|
1
10
11 package org.mule.extras.acegi.filters.http;
12
13 import org.acegisecurity.AuthenticationException;
14 import org.acegisecurity.providers.UsernamePasswordAuthenticationToken;
15 import org.apache.commons.codec.binary.Base64;
16 import org.apache.commons.logging.Log;
17 import org.apache.commons.logging.LogFactory;
18 import org.mule.config.MuleProperties;
19 import org.mule.config.i18n.Message;
20 import org.mule.config.i18n.Messages;
21 import org.mule.extras.acegi.AcegiAuthenticationAdapter;
22 import org.mule.impl.security.AbstractEndpointSecurityFilter;
23 import org.mule.providers.http.HttpConnector;
24 import org.mule.providers.http.HttpConstants;
25 import org.mule.umo.UMOEvent;
26 import org.mule.umo.UMOMessage;
27 import org.mule.umo.lifecycle.InitialisationException;
28 import org.mule.umo.security.SecurityException;
29 import org.mule.umo.security.SecurityProviderNotFoundException;
30 import org.mule.umo.security.UMOAuthentication;
31 import org.mule.umo.security.UMOSecurityContext;
32 import org.mule.umo.security.UnauthorisedException;
33 import org.mule.umo.security.UnknownAuthenticationTypeException;
34 import org.mule.umo.security.UnsupportedAuthenticationSchemeException;
35
36
39 public class HttpBasicAuthenticationFilter extends AbstractEndpointSecurityFilter
40 {
41
44 protected static Log logger = LogFactory.getLog(HttpBasicAuthenticationFilter.class);
45
46 private String  realm;
47
48 private boolean realmRequired = true;
49
50 public HttpBasicAuthenticationFilter()
51 {
52 super();
53 }
54
55 public HttpBasicAuthenticationFilter(String realm)
56 {
57 this.realm = realm;
58 }
59
60 public void doInitialise() throws InitialisationException
61 {
62 if (realm == null)
63 {
64 if (isRealmRequired())
65 {
66 throw new InitialisationException(new Message(Messages.AUTH_REALM_MUST_SET_ON_FILTER), this);
67 }
68 else
69 {
70 logger.warn("There is no security realm set, using default: null");
71 }
72 }
73
74 }
75
76 public String getRealm()
77 {
78 return realm;
79 }
80
81 public void setRealm(String realm)
82 {
83 this.realm = realm;
84 }
85
86 public boolean isRealmRequired()
87 {
88 return realmRequired;
89 }
90
91 public void setRealmRequired(boolean realmRequired)
92 {
93 this.realmRequired = realmRequired;
94 }
95
96
103 public void authenticateInbound(UMOEvent event)
104 throws SecurityException , SecurityProviderNotFoundException, UnknownAuthenticationTypeException
105 {
106 String header = event.getMessage().getStringProperty(HttpConstants.HEADER_AUTHORIZATION, null);
107
108 if (logger.isDebugEnabled())
109 {
110 logger.debug("Authorization header: " + header);
111 }
112
113 if ((header != null) && header.startsWith("Basic "))
114 {
115 String base64Token = header.substring(6);
116 String token = new String (Base64.decodeBase64(base64Token.getBytes()));
117
118 String username = "";
119 String password = "";
120 int delim = token.indexOf(":");
121
122 if (delim != -1)
123 {
124 username = token.substring(0, delim);
125 password = token.substring(delim + 1);
126 }
127
128 UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(
129 username, password);
130 authRequest.setDetails(event.getMessage().getProperty(MuleProperties.MULE_ENDPOINT_PROPERTY));
131
132 UMOAuthentication authResult;
133
134 UMOAuthentication umoAuthentication = new AcegiAuthenticationAdapter(authRequest);
135
136 try
137 {
138 authResult = getSecurityManager().authenticate(umoAuthentication);
139 }
140 catch (AuthenticationException e)
141 {
142 if (logger.isDebugEnabled())
144 {
145 logger.debug("Authentication request for user: " + username + " failed: " + e.toString());
146 }
147 setUnauthenticated(event);
148 throw new UnauthorisedException(new Message(Messages.AUTH_FAILED_FOR_USER_X, username), e);
149 }
150
151 if (logger.isDebugEnabled())
153 {
154 logger.debug("Authentication success: " + authResult.toString());
155 }
156
157 UMOSecurityContext context = getSecurityManager().createSecurityContext(authResult);
158 context.setAuthentication(authResult);
159 event.getSession().setSecurityContext(context);
160 }
161 else if (header == null)
162 {
163 setUnauthenticated(event);
164 throw new UnauthorisedException(event.getMessage(), event.getSession().getSecurityContext(),
165 getEndpoint(), this);
166 }
167 else
168 {
169 setUnauthenticated(event);
170 throw new UnsupportedAuthenticationSchemeException(new Message("acegi", 1, header),
171 event.getMessage());
172 }
173 }
174
175 protected void setUnauthenticated(UMOEvent event)
176 {
177 String realmHeader = "Basic realm=";
178 if (realm != null)
179 {
180 realmHeader += "\"" + realm + "\"";
181 }
182 UMOMessage msg = event.getMessage();
183 msg.setProperty(HttpConstants.HEADER_WWW_AUTHENTICATE, realmHeader);
184 msg.setIntProperty(HttpConnector.HTTP_STATUS_PROPERTY, HttpConstants.SC_UNAUTHORIZED);
185 }
186
187
194 public void authenticateOutbound(UMOEvent event)
195 throws SecurityException , SecurityProviderNotFoundException
196 {
197 if (event.getSession().getSecurityContext() == null)
198 {
199 if (isAuthenticate())
200 {
201 throw new UnauthorisedException(event.getMessage(), event.getSession().getSecurityContext(),
202 event.getEndpoint(), this);
203 }
204 else
205 {
206 return;
207 }
208 }
209
210 UMOAuthentication auth = event.getSession().getSecurityContext().getAuthentication();
211 if (isAuthenticate())
212 {
213 auth = getSecurityManager().authenticate(auth);
214 if (logger.isDebugEnabled())
215 {
216 logger.debug("Authentication success: " + auth.toString());
217 }
218 }
219
220 StringBuffer header = new StringBuffer (128);
221 header.append("Basic ");
222 String token = auth.getCredentials().toString();
223 header.append(new String (Base64.encodeBase64(token.getBytes())));
224
225 event.getMessage().setStringProperty(HttpConstants.HEADER_AUTHORIZATION, header.toString());
226 }
227
228 }
229 |
Popular Tags |
Java API By Example, From Geeks To Geeks.