KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > mule > extras > pgp > filters > PGPSecurityFilter


1 /*
2  * $Id: PGPSecurityFilter.java 3798 2006-11-04 04:07:14Z aperepel $
3  * --------------------------------------------------------------------------------------
4  * Copyright (c) MuleSource, Inc. All rights reserved. http://www.mulesource.com
5  *
6  * The software in this package is published under the terms of the MuleSource MPL
7  * license, a copy of which has been included with this distribution in the
8  * LICENSE.txt file.
9  */

10
11 package org.mule.extras.pgp.filters;
12
13 import cryptix.message.LiteralMessage;
14 import cryptix.message.Message;
15 import cryptix.message.MessageFactory;
16 import cryptix.message.SignedMessage;
17 import cryptix.pki.KeyBundle;
18
19 import org.apache.commons.logging.Log;
20 import org.apache.commons.logging.LogFactory;
21 import org.mule.MuleManager;
22 import org.mule.config.i18n.Messages;
23 import org.mule.extras.pgp.PGPAuthentication;
24 import org.mule.extras.pgp.PGPCryptInfo;
25 import org.mule.extras.pgp.PGPKeyRing;
26 import org.mule.impl.MuleMessage;
27 import org.mule.impl.RequestContext;
28 import org.mule.impl.security.AbstractEndpointSecurityFilter;
29 import org.mule.umo.UMOEncryptionStrategy;
30 import org.mule.umo.UMOEvent;
31 import org.mule.umo.UMOMessage;
32 import org.mule.umo.lifecycle.InitialisationException;
33 import org.mule.umo.security.UMOAuthentication;
34 import org.mule.umo.security.UMOSecurityContext;
35 import org.mule.umo.security.UnauthorisedException;
36 import org.mule.umo.security.UnknownAuthenticationTypeException;
37
38 import java.io.ByteArrayInputStream JavaDoc;
39 import java.util.Collection JavaDoc;
40
41 /**
42  * @author ariva
43  */

44 public class PGPSecurityFilter extends AbstractEndpointSecurityFilter
45 {
46     protected static Log logger = LogFactory.getLog(PGPSecurityFilter.class);
47
48     private UMOEncryptionStrategy strategy;
49
50     private String JavaDoc strategyName;
51
52     private boolean signRequired;
53
54     private PGPKeyRing keyManager;
55
56     /*
57      * (non-Javadoc)
58      *
59      * @see org.mule.impl.security.AbstractEndpointSecurityFilter#authenticateInbound(org.mule.umo.UMOEvent)
60      */

61     protected void authenticateInbound(UMOEvent event)
62         throws SecurityException JavaDoc, UnauthorisedException, UnknownAuthenticationTypeException
63     {
64         UMOMessage message = event.getMessage();
65
66         String JavaDoc userId = (String JavaDoc)getCredentialsAccessor().getCredentials(event);
67
68         byte[] creds = null;
69
70         try
71         {
72             creds = message.getPayloadAsBytes();
73             creds = strategy.decrypt(creds, null);
74         }
75         catch (Exception JavaDoc e1)
76         {
77             throw new UnauthorisedException(
78                 new org.mule.config.i18n.Message(Messages.FAILED_TO_READ_PAYLOAD), event.getMessage(), e1);
79         }
80
81         UMOAuthentication authResult;
82         UMOAuthentication umoAuthentication;
83
84         try
85         {
86             umoAuthentication = new PGPAuthentication(userId, decodeMsgRaw(creds));
87         }
88         catch (Exception JavaDoc e1)
89         {
90             throw new UnauthorisedException(
91                 new org.mule.config.i18n.Message(Messages.FAILED_TO_READ_PAYLOAD), event.getMessage(), e1);
92         }
93
94         try
95         {
96             authResult = getSecurityManager().authenticate(umoAuthentication);
97         }
98         catch (Exception JavaDoc e)
99         {
100             // Authentication failed
101
if (logger.isDebugEnabled())
102             {
103                 logger.debug("Authentication request for user: " + userId + " failed: " + e.toString());
104             }
105
106             throw new UnauthorisedException(new org.mule.config.i18n.Message(Messages.AUTH_FAILED_FOR_USER_X,
107                 userId), event.getMessage(), e);
108         }
109
110         // Authentication success
111
if (logger.isDebugEnabled())
112         {
113             logger.debug("Authentication success: " + authResult.toString());
114         }
115
116         UMOSecurityContext context = getSecurityManager().createSecurityContext(authResult);
117         event.getSession().setSecurityContext(context);
118
119         try
120         {
121             RequestContext.rewriteEvent(new MuleMessage(
122                 getUnencryptedMessageWithoutSignature((PGPAuthentication)authResult)));
123         }
124         catch (Exception JavaDoc e2)
125         {
126             throw new UnauthorisedException(event.getMessage(), context, event.getEndpoint(), this);
127         }
128     }
129
130     private Message decodeMsgRaw(byte[] raw) throws Exception JavaDoc
131     {
132         MessageFactory mf = MessageFactory.getInstance("OpenPGP");
133
134         ByteArrayInputStream JavaDoc in = new ByteArrayInputStream JavaDoc(raw);
135
136         Collection JavaDoc msgs = mf.generateMessages(in);
137
138         return (Message)msgs.iterator().next();
139     }
140
141     private String JavaDoc getUnencryptedMessageWithoutSignature(PGPAuthentication auth) throws Exception JavaDoc
142     {
143         Message msg = (Message)auth.getCredentials();
144
145         if (msg instanceof SignedMessage)
146         {
147             msg = ((SignedMessage)msg).getContents();
148         }
149
150         if (msg instanceof LiteralMessage)
151         {
152             return ((LiteralMessage)msg).getTextData();
153         }
154         else
155         {
156             throw new Exception JavaDoc("Wrong data");
157         }
158     }
159
160     /*
161      * (non-Javadoc)
162      *
163      * @see org.mule.impl.security.AbstractEndpointSecurityFilter#authenticateOutbound(org.mule.umo.UMOEvent)
164      */

165     protected void authenticateOutbound(UMOEvent event) throws SecurityException JavaDoc, UnauthorisedException
166     {
167         logger.debug("authenticateOutbound:" + event.getId());
168
169         if (!isAuthenticate())
170         {
171             return;
172         }
173
174         UMOMessage message = event.getMessage();
175
176         KeyBundle userKeyBundle = keyManager.getKeyBundle((String JavaDoc)getCredentialsAccessor().getCredentials(
177             event));
178
179         PGPCryptInfo cryptInfo = new PGPCryptInfo(userKeyBundle, signRequired);
180
181         byte[] msg = null;
182
183         try
184         {
185             msg = message.getPayloadAsBytes();
186             msg = strategy.encrypt(msg, cryptInfo);
187         }
188         catch (Exception JavaDoc e1)
189         {
190             throw new UnauthorisedException(
191                 new org.mule.config.i18n.Message(Messages.FAILED_TO_READ_PAYLOAD), event.getMessage(), e1);
192         }
193
194         try
195         {
196             String JavaDoc mesg = new String JavaDoc(msg);
197             RequestContext.rewriteEvent(new MuleMessage(mesg));
198             logger.debug("Message:" + mesg);
199         }
200         catch (Exception JavaDoc e2)
201         {
202             throw new UnauthorisedException(event.getMessage(), event.getSession().getSecurityContext(),
203                 event.getEndpoint(), this);
204         }
205     }
206
207     /*
208      * (non-Javadoc)
209      *
210      * @see org.mule.impl.security.AbstractEndpointSecurityFilter#doInitialise()
211      */

212     protected void doInitialise() throws InitialisationException
213     {
214         if (strategyName != null)
215         {
216             strategy = MuleManager.getInstance().getSecurityManager().getEncryptionStrategy(strategyName);
217         }
218
219         if (strategy == null)
220         {
221             throw new InitialisationException(new org.mule.config.i18n.Message(
222                 Messages.ENCRYPT_STRATEGY_NOT_SET), this);
223         }
224     }
225
226     public UMOEncryptionStrategy getStrategy()
227     {
228         return strategy;
229     }
230
231     public void setStrategy(UMOEncryptionStrategy strategy)
232     {
233         this.strategy = strategy;
234     }
235
236     public void setStrategyName(String JavaDoc name)
237     {
238         strategyName = name;
239     }
240
241     public boolean isSignRequired()
242     {
243         return signRequired;
244     }
245
246     public void setSignRequired(boolean signRequired)
247     {
248         this.signRequired = signRequired;
249     }
250
251     public PGPKeyRing getKeyManager()
252     {
253         return keyManager;
254     }
255
256     public void setKeyManager(PGPKeyRing keyManager)
257     {
258         this.keyManager = keyManager;
259     }
260 }
261
Popular Tags