Coverage Report

Coverage Report - org.restafarian.core.filters.SecurityFilter

Classes in this File

0/21

0/10

 package org.restafarian.core.filters;
 
 import java.io.IOException;
 import java.net.URLEncoder;
 
 import javax.servlet.FilterChain;
 import javax.servlet.ServletException;
 import javax.servlet.ServletRequest;
 import javax.servlet.ServletResponse;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
 import org.apache.commons.configuration.Configuration;
 import org.restafarian.core.beans.Person;
 import org.restafarian.core.security.AuthenticatedUserManager;
 
 /**
  * <p>This filter redirects all traffic to a specified page if
  * the authenticated user object is not present.</p>
  */
 public class SecurityFilter extends FilterBase {
 
         /**
          * <p>Filter "do filter" method.</p>
          *
          * @param req the servlet request object
          * @param res the servlet response object
          * @param chain the filter chain object
          */
         public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws ServletException, IOException {
                 // convert request and response objects
                 HttpServletRequest req = (HttpServletRequest) request;
                 HttpServletResponse res = (HttpServletResponse) response;
                 // get authenticated user using configured manager
                 Person authenticatedUser = AuthenticatedUserManager.getAuthenticatedUser(req);
 
                 if (authenticatedUser == null) {
                         // no authenticated user -- redirect to the logon page
                         Configuration configuration = (Configuration) context.getAttribute("configuration");
                         if (configuration != null) {
                                 // get logon page from configuration
                                 String redirectTo = configuration.getString("userLogonPage");
                                 if (redirectTo != null && redirectTo.length() > 0) {
                                         // get the current URL for the return path
                                         String originalURL = req.getRequestURI();
                                         String connector = "?";
                                         if (redirectTo.indexOf("?") != -1) {
                                                 connector = "&";
                                         }
                                         redirectTo += connector + "returnurl=" + URLEncoder.encode(originalURL, "ISO-8859-1");
                                         res.sendRedirect(redirectTo);
                                 } else {
                                         throw new ServletException("SecurityFilter has not been properly initialized -- check configuration.");
                                 }
                         } else {
                                 throw new ServletException("SecurityFilter has not been properly initialized -- check configuration.");
                         }
                 }
 
                 chain.doFilter(req, res);
         }
 }

1		package org.restafarian.core.filters;
2
3		import java.io.IOException;
4		import java.net.URLEncoder;
5
6		import javax.servlet.FilterChain;
7		import javax.servlet.ServletException;
8		import javax.servlet.ServletRequest;
9		import javax.servlet.ServletResponse;
10		import javax.servlet.http.HttpServletRequest;
11		import javax.servlet.http.HttpServletResponse;
12
13		import org.apache.commons.configuration.Configuration;
14		import org.restafarian.core.beans.Person;
15		import org.restafarian.core.security.AuthenticatedUserManager;
16
17		/**
18		* <p>This filter redirects all traffic to a specified page if
19		* the authenticated user object is not present.</p>
20		*/
21	0	public class SecurityFilter extends FilterBase {
22
23		/**
24		* <p>Filter "do filter" method.</p>
25		*
26		* @param req the servlet request object
27		* @param res the servlet response object
28		* @param chain the filter chain object
29		*/
30		public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws ServletException, IOException {
31		// convert request and response objects
32	0	HttpServletRequest req = (HttpServletRequest) request;
33	0	HttpServletResponse res = (HttpServletResponse) response;
34		// get authenticated user using configured manager
35	0	Person authenticatedUser = AuthenticatedUserManager.getAuthenticatedUser(req);
36
37	0	if (authenticatedUser == null) {
38		// no authenticated user -- redirect to the logon page
39	0	Configuration configuration = (Configuration) context.getAttribute("configuration");
40	0	if (configuration != null) {
41		// get logon page from configuration
42	0	String redirectTo = configuration.getString("userLogonPage");
43	0	if (redirectTo != null && redirectTo.length() > 0) {
44		// get the current URL for the return path
45	0	String originalURL = req.getRequestURI();
46	0	String connector = "?";
47	0	if (redirectTo.indexOf("?") != -1) {
48	0	connector = "&";
49		}
50	0	redirectTo += connector + "returnurl=" + URLEncoder.encode(originalURL, "ISO-8859-1");
51	0	res.sendRedirect(redirectTo);
52	0	} else {
53	0	throw new ServletException("SecurityFilter has not been properly initialized -- check configuration.");
54		}
55	0	} else {
56	0	throw new ServletException("SecurityFilter has not been properly initialized -- check configuration.");
57		}
58		}
59
60	0	chain.doFilter(req, res);
61	0	}
62		}