Coverage Report - org.kuali.rice.kew.web.UserLoginFilter
 
Classes in this File Line Coverage Branch Coverage Complexity
UserLoginFilter
0%
0/64
0%
0/34
2.312
 
 1   
 /*
 2   
  * Copyright 2006-2011 The Kuali Foundation
 3   
  *
 4   
  * Licensed under the Educational Community License, Version 2.0 (the "License");
 5   
  * you may not use this file except in compliance with the License.
 6   
  * You may obtain a copy of the License at
 7   
  *
 8   
  * http://www.opensource.org/licenses/ecl2.php
 9   
  *
 10   
  * Unless required by applicable law or agreed to in writing, software
 11   
  * distributed under the License is distributed on an "AS IS" BASIS,
 12   
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 13   
  * See the License for the specific language governing permissions and
 14   
  * limitations under the License.
 15   
  */
 16   
 
 17   
 package org.kuali.rice.kew.web;
 18   
 
 19   
 import org.apache.commons.lang.StringUtils;
 20   
 import org.apache.log4j.MDC;
 21   
 import org.kuali.rice.core.api.config.property.ConfigurationService;
 22   
 import org.kuali.rice.core.api.resourceloader.GlobalResourceLoader;
 23   
 import org.kuali.rice.core.framework.parameter.ParameterService;
 24   
 import org.kuali.rice.core.framework.services.CoreFrameworkServiceLocator;
 25   
 import org.kuali.rice.kew.util.KEWConstants;
 26   
 import org.kuali.rice.kim.api.identity.IdentityService;
 27   
 import org.kuali.rice.kim.api.identity.principal.Principal;
 28   
 import org.kuali.rice.kim.api.services.KimApiServiceLocator;
 29   
 import org.kuali.rice.kim.service.AuthenticationService;
 30   
 import org.kuali.rice.kim.service.PermissionService;
 31   
 import org.kuali.rice.kim.util.KimConstants;
 32   
 import org.kuali.rice.krad.UserSession;
 33   
 import org.kuali.rice.krad.exception.AuthenticationException;
 34   
 import org.kuali.rice.krad.service.KRADServiceLocator;
 35   
 import org.kuali.rice.krad.util.KRADConstants;
 36   
 import org.kuali.rice.krad.util.KRADUtils;
 37   
 
 38   
 import javax.servlet.Filter;
 39   
 import javax.servlet.FilterChain;
 40   
 import javax.servlet.FilterConfig;
 41   
 import javax.servlet.ServletException;
 42   
 import javax.servlet.ServletRequest;
 43   
 import javax.servlet.ServletResponse;
 44   
 import javax.servlet.http.Cookie;
 45   
 import javax.servlet.http.HttpServletRequest;
 46   
 import javax.servlet.http.HttpServletResponse;
 47   
 import javax.xml.namespace.QName;
 48   
 import java.io.IOException;
 49   
 import java.util.Collections;
 50   
 import java.util.UUID;
 51   
 
 52   
 
 53   
 /**
 54   
  * A filter for processing user logins and creating a {@link UserSession}.
 55   
  *
 56   
  * @see UserSession
 57   
  * @author Kuali Rice Team (rice.collab@kuali.org)
 58   
  */
 59  0 
 public class UserLoginFilter implements Filter {
 60   
 
 61   
         private static final String MDC_USER = "user";
 62   
 
 63   
         private IdentityService identityService;
 64   
     private PermissionService permissionService;
 65   
         private ConfigurationService kualiConfigurationService;
 66   
         private ParameterService parameterService;
 67   
 
 68   
         private FilterConfig filterConfig;
 69   
 
 70   
         @Override
 71   
         public void init(FilterConfig config) throws ServletException {
 72  0 
                 this.filterConfig = config;
 73  0 
         }
 74   
 
 75   
         @Override
 76   
         public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
 77  0 
                 this.doFilter((HttpServletRequest) request, (HttpServletResponse) response, chain);
 78  0 
         }
 79   
 
 80   
         private void doFilter(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException {
 81   
 
 82   
                 try {
 83  0 
                         establishUserSession(request);
 84  0 
                         establishSessionCookie(request, response);
 85  0 
                         establishBackdoorUser(request);
 86   
 
 87  0 
                         addToMDC(request);
 88   
 
 89  0 
                         chain.doFilter(request, response);
 90   
                 } finally {
 91  0 
                         removeFromMDC();
 92  0 
                 }
 93   
 
 94  0 
         }
 95   
 
 96   
         @Override
 97   
         public void destroy() {
 98  0 
                 filterConfig = null;
 99  0 
         }
 100   
 
 101   
         /**
 102   
          * Checks if a user can be authenticated and if so establishes a UserSession for that user.
 103   
          */
 104   
         private void establishUserSession(HttpServletRequest request) {
 105  0 
                 if (!isUserSessionEstablished(request)) {
 106  0 
                         String principalName = ((AuthenticationService) GlobalResourceLoader.getResourceLoader().getService(new QName("kimAuthenticationService"))).getPrincipalName(request);
 107  0 
             if (StringUtils.isBlank(principalName)) {
 108  0 
                                 throw new AuthenticationException( "Blank User from AuthenticationService - This should never happen." );
 109   
                         }
 110   
 
 111  0 
                         Principal principal = getIdentityService().getPrincipalByPrincipalName( principalName );
 112  0 
                         if (principal == null) {
 113  0 
                                 throw new AuthenticationException("Unknown User: " + principalName);
 114   
                         }
 115   
 
 116  0 
                         if (!isAuthorizedToLogin(principal.getPrincipalId())) {
 117  0 
                                 throw new AuthenticationException("You cannot log in, because you are not an active Kuali user.\nPlease ask someone to activate your account, if you need to use Kuali Systems.\nThe user id provided was: " + principalName + ".\n");
 118   
                         }
 119   
 
 120  0 
                         final UserSession userSession = new UserSession(principalName);
 121  0 
                         if ( userSession.getPerson() == null ) {
 122  0 
                                 throw new AuthenticationException("Invalid User: " + principalName);
 123   
                         }
 124   
 
 125  0 
                         request.getSession().setAttribute(KRADConstants.USER_SESSION_KEY, userSession);
 126   
                 }
 127  0 
         }
 128   
 
 129   
         /** checks if the passed in principalId is authorized to log in. */
 130   
         private boolean isAuthorizedToLogin(String principalId) {
 131  0 
                 return getPermissionService().isAuthorized(
 132   
                                 principalId,
 133   
                                 KimConstants.KIM_TYPE_DEFAULT_NAMESPACE,
 134   
                                 KimConstants.PermissionNames.LOG_IN,
 135   
                                 null,
 136   
                                 Collections.singletonMap("principalId", principalId));
 137   
         }
 138   
 
 139   
 
 140   
         /**
 141   
          * Creates a session id cookie if one does not exists.  Write the cookie out to the response with that session id.
 142   
          * Also, sets the cookie on the established user session.
 143   
          */
 144   
         private void establishSessionCookie(HttpServletRequest request, HttpServletResponse response) {
 145  0 
                 String kualiSessionId = this.getKualiSessionId(request.getCookies());
 146  0 
                 if (kualiSessionId == null) {
 147  0 
                         kualiSessionId = UUID.randomUUID().toString();
 148  0 
                         response.addCookie(new Cookie(KRADConstants.KUALI_SESSION_ID, kualiSessionId));
 149   
                 }
 150  0 
                 KRADUtils.getUserSessionFromRequest(request).setKualiSessionId(kualiSessionId);
 151  0 
         }
 152   
 
 153   
         /** gets the kuali session id from an array of cookies.  If a session id does not exist returns null. */
 154   
         private String getKualiSessionId(final Cookie[] cookies) {
 155  0 
                 if (cookies != null) {
 156  0 
                         for (Cookie cookie : cookies) {
 157  0 
                                 if (KRADConstants.KUALI_SESSION_ID.equals(cookie.getName())) {
 158  0 
                                         return cookie.getValue();
 159   
                                 }
 160   
                         }
 161   
                 }
 162  0 
                 return null;
 163   
         }
 164   
 
 165   
         /** establishes the backdoor user on the established user id if backdoor capabilities are valid. */
 166   
         private void establishBackdoorUser(HttpServletRequest request) {
 167  0 
                 final String backdoor = request.getParameter(KRADConstants.BACKDOOR_PARAMETER);
 168   
 
 169  0 
                 if ( StringUtils.isNotBlank(backdoor) ) {
 170  0 
                         if ( !getKualiConfigurationService().getPropertyValueAsString(KRADConstants.PROD_ENVIRONMENT_CODE_KEY)
 171   
                 .equalsIgnoreCase(
 172   
                         getKualiConfigurationService().getPropertyValueAsString(KRADConstants.ENVIRONMENT_KEY)) ) {
 173  0 
                                 if ( getParameterService().getParameterValueAsBoolean(KRADConstants.KUALI_RICE_WORKFLOW_NAMESPACE, KRADConstants.DetailTypes.BACKDOOR_DETAIL_TYPE, KEWConstants.SHOW_BACK_DOOR_LOGIN_IND) ) {
 174  0 
                                         KRADUtils.getUserSessionFromRequest(request).setBackdoorUser(backdoor);
 175   
                                 }
 176   
                         }
 177   
                 }
 178  0 
         }
 179   
 
 180   
         private void addToMDC(HttpServletRequest request) {
 181  0 
                 MDC.put(MDC_USER, KRADUtils.getUserSessionFromRequest(request).getPrincipalId());
 182  0 
         }
 183   
 
 184   
         private void removeFromMDC() {
 185  0 
                 MDC.remove(MDC_USER);
 186  0 
         }
 187   
 
 188   
         /**
 189   
          * Checks if the user who made the request has a UserSession established
 190   
          *
 191   
          * @param request the HTTPServletRequest object passed in
 192   
          * @return true if the user session has been established, false otherwise
 193   
          */
 194   
         private boolean isUserSessionEstablished(HttpServletRequest request) {
 195  0 
                 return (request.getSession().getAttribute(KRADConstants.USER_SESSION_KEY) != null);
 196   
         }
 197   
 
 198   
     private IdentityService getIdentityService() {
 199  0 
             if (this.identityService == null) {
 200  0 
                     this.identityService = KimApiServiceLocator.getIdentityService();
 201   
             }
 202   
 
 203  0 
             return this.identityService;
 204   
     }
 205   
 
 206   
     private PermissionService getPermissionService() {
 207  0 
             if (this.permissionService == null) {
 208  0 
                     this.permissionService = KimApiServiceLocator.getPermissionService();
 209   
             }
 210   
 
 211  0 
             return this.permissionService;
 212   
     }
 213   
 
 214   
     private ConfigurationService getKualiConfigurationService() {
 215  0 
             if (this.kualiConfigurationService == null) {
 216  0 
                     this.kualiConfigurationService = KRADServiceLocator.getKualiConfigurationService();
 217   
             }
 218   
 
 219  0 
             return this.kualiConfigurationService;
 220   
     }
 221   
 
 222   
     private ParameterService getParameterService() {
 223  0 
             if (this.parameterService == null) {
 224  0 
                     this.parameterService = CoreFrameworkServiceLocator.getParameterService();
 225   
             }
 226   
 
 227  0 
             return this.parameterService;
 228   
     }
 229   
 }
Report generated by Cobertura 1.9.4.1 on 7/28/11 3:31 AM.