Clover coverage report - Acegi Security System for Spring - 1.0.0-RC1
Coverage timestamp: Mon Dec 5 2005 09:05:15 EST
Overview   Package   File
    FRAMES   NO FRAMES  
file stats: LOC: 164   Methods: 7
NCLOC: 76   Classes: 1
 
 Source file Conditionals Statements Methods TOTAL
RememberMeProcessingFilter.java 71.4% 81% 85.7% 78.6%
coverage coverage
 1    /* Copyright 2004, 2005 Acegi Technology Pty Limited
 2    *
 3    * Licensed under the Apache License, Version 2.0 (the "License");
 4    * you may not use this file except in compliance with the License.
 5    * You may obtain a copy of the License at
 6    *
 7    * http://www.apache.org/licenses/LICENSE-2.0
 8    *
 9    * Unless required by applicable law or agreed to in writing, software
 10    * distributed under the License is distributed on an "AS IS" BASIS,
 11    * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 12    * See the License for the specific language governing permissions and
 13    * limitations under the License.
 14    */
 15   
 16    package org.acegisecurity.ui.rememberme;
 17   
 18    import org.acegisecurity.context.SecurityContextHolder;
 19    import org.acegisecurity.event.authentication.InteractiveAuthenticationSuccessEvent;
 20    import org.acegisecurity.Authentication;
 21   
 22    import org.apache.commons.logging.Log;
 23    import org.apache.commons.logging.LogFactory;
 24   
 25    import org.springframework.beans.factory.InitializingBean;
 26   
 27    import org.springframework.context.ApplicationEventPublisher;
 28    import org.springframework.context.ApplicationEventPublisherAware;
 29   
 30    import org.springframework.util.Assert;
 31   
 32    import java.io.IOException;
 33   
 34    import javax.servlet.Filter;
 35    import javax.servlet.FilterChain;
 36    import javax.servlet.FilterConfig;
 37    import javax.servlet.ServletException;
 38    import javax.servlet.ServletRequest;
 39    import javax.servlet.ServletResponse;
 40    import javax.servlet.http.HttpServletRequest;
 41    import javax.servlet.http.HttpServletResponse;
 42   
 43   
 44    /**
 45    * Detects if there is no <code>Authentication</code> object in the
 46    * <code>SecurityContext</code>, and populates it with a remember-me
 47    * authentication token if a {@link
 48    * org.acegisecurity.ui.rememberme.RememberMeServices} implementation so
 49    * requests.
 50    *
 51    * <p>
 52    * Concrete <code>RememberMeServices</code> implementations will have their
 53    * {@link
 54    * org.acegisecurity.ui.rememberme.RememberMeServices#autoLogin(HttpServletRequest,
 55    * HttpServletResponse)} method called by this filter. The
 56    * <code>Authentication</code> or <code>null</code> returned by that method
 57    * will be placed into the <code>SecurityContext</code>.
 58    * </p>
 59    *
 60    * <p>
 61    * If authentication is successful, an {@link
 62    * org.acegisecurity.event.authentication.InteractiveAuthenticationSuccessEvent} will be
 63    * published to the application context. No events will be published if
 64    * authentication was unsuccessful, because this would generally be recorded
 65    * via an <code>AuthenticationManager</code>-specific application event.
 66    * </p>
 67    *
 68    * <p>
 69    * <b>Do not use this class directly.</b> Instead configure
 70    * <code>web.xml</code> to use the {@link
 71    * org.acegisecurity.util.FilterToBeanProxy}.
 72    * </p>
 73    *
 74    * @author Ben Alex
 75    * @version $Id: RememberMeProcessingFilter.java,v 1.10 2005/11/17 00:56:09 benalex Exp $
 76    */
 77    public class RememberMeProcessingFilter implements Filter, InitializingBean,
 78    ApplicationEventPublisherAware {
 79    //~ Static fields/initializers =============================================
 80   
 81    private static final Log logger = LogFactory.getLog(RememberMeProcessingFilter.class);
 82   
 83    //~ Instance fields ========================================================
 84   
 85    private ApplicationEventPublisher eventPublisher;
 86    private RememberMeServices rememberMeServices = new NullRememberMeServices();
 87   
 88    //~ Methods ================================================================
 89   
 90  0 public void setApplicationEventPublisher(ApplicationEventPublisher eventPublisher) {
 91  0 this.eventPublisher = eventPublisher;
 92    }
 93   
 94  4 public void setRememberMeServices(RememberMeServices rememberMeServices) {
 95  4 this.rememberMeServices = rememberMeServices;
 96    }
 97   
 98  2 public RememberMeServices getRememberMeServices() {
 99  2 return rememberMeServices;
 100    }
 101   
 102  3 public void afterPropertiesSet() throws Exception {
 103  3 Assert.notNull(rememberMeServices);
 104    }
 105   
 106    /**
 107    * Does nothing - we rely on IoC lifecycle services instead.
 108    */
 109  2 public void destroy() {}
 110   
 111  4 public void doFilter(ServletRequest request, ServletResponse response,
 112    FilterChain chain) throws IOException, ServletException {
 113  4 if (!(request instanceof HttpServletRequest)) {
 114  1 throw new ServletException("Can only process HttpServletRequest");
 115    }
 116   
 117  3 if (!(response instanceof HttpServletResponse)) {
 118  1 throw new ServletException("Can only process HttpServletResponse");
 119    }
 120   
 121  2 HttpServletRequest httpRequest = (HttpServletRequest) request;
 122  2 HttpServletResponse httpResponse = (HttpServletResponse) response;
 123   
 124  2 if (SecurityContextHolder.getContext().getAuthentication() == null) {
 125  1 Authentication rememberMeAuth =
 126    rememberMeServices.autoLogin(httpRequest, httpResponse);
 127   
 128  1 if(rememberMeAuth != null) {
 129  1 SecurityContextHolder.getContext().setAuthentication(rememberMeAuth);
 130   
 131  1 if (logger.isDebugEnabled()) {
 132  0 logger.debug(
 133    "SecurityContextHolder populated with remember-me token: '"
 134    + SecurityContextHolder.getContext().getAuthentication()
 135    + "'");
 136    }
 137   
 138    // Fire event
 139  1 if (this.eventPublisher != null) {
 140  0 eventPublisher.publishEvent(new InteractiveAuthenticationSuccessEvent(
 141    SecurityContextHolder.getContext().getAuthentication(),
 142    this.getClass()));
 143    }
 144    }
 145    } else {
 146  1 if (logger.isDebugEnabled()) {
 147  0 logger.debug(
 148    "SecurityContextHolder not populated with remember-me token, as it already contained: '"
 149    + SecurityContextHolder.getContext().getAuthentication()
 150    + "'");
 151    }
 152    }
 153   
 154  2 chain.doFilter(request, response);
 155    }
 156   
 157    /**
 158    * Does nothing - we rely on IoC lifecycle services instead.
 159    *
 160    * @param ignored not used
 161    *
 162    */
 163  2 public void init(FilterConfig ignored) throws ServletException {}
 164    }
 
CloverReport generated by Clover v1.3.3_01
Mon Dec 5 2005 09:05:16 EST.		   Open Source License registered to the Acegi Security System for Spring Project. This license of Clover is provided to support the development of Acegi Security System for Spring only.