Coverage Report - org.kuali.rice.kew.web.UserLoginFilter
 
Classes in this File Line Coverage Branch Coverage Complexity
UserLoginFilter
0%
0/64
0%
0/34
2.312
 
 1   
 /**
 2   
  * Copyright 2005-2011 The Kuali Foundation
 3   
  *
 4   
  * Licensed under the Educational Community License, Version 2.0 (the "License");
 5   
  * you may not use this file except in compliance with the License.
 6   
  * You may obtain a copy of the License at
 7   
  *
 8   
  * http://www.opensource.org/licenses/ecl2.php
 9   
  *
 10   
  * Unless required by applicable law or agreed to in writing, software
 11   
  * distributed under the License is distributed on an "AS IS" BASIS,
 12   
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 13   
  * See the License for the specific language governing permissions and
 14   
  * limitations under the License.
 15   
  */
 16   
 package org.kuali.rice.kew.web;
 17   
 
 18   
 import org.apache.commons.lang.StringUtils;
 19   
 import org.apache.log4j.MDC;
 20   
 import org.kuali.rice.core.api.config.property.ConfigurationService;
 21   
 import org.kuali.rice.core.api.resourceloader.GlobalResourceLoader;
 22   
 import org.kuali.rice.core.framework.parameter.ParameterService;
 23   
 import org.kuali.rice.core.framework.services.CoreFrameworkServiceLocator;
 24   
 import org.kuali.rice.kew.api.KewApiConstants;
 25   
 import org.kuali.rice.kim.api.KimConstants;
 26   
 import org.kuali.rice.kim.api.identity.AuthenticationService;
 27   
 import org.kuali.rice.kim.api.identity.IdentityService;
 28   
 import org.kuali.rice.kim.api.identity.principal.Principal;
 29   
 import org.kuali.rice.kim.api.permission.PermissionService;
 30   
 import org.kuali.rice.kim.api.services.KimApiServiceLocator;
 31   
 import org.kuali.rice.krad.UserSession;
 32   
 import org.kuali.rice.krad.exception.AuthenticationException;
 33   
 import org.kuali.rice.krad.service.KRADServiceLocator;
 34   
 import org.kuali.rice.krad.util.KRADConstants;
 35   
 import org.kuali.rice.krad.util.KRADUtils;
 36   
 
 37   
 import javax.servlet.Filter;
 38   
 import javax.servlet.FilterChain;
 39   
 import javax.servlet.FilterConfig;
 40   
 import javax.servlet.ServletException;
 41   
 import javax.servlet.ServletRequest;
 42   
 import javax.servlet.ServletResponse;
 43   
 import javax.servlet.http.Cookie;
 44   
 import javax.servlet.http.HttpServletRequest;
 45   
 import javax.servlet.http.HttpServletResponse;
 46   
 import javax.xml.namespace.QName;
 47   
 import java.io.IOException;
 48   
 import java.util.Collections;
 49   
 import java.util.UUID;
 50   
 
 51   
 
 52   
 /**
 53   
  * A filter for processing user logins and creating a {@link UserSession}.
 54   
  *
 55   
  * @see UserSession
 56   
  * @author Kuali Rice Team (rice.collab@kuali.org)
 57   
  */
 58  0 
 public class UserLoginFilter implements Filter {
 59   
 
 60   
         private static final String MDC_USER = "user";
 61   
 
 62   
         private IdentityService identityService;
 63   
     private PermissionService permissionService;
 64   
         private ConfigurationService kualiConfigurationService;
 65   
         private ParameterService parameterService;
 66   
 
 67   
         private FilterConfig filterConfig;
 68   
 
 69   
         @Override
 70   
         public void init(FilterConfig config) throws ServletException {
 71  0 
                 this.filterConfig = config;
 72  0 
         }
 73   
 
 74   
         @Override
 75   
         public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
 76  0 
                 this.doFilter((HttpServletRequest) request, (HttpServletResponse) response, chain);
 77  0 
         }
 78   
 
 79   
         private void doFilter(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException {
 80   
 
 81   
                 try {
 82  0 
                         establishUserSession(request);
 83  0 
                         establishSessionCookie(request, response);
 84  0 
                         establishBackdoorUser(request);
 85   
 
 86  0 
                         addToMDC(request);
 87   
 
 88  0 
                         chain.doFilter(request, response);
 89   
                 } finally {
 90  0 
                         removeFromMDC();
 91  0 
                 }
 92   
 
 93  0 
         }
 94   
 
 95   
         @Override
 96   
         public void destroy() {
 97  0 
                 filterConfig = null;
 98  0 
         }
 99   
 
 100   
         /**
 101   
          * Checks if a user can be authenticated and if so establishes a UserSession for that user.
 102   
          */
 103   
         private void establishUserSession(HttpServletRequest request) {
 104  0 
                 if (!isUserSessionEstablished(request)) {
 105  0 
                         String principalName = ((AuthenticationService) GlobalResourceLoader.getResourceLoader().getService(new QName("kimAuthenticationService"))).getPrincipalName(request);
 106  0 
             if (StringUtils.isBlank(principalName)) {
 107  0 
                                 throw new AuthenticationException( "Blank User from AuthenticationService - This should never happen." );
 108   
                         }
 109   
 
 110  0 
                         Principal principal = getIdentityService().getPrincipalByPrincipalName( principalName );
 111  0 
                         if (principal == null) {
 112  0 
                                 throw new AuthenticationException("Unknown User: " + principalName);
 113   
                         }
 114   
 
 115  0 
                         if (!isAuthorizedToLogin(principal.getPrincipalId())) {
 116  0 
                                 throw new AuthenticationException("You cannot log in, because you are not an active Kuali user.\nPlease ask someone to activate your account if you need to use Kuali Systems.\nThe user id provided was: " + principalName + ".\n");
 117   
                         }
 118   
 
 119  0 
                         final UserSession userSession = new UserSession(principalName);
 120  0 
                         if ( userSession.getPerson() == null ) {
 121  0 
                                 throw new AuthenticationException("Invalid User: " + principalName);
 122   
                         }
 123   
 
 124  0 
                         request.getSession().setAttribute(KRADConstants.USER_SESSION_KEY, userSession);
 125   
                 }
 126  0 
         }
 127   
 
 128   
         /** checks if the passed in principalId is authorized to log in. */
 129   
         private boolean isAuthorizedToLogin(String principalId) {
 130  0 
                 return getPermissionService().isAuthorized(
 131   
                                 principalId,
 132   
                                 KimConstants.KIM_TYPE_DEFAULT_NAMESPACE,
 133   
                                 KimConstants.PermissionNames.LOG_IN,
 134   
                                 Collections.<String, String>emptyMap(),
 135   
                                 Collections.singletonMap("principalId", principalId));
 136   
         }
 137   
 
 138   
 
 139   
         /**
 140   
          * Creates a session id cookie if one does not exists.  Write the cookie out to the response with that session id.
 141   
          * Also, sets the cookie on the established user session.
 142   
          */
 143   
         private void establishSessionCookie(HttpServletRequest request, HttpServletResponse response) {
 144  0 
                 String kualiSessionId = this.getKualiSessionId(request.getCookies());
 145  0 
                 if (kualiSessionId == null) {
 146  0 
                         kualiSessionId = UUID.randomUUID().toString();
 147  0 
                         response.addCookie(new Cookie(KRADConstants.KUALI_SESSION_ID, kualiSessionId));
 148   
                 }
 149  0 
                 KRADUtils.getUserSessionFromRequest(request).setKualiSessionId(kualiSessionId);
 150  0 
         }
 151   
 
 152   
         /** gets the kuali session id from an array of cookies.  If a session id does not exist returns null. */
 153   
         private String getKualiSessionId(final Cookie[] cookies) {
 154  0 
                 if (cookies != null) {
 155  0 
                         for (Cookie cookie : cookies) {
 156  0 
                                 if (KRADConstants.KUALI_SESSION_ID.equals(cookie.getName())) {
 157  0 
                                         return cookie.getValue();
 158   
                                 }
 159   
                         }
 160   
                 }
 161  0 
                 return null;
 162   
         }
 163   
 
 164   
         /** establishes the backdoor user on the established user id if backdoor capabilities are valid. */
 165   
         private void establishBackdoorUser(HttpServletRequest request) {
 166  0 
                 final String backdoor = request.getParameter(KRADConstants.BACKDOOR_PARAMETER);
 167   
 
 168  0 
                 if ( StringUtils.isNotBlank(backdoor) ) {
 169  0 
                         if ( !getKualiConfigurationService().getPropertyValueAsString(KRADConstants.PROD_ENVIRONMENT_CODE_KEY)
 170   
                 .equalsIgnoreCase(
 171   
                         getKualiConfigurationService().getPropertyValueAsString(KRADConstants.ENVIRONMENT_KEY)) ) {
 172  0 
                                 if ( getParameterService().getParameterValueAsBoolean(KRADConstants.KUALI_RICE_WORKFLOW_NAMESPACE, KRADConstants.DetailTypes.BACKDOOR_DETAIL_TYPE, KewApiConstants.SHOW_BACK_DOOR_LOGIN_IND) ) {
 173  0 
                                         KRADUtils.getUserSessionFromRequest(request).setBackdoorUser(backdoor);
 174   
                                 }
 175   
                         }
 176   
                 }
 177  0 
         }
 178   
 
 179   
         private void addToMDC(HttpServletRequest request) {
 180  0 
                 MDC.put(MDC_USER, KRADUtils.getUserSessionFromRequest(request).getPrincipalId());
 181  0 
         }
 182   
 
 183   
         private void removeFromMDC() {
 184  0 
                 MDC.remove(MDC_USER);
 185  0 
         }
 186   
 
 187   
         /**
 188   
          * Checks if the user who made the request has a UserSession established
 189   
          *
 190   
          * @param request the HTTPServletRequest object passed in
 191   
          * @return true if the user session has been established, false otherwise
 192   
          */
 193   
         private boolean isUserSessionEstablished(HttpServletRequest request) {
 194  0 
                 return (request.getSession().getAttribute(KRADConstants.USER_SESSION_KEY) != null);
 195   
         }
 196   
 
 197   
     private IdentityService getIdentityService() {
 198  0 
             if (this.identityService == null) {
 199  0 
                     this.identityService = KimApiServiceLocator.getIdentityService();
 200   
             }
 201   
 
 202  0 
             return this.identityService;
 203   
     }
 204   
 
 205   
     private PermissionService getPermissionService() {
 206  0 
             if (this.permissionService == null) {
 207  0 
                     this.permissionService = KimApiServiceLocator.getPermissionService();
 208   
             }
 209   
 
 210  0 
             return this.permissionService;
 211   
     }
 212   
 
 213   
     private ConfigurationService getKualiConfigurationService() {
 214  0 
             if (this.kualiConfigurationService == null) {
 215  0 
                     this.kualiConfigurationService = KRADServiceLocator.getKualiConfigurationService();
 216   
             }
 217   
 
 218  0 
             return this.kualiConfigurationService;
 219   
     }
 220   
 
 221   
     private ParameterService getParameterService() {
 222  0 
             if (this.parameterService == null) {
 223  0 
                     this.parameterService = CoreFrameworkServiceLocator.getParameterService();
 224   
             }
 225   
 
 226  0 
             return this.parameterService;
 227   
     }
 228   
 }
Report generated by Cobertura 1.9.4.1 on 11/7/11 11:56 AM.