Acegi Security System for Spring

Clover coverage report - Acegi Security System for Spring - 1.0.0-RC1

Coverage timestamp: Mon Dec 5 2005 09:05:15 EST

FRAMES NO FRAMES

file stats:	LOC:	155		Methods:	8
	NCLOC:	74		Classes:	1

Source file

Conditionals

Statements

Methods

TOTAL

CaptchaValidationProcessingFilter.java

83.3%

88.9%

62.5%

83%

1		/* Copyright 2004, 2005 Acegi Technology Pty Limited
2		*
3		* Licensed under the Apache License, Version 2.0 (the "License");
4		* you may not use this file except in compliance with the License.
5		* You may obtain a copy of the License at
6		*
7		* http://www.apache.org/licenses/LICENSE-2.0
8		*
9		* Unless required by applicable law or agreed to in writing, software
10		* distributed under the License is distributed on an "AS IS" BASIS,
11		* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12		* See the License for the specific language governing permissions and
13		* limitations under the License.
14		*/
15
16		package org.acegisecurity.captcha;
17
18		import org.acegisecurity.context.SecurityContextHolder;
19
20		import org.apache.commons.logging.Log;
21		import org.apache.commons.logging.LogFactory;
22
23		import org.springframework.beans.factory.InitializingBean;
24
25		import java.io.IOException;
26
27		import javax.servlet.*;
28		import javax.servlet.http.HttpServletRequest;
29		import javax.servlet.http.HttpSession;
30
31
32		/**
33		* Filter for web integration of the {@link CaptchaServiceProxy}. <br>
34		* It basically intercept calls containing the specific validation parameter,
35		* use the {@link CaptchaServiceProxy} to validate the request, and update the
36		* {@link CaptchaSecurityContext} if the request passed the validation. <br>
37		* This Filter should be placed after the ContextIntegration filter and before
38		* the {@link CaptchaChannelProcessorTemplate} filter in the filter stack in
39		* order to update the {@link CaptchaSecurityContext} before the humanity
40		* verification routine occurs. <br>
41		* This filter should only be used in conjunction with the {@link
42		* CaptchaSecurityContext}<br>
43		*
44		* @author marc antoine Garrigue
45		* @version $Id: CaptchaValidationProcessingFilter.java,v 1.4 2005/11/17 00:55:49 benalex Exp $
46		*/
47		public class CaptchaValidationProcessingFilter implements InitializingBean,
48		Filter {
49		//~ Static fields/initializers =============================================
50
51		// ~ Static fields/initializers
52		// =============================================
53		protected static final Log logger = LogFactory.getLog(CaptchaValidationProcessingFilter.class);
54
55		//~ Instance fields ========================================================
56
57		// ~ Instance fields
58		// ========================================================
59		private CaptchaServiceProxy captchaService;
60		private String captchaValidationParameter = "_captcha_parameter";
61
62		//~ Methods ================================================================
63
64	3	public void setCaptchaService(CaptchaServiceProxy captchaService) {
65	3	this.captchaService = captchaService;
66		}
67
68		// ~ Methods
69		// ================================================================
70	0	public CaptchaServiceProxy getCaptchaService() {
71	0	return captchaService;
72		}
73
74	1	public void setCaptchaValidationParameter(String captchaValidationParameter) {
75	1	this.captchaValidationParameter = captchaValidationParameter;
76		}
77
78	1	public String getCaptchaValidationParameter() {
79	1	return captchaValidationParameter;
80		}
81
82	3	public void afterPropertiesSet() throws Exception {
83	3	if (this.captchaService == null) {
84	1	throw new IllegalArgumentException(
85		"CaptchaServiceProxy must be defined ");
86		}
87
88	2	if ((this.captchaValidationParameter == null)
89		\|\| "".equals(captchaValidationParameter)) {
90	1	throw new IllegalArgumentException(
91		"captchaValidationParameter must not be empty or null");
92		}
93		}
94
95		/**
96		* Does nothing. We use IoC container lifecycle services instead.
97		*/
98	0	public void destroy() {}
99
100	4	public void doFilter(ServletRequest request, ServletResponse response,
101		FilterChain chain) throws IOException, ServletException {
102	4	String captcha_reponse = request.getParameter(captchaValidationParameter);
103
104	4	if ((request != null) && request instanceof HttpServletRequest
105		&& (captcha_reponse != null)) {
106	2	logger.debug("captcha validation parameter found");
107
108		// validate the request against CaptchaServiceProxy
109	2	boolean valid = false;
110
111	2	logger.debug("try to validate");
112
113		//get session
114	2	HttpSession session = ((HttpServletRequest) request).getSession();
115
116	2	if (session != null) {
117	2	String id = session.getId();
118	2	valid = this.captchaService.validateReponseForId(id,
119		captcha_reponse);
120	2	logger.debug("captchaServiceProxy says : request is valid = "
121		+ valid);
122
123	2	if (valid) {
124	1	logger.debug("update the context");
125	1	((CaptchaSecurityContext) SecurityContextHolder.getContext())
126		.setHuman();
127
128		//logger.debug("retrieve original request from ")
129		} else {
130	1	logger.debug("captcha test failed");
131		}
132		} else {
133	0	logger.debug(
134		"no session found, user don't even ask a captcha challenge");
135		}
136		} else {
137	2	logger.debug("captcha validation parameter not found, do nothing");
138		}
139
140	4	if (logger.isDebugEnabled()) {
141	0	logger.debug("chain ...");
142		}
143
144	4	chain.doFilter(request, response);
145		}
146
147		/**
148		* Does nothing. We use IoC container lifecycle services instead.
149		*
150		* @param filterConfig ignored
151		*
152		* @throws ServletException ignored
153		*/
154	0	public void init(FilterConfig filterConfig) throws ServletException {}
155		}