001: /*
002: * $Id: MuleEncryptionEndpointSecurityFilter.java 10489 2008-01-23 17:53:38Z dfeist $
003: * --------------------------------------------------------------------------------------
004: * Copyright (c) MuleSource, Inc. All rights reserved. http://www.mulesource.com
005: *
006: * The software in this package is published under the terms of the CPAL v1.0
007: * license, a copy of which has been included with this distribution in the
008: * LICENSE.txt file.
009: */
010:
011: package org.mule.security.filters;
012:
013: import org.mule.api.EncryptionStrategy;
014: import org.mule.api.MuleEvent;
015: import org.mule.api.lifecycle.InitialisationException;
016: import org.mule.api.security.Authentication;
017: import org.mule.api.security.Credentials;
018: import org.mule.api.security.CredentialsNotSetException;
019: import org.mule.api.security.CryptoFailureException;
020: import org.mule.api.security.EncryptionStrategyNotFoundException;
021: import org.mule.api.security.SecurityContext;
022: import org.mule.api.security.SecurityException;
023: import org.mule.api.security.SecurityProviderNotFoundException;
024: import org.mule.api.security.UnauthorisedException;
025: import org.mule.api.security.UnknownAuthenticationTypeException;
026: import org.mule.config.i18n.CoreMessages;
027: import org.mule.security.AbstractEndpointSecurityFilter;
028: import org.mule.security.DefaultMuleAuthentication;
029: import org.mule.security.MuleCredentials;
030: import org.mule.security.MuleHeaderCredentialsAccessor;
031:
032: /**
033: * <code>MuleEncryptionEndpointSecurityFilter</code> provides password-based
034: * encryption
035: */
036: public class MuleEncryptionEndpointSecurityFilter extends
037: AbstractEndpointSecurityFilter {
038: private EncryptionStrategy strategy;
039:
040: public MuleEncryptionEndpointSecurityFilter() {
041: setCredentialsAccessor(new MuleHeaderCredentialsAccessor());
042: }
043:
044: protected final void authenticateInbound(MuleEvent event)
045: throws SecurityException, CryptoFailureException,
046: EncryptionStrategyNotFoundException,
047: UnknownAuthenticationTypeException {
048: String userHeader = (String) getCredentialsAccessor()
049: .getCredentials(event);
050: if (userHeader == null) {
051: throw new CredentialsNotSetException(event.getMessage(),
052: event.getSession().getSecurityContext(), event
053: .getEndpoint(), this );
054: }
055:
056: Credentials user = new MuleCredentials(userHeader,
057: getSecurityManager());
058:
059: Authentication authResult;
060: Authentication umoAuthentication = new DefaultMuleAuthentication(
061: user);
062: try {
063: authResult = getSecurityManager().authenticate(
064: umoAuthentication);
065: } catch (Exception e) {
066: // Authentication failed
067: if (logger.isDebugEnabled()) {
068: logger.debug("Authentication request for user: "
069: + user.getUsername() + " failed: "
070: + e.toString());
071: }
072: throw new UnauthorisedException(CoreMessages
073: .authFailedForUser(user.getUsername()), event
074: .getMessage(), e);
075: }
076:
077: // Authentication success
078: if (logger.isDebugEnabled()) {
079: logger.debug("Authentication success: "
080: + authResult.toString());
081: }
082:
083: SecurityContext context = getSecurityManager()
084: .createSecurityContext(authResult);
085: context.setAuthentication(authResult);
086: event.getSession().setSecurityContext(context);
087: }
088:
089: protected void authenticateOutbound(MuleEvent event)
090: throws SecurityException,
091: SecurityProviderNotFoundException, CryptoFailureException {
092: if (event.getSession().getSecurityContext() == null) {
093: if (isAuthenticate()) {
094: throw new UnauthorisedException(event.getMessage(),
095: event.getSession().getSecurityContext(), event
096: .getEndpoint(), this );
097: } else {
098: return;
099: }
100: }
101: Authentication auth = event.getSession().getSecurityContext()
102: .getAuthentication();
103: if (isAuthenticate()) {
104: auth = getSecurityManager().authenticate(auth);
105: if (logger.isDebugEnabled()) {
106: logger.debug("Authentication success: "
107: + auth.toString());
108: }
109: }
110:
111: String token = auth.getCredentials().toString();
112: String header = new String(strategy.encrypt(token.getBytes(),
113: null));
114: getCredentialsAccessor().setCredentials(event, header);
115:
116: }
117:
118: protected void doInitialise() throws InitialisationException {
119: if (strategy == null) {
120: throw new InitialisationException(CoreMessages
121: .encryptionStrategyNotSet(), this );
122: }
123: }
124:
125: public EncryptionStrategy getStrategy() {
126: return strategy;
127: }
128:
129: public void setStrategy(EncryptionStrategy strategy) {
130: this.strategy = strategy;
131: }
132:
133: }
|