Coverage Report - org.kuali.rice.kew.web.DummyLoginFilter
 
Classes in this File Line Coverage Branch Coverage Complexity
DummyLoginFilter
0%
0/32
0%
0/14
2.8
DummyLoginFilter$1
0%
0/2
N/A
N/A
2.8
 
 1   
 /*
 2   
  * Copyright 2005-2008 The Kuali Foundation
 3   
  *
 4   
  *
 5   
  * Licensed under the Educational Community License, Version 2.0 (the "License");
 6   
  * you may not use this file except in compliance with the License.
 7   
  * You may obtain a copy of the License at
 8   
  *
 9   
  * http://www.opensource.org/licenses/ecl2.php
 10   
  *
 11   
  * Unless required by applicable law or agreed to in writing, software
 12   
  * distributed under the License is distributed on an "AS IS" BASIS,
 13   
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 14   
  * See the License for the specific language governing permissions and
 15   
  * limitations under the License.
 16   
  */
 17   
 package org.kuali.rice.kew.web;
 18   
 
 19   
 import java.io.IOException;
 20   
 
 21   
 import javax.servlet.Filter;
 22   
 import javax.servlet.FilterChain;
 23   
 import javax.servlet.FilterConfig;
 24   
 import javax.servlet.ServletException;
 25   
 import javax.servlet.ServletRequest;
 26   
 import javax.servlet.ServletResponse;
 27   
 import javax.servlet.http.HttpServletRequest;
 28   
 import javax.servlet.http.HttpServletRequestWrapper;
 29   
 
 30   
 import org.kuali.rice.kew.web.session.UserSession;
 31   
 import org.kuali.rice.kim.bo.entity.KimPrincipal;
 32   
 import org.kuali.rice.kim.service.IdentityManagementService;
 33   
 import org.kuali.rice.kim.service.KIMServiceLocator;
 34   
 
 35   
 /**
 36   
  * A login filter which forwards to a login page that allows for the desired
 37   
  * authentication ID to be entered without the need for a password.
 38   
  *
 39   
  * @author Kuali Rice Team (rice.collab@kuali.org)
 40   
  */
 41  0 
 public class DummyLoginFilter implements Filter {
 42   
     private String loginPath;
 43  0 
     private boolean showPassword = false;
 44   
     public void init(FilterConfig config) throws ServletException {
 45  0 
         loginPath = config.getInitParameter("loginPath");
 46  0 
         showPassword = new Boolean(config.getInitParameter("showPassword"));
 47  0 
         if (loginPath == null) {
 48  0 
             loginPath = "/WEB-INF/jsp/dummy_login.jsp";
 49   
         }
 50  0 
     }
 51   
 
 52   
         public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
 53  0 
         if (request instanceof HttpServletRequest) {
 54  0 
             HttpServletRequest hsreq = (HttpServletRequest) request;
 55  0 
             UserSession session = null;
 56  0 
             if (UserLoginFilter.isUserSessionEstablished(hsreq)) {
 57  0 
                     session = UserLoginFilter.getUserSession(hsreq);
 58   
             }
 59  0 
             if (session == null) {
 60  0 
                     IdentityManagementService auth = KIMServiceLocator.getIdentityManagementService();
 61  0 
                            request.setAttribute("showPasswordField", showPassword);
 62  0 
                 final String user = request.getParameter("__login_user");
 63  0 
                 final String password = request.getParameter("__login_pw");
 64  0 
                 if (user != null) {
 65   
                         // Very simple password checking. Nothing hashed or encrypted. This is strictly for demonstration purposes only.
 66  0 
                         final KimPrincipal principal = showPassword ? auth.getPrincipalByPrincipalNameAndPassword(user, password) : auth.getPrincipalByPrincipalName(user);
 67  0 
                         if (principal == null) {
 68  0 
                                 handleInvalidLogin(request, response);
 69  0 
                                 return;
 70   
                         } else {
 71   
                         // wrap the request with the remote user
 72   
                         // UserLoginFilter and WebAuthenticationService will create the session
 73  0 
                         request = new HttpServletRequestWrapper(hsreq) {
 74   
                             public String getRemoteUser() {
 75  0 
                                 return user;
 76   
                             }
 77   
                         };
 78   
                         }
 79  0 
                 } else {
 80   
                     // no session has been established and this is not a login form submission, so forward to login page
 81  0 
                     request.getRequestDispatcher(loginPath).forward(request, response);
 82  0 
                     return;
 83   
                 }
 84   
             }
 85   
         }
 86  0 
         chain.doFilter(request, response);
 87  0 
     }
 88   
 
 89   
         /**
 90   
          * Handles and invalid login attempt.
 91   
          *
 92   
          * @param request the incoming request
 93   
          * @param response the outgoing response
 94   
          * @throws ServletException if unable to handle the invalid login
 95   
          * @throws IOException if unable to handle the invalid login
 96   
          */
 97   
         private void handleInvalidLogin(ServletRequest request, ServletResponse response) throws ServletException, IOException {
 98  0 
                 request.setAttribute("invalidAuth", Boolean.TRUE);
 99  0 
                 request.getRequestDispatcher(loginPath).forward(request, response);
 100  0 
         }
 101   
 
 102   
     public void destroy() {
 103  0 
     }
 104   
 }
Report generated by Cobertura 1.9.4.1 on 2/8/11 2:30 PM.