1 10 11 package org.mule.extras.acegi.filters.http; 12 13 import org.acegisecurity.AuthenticationException; 14 import org.acegisecurity.providers.UsernamePasswordAuthenticationToken; 15 import org.apache.commons.codec.binary.Base64; 16 import org.apache.commons.logging.Log; 17 import org.apache.commons.logging.LogFactory; 18 import org.mule.config.MuleProperties; 19 import org.mule.config.i18n.Message; 20 import org.mule.config.i18n.Messages; 21 import org.mule.extras.acegi.AcegiAuthenticationAdapter; 22 import org.mule.impl.security.AbstractEndpointSecurityFilter; 23 import org.mule.providers.http.HttpConnector; 24 import org.mule.providers.http.HttpConstants; 25 import org.mule.umo.UMOEvent; 26 import org.mule.umo.UMOMessage; 27 import org.mule.umo.lifecycle.InitialisationException; 28 import org.mule.umo.security.SecurityException; 29 import org.mule.umo.security.SecurityProviderNotFoundException; 30 import org.mule.umo.security.UMOAuthentication; 31 import org.mule.umo.security.UMOSecurityContext; 32 import org.mule.umo.security.UnauthorisedException; 33 import org.mule.umo.security.UnknownAuthenticationTypeException; 34 import org.mule.umo.security.UnsupportedAuthenticationSchemeException; 35 36 39 public class HttpBasicAuthenticationFilter extends AbstractEndpointSecurityFilter 40 { 41 44 protected static Log logger = LogFactory.getLog(HttpBasicAuthenticationFilter.class); 45 46 private String realm; 47 48 private boolean realmRequired = true; 49 50 public HttpBasicAuthenticationFilter() 51 { 52 super(); 53 } 54 55 public HttpBasicAuthenticationFilter(String realm) 56 { 57 this.realm = realm; 58 } 59 60 public void doInitialise() throws InitialisationException 61 { 62 if (realm == null) 63 { 64 if (isRealmRequired()) 65 { 66 throw new InitialisationException(new Message(Messages.AUTH_REALM_MUST_SET_ON_FILTER), this); 67 } 68 else 69 { 70 logger.warn("There is no security realm set, using default: null"); 71 } 72 } 73 74 } 75 76 public String getRealm() 77 { 78 return realm; 79 } 80 81 public void setRealm(String realm) 82 { 83 this.realm = realm; 84 } 85 86 public boolean isRealmRequired() 87 { 88 return realmRequired; 89 } 90 91 public void setRealmRequired(boolean realmRequired) 92 { 93 this.realmRequired = realmRequired; 94 } 95 96 103 public void authenticateInbound(UMOEvent event) 104 throws SecurityException , SecurityProviderNotFoundException, UnknownAuthenticationTypeException 105 { 106 String header = event.getMessage().getStringProperty(HttpConstants.HEADER_AUTHORIZATION, null); 107 108 if (logger.isDebugEnabled()) 109 { 110 logger.debug("Authorization header: " + header); 111 } 112 113 if ((header != null) && header.startsWith("Basic ")) 114 { 115 String base64Token = header.substring(6); 116 String token = new String (Base64.decodeBase64(base64Token.getBytes())); 117 118 String username = ""; 119 String password = ""; 120 int delim = token.indexOf(":"); 121 122 if (delim != -1) 123 { 124 username = token.substring(0, delim); 125 password = token.substring(delim + 1); 126 } 127 128 UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken( 129 username, password); 130 authRequest.setDetails(event.getMessage().getProperty(MuleProperties.MULE_ENDPOINT_PROPERTY)); 131 132 UMOAuthentication authResult; 133 134 UMOAuthentication umoAuthentication = new AcegiAuthenticationAdapter(authRequest); 135 136 try 137 { 138 authResult = getSecurityManager().authenticate(umoAuthentication); 139 } 140 catch (AuthenticationException e) 141 { 142 if (logger.isDebugEnabled()) 144 { 145 logger.debug("Authentication request for user: " + username + " failed: " + e.toString()); 146 } 147 setUnauthenticated(event); 148 throw new UnauthorisedException(new Message(Messages.AUTH_FAILED_FOR_USER_X, username), e); 149 } 150 151 if (logger.isDebugEnabled()) 153 { 154 logger.debug("Authentication success: " + authResult.toString()); 155 } 156 157 UMOSecurityContext context = getSecurityManager().createSecurityContext(authResult); 158 context.setAuthentication(authResult); 159 event.getSession().setSecurityContext(context); 160 } 161 else if (header == null) 162 { 163 setUnauthenticated(event); 164 throw new UnauthorisedException(event.getMessage(), event.getSession().getSecurityContext(), 165 getEndpoint(), this); 166 } 167 else 168 { 169 setUnauthenticated(event); 170 throw new UnsupportedAuthenticationSchemeException(new Message("acegi", 1, header), 171 event.getMessage()); 172 } 173 } 174 175 protected void setUnauthenticated(UMOEvent event) 176 { 177 String realmHeader = "Basic realm="; 178 if (realm != null) 179 { 180 realmHeader += "\"" + realm + "\""; 181 } 182 UMOMessage msg = event.getMessage(); 183 msg.setProperty(HttpConstants.HEADER_WWW_AUTHENTICATE, realmHeader); 184 msg.setIntProperty(HttpConnector.HTTP_STATUS_PROPERTY, HttpConstants.SC_UNAUTHORIZED); 185 } 186 187 194 public void authenticateOutbound(UMOEvent event) 195 throws SecurityException , SecurityProviderNotFoundException 196 { 197 if (event.getSession().getSecurityContext() == null) 198 { 199 if (isAuthenticate()) 200 { 201 throw new UnauthorisedException(event.getMessage(), event.getSession().getSecurityContext(), 202 event.getEndpoint(), this); 203 } 204 else 205 { 206 return; 207 } 208 } 209 210 UMOAuthentication auth = event.getSession().getSecurityContext().getAuthentication(); 211 if (isAuthenticate()) 212 { 213 auth = getSecurityManager().authenticate(auth); 214 if (logger.isDebugEnabled()) 215 { 216 logger.debug("Authentication success: " + auth.toString()); 217 } 218 } 219 220 StringBuffer header = new StringBuffer (128); 221 header.append("Basic "); 222 String token = auth.getCredentials().toString(); 223 header.append(new String (Base64.encodeBase64(token.getBytes()))); 224 225 event.getMessage().setStringProperty(HttpConstants.HEADER_AUTHORIZATION, header.toString()); 226 } 227 228 } 229 | Popular Tags |