Package org.mule.module.cxf.support

Source Code of org.mule.module.cxf.support.MuleSecurityManagerValidator

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
/*
* Copyright (c) MuleSoft, Inc.  All rights reserved.  http://www.mulesoft.com
* The software in this package is published under the terms of the CPAL v1.0
* license, a copy of which has been included with this distribution in the
* LICENSE.txt file.
*/
package org.mule.module.cxf.support;

import org.mule.RequestContext;
import org.mule.api.security.*;
import org.mule.security.DefaultMuleAuthentication;
import org.mule.security.MuleCredentials;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.ws.security.WSSecurityException;
import org.apache.ws.security.handler.RequestData;
import org.apache.ws.security.validate.Credential;
import org.apache.ws.security.validate.Validator;

/**
*  Integrates mule spring security with CXF ws-security
*/
public class MuleSecurityManagerValidator implements Validator
{
    private static Log logger = LogFactory.getLog(MuleSecurityManagerValidator.class);
   
    private org.mule.api.security.SecurityManager securityManager;

    public Credential validate(Credential credential, RequestData data) throws WSSecurityException
    {
        if (credential == null || credential.getUsernametoken() == null) {
            throw new WSSecurityException(WSSecurityException.FAILURE, "noCredential");
        }

        DefaultMuleAuthentication auth = new DefaultMuleAuthentication(
            new MuleCredentials(credential.getUsernametoken().getName(), credential.getUsernametoken().getPassword().toCharArray()));

        try
        {
          Authentication authentication = securityManager.authenticate(auth);

          SecurityContext secContext = null;
          try
          {
              secContext = securityManager.createSecurityContext(authentication);
              secContext.setAuthentication(authentication);
          }
          catch (UnknownAuthenticationTypeException e)
          {
              logger.warn("Could not create security context after having successfully authenticated.", e);
          }
          RequestContext.getEvent().getSession().setSecurityContext(secContext);
        }
        catch (org.mule.api.security.SecurityException e)
        {
            throw new WSSecurityException(WSSecurityException.FAILED_AUTHENTICATION, null, null, e);
        }
        catch (SecurityProviderNotFoundException e)
        {
            throw new WSSecurityException(WSSecurityException.FAILED_AUTHENTICATION, null, null, e);
        }

        return credential;
    }

    public void setSecurityManager(org.mule.api.security.SecurityManager securityManager)
    {
        this.securityManager = securityManager;
    }

}
TOP

Related Classes of org.mule.module.cxf.support.MuleSecurityManagerValidator

  • org.mule.module.cxf.builder.WebServiceMessageProcessorBuilderTestCase
  • org.mule.security.DefaultMuleAuthentication
  • org.mule.security.MuleCredentials
  • org.apache.ws.security.WSSecurityException
    • TOP
    Copyright © 2018 www.massapi.com. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.