use of org.mule.runtime.api.security.Credentials in project mule by mulesoft.
the class MuleEncryptionEndpointSecurityFilter method authenticateInbound.
@Override
protected SecurityContext authenticateInbound(CoreEvent event) throws SecurityException, SecurityProviderNotFoundException, CryptoFailureException, EncryptionStrategyNotFoundException, UnknownAuthenticationTypeException {
String userHeader = (String) credentialsAccessor.getCredentials(event);
if (userHeader == null) {
throw new CredentialsNotSetException(event, event.getSecurityContext(), this);
}
Credentials user = new DefaultMuleCredentials(userHeader, getSecurityManager());
Authentication authentication;
try {
authentication = getSecurityManager().authenticate(new DefaultMuleAuthentication(user));
} catch (Exception e) {
// Authentication failed
if (logger.isDebugEnabled()) {
logger.debug("Authentication request for user: " + user.getUsername() + " failed: " + e.toString());
}
throw new UnauthorisedException(authFailedForUser(user.getUsername()), e);
}
// Authentication success
if (logger.isDebugEnabled()) {
logger.debug("Authentication success: " + authentication.toString());
}
SecurityContext context = getSecurityManager().createSecurityContext(authentication);
context.setAuthentication(authentication);
return context;
}
Aggregations