Clover Coverage Report - KS Security 1.2-M5-SNAPSHOT (Aggregated)
Coverage timestamp: Mon Aug 29 2011 06:19:46 EDT
Overview   Package   File
    FRAMES   NO FRAMES     
../../../../../img/srcFileCovDistChart0.png 6% of files have more coverage
44   158   13   11
14   84   0.3   4
4     3.25  
1    
 
  KSRiceDefaultUserDetailsService       Line # 37 44 0% 13 62 0% 0.0
 
No Tests
 
1    /**
2    * Copyright 2010 The Kuali Foundation Licensed under the
3    * Educational Community License, Version 2.0 (the "License"); you may
4    * not use this file except in compliance with the License. You may
5    * obtain a copy of the License at
6    *
7    * http://www.osedu.org/licenses/ECL-2.0
8    *
9    * Unless required by applicable law or agreed to in writing,
10    * software distributed under the License is distributed on an "AS IS"
11    * BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
12    * or implied. See the License for the specific language governing
13    * permissions and limitations under the License.
14    */
15   
16    package org.kuali.student.security.spring;
17   
18    import org.kuali.rice.core.config.Config;
19    import org.kuali.rice.core.config.ConfigContext;
20    import org.kuali.rice.kim.bo.entity.dto.KimPrincipalInfo;
21    import org.kuali.rice.kim.service.IdentityService;
22    import org.kuali.student.common.util.security.UserWithId;
23    import org.springframework.security.GrantedAuthority;
24    import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
25    import org.springframework.security.userdetails.User;
26    import org.springframework.security.userdetails.UserDetails;
27    import org.springframework.security.userdetails.UserDetailsService;
28    import org.springframework.security.userdetails.UsernameNotFoundException;
29    import org.springframework.security.util.AuthorityUtils;
30   
31    /**
32    * This is a description of what this class does.
33    *
34    * @author Kuali Student Team
35    *
36    */
 
37    public class KSRiceDefaultUserDetailsService implements UserDetailsService{
38   
39    private UserWithId ksuser = null;
40    private String password = "";
41   
42    private boolean enabled = true;
43    private boolean nonlocked = true;
44   
45    private IdentityService identityService = null;
46   
47    // Spring Security requires roles to have a prefix of ROLE_ ,
48    // look in org.springframework.security.vote.RoleVoter to change.
49    private GrantedAuthority[] authorities =
50    AuthorityUtils.commaSeparatedStringToAuthorityArray("ROLE_KS_ADMIN, ROLE_KS_USER");
51   
 
52  0 toggle public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
53  0 if(username==null || username.equals("")){
54  0 throw new UsernameNotFoundException("Username cannot be null or empty");
55    }
56   
57  0 Config config = ConfigContext.getCurrentContextConfig();
58  0 String ksIgnoreRiceLogin = config.getProperty("ks.ignore.rice.login");
59   
60    // if property was not set in a config file then
61    // it will be null and it falls through to the identityService code.
62  0 if(Boolean.valueOf(ksIgnoreRiceLogin) == true){
63  0 return new User(username, password, enabled, true, true, nonlocked, authorities);
64    }
65   
66  0 KimPrincipalInfo kimPrincipalInfo = null;
67  0 kimPrincipalInfo = identityService.getPrincipalByPrincipalName(username);
68   
69  0 String userId;
70  0 if (null != kimPrincipalInfo) {
71  0 username = kimPrincipalInfo.getPrincipalName();
72  0 userId = kimPrincipalInfo.getPrincipalId();
73    } else {
74    // When a UsernameNotFoundException is thrown, spring security will proceed to the next AuthenticationProvider on the list.
75    // When Rice is running and username is not found in KIM, we want authentication to stop and allow the user to enter the correct username.
76    // to do this we need to throw a AccountStatusException and not UsernameNotFoundException.
77  0 throw new KimUserNotFoundException("Invalid username or password");
78    }
79  0 ksuser = new UserWithId(username, password, enabled, true, true, nonlocked, authorities);
80  0 ksuser.setUserId(userId);
81  0 return ksuser;
82    }
83   
 
84  0 toggle public UserDetails loadUserByUsernameAndToken(String username, UsernamePasswordAuthenticationToken authentication) throws UsernameNotFoundException {
85  0 if(username==null || username.equals("")){
86  0 throw new UsernameNotFoundException("Username cannot be null or empty");
87    }
88   
89  0 Config config = ConfigContext.getCurrentContextConfig();
90  0 String ksIgnoreRiceLogin = config.getProperty("ks.ignore.rice.login");
91   
92    // if property was not set in a config file then
93    // it will be null and it falls through to the identityService code.
94    // -----------------
95    // Here starts a new comment
96    // ------------------
97    // J.Jacobus Roos -- I changed this since the return of a valid principal ID is crucial 4 workflow
98    // thus I use the getPrincipalByPrincipalName which doesn't require me 2 know the password.
99    // by changing the ks.ignore.rice.login 2 false this step will be skipped and the proper soap method
100    // will be called which include the username and password.
101    // PS: the previous comment is not true anymore since I do not let it fall thru. I populate it with
102    // all the values from Rice. The fact that it fell thru in the past was a quick way to allowing people
103    // to login without knowing the password. This was good for testing, but that service did not include
104    // the functionality 2 load the correct details(principalId) of the logged in person... thus that service return
105    // principalId and principalName as the same value... which breaks workflow.
106   
107    // So it is funny since now the people had 2 change the principalIds in the db to the same as the principalname
108    // What a crude workaround... please communicate people...
109   
110   
111  0 if(Boolean.valueOf(ksIgnoreRiceLogin) == true){
112  0 KimPrincipalInfo kimPrincipalInfo;
113  0 kimPrincipalInfo = identityService.getPrincipalByPrincipalName(username);
114  0 String userId;
115  0 if (null != kimPrincipalInfo) {
116  0 username = kimPrincipalInfo.getPrincipalName();
117  0 userId = kimPrincipalInfo.getPrincipalId();
118    } else {
119    // When a UsernameNotFoundException is thrown, spring security will proceed to the next AuthenticationProvider on the list.
120    // When Rice is running and username is not found in KIM, we want authentication to stop and allow the user to enter the correct username.
121    // to do this we need to throw a AccountStatusException and not UsernameNotFoundException.
122    //System.out.println("kimPrincipalInfo is null ");
123  0 throw new KimUserNotFoundException("Invalid username or password");
124    }
125  0 ksuser = new UserWithId(username, password, enabled, true, true, nonlocked, authorities);
126  0 ksuser.setUserId(userId);
127  0 return ksuser;
128    }
129   
130  0 password = (String)authentication.getCredentials();
131   
132  0 KimPrincipalInfo kimPrincipalInfo = null;
133   
134  0 kimPrincipalInfo = identityService.getPrincipalByPrincipalNameAndPassword(username, password);
135  0 String userId;
136  0 if (null != kimPrincipalInfo) {
137  0 username = kimPrincipalInfo.getPrincipalName();
138  0 userId = kimPrincipalInfo.getPrincipalId();
139    } else {
140    // When a UsernameNotFoundException is thrown, spring security will proceed to the next AuthenticationProvider on the list.
141    // When Rice is running and username is not found in KIM, we want authentication to stop and allow the user to enter the correct username.
142    // to do this we need to throw a AccountStatusException and not UsernameNotFoundException.
143    //System.out.println("kimPrincipalInfo is null ");
144  0 throw new KimUserNotFoundException("Invalid username or password");
145    }
146  0 ksuser = new UserWithId(username, password, enabled, true, true, nonlocked, authorities);
147  0 ksuser.setUserId(userId);
148  0 return ksuser;
149    }
150   
 
151  0 toggle public void setAuthorities(String[] roles) {
152  0 this.authorities = AuthorityUtils.stringArrayToAuthorityArray(roles);
153    }
154   
 
155  0 toggle public void setIdentityService(IdentityService identityService) {
156  0 this.identityService = identityService;
157    }
158    }
 
CloverReport generated by Clover Code Coverage v3.0.2
Mon Aug 29 2011 06:19:53 EDT.		   Clover: Open Source License registered to University of Arizona.