Acegi Security System for Spring

Clover coverage report - Acegi Security System for Spring - 1.0.0-RC1

Coverage timestamp: Mon Dec 5 2005 09:05:15 EST

FRAMES NO FRAMES

file stats:	LOC:	108		Methods:	3
	NCLOC:	44		Classes:	1

Source file

Conditionals

Statements

Methods

TOTAL

HttpRequestIntegrationFilter.java

75%

80%

33.3%

71.4%

1		/* Copyright 2004, 2005 Acegi Technology Pty Limited
2		*
3		* Licensed under the Apache License, Version 2.0 (the "License");
4		* you may not use this file except in compliance with the License.
5		* You may obtain a copy of the License at
6		*
7		* http://www.apache.org/licenses/LICENSE-2.0
8		*
9		* Unless required by applicable law or agreed to in writing, software
10		* distributed under the License is distributed on an "AS IS" BASIS,
11		* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12		* See the License for the specific language governing permissions and
13		* limitations under the License.
14		*/
15
16		package org.acegisecurity.adapters;
17
18		import org.acegisecurity.Authentication;
19		import org.acegisecurity.context.SecurityContextHolder;
20
21		import org.apache.commons.logging.Log;
22		import org.apache.commons.logging.LogFactory;
23
24		import java.io.IOException;
25
26		import java.security.Principal;
27
28		import javax.servlet.Filter;
29		import javax.servlet.FilterChain;
30		import javax.servlet.FilterConfig;
31		import javax.servlet.ServletException;
32		import javax.servlet.ServletRequest;
33		import javax.servlet.ServletResponse;
34		import javax.servlet.http.HttpServletRequest;
35
36
37		/**
38		* Populates <code>SecurityContext</code> with the <code>Authentication</code>
39		* obtained from the container's
40		* <code>HttpServletRequest.getUserPrincipal()</code>.
41		*
42		* <p>
43		* Use this filter with container adapters only.
44		* </p>
45		*
46		* <p>
47		* This filter <b>never</b> preserves the <code>Authentication</code> on the
48		* <code>SecurityContext</code> - it is replaced every request.
49		* </p>
50		*
51		* <p>
52		* See {@link org.acegisecurity.context.HttpSessionContextIntegrationFilter}
53		* for further information.
54		* </p>
55		*
56		* @author Ben Alex
57		* @version $Id: HttpRequestIntegrationFilter.java,v 1.11 2005/11/17 00:55:49 benalex Exp $
58		*/
59		public class HttpRequestIntegrationFilter implements Filter {
60		//~ Static fields/initializers =============================================
61
62		private static final Log logger = LogFactory.getLog(HttpRequestIntegrationFilter.class);
63
64		//~ Methods ================================================================
65
66		/**
67		* Does nothing. We use IoC container lifecycle services instead.
68		*/
69	0	public void destroy() {}
70
71	3	public void doFilter(ServletRequest request, ServletResponse response,
72		FilterChain chain) throws IOException, ServletException {
73	3	if (request instanceof HttpServletRequest) {
74	2	Principal principal = ((HttpServletRequest) request)
75		.getUserPrincipal();
76
77	2	if ((principal != null) && principal instanceof Authentication) {
78	1	SecurityContextHolder.getContext().setAuthentication((Authentication) principal);
79
80	1	if (logger.isDebugEnabled()) {
81	0	logger.debug(
82		"SecurityContextHolder updated with Authentication from container: '"
83		+ principal + "'");
84		}
85		} else {
86	1	if (logger.isDebugEnabled()) {
87	0	logger.debug(
88		"SecurityContextHolder not set with new Authentication as Principal was: '"
89		+ principal + "'");
90		}
91		}
92		} else {
93	1	throw new IllegalArgumentException(
94		"Only HttpServletRequest is acceptable");
95		}
96
97	2	chain.doFilter(request, response);
98		}
99
100		/**
101		* Does nothing. We use IoC container lifecycle services instead.
102		*
103		* @param arg0 ignored
104		*
105		* @throws ServletException ignored
106		*/
107	0	public void init(FilterConfig arg0) throws ServletException {}
108		}