@Override
protected final void authenticateInbound(MuleEvent event)
throws SecurityException, CryptoFailureException, EncryptionStrategyNotFoundException,
UnknownAuthenticationTypeException {
String userHeader = (String) getCredentialsAccessor().getCredentials(event);
if (userHeader == null) {
throw new CredentialsNotSetException(event, event.getSession().getSecurityContext(), this);
}
Credentials user = new MuleCredentials(userHeader, getSecurityManager());
Authentication authentication;
try {
authentication =
getSecurityManager().authenticate(new DefaultMuleAuthentication(user, event));
} catch (Exception e) {
// Authentication failed
if (logger.isDebugEnabled()) {
logger.debug(
"Authentication request for user: "******" failed: " + e.toString());
}
throw new UnauthorisedException(CoreMessages.authFailedForUser(user.getUsername()), event, e);
}
// Authentication success
if (logger.isDebugEnabled()) {
logger.debug("Authentication success: " + authentication.toString());
}
SecurityContext context = getSecurityManager().createSecurityContext(authentication);
context.setAuthentication(authentication);
event.getSession().setSecurityContext(context);
}
@Override
protected void authenticateOutbound(MuleEvent event)
throws SecurityException, SecurityProviderNotFoundException, CryptoFailureException {
SecurityContext securityContext = event.getSession().getSecurityContext();
if (securityContext == null) {
if (isAuthenticate()) {
throw new UnauthorisedException(event, securityContext, this);
} else {
return;
}
}
Authentication auth = securityContext.getAuthentication();
if (isAuthenticate()) {
auth = getSecurityManager().authenticate(auth);
if (logger.isDebugEnabled()) {
logger.debug("Authentication success: " + auth.toString());
}
}
String token = auth.getCredentials().toString();
String header = new String(strategy.encrypt(token.getBytes(), null));
getCredentialsAccessor().setCredentials(event, header);
}