Examples with UnauthorisedException org.mule.runtime.api.security.UnauthorisedException used on opensource projects

Example 1 with UnauthorisedException

use of org.mule.runtime.api.security.UnauthorisedException in project mule by mulesoft.

the class UsernamePasswordAuthenticationFilter method authenticate.

/**
 * Authenticates the current message.
 *
 * @param event the current message recieved
 * @throws SecurityException if authentication fails
 */
@Override
public SecurityContext authenticate(CoreEvent event) throws SecurityException, SecurityProviderNotFoundException, UnknownAuthenticationTypeException {
    Authentication authentication = getAuthenticationToken(event);
    Authentication authResult;
    try {
        authResult = getSecurityManager().authenticate(authentication);
    } catch (UnauthorisedException e) {
        // Authentication failed
        if (logger.isDebugEnabled()) {
            logger.debug("Authentication request for user: " + username + " failed: " + e.toString());
        }
        throw new UnauthorisedException(authFailedForUser(authentication.getPrincipal().toString()), e);
    }
    // Authentication success
    if (logger.isDebugEnabled()) {
        logger.debug("Authentication success: " + authResult.toString());
    }
    SecurityContext context = getSecurityManager().createSecurityContext(authResult);
    context.setAuthentication(authResult);
    return context;
}

Example 2 with UnauthorisedException

use of org.mule.runtime.api.security.UnauthorisedException in project mule by mulesoft.

the class UsernamePasswordAuthenticationFilter method getAuthenticationToken.

protected Authentication getAuthenticationToken(CoreEvent event) throws UnauthorisedException {
    ExpressionManager expressionManager = (ExpressionManager) registry.lookupByName(OBJECT_EXPRESSION_MANAGER).get();
    Object usernameEval = expressionManager.evaluate(username, event).getValue();
    Object passwordEval = expressionManager.evaluate(password, event).getValue();
    if (usernameEval == null) {
        throw new UnauthorisedException(authNoCredentials());
    }
    if (passwordEval == null) {
        throw new UnauthorisedException(authNoCredentials());
    }
    return new DefaultMuleAuthentication(new DefaultMuleCredentials(usernameEval.toString(), passwordEval.toString().toCharArray()));
}

Example 3 with UnauthorisedException

use of org.mule.runtime.api.security.UnauthorisedException in project mule by mulesoft.

the class DefaultMuleSecurityManager method authenticate.

/**
 * {@inheritDoc}
 */
@Override
public Authentication authenticate(Authentication authentication) throws SecurityException, SecurityProviderNotFoundException {
    Iterator<SecurityProvider> iter = providers.values().iterator();
    Class<? extends Authentication> toTest = authentication.getClass();
    while (iter.hasNext()) {
        SecurityProvider provider = iter.next();
        if (provider.supports(toTest)) {
            if (LOGGER.isDebugEnabled()) {
                LOGGER.debug("Authentication attempt using " + provider.getClass().getName());
            }
            Authentication result = null;
            try {
                result = provider.authenticate(authentication);
            } catch (Exception e) {
                if (!iter.hasNext()) {
                    throw new UnauthorisedException(authorizationAttemptFailed(), e);
                }
            }
            if (result != null) {
                return result;
            }
        }
    }
    throw new SecurityProviderNotFoundException(toTest.getName());
}

Example 4 with UnauthorisedException

use of org.mule.runtime.api.security.UnauthorisedException in project mule by mulesoft.

the class MuleEncryptionEndpointSecurityFilter method authenticateInbound.

@Override
protected SecurityContext authenticateInbound(CoreEvent event) throws SecurityException, SecurityProviderNotFoundException, CryptoFailureException, EncryptionStrategyNotFoundException, UnknownAuthenticationTypeException {
    String userHeader = (String) credentialsAccessor.getCredentials(event);
    if (userHeader == null) {
        throw new CredentialsNotSetException(event, event.getSecurityContext(), this);
    }
    Credentials user = new DefaultMuleCredentials(userHeader, getSecurityManager());
    Authentication authentication;
    try {
        authentication = getSecurityManager().authenticate(new DefaultMuleAuthentication(user));
    } catch (Exception e) {
        // Authentication failed
        if (logger.isDebugEnabled()) {
            logger.debug("Authentication request for user: " + user.getUsername() + " failed: " + e.toString());
        }
        throw new UnauthorisedException(authFailedForUser(user.getUsername()), e);
    }
    // Authentication success
    if (logger.isDebugEnabled()) {
        logger.debug("Authentication success: " + authentication.toString());
    }
    SecurityContext context = getSecurityManager().createSecurityContext(authentication);
    context.setAuthentication(authentication);
    return context;
}