コード例 #1
0
  @Override
  protected final void authenticateInbound(MuleEvent event)
      throws SecurityException, CryptoFailureException, EncryptionStrategyNotFoundException,
          UnknownAuthenticationTypeException {
    String userHeader = (String) getCredentialsAccessor().getCredentials(event);
    if (userHeader == null) {
      throw new CredentialsNotSetException(event, event.getSession().getSecurityContext(), this);
    }

    Credentials user = new MuleCredentials(userHeader, getSecurityManager());

    Authentication authentication;
    try {
      authentication =
          getSecurityManager().authenticate(new DefaultMuleAuthentication(user, event));
    } catch (Exception e) {
      // Authentication failed
      if (logger.isDebugEnabled()) {
        logger.debug(
            "Authentication request for user: "******" failed: " + e.toString());
      }
      throw new UnauthorisedException(CoreMessages.authFailedForUser(user.getUsername()), event, e);
    }

    // Authentication success
    if (logger.isDebugEnabled()) {
      logger.debug("Authentication success: " + authentication.toString());
    }

    SecurityContext context = getSecurityManager().createSecurityContext(authentication);
    context.setAuthentication(authentication);
    event.getSession().setSecurityContext(context);
  }
コード例 #2
0
  @Override
  protected void authenticateOutbound(MuleEvent event)
      throws SecurityException, SecurityProviderNotFoundException, CryptoFailureException {
    SecurityContext securityContext = event.getSession().getSecurityContext();
    if (securityContext == null) {
      if (isAuthenticate()) {
        throw new UnauthorisedException(event, securityContext, this);
      } else {
        return;
      }
    }

    Authentication auth = securityContext.getAuthentication();
    if (isAuthenticate()) {
      auth = getSecurityManager().authenticate(auth);
      if (logger.isDebugEnabled()) {
        logger.debug("Authentication success: " + auth.toString());
      }
    }

    String token = auth.getCredentials().toString();
    String header = new String(strategy.encrypt(token.getBytes(), null));
    getCredentialsAccessor().setCredentials(event, header);
  }