Acegi Security System for Spring

Clover coverage report - Acegi Security System for Spring - 1.0.0-RC1

Coverage timestamp: Mon Dec 5 2005 09:05:15 EST

FRAMES NO FRAMES

file stats:	LOC:	170		Methods:	8
	NCLOC:	105		Classes:	1

Source file

Conditionals

Statements

Methods

TOTAL

AuthenticationTag.java

85.7%

80.4%

87.5%

82.4%

1		/* Copyright 2004, 2005 Acegi Technology Pty Limited
2		*
3		* Licensed under the Apache License, Version 2.0 (the "License");
4		* you may not use this file except in compliance with the License.
5		* You may obtain a copy of the License at
6		*
7		* http://www.apache.org/licenses/LICENSE-2.0
8		*
9		* Unless required by applicable law or agreed to in writing, software
10		* distributed under the License is distributed on an "AS IS" BASIS,
11		* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12		* See the License for the specific language governing permissions and
13		* limitations under the License.
14		*/
15
16		package org.acegisecurity.taglibs.authz;
17
18		import org.acegisecurity.Authentication;
19
20		import org.acegisecurity.context.SecurityContext;
21		import org.acegisecurity.context.SecurityContextHolder;
22		import org.acegisecurity.userdetails.UserDetails;
23
24		import java.io.IOException;
25
26		import java.lang.reflect.InvocationTargetException;
27		import java.lang.reflect.Method;
28
29		import java.util.HashSet;
30		import java.util.Set;
31
32		import javax.servlet.jsp.JspException;
33		import javax.servlet.jsp.tagext.Tag;
34		import javax.servlet.jsp.tagext.TagSupport;
35
36
37		/**
38		* An {@link javax.servlet.jsp.tagext.Tag} implementation that allows
39		* convenient access to the current <code>Authentication</code> object.
40		*
41		* <p>
42		* Whilst JSPs can access the <code>SecurityContext</code> directly, this tag
43		* avoids handling <code>null</code> conditions. The tag also properly
44		* accommodates <code>Authentication.getPrincipal()</code>, which can either
45		* be a <code>String</code> or a <code>UserDetails</code>.
46		* </p>
47		*
48		* @author Ben Alex
49		* @version $Id: AuthenticationTag.java,v 1.10 2005/11/29 13:10:10 benalex Exp $
50		*/
51		public class AuthenticationTag extends TagSupport {
52		//~ Static fields/initializers =============================================
53
54		private final static Set methodPrefixValidOptions = new HashSet();
55
56		static {
57	1	methodPrefixValidOptions.add("get");
58	1	methodPrefixValidOptions.add("is");
59		}
60
61		//~ Instance fields ========================================================
62
63		private String methodPrefix = "get";
64		private String operation = "";
65
66		//~ Methods ================================================================
67
68	2	public void setMethodPrefix(String methodPrefix) {
69	2	this.methodPrefix = methodPrefix;
70		}
71
72	24	public String getMethodPrefix() {
73	24	return methodPrefix;
74		}
75
76	8	public void setOperation(String operation) {
77	8	this.operation = operation;
78		}
79
80	4	public String getOperation() {
81	4	return operation;
82		}
83
84	8	public int doStartTag() throws JspException {
85	8	if ((null == operation) \|\| "".equals(operation)) {
86	1	return Tag.SKIP_BODY;
87		}
88
89	7	validateArguments();
90
91	6	if ((SecurityContextHolder.getContext() == null)
92		\|\| !(SecurityContextHolder.getContext() instanceof SecurityContext)
93		\|\| (((SecurityContext) SecurityContextHolder.getContext())
94		.getAuthentication() == null)) {
95	1	return Tag.SKIP_BODY;
96		}
97
98	5	Authentication auth = SecurityContextHolder.getContext()
99		.getAuthentication();
100
101	5	if (auth.getPrincipal() == null) {
102	1	return Tag.SKIP_BODY;
103	4	} else if (auth.getPrincipal() instanceof UserDetails) {
104	3	writeMessage(invokeOperation(auth.getPrincipal()));
105
106	2	return Tag.SKIP_BODY;
107		} else {
108	1	writeMessage(auth.getPrincipal().toString());
109
110	1	return Tag.SKIP_BODY;
111		}
112		}
113
114	3	protected String invokeOperation(Object obj) throws JspException {
115	3	Class clazz = obj.getClass();
116	3	String methodToInvoke = getOperation();
117	3	StringBuffer methodName = new StringBuffer();
118	3	methodName.append(getMethodPrefix());
119	3	methodName.append(methodToInvoke.substring(0, 1).toUpperCase());
120	3	methodName.append(methodToInvoke.substring(1));
121
122	3	Method method = null;
123
124	3	try {
125	3	method = clazz.getMethod(methodName.toString(), (Class[]) null);
126		} catch (SecurityException se) {
127	0	throw new JspException(se);
128		} catch (NoSuchMethodException nsme) {
129	1	throw new JspException(nsme);
130		}
131
132	2	Object retVal = null;
133
134	2	try {
135	2	retVal = method.invoke(obj, (Object[]) null);
136		} catch (IllegalArgumentException iae) {
137	0	throw new JspException(iae);
138		} catch (IllegalAccessException iae) {
139	0	throw new JspException(iae);
140		} catch (InvocationTargetException ite) {
141	0	throw new JspException(ite);
142		}
143
144	2	if (retVal == null) {
145	0	retVal = "";
146		}
147
148	2	return retVal.toString();
149		}
150
151	7	protected void validateArguments() throws JspException {
152	7	if ((getMethodPrefix() != null) && !getMethodPrefix().equals("")) {
153	7	if (!methodPrefixValidOptions.contains(getMethodPrefix())) {
154	1	throw new JspException(
155		"Authorization tag : no valid method prefix available");
156		}
157		} else {
158	0	throw new JspException(
159		"Authorization tag : no method prefix available");
160		}
161		}
162
163	0	protected void writeMessage(String msg) throws JspException {
164	0	try {
165	0	pageContext.getOut().write(String.valueOf(msg));
166		} catch (IOException ioe) {
167	0	throw new JspException(ioe);
168		}
169		}
170		}