Start line:  
End line:  

Snippet Preview

Snippet HTML Code

Stack Overflow Questions
Copyright 2005-2013 The Kuali Foundation Licensed under the Educational Community License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.opensource.org/licenses/ecl2.php Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
 
 package org.kuali.rice.kew.web;
 
 
 import java.util.UUID;


A filter for processing user logins and creating a org.kuali.rice.krad.UserSession.

Author(s):
Kuali Rice Team (rice.collab@kuali.org)
See also:
org.kuali.rice.krad.UserSession
 
 public class UserLoginFilter implements Filter {
 
 	private static final String MDC_USER = "user";
 	
 	
 	
 	public void init(FilterConfig configthrows ServletException {
 		this. = config;
 	}
 
 	public void doFilter(ServletRequest requestServletResponse responseFilterChain chainthrows IOExceptionServletException {
 		this.doFilter((HttpServletRequestrequest, (HttpServletResponseresponsechain);
 	}
 	
 	private void doFilter(HttpServletRequest requestHttpServletResponse responseFilterChain chainthrows IOExceptionServletException {
 		
 		try {
 			establishSessionCookie(requestresponse);
 			
 			addToMDC(request);
 			
 			chain.doFilter(requestresponse);
 		} finally {
 		}
 		
 	}
 
 	public void destroy() {
 		 = null;
 	}

Checks if a user can be authenticated and if so establishes a UserSession for that user.
	private void establishUserSession(HttpServletRequest request) {
		if (!isUserSessionEstablished(request)) {
			String principalName = ((AuthenticationService) GlobalResourceLoader.getResourceLoader().getService(new QName("kimAuthenticationService"))).getPrincipalName(request);
            if (StringUtils.isBlank(principalName)) {
				throw new AuthenticationException"Blank User from AuthenticationService - This should never happen." );
			}
			Principal principal = getIdentityService().getPrincipalByPrincipalNameprincipalName );
			if (principal == null) {
				throw new AuthenticationException("Unknown User: " + principalName);
			}
			if (!isAuthorizedToLogin(principal.getPrincipalId())) {
				throw new AuthenticationException("You cannot log in, because you are not an active Kuali user.\nPlease ask someone to activate your account if you need to use Kuali Systems.\nThe user id provided was: " + principalName + ".\n");
			}
			final UserSession userSession = new UserSession(principalName);
			if ( userSession.getPerson() == null ) {
				throw new AuthenticationException("Invalid User: " + principalName);
			}
		}
	}

checks if the passed in principalId is authorized to log in.
	private boolean isAuthorizedToLogin(String principalId) {
				principalId
				Collections.singletonMap("principalId"principalId));
	}


Creates a session id cookie if one does not exists. Write the cookie out to the response with that session id. Also, sets the cookie on the established user session.
	private void establishSessionCookie(HttpServletRequest requestHttpServletResponse response) {
		String kualiSessionId = this.getKualiSessionId(request.getCookies());
		if (kualiSessionId == null) {
			kualiSessionId = UUID.randomUUID().toString();
			response.addCookie(new Cookie(.kualiSessionId));
		}
		KRADUtils.getUserSessionFromRequest(request).setKualiSessionId(kualiSessionId);
	}

gets the kuali session id from an array of cookies. If a session id does not exist returns null.
	private String getKualiSessionId(final Cookie[] cookies) {
		if (cookies != null) {
			for (Cookie cookie : cookies) {
					return cookie.getValue();
				}
			}
		}
		return null;
	}

establishes the backdoor user on the established user id if backdoor capabilities are valid.
	private void establishBackdoorUser(HttpServletRequest request) {
		final String backdoor = request.getParameter(.);
        if ( StringUtils.isNotBlank(backdoor) ) {
                .equalsIgnoreCase(
                        getKualiConfigurationService().getPropertyValueAsString(.)) ) {
                    try{
                   	    KRADUtils.getUserSessionFromRequest(request).setBackdoorUser(backdoor);
                    }catch(RiceRuntimeException re){
                     //Ignore so BackdoorAction can redirect to invalid_backdoor_portal
                    }
				}
			}
		}
      }
	private void addToMDC(HttpServletRequest request) {
	}
	private void removeFromMDC() {
	}

Checks if the user who made the request has a UserSession established

Parameters:
request the HTTPServletRequest object passed in
Returns:
true if the user session has been established, false otherwise
	private boolean isUserSessionEstablished(HttpServletRequest request) {
		return (request.getSession().getAttribute(.) != null);
	}
    private IdentityService getIdentityService() {
    	if (this. == null) {
    		this. = KimApiServiceLocator.getIdentityService();
    	}
    	
    	return this.;
    }
    	if (this. == null) {
    		this. = KimApiServiceLocator.getPermissionService();
    	}
    	return this.;
    }
    
    	if (this. == null) {
    		this. = KRADServiceLocator.getKualiConfigurationService();
    	}
    	
    	return this.;
    }
    
    	if (this. == null) {
    		this. = CoreFrameworkServiceLocator.getParameterService();
    	}
    	
    	return this.;
    }
New to GrepCode? Check out our FAQ X