001: /*
002: * $Id: MuleSecurityManager.java 11149 2008-03-03 19:41:55Z acooke $
003: * --------------------------------------------------------------------------------------
004: * Copyright (c) MuleSource, Inc. All rights reserved. http://www.mulesource.com
005: *
006: * The software in this package is published under the terms of the CPAL v1.0
007: * license, a copy of which has been included with this distribution in the
008: * LICENSE.txt file.
009: */
010:
011: package org.mule.security;
012:
013: import org.mule.api.EncryptionStrategy;
014: import org.mule.api.lifecycle.InitialisationException;
015: import org.mule.api.lifecycle.LifecycleTransitionResult;
016: import org.mule.api.security.Authentication;
017: import org.mule.api.security.SecurityContext;
018: import org.mule.api.security.SecurityException;
019: import org.mule.api.security.SecurityManager;
020: import org.mule.api.security.SecurityProvider;
021: import org.mule.api.security.SecurityProviderNotFoundException;
022: import org.mule.api.security.UnknownAuthenticationTypeException;
023:
024: import java.util.ArrayList;
025: import java.util.Collection;
026: import java.util.Collections;
027: import java.util.Iterator;
028: import java.util.Map;
029: import java.util.LinkedList;
030: import java.util.List;
031:
032: import edu.emory.mathcs.backport.java.util.concurrent.ConcurrentHashMap;
033:
034: import org.apache.commons.logging.Log;
035: import org.apache.commons.logging.LogFactory;
036:
037: /**
038: * <code>MuleSecurityManager</code> is a default implementation security manager
039: * for a Mule instance.
040: */
041:
042: public class MuleSecurityManager implements SecurityManager {
043:
044: /**
045: * logger used by this class
046: */
047: protected static final Log logger = LogFactory
048: .getLog(MuleSecurityManager.class);
049:
050: private Map providers = new ConcurrentHashMap();
051: private Map cryptoStrategies = new ConcurrentHashMap();
052:
053: public MuleSecurityManager() {
054: // for debug
055: }
056:
057: public LifecycleTransitionResult initialise()
058: throws InitialisationException {
059: List all = new LinkedList(providers.values());
060: // ordering: appends
061: all.addAll(cryptoStrategies.values());
062: return LifecycleTransitionResult.initialiseAll(all.iterator());
063: }
064:
065: public Authentication authenticate(Authentication authentication)
066: throws SecurityException, SecurityProviderNotFoundException {
067: Iterator iter = providers.values().iterator();
068:
069: Class toTest = authentication.getClass();
070:
071: while (iter.hasNext()) {
072: SecurityProvider provider = (SecurityProvider) iter.next();
073:
074: if (provider.supports(toTest)) {
075: if (logger.isDebugEnabled()) {
076: logger.debug("Authentication attempt using "
077: + provider.getClass().getName());
078: }
079:
080: Authentication result = provider
081: .authenticate(authentication);
082:
083: if (result != null) {
084: return result;
085: }
086: }
087: }
088:
089: throw new SecurityProviderNotFoundException(toTest.getName());
090: }
091:
092: public void addProvider(SecurityProvider provider) {
093: if (getProvider(provider.getName()) != null) {
094: throw new IllegalArgumentException(
095: "Provider already registered: "
096: + provider.getName());
097: }
098: providers.put(provider.getName(), provider);
099: }
100:
101: public SecurityProvider getProvider(String name) {
102: if (name == null) {
103: throw new IllegalArgumentException(
104: "provider Name cannot be null");
105: }
106: return (SecurityProvider) providers.get(name);
107: }
108:
109: public SecurityProvider removeProvider(String name) {
110: return (SecurityProvider) providers.remove(name);
111: }
112:
113: public Collection getProviders() {
114: return Collections.unmodifiableCollection(new ArrayList(
115: providers.values()));
116: }
117:
118: public void setProviders(Collection providers) {
119: for (Iterator iterator = providers.iterator(); iterator
120: .hasNext();) {
121: SecurityProvider provider = (SecurityProvider) iterator
122: .next();
123: addProvider(provider);
124: }
125: }
126:
127: public SecurityContext createSecurityContext(
128: Authentication authentication)
129: throws UnknownAuthenticationTypeException {
130: Iterator iter = providers.values().iterator();
131:
132: Class toTest = authentication.getClass();
133:
134: while (iter.hasNext()) {
135: SecurityProvider provider = (SecurityProvider) iter.next();
136:
137: if (provider.supports(toTest)) {
138: return provider.createSecurityContext(authentication);
139: }
140: }
141: throw new UnknownAuthenticationTypeException(authentication);
142: }
143:
144: public EncryptionStrategy getEncryptionStrategy(String name) {
145: return (EncryptionStrategy) cryptoStrategies.get(name);
146: }
147:
148: public void addEncryptionStrategy(EncryptionStrategy strategy) {
149: cryptoStrategies.put(strategy.getName(), strategy);
150: }
151:
152: public EncryptionStrategy removeEncryptionStrategy(String name) {
153: return (EncryptionStrategy) cryptoStrategies.remove(name);
154:
155: }
156:
157: public Collection getEncryptionStrategies() {
158: return Collections.unmodifiableCollection(new ArrayList(
159: cryptoStrategies.values()));
160: }
161:
162: public void setEncryptionStrategies(Collection strategies) {
163: for (Iterator iterator = strategies.iterator(); iterator
164: .hasNext();) {
165: EncryptionStrategy strategy = (EncryptionStrategy) iterator
166: .next();
167: addEncryptionStrategy(strategy);
168: }
169: }
170:
171: }
|