Coverage Report - org.kuali.rice.kew.web.UserLoginFilter
 
Classes in this File Line Coverage Branch Coverage Complexity
UserLoginFilter
0%
0/64
0%
0/34
2.312
 
 1   
 /*
 2   
  * Copyright 2006-2011 The Kuali Foundation
 3   
  *
 4   
  * Licensed under the Educational Community License, Version 2.0 (the "License");
 5   
  * you may not use this file except in compliance with the License.
 6   
  * You may obtain a copy of the License at
 7   
  *
 8   
  * http://www.opensource.org/licenses/ecl2.php
 9   
  *
 10   
  * Unless required by applicable law or agreed to in writing, software
 11   
  * distributed under the License is distributed on an "AS IS" BASIS,
 12   
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 13   
  * See the License for the specific language governing permissions and
 14   
  * limitations under the License.
 15   
  */
 16   
 
 17   
 package org.kuali.rice.kew.web;
 18   
 
 19   
 import org.apache.commons.lang.StringUtils;
 20   
 import org.apache.log4j.MDC;
 21   
 import org.kuali.rice.core.api.config.property.ConfigurationService;
 22   
 import org.kuali.rice.core.api.resourceloader.GlobalResourceLoader;
 23   
 import org.kuali.rice.core.framework.parameter.ParameterService;
 24   
 import org.kuali.rice.core.framework.services.CoreFrameworkServiceLocator;
 25   
 import org.kuali.rice.kew.util.KEWConstants;
 26   
 import org.kuali.rice.kim.api.identity.principal.Principal;
 27   
 import org.kuali.rice.kim.api.services.IdentityService;
 28   
 import org.kuali.rice.kim.api.services.KimApiServiceLocator;
 29   
 import org.kuali.rice.kim.service.AuthenticationService;
 30   
 import org.kuali.rice.kim.service.PermissionService;
 31   
 import org.kuali.rice.kim.util.KimConstants;
 32   
 import org.kuali.rice.krad.UserSession;
 33   
 import org.kuali.rice.krad.exception.AuthenticationException;
 34   
 import org.kuali.rice.krad.service.KRADServiceLocator;
 35   
 import org.kuali.rice.krad.util.KRADConstants;
 36   
 import org.kuali.rice.krad.util.KRADUtils;
 37   
 
 38   
 import javax.servlet.Filter;
 39   
 import javax.servlet.FilterChain;
 40   
 import javax.servlet.FilterConfig;
 41   
 import javax.servlet.ServletException;
 42   
 import javax.servlet.ServletRequest;
 43   
 import javax.servlet.ServletResponse;
 44   
 import javax.servlet.http.Cookie;
 45   
 import javax.servlet.http.HttpServletRequest;
 46   
 import javax.servlet.http.HttpServletResponse;
 47   
 import javax.xml.namespace.QName;
 48   
 import java.io.IOException;
 49   
 import java.util.Collections;
 50   
 import java.util.UUID;
 51   
 
 52   
 
 53   
 /**
 54   
  * A filter for processing user logins and creating a {@link UserSession}.
 55   
  *
 56   
  * @see UserSession
 57   
  * @author Kuali Rice Team (rice.collab@kuali.org)
 58   
  */
 59  0 
 public class UserLoginFilter implements Filter {
 60   
 
 61   
         private static final String MDC_USER = "user";
 62   
 
 63   
         private IdentityService identityService;
 64   
     private PermissionService permissionService;
 65   
         private ConfigurationService kualiConfigurationService;
 66   
         private ParameterService parameterService;
 67   
 
 68   
         private FilterConfig filterConfig;
 69   
 
 70   
         @Override
 71   
         public void init(FilterConfig config) throws ServletException {
 72  0 
                 this.filterConfig = config;
 73  0 
         }
 74   
 
 75   
         @Override
 76   
         public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
 77  0 
                 this.doFilter((HttpServletRequest) request, (HttpServletResponse) response, chain);
 78  0 
         }
 79   
 
 80   
         private void doFilter(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException {
 81   
 
 82   
                 try {
 83  0 
                         establishUserSession(request);
 84  0 
                         establishSessionCookie(request, response);
 85  0 
                         establishBackdoorUser(request);
 86   
 
 87  0 
                         addToMDC(request);
 88   
 
 89  0 
                         chain.doFilter(request, response);
 90   
                 } finally {
 91  0 
                         removeFromMDC();
 92  0 
                 }
 93   
 
 94  0 
         }
 95   
 
 96   
         @Override
 97   
         public void destroy() {
 98  0 
                 filterConfig = null;
 99  0 
         }
 100   
 
 101   
         /**
 102   
          * Checks if a user can be authenticated and if so establishes a UserSession for that user.
 103   
          */
 104   
         private void establishUserSession(HttpServletRequest request) {
 105  0 
                 if (!isUserSessionEstablished(request)) {
 106  0 
                         String principalName = ((AuthenticationService) GlobalResourceLoader.getResourceLoader().getService(new QName("kimAuthenticationService"))).getPrincipalName(request);
 107  0 
             if (StringUtils.isBlank(principalName)) {
 108  0 
                                 throw new AuthenticationException( "Blank User from AuthenticationService - This should never happen." );
 109   
                         }
 110   
 
 111  0 
                         Principal principal = getIdentityService().getPrincipalByPrincipalName( principalName );
 112  0 
                         if (principal == null) {
 113  0 
                                 throw new AuthenticationException("Unknown User: " + principalName);
 114   
                         }
 115   
 
 116  0 
                         if (!isAuthorizedToLogin(principal.getPrincipalId())) {
 117  0 
                                 throw new AuthenticationException("You cannot log in, because you are not an active Kuali user.\nPlease ask someone to activate your account, if you need to use Kuali Systems.\nThe user id provided was: " + principalName + ".\n");
 118   
                         }
 119   
 
 120  0 
                         final UserSession userSession = new UserSession(principalName);
 121  0 
                         if ( userSession.getPerson() == null ) {
 122  0 
                                 throw new AuthenticationException("Invalid User: " + principalName);
 123   
                         }
 124   
 
 125  0 
                         request.getSession().setAttribute(KRADConstants.USER_SESSION_KEY, userSession);
 126   
                 }
 127  0 
         }
 128   
 
 129   
         /** checks if the passed in principalId is authorized to log in. */
 130   
         private boolean isAuthorizedToLogin(String principalId) {
 131  0 
                 return getPermissionService().isAuthorized(
 132   
                                 principalId,
 133   
                                 KimConstants.KIM_TYPE_DEFAULT_NAMESPACE,
 134   
                                 KimConstants.PermissionNames.LOG_IN,
 135   
                                 null,
 136   
                                 Collections.singletonMap("principalId", principalId));
 137   
         }
 138   
 
 139   
 
 140   
         /**
 141   
          * Creates a session id cookie if one does not exists.  Write the cookie out to the response with that session id.
 142   
          * Also, sets the cookie on the established user session.
 143   
          */
 144   
         private void establishSessionCookie(HttpServletRequest request, HttpServletResponse response) {
 145  0 
                 String kualiSessionId = this.getKualiSessionId(request.getCookies());
 146  0 
                 if (kualiSessionId == null) {
 147  0 
                         kualiSessionId = UUID.randomUUID().toString();
 148  0 
                         response.addCookie(new Cookie(KRADConstants.KUALI_SESSION_ID, kualiSessionId));
 149   
                 }
 150  0 
                 KRADUtils.getUserSessionFromRequest(request).setKualiSessionId(kualiSessionId);
 151  0 
         }
 152   
 
 153   
         /** gets the kuali session id from an array of cookies.  If a session id does not exist returns null. */
 154   
         private String getKualiSessionId(final Cookie[] cookies) {
 155  0 
                 if (cookies != null) {
 156  0 
                         for (Cookie cookie : cookies) {
 157  0 
                                 if (KRADConstants.KUALI_SESSION_ID.equals(cookie.getName())) {
 158  0 
                                         return cookie.getValue();
 159   
                                 }
 160   
                         }
 161   
                 }
 162  0 
                 return null;
 163   
         }
 164   
 
 165   
         /** establishes the backdoor user on the established user id if backdoor capabilities are valid. */
 166   
         private void establishBackdoorUser(HttpServletRequest request) {
 167  0 
                 final String backdoor = request.getParameter(KRADConstants.BACKDOOR_PARAMETER);
 168   
 
 169  0 
                 if ( StringUtils.isNotBlank(backdoor) ) {
 170  0 
                         if ( !getKualiConfigurationService().isProductionEnvironment() ) {
 171  0 
                                 if ( getParameterService().getParameterValueAsBoolean(KRADConstants.KUALI_RICE_WORKFLOW_NAMESPACE, KRADConstants.DetailTypes.BACKDOOR_DETAIL_TYPE, KEWConstants.SHOW_BACK_DOOR_LOGIN_IND) ) {
 172  0 
                                         KRADUtils.getUserSessionFromRequest(request).setBackdoorUser(backdoor);
 173   
                                 }
 174   
                         }
 175   
                 }
 176  0 
         }
 177   
 
 178   
         private void addToMDC(HttpServletRequest request) {
 179  0 
                 MDC.put(MDC_USER, KRADUtils.getUserSessionFromRequest(request).getPrincipalId());
 180  0 
         }
 181   
 
 182   
         private void removeFromMDC() {
 183  0 
                 MDC.remove(MDC_USER);
 184  0 
         }
 185   
 
 186   
         /**
 187   
          * Checks if the user who made the request has a UserSession established
 188   
          *
 189   
          * @param request the HTTPServletRequest object passed in
 190   
          * @return true if the user session has been established, false otherwise
 191   
          */
 192   
         private boolean isUserSessionEstablished(HttpServletRequest request) {
 193  0 
                 return (request.getSession().getAttribute(KRADConstants.USER_SESSION_KEY) != null);
 194   
         }
 195   
 
 196   
     private IdentityService getIdentityService() {
 197  0 
             if (this.identityService == null) {
 198  0 
                     this.identityService = KimApiServiceLocator.getIdentityService();
 199   
             }
 200   
 
 201  0 
             return this.identityService;
 202   
     }
 203   
 
 204   
     private PermissionService getPermissionService() {
 205  0 
             if (this.permissionService == null) {
 206  0 
                     this.permissionService = KimApiServiceLocator.getPermissionService();
 207   
             }
 208   
 
 209  0 
             return this.permissionService;
 210   
     }
 211   
 
 212   
     private ConfigurationService getKualiConfigurationService() {
 213  0 
             if (this.kualiConfigurationService == null) {
 214  0 
                     this.kualiConfigurationService = KRADServiceLocator.getKualiConfigurationService();
 215   
             }
 216   
 
 217  0 
             return this.kualiConfigurationService;
 218   
     }
 219   
 
 220   
     private ParameterService getParameterService() {
 221  0 
             if (this.parameterService == null) {
 222  0 
                     this.parameterService = CoreFrameworkServiceLocator.getParameterService();
 223   
             }
 224   
 
 225  0 
             return this.parameterService;
 226   
     }
 227   
 }
Report generated by Cobertura 1.9.4.1 on 7/11/11 4:47 AM.