Examples with SecurityException org.mule.runtime.api.security.SecurityException used on opensource projects

Example 1 with SecurityException

use of org.mule.runtime.api.security.SecurityException in project mule by mulesoft.

the class DefaultMuleSecurityManager method authenticate.

/**
 * {@inheritDoc}
 */
@Override
public Authentication authenticate(Authentication authentication) throws SecurityException, SecurityProviderNotFoundException {
    Iterator<SecurityProvider> iter = providers.values().iterator();
    Class<? extends Authentication> toTest = authentication.getClass();
    while (iter.hasNext()) {
        SecurityProvider provider = iter.next();
        if (provider.supports(toTest)) {
            if (LOGGER.isDebugEnabled()) {
                LOGGER.debug("Authentication attempt using " + provider.getClass().getName());
            }
            Authentication result = null;
            try {
                result = provider.authenticate(authentication);
            } catch (Exception e) {
                if (!iter.hasNext()) {
                    throw new UnauthorisedException(authorizationAttemptFailed(), e);
                }
            }
            if (result != null) {
                return result;
            }
        }
    }
    throw new SecurityProviderNotFoundException(toTest.getName());
}

Example 2 with SecurityException

use of org.mule.runtime.api.security.SecurityException in project mule by mulesoft.

the class MuleEncryptionEndpointSecurityFilter method authenticateInbound.

@Override
protected SecurityContext authenticateInbound(CoreEvent event) throws SecurityException, SecurityProviderNotFoundException, CryptoFailureException, EncryptionStrategyNotFoundException, UnknownAuthenticationTypeException {
    String userHeader = (String) credentialsAccessor.getCredentials(event);
    if (userHeader == null) {
        throw new CredentialsNotSetException(event, event.getSecurityContext(), this);
    }
    Credentials user = new DefaultMuleCredentials(userHeader, getSecurityManager());
    Authentication authentication;
    try {
        authentication = getSecurityManager().authenticate(new DefaultMuleAuthentication(user));
    } catch (Exception e) {
        // Authentication failed
        if (logger.isDebugEnabled()) {
            logger.debug("Authentication request for user: " + user.getUsername() + " failed: " + e.toString());
        }
        throw new UnauthorisedException(authFailedForUser(user.getUsername()), e);
    }
    // Authentication success
    if (logger.isDebugEnabled()) {
        logger.debug("Authentication success: " + authentication.toString());
    }
    SecurityContext context = getSecurityManager().createSecurityContext(authentication);
    context.setAuthentication(authentication);
    return context;
}

Example 3 with SecurityException

use of org.mule.runtime.api.security.SecurityException in project mule by mulesoft.

the class AbstractExceptionListener method fireNotification.

protected void fireNotification(Exception ex, CoreEvent event) {
    if (enableNotifications) {
        if (ex.getCause() != null && getCause(ex) instanceof SecurityException) {
            fireNotification(new SecurityNotification((SecurityException) getCause(ex), SECURITY_AUTHENTICATION_FAILED));
        } else {
            Component component = null;
            if (ex instanceof MessagingException) {
                component = ((MessagingException) ex).getFailingComponent();
            }
            fireNotification(new ExceptionNotification(createInfo(event, ex, component), getLocation()));
        }
    }
}