Acegi Security System for Spring - Resin adapter

Clover coverage report - Acegi Security System for Spring - Resin adapter - 1.0.0-RC1

Coverage timestamp: Mon Dec 5 2005 09:08:29 EST

FRAMES NO FRAMES

file stats:	LOC:	165		Methods:	8
	NCLOC:	97		Classes:	1

Source file

Conditionals

Statements

Methods

TOTAL

ResinAcegiAuthenticator.java

88.9%

97.3%

100%

95.2%

1		/* Copyright 2004, 2005 Acegi Technology Pty Limited
2		*
3		* Licensed under the Apache License, Version 2.0 (the "License");
4		* you may not use this file except in compliance with the License.
5		* You may obtain a copy of the License at
6		*
7		* http://www.apache.org/licenses/LICENSE-2.0
8		*
9		* Unless required by applicable law or agreed to in writing, software
10		* distributed under the License is distributed on an "AS IS" BASIS,
11		* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12		* See the License for the specific language governing permissions and
13		* limitations under the License.
14		*/
15
16		package org.acegisecurity.adapters.resin;
17
18		import com.caucho.http.security.AbstractAuthenticator;
19
20		import org.acegisecurity.Authentication;
21		import org.acegisecurity.AuthenticationException;
22		import org.acegisecurity.AuthenticationManager;
23
24		import org.acegisecurity.adapters.PrincipalAcegiUserToken;
25
26		import org.acegisecurity.providers.UsernamePasswordAuthenticationToken;
27
28		import org.apache.commons.logging.Log;
29		import org.apache.commons.logging.LogFactory;
30
31		import org.springframework.context.support.ClassPathXmlApplicationContext;
32
33		import java.security.Principal;
34
35		import java.util.Map;
36
37		import javax.servlet.ServletContext;
38		import javax.servlet.ServletException;
39		import javax.servlet.http.HttpServletRequest;
40		import javax.servlet.http.HttpServletResponse;
41
42
43		/**
44		* Adapter to enable Resin to authenticate via the Acegi Security System for
45		* Spring.
46		*
47		* <p>
48		* Returns a {@link PrincipalAcegiUserToken} to Resin's authentication system,
49		* which is subsequently available via
50		* <code>HttpServletRequest.getUserPrincipal()</code>.
51		* </p>
52		*
53		* @author Ben Alex
54		* @version $Id: ResinAcegiAuthenticator.java,v 1.5 2005/11/25 00:26:29 benalex Exp $
55		*/
56		public class ResinAcegiAuthenticator extends AbstractAuthenticator {
57		//~ Static fields/initializers =============================================
58
59		private static final Log logger = LogFactory.getLog(ResinAcegiAuthenticator.class);
60
61		//~ Instance fields ========================================================
62
63		private AuthenticationManager authenticationManager;
64		private String appContextLocation;
65		private String key;
66
67		//~ Methods ================================================================
68
69	15	public void setAppContextLocation(String appContextLocation) {
70	15	this.appContextLocation = appContextLocation;
71		}
72
73	1	public String getAppContextLocation() {
74	1	return appContextLocation;
75		}
76
77	15	public void setKey(String key) {
78	15	this.key = key;
79		}
80
81	1	public String getKey() {
82	1	return key;
83		}
84
85	5	public boolean isUserInRole(HttpServletRequest request,
86		HttpServletResponse response, ServletContext application,
87		Principal principal, String role) {
88	5	if (!(principal instanceof PrincipalAcegiUserToken)) {
89	2	if (logger.isWarnEnabled()) {
90	2	logger.warn(
91		"Expected passed principal to be of type PrincipalAcegiUserToken");
92		}
93
94	2	return false;
95		}
96
97	3	PrincipalAcegiUserToken test = (PrincipalAcegiUserToken) principal;
98
99	3	return test.isUserInRole(role);
100		}
101
102	16	public void init() throws ServletException {
103	16	super.init();
104
105	16	if ((appContextLocation == null) \|\| "".equals(appContextLocation)) {
106	2	throw new ServletException("appContextLocation must be defined");
107		}
108
109	14	if ((key == null) \|\| "".equals(key)) {
110	2	throw new ServletException("key must be defined");
111		}
112
113	12	if (Thread.currentThread().getContextClassLoader().getResource(appContextLocation) == null) {
114	1	throw new ServletException("Cannot locate " + appContextLocation);
115		}
116
117	11	ClassPathXmlApplicationContext ctx = new ClassPathXmlApplicationContext(appContextLocation);
118	11	Map beans = ctx.getBeansOfType(AuthenticationManager.class, true, true);
119
120	11	if (beans.size() == 0) {
121	1	throw new ServletException(
122		"Bean context must contain at least one bean of type AuthenticationManager");
123		}
124
125	10	String beanName = (String) beans.keySet().iterator().next();
126	10	authenticationManager = (AuthenticationManager) beans.get(beanName);
127	10	logger.info("ResinAcegiAuthenticator Started");
128		}
129
130	6	protected Principal loginImpl(String username, String credentials) {
131	6	if (username == null) {
132	1	return null;
133		}
134
135	5	if (credentials == null) {
136	1	credentials = "";
137		}
138
139	5	Authentication request = new UsernamePasswordAuthenticationToken(username,
140		credentials);
141	5	Authentication response = null;
142
143	5	try {
144	5	response = authenticationManager.authenticate(request);
145		} catch (AuthenticationException failed) {
146	3	if (logger.isDebugEnabled()) {
147	0	logger.debug("Authentication request for user: " + username
148		+ " failed: " + failed.toString());
149		}
150
151	3	return null;
152		}
153
154	2	return new PrincipalAcegiUserToken(this.key,
155		response.getPrincipal().toString(),
156		response.getCredentials().toString(), response.getAuthorities(),
157		response.getPrincipal());
158		}
159
160	1	protected Principal loginImpl(HttpServletRequest request,
161		HttpServletResponse response, ServletContext application,
162		String userName, String password) throws ServletException {
163	1	return loginImpl(userName, password);
164		}
165		}