Coverage Report - org.kuali.rice.kew.web.UserLoginFilter
 
Classes in this File Line Coverage Branch Coverage Complexity
UserLoginFilter
0%
0/61
0%
0/32
2.333
 
 1   
 /*
 2   
  * Copyright 2006-2011 The Kuali Foundation
 3   
  *
 4   
  * Licensed under the Educational Community License, Version 2.0 (the "License");
 5   
  * you may not use this file except in compliance with the License.
 6   
  * You may obtain a copy of the License at
 7   
  *
 8   
  * http://www.opensource.org/licenses/ecl2.php
 9   
  *
 10   
  * Unless required by applicable law or agreed to in writing, software
 11   
  * distributed under the License is distributed on an "AS IS" BASIS,
 12   
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 13   
  * See the License for the specific language governing permissions and
 14   
  * limitations under the License.
 15   
  */
 16   
 
 17   
 package org.kuali.rice.kew.web;
 18   
 
 19   
 import org.apache.commons.lang.StringUtils;
 20   
 import org.apache.log4j.MDC;
 21   
 import org.kuali.rice.core.api.config.property.ConfigurationService;
 22   
 import org.kuali.rice.core.api.resourceloader.GlobalResourceLoader;
 23   
 import org.kuali.rice.core.framework.parameter.ParameterService;
 24   
 import org.kuali.rice.core.framework.services.CoreFrameworkServiceLocator;
 25   
 import org.kuali.rice.core.api.resourceloader.GlobalResourceLoader;
 26   
 import org.kuali.rice.core.xml.dto.AttributeSet;
 27   
 import org.kuali.rice.kew.util.KEWConstants;
 28   
 import org.kuali.rice.kim.bo.entity.KimPrincipal;
 29   
 import org.kuali.rice.kim.service.AuthenticationService;
 30   
 import org.kuali.rice.kim.service.IdentityManagementService;
 31   
 import org.kuali.rice.kim.service.KIMServiceLocator;
 32   
 import org.kuali.rice.kim.util.KimConstants;
 33   
 import org.kuali.rice.kns.UserSession;
 34   
 import org.kuali.rice.kns.exception.AuthenticationException;
 35   
 import org.kuali.rice.kns.service.KNSServiceLocator;
 36   
 import org.kuali.rice.kns.util.KNSConstants;
 37   
 import org.kuali.rice.kns.util.WebUtils;
 38   
 
 39   
 import javax.servlet.Filter;
 40   
 import javax.servlet.FilterChain;
 41   
 import javax.servlet.FilterConfig;
 42   
 import javax.servlet.ServletException;
 43   
 import javax.servlet.ServletRequest;
 44   
 import javax.servlet.ServletResponse;
 45   
 import javax.servlet.http.Cookie;
 46   
 import javax.servlet.http.HttpServletRequest;
 47   
 import javax.servlet.http.HttpServletResponse;
 48   
 import javax.xml.namespace.QName;
 49   
 import java.io.IOException;
 50   
 import java.util.UUID;
 51   
 
 52   
 
 53   
 /**
 54   
  * A filter for processing user logins and creating a {@link UserSession}.
 55   
  *
 56   
  * @see UserSession
 57   
  * @author Kuali Rice Team (rice.collab@kuali.org)
 58   
  */
 59  0 
 public class UserLoginFilter implements Filter {
 60   
 
 61   
         private static final String MDC_USER = "user";
 62   
 
 63   
         private IdentityManagementService identityManagementService;
 64   
         private ConfigurationService kualiConfigurationService;
 65   
         private ParameterService parameterService;
 66   
 
 67   
         private FilterConfig filterConfig;
 68   
 
 69   
         @Override
 70   
         public void init(FilterConfig config) throws ServletException {
 71  0 
                 this.filterConfig = config;
 72  0 
         }
 73   
 
 74   
         @Override
 75   
         public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
 76  0 
                 this.doFilter((HttpServletRequest) request, (HttpServletResponse) response, chain);
 77  0 
         }
 78   
 
 79   
         private void doFilter(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException {
 80   
 
 81   
                 try {
 82  0 
                         establishUserSession(request);
 83  0 
                         establishSessionCookie(request, response);
 84  0 
                         establishBackdoorUser(request);
 85   
 
 86  0 
                         addToMDC(request);
 87   
 
 88  0 
                         chain.doFilter(request, response);
 89   
                 } finally {
 90  0 
                         removeFromMDC();
 91  0 
                 }
 92   
 
 93  0 
         }
 94   
 
 95   
         @Override
 96   
         public void destroy() {
 97  0 
                 filterConfig = null;
 98  0 
         }
 99   
 
 100   
         /**
 101   
          * Checks if a user can be authenticated and if so establishes a UserSession for that user.
 102   
          */
 103   
         private void establishUserSession(HttpServletRequest request) {
 104  0 
                 if (!isUserSessionEstablished(request)) {
 105  0 
                         String principalName = ((AuthenticationService) GlobalResourceLoader.getResourceLoader().getService(new QName("kimAuthenticationService"))).getPrincipalName(request);
 106  0 
             if (StringUtils.isBlank(principalName)) {
 107  0 
                                 throw new AuthenticationException( "Blank User from AuthenticationService - This should never happen." );
 108   
                         }
 109   
 
 110  0 
                         KimPrincipal principal = getIdentityManagementService().getPrincipalByPrincipalName( principalName );
 111  0 
                         if (principal == null) {
 112  0 
                                 throw new AuthenticationException("Unknown User: " + principalName);
 113   
                         }
 114   
 
 115  0 
                         if (!isAuthorizedToLogin(principal.getPrincipalId())) {
 116  0 
                                 throw new AuthenticationException("You cannot log in, because you are not an active Kuali user.\nPlease ask someone to activate your account, if you need to use Kuali Systems.\nThe user id provided was: " + principalName + ".\n");
 117   
                         }
 118   
 
 119  0 
                         final UserSession userSession = new UserSession(principalName);
 120  0 
                         if ( userSession.getPerson() == null ) {
 121  0 
                                 throw new AuthenticationException("Invalid User: " + principalName);
 122   
                         }
 123   
 
 124  0 
                         request.getSession().setAttribute(KNSConstants.USER_SESSION_KEY, userSession);
 125   
                 }
 126  0 
         }
 127   
 
 128   
         /** checks if the passed in principalId is authorized to log in. */
 129   
         private boolean isAuthorizedToLogin(String principalId) {
 130  0 
                 return getIdentityManagementService().isAuthorized(
 131   
                                 principalId,
 132   
                                 KimConstants.KIM_TYPE_DEFAULT_NAMESPACE,
 133   
                                 KimConstants.PermissionNames.LOG_IN,
 134   
                                 null,
 135   
                                 new AttributeSet("principalId", principalId));
 136   
         }
 137   
 
 138   
 
 139   
         /**
 140   
          * Creates a session id cookie if one does not exists.  Write the cookie out to the response with that session id.
 141   
          * Also, sets the cookie on the established user session.
 142   
          */
 143   
         private void establishSessionCookie(HttpServletRequest request, HttpServletResponse response) {
 144  0 
                 String kualiSessionId = this.getKualiSessionId(request.getCookies());
 145  0 
                 if (kualiSessionId == null) {
 146  0 
                         kualiSessionId = UUID.randomUUID().toString();
 147  0 
                         response.addCookie(new Cookie(KNSConstants.KUALI_SESSION_ID, kualiSessionId));
 148   
                 }
 149  0 
                 WebUtils.getUserSessionFromRequest(request).setKualiSessionId(kualiSessionId);
 150  0 
         }
 151   
 
 152   
         /** gets the kuali session id from an array of cookies.  If a session id does not exist returns null. */
 153   
         private String getKualiSessionId(final Cookie[] cookies) {
 154  0 
                 if (cookies != null) {
 155  0 
                         for (Cookie cookie : cookies) {
 156  0 
                                 if (KNSConstants.KUALI_SESSION_ID.equals(cookie.getName())) {
 157  0 
                                         return cookie.getValue();
 158   
                                 }
 159   
                         }
 160   
                 }
 161  0 
                 return null;
 162   
         }
 163   
 
 164   
         /** establishes the backdoor user on the established user id if backdoor capabilities are valid. */
 165   
         private void establishBackdoorUser(HttpServletRequest request) {
 166  0 
                 final String backdoor = request.getParameter(KNSConstants.BACKDOOR_PARAMETER);
 167   
 
 168  0 
                 if ( StringUtils.isNotBlank(backdoor) ) {
 169  0 
                         if ( !getKualiConfigurationService().isProductionEnvironment() ) {
 170  0 
                                 if ( getParameterService().getParameterValueAsBoolean(KNSConstants.KUALI_RICE_WORKFLOW_NAMESPACE, KNSConstants.DetailTypes.BACKDOOR_DETAIL_TYPE, KEWConstants.SHOW_BACK_DOOR_LOGIN_IND) ) {
 171  0 
                                         WebUtils.getUserSessionFromRequest(request).setBackdoorUser(backdoor);
 172   
                                 }
 173   
                         }
 174   
                 }
 175  0 
         }
 176   
 
 177   
         private void addToMDC(HttpServletRequest request) {
 178  0 
                 MDC.put(MDC_USER, WebUtils.getUserSessionFromRequest(request).getPrincipalId());
 179  0 
         }
 180   
 
 181   
         private void removeFromMDC() {
 182  0 
                 MDC.remove(MDC_USER);
 183  0 
         }
 184   
 
 185   
         /**
 186   
          * Checks if the user who made the request has a UserSession established
 187   
          *
 188   
          * @param request the HTTPServletRequest object passed in
 189   
          * @return true if the user session has been established, false otherwise
 190   
          */
 191   
         private boolean isUserSessionEstablished(HttpServletRequest request) {
 192  0 
                 return (request.getSession().getAttribute(KNSConstants.USER_SESSION_KEY) != null);
 193   
         }
 194   
 
 195   
     private IdentityManagementService getIdentityManagementService() {
 196  0 
             if (this.identityManagementService == null) {
 197  0 
                     this.identityManagementService = KIMServiceLocator.getIdentityManagementService();
 198   
             }
 199   
 
 200  0 
             return this.identityManagementService;
 201   
     }
 202   
 
 203   
     private ConfigurationService getKualiConfigurationService() {
 204  0 
             if (this.kualiConfigurationService == null) {
 205  0 
                     this.kualiConfigurationService = KNSServiceLocator.getKualiConfigurationService();
 206   
             }
 207   
 
 208  0 
             return this.kualiConfigurationService;
 209   
     }
 210   
 
 211   
     private ParameterService getParameterService() {
 212  0 
             if (this.parameterService == null) {
 213  0 
                     this.parameterService = CoreFrameworkServiceLocator.getParameterService();
 214   
             }
 215   
 
 216  0 
             return this.parameterService;
 217   
     }
 218   
 }
Report generated by Cobertura 1.9.4.1 on 5/5/11 4:05 AM.