
069: }
070: }
071:
072: StringTokenizer st = new StringTokenizer(creds, TOKEN_DELIM);
073: username = st.nextToken();
074: password = st.nextToken().toCharArray();
075: if (st.hasMoreTokens()) {
076: roles = st.nextToken();
077: }
078: }
079:
080: public String getToken() {
081: StringBuffer buf = new StringBuffer();
082: buf.append(username).append(TOKEN_DELIM);
083: buf.append(password).append(TOKEN_DELIM);
084:
085: if (roles != null) {
086: buf.append(roles);
087: }
088:
089: return buf.toString();
090: }
091:
092: public String getUsername() {
093: return username;
094: }
095:
096: public char[] getPassword() {
097: return ArrayUtils.clone(password);
098: }
099:
100: public Object getRoles() {
101: return roles;
102: }
103:
104: public static String createHeader(String username, char[] password) {
105: StringBuffer buf = new StringBuffer(32);
106: buf.append("Plain ");
107: buf.append(username).append(TOKEN_DELIM);
108: buf.append(password).append(TOKEN_DELIM);
109: return buf.toString();
110: }
111:
112: public static String createHeader(String username, String password,
113: String encryptionName, EncryptionStrategy es)
114: throws CryptoFailureException {
115: StringBuffer buf = new StringBuffer();
116: buf.append(encryptionName).append(" ");
117: String creds = username + TOKEN_DELIM + password;
118: byte[] encrypted = es.encrypt(creds.getBytes(), null);
119: buf.append(new String(encrypted));
120: return buf.toString();
121: }
122: }
|