KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > mule > impl > security > filters > MuleEncryptionEndpointSecurityFilter


1 /*
2  * $Id: MuleEncryptionEndpointSecurityFilter.java 3798 2006-11-04 04:07:14Z aperepel $
3  * --------------------------------------------------------------------------------------
4  * Copyright (c) MuleSource, Inc. All rights reserved. http://www.mulesource.com
5  *
6  * The software in this package is published under the terms of the MuleSource MPL
7  * license, a copy of which has been included with this distribution in the
8  * LICENSE.txt file.
9  */
10
11 package org.mule.impl.security.filters;
12
13 import org.mule.MuleManager;
14 import org.mule.config.i18n.Message;
15 import org.mule.config.i18n.Messages;
16 import org.mule.impl.security.AbstractEndpointSecurityFilter;
17 import org.mule.impl.security.MuleAuthentication;
18 import org.mule.impl.security.MuleCredentials;
19 import org.mule.impl.security.MuleHeaderCredentialsAccessor;
20 import org.mule.umo.UMOEncryptionStrategy;
21 import org.mule.umo.UMOEvent;
22 import org.mule.umo.lifecycle.InitialisationException;
23 import org.mule.umo.security.CredentialsNotSetException;
24 import org.mule.umo.security.CryptoFailureException;
25 import org.mule.umo.security.EncryptionStrategyNotFoundException;
26 import org.mule.umo.security.SecurityException;
27 import org.mule.umo.security.SecurityProviderNotFoundException;
28 import org.mule.umo.security.UMOAuthentication;
29 import org.mule.umo.security.UMOCredentials;
30 import org.mule.umo.security.UMOSecurityContext;
31 import org.mule.umo.security.UnauthorisedException;
32 import org.mule.umo.security.UnknownAuthenticationTypeException;
33
34 /**
35  * <code>MuleEncryptionEndpointSecurityFilter</code> provides password-based
36  * encription
37  *
38  * @author <a HREF="mailto:ross.mason@symphonysoft.com">Ross Mason</a>
39  * @version $Revision: 3798 $
40  */
41 public class MuleEncryptionEndpointSecurityFilter extends AbstractEndpointSecurityFilter
42 {
43     private UMOEncryptionStrategy strategy;
44     private String JavaDoc strategyName;
45
46     public MuleEncryptionEndpointSecurityFilter()
47     {
48         setCredentialsAccessor(new MuleHeaderCredentialsAccessor());
49     }
50
51     protected final void authenticateInbound(UMOEvent event)
52         throws SecurityException JavaDoc, CryptoFailureException, EncryptionStrategyNotFoundException,
53         UnknownAuthenticationTypeException
54     {
55         String JavaDoc userHeader = (String JavaDoc)getCredentialsAccessor().getCredentials(event);
56         if (userHeader == null)
57         {
58             throw new CredentialsNotSetException(event.getMessage(), event.getSession().getSecurityContext(),
59                 event.getEndpoint(), this);
60         }
61
62         UMOCredentials user = new MuleCredentials(userHeader);
63
64         UMOAuthentication authResult;
65         UMOAuthentication umoAuthentication = new MuleAuthentication(user);
66         try
67         {
68             authResult = getSecurityManager().authenticate(umoAuthentication);
69         }
70         catch (Exception JavaDoc e)
71         {
72             // Authentication failed
73 if (logger.isDebugEnabled())
74             {
75                 logger.debug("Authentication request for user: " + user.getUsername() + " failed: "
76                              + e.toString());
77             }
78             throw new UnauthorisedException(new Message(Messages.AUTH_FAILED_FOR_USER_X, user.getUsername()),
79                 event.getMessage(), e);
80         }
81
82         // Authentication success
83 if (logger.isDebugEnabled())
84         {
85             logger.debug("Authentication success: " + authResult.toString());
86         }
87
88         UMOSecurityContext context = getSecurityManager().createSecurityContext(authResult);
89         context.setAuthentication(authResult);
90         event.getSession().setSecurityContext(context);
91     }
92
93     protected void authenticateOutbound(UMOEvent event)
94         throws SecurityException JavaDoc, SecurityProviderNotFoundException, CryptoFailureException
95     {
96         if (event.getSession().getSecurityContext() == null)
97         {
98             if (isAuthenticate())
99             {
100                 throw new UnauthorisedException(event.getMessage(), event.getSession().getSecurityContext(),
101                     event.getEndpoint(), this);
102             }
103             else
104             {
105                 return;
106             }
107         }
108         UMOAuthentication auth = event.getSession().getSecurityContext().getAuthentication();
109         if (isAuthenticate())
110         {
111             auth = getSecurityManager().authenticate(auth);
112             if (logger.isDebugEnabled())
113             {
114                 logger.debug("Authentication success: " + auth.toString());
115             }
116         }
117
118         String JavaDoc token = auth.getCredentials().toString();
119         String JavaDoc header = new String JavaDoc(strategy.encrypt(token.getBytes(), null));
120         getCredentialsAccessor().setCredentials(event, header);
121
122     }
123
124     protected void doInitialise() throws InitialisationException
125     {
126         if (strategyName != null)
127         {
128             strategy = MuleManager.getInstance().getSecurityManager().getEncryptionStrategy(strategyName);
129         }
130
131         if (strategy == null)
132         {
133             throw new InitialisationException(new Message(Messages.ENCRYPT_STRATEGY_NOT_SET), this);
134         }
135     }
136
137     public UMOEncryptionStrategy getStrategy()
138     {
139         return strategy;
140     }
141
142     public void setStrategy(UMOEncryptionStrategy strategy)
143     {
144         this.strategy = strategy;
145     }
146
147     public void setStrategyName(String JavaDoc name)
148     {
149         strategyName = name;
150     }
151 }
152
Popular Tags