| <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" |
| "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> |
| <html> |
| <head> |
| <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/> |
| <title>Coverage Report</title> |
| <link title="Style" type="text/css" rel="stylesheet" href="css/main.css"/> |
| <script type="text/javascript" src="js/popup.js"></script> |
| </head> |
| <body> |
| <h5>Coverage Report - org.apache.shiro.web.filter.authc.BasicHttpAuthenticationFilter</h5> |
| <div class="separator"> </div> |
| <table class="report"> |
| <thead><tr> <td class="heading">Classes in this File</td> <td class="heading"><a class="dfn" href="help.html" onclick="popupwindow('help.html'); return false;">Line Coverage</a></td> <td class="heading"><a class="dfn" href="help.html" onclick="popupwindow('help.html'); return false;">Branch Coverage</a></td> <td class="heading"><a class="dfn" href="help.html" onclick="popupwindow('help.html'); return false;">Complexity</a></td></tr></thead> |
| <tr><td><a href="org.apache.shiro.web.filter.authc.BasicHttpAuthenticationFilter.html">BasicHttpAuthenticationFilter</a></td><td><table cellpadding="0px" cellspacing="0px" class="percentgraph"><tr class="percentgraph"><td align="right" class="percentgraph" width="40">42%</td><td class="percentgraph"><div class="percentgraph"><div class="greenbar" style="width:42px"><span class="text">23/54</span></div></div></td></tr></table></td><td><table cellpadding="0px" cellspacing="0px" class="percentgraph"><tr class="percentgraph"><td align="right" class="percentgraph" width="40">30%</td><td class="percentgraph"><div class="percentgraph"><div class="greenbar" style="width:30px"><span class="text">9/30</span></div></div></td></tr></table></td><td class="value"><span class="hidden">2.2;</span>2.2</td></tr> |
| |
| </table> |
| <div class="separator"> </div> |
| <table cellspacing="0" cellpadding="0" class="src"> |
| <tr> <td class="numLine"> 1</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">/*</span></pre></td></tr> |
| <tr> <td class="numLine"> 2</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * Licensed to the Apache Software Foundation (ASF) under one</span></pre></td></tr> |
| <tr> <td class="numLine"> 3</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * or more contributor license agreements. See the NOTICE file</span></pre></td></tr> |
| <tr> <td class="numLine"> 4</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * distributed with this work for additional information</span></pre></td></tr> |
| <tr> <td class="numLine"> 5</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * regarding copyright ownership. The ASF licenses this file</span></pre></td></tr> |
| <tr> <td class="numLine"> 6</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * to you under the Apache License, Version 2.0 (the</span></pre></td></tr> |
| <tr> <td class="numLine"> 7</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * "License"); you may not use this file except in compliance</span></pre></td></tr> |
| <tr> <td class="numLine"> 8</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * with the License. You may obtain a copy of the License at</span></pre></td></tr> |
| <tr> <td class="numLine"> 9</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr> |
| <tr> <td class="numLine"> 10</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * http://www.apache.org/licenses/LICENSE-2.0</span></pre></td></tr> |
| <tr> <td class="numLine"> 11</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr> |
| <tr> <td class="numLine"> 12</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * Unless required by applicable law or agreed to in writing,</span></pre></td></tr> |
| <tr> <td class="numLine"> 13</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * software distributed under the License is distributed on an</span></pre></td></tr> |
| <tr> <td class="numLine"> 14</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY</span></pre></td></tr> |
| <tr> <td class="numLine"> 15</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * KIND, either express or implied. See the License for the</span></pre></td></tr> |
| <tr> <td class="numLine"> 16</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * specific language governing permissions and limitations</span></pre></td></tr> |
| <tr> <td class="numLine"> 17</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * under the License.</span></pre></td></tr> |
| <tr> <td class="numLine"> 18</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr> |
| <tr> <td class="numLine"> 19</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">package</span> org.apache.shiro.web.filter.authc;</pre></td></tr> |
| <tr> <td class="numLine"> 20</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 21</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">import</span> org.apache.shiro.authc.AuthenticationToken;</pre></td></tr> |
| <tr> <td class="numLine"> 22</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">import</span> org.apache.shiro.codec.Base64;</pre></td></tr> |
| <tr> <td class="numLine"> 23</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">import</span> org.apache.shiro.web.util.WebUtils;</pre></td></tr> |
| <tr> <td class="numLine"> 24</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">import</span> org.slf4j.Logger;</pre></td></tr> |
| <tr> <td class="numLine"> 25</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">import</span> org.slf4j.LoggerFactory;</pre></td></tr> |
| <tr> <td class="numLine"> 26</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 27</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">import</span> javax.servlet.ServletRequest;</pre></td></tr> |
| <tr> <td class="numLine"> 28</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">import</span> javax.servlet.ServletResponse;</pre></td></tr> |
| <tr> <td class="numLine"> 29</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">import</span> javax.servlet.http.HttpServletRequest;</pre></td></tr> |
| <tr> <td class="numLine"> 30</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">import</span> javax.servlet.http.HttpServletResponse;</pre></td></tr> |
| <tr> <td class="numLine"> 31</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">import</span> java.util.Locale;</pre></td></tr> |
| <tr> <td class="numLine"> 32</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 33</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 34</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr> |
| <tr> <td class="numLine"> 35</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * Requires the requesting user to be {@link org.apache.shiro.subject.Subject#isAuthenticated() authenticated} for the</span></pre></td></tr> |
| <tr> <td class="numLine"> 36</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * request to continue, and if they're not, requires the user to login via the HTTP Basic protocol-specific challenge.</span></pre></td></tr> |
| <tr> <td class="numLine"> 37</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * Upon successful login, they're allowed to continue on to the requested resource/url.</span></pre></td></tr> |
| <tr> <td class="numLine"> 38</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * <p/></span></pre></td></tr> |
| <tr> <td class="numLine"> 39</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * This implementation is a 'clean room' Java implementation of Basic HTTP Authentication specification per</span></pre></td></tr> |
| <tr> <td class="numLine"> 40</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * <a href="ftp://ftp.isi.edu/in-notes/rfc2617.txt">RFC 2617</a>.</span></pre></td></tr> |
| <tr> <td class="numLine"> 41</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * <p/></span></pre></td></tr> |
| <tr> <td class="numLine"> 42</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * Basic authentication functions as follows:</span></pre></td></tr> |
| <tr> <td class="numLine"> 43</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * <ol></span></pre></td></tr> |
| <tr> <td class="numLine"> 44</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * <li>A request comes in for a resource that requires authentication.</li></span></pre></td></tr> |
| <tr> <td class="numLine"> 45</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * <li>The server replies with a 401 response status, sets the <code>WWW-Authenticate</code> header, and the contents of a</span></pre></td></tr> |
| <tr> <td class="numLine"> 46</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * page informing the user that the incoming resource requires authentication.</li></span></pre></td></tr> |
| <tr> <td class="numLine"> 47</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * <li>Upon receiving this <code>WWW-Authenticate</code> challenge from the server, the client then takes a</span></pre></td></tr> |
| <tr> <td class="numLine"> 48</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * username and a password and puts them in the following format:</span></pre></td></tr> |
| <tr> <td class="numLine"> 49</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * <p><code>username:password</code></p></li></span></pre></td></tr> |
| <tr> <td class="numLine"> 50</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * <li>This token is then base 64 encoded.</li></span></pre></td></tr> |
| <tr> <td class="numLine"> 51</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * <li>The client then sends another request for the same resource with the following header:<br/></span></pre></td></tr> |
| <tr> <td class="numLine"> 52</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * <p><code>Authorization: Basic <em>Base64_encoded_username_and_password</em></code></p></li></span></pre></td></tr> |
| <tr> <td class="numLine"> 53</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * </ol></span></pre></td></tr> |
| <tr> <td class="numLine"> 54</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * The {@link #onAccessDenied(javax.servlet.ServletRequest, javax.servlet.ServletResponse)} method will</span></pre></td></tr> |
| <tr> <td class="numLine"> 55</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * only be called if the subject making the request is not</span></pre></td></tr> |
| <tr> <td class="numLine"> 56</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * {@link org.apache.shiro.subject.Subject#isAuthenticated() authenticated}</span></pre></td></tr> |
| <tr> <td class="numLine"> 57</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr> |
| <tr> <td class="numLine"> 58</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * @see <a href="ftp://ftp.isi.edu/in-notes/rfc2617.txt">RFC 2617</a></span></pre></td></tr> |
| <tr> <td class="numLine"> 59</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * @see <a href="http://en.wikipedia.org/wiki/Basic_access_authentication">Basic Access Authentication</a></span></pre></td></tr> |
| <tr> <td class="numLine"> 60</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * @since 0.9</span></pre></td></tr> |
| <tr> <td class="numLine"> 61</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr> |
| <tr> <td class="numLineCover"> 62</td> <td class="nbHitsCovered"> 51</td> <td class="src"><pre class="src"> <span class="keyword">public</span> <span class="keyword">class</span> BasicHttpAuthenticationFilter <span class="keyword">extends</span> AuthenticatingFilter {</pre></td></tr> |
| <tr> <td class="numLine"> 63</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 64</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr> |
| <tr> <td class="numLine"> 65</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * This class's private logger.</span></pre></td></tr> |
| <tr> <td class="numLine"> 66</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr> |
| <tr> <td class="numLineCover"> 67</td> <td class="nbHitsCovered"> 1</td> <td class="src"><pre class="src"> <span class="keyword">private</span> <span class="keyword">static</span> <span class="keyword">final</span> Logger log = LoggerFactory.getLogger(BasicHttpAuthenticationFilter.<span class="keyword">class</span>);</pre></td></tr> |
| <tr> <td class="numLine"> 68</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 69</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr> |
| <tr> <td class="numLine"> 70</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * HTTP Authorization header, equal to <code>Authorization</code></span></pre></td></tr> |
| <tr> <td class="numLine"> 71</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr> |
| <tr> <td class="numLine"> 72</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">protected</span> <span class="keyword">static</span> <span class="keyword">final</span> String AUTHORIZATION_HEADER = <span class="string">"Authorization"</span>;</pre></td></tr> |
| <tr> <td class="numLine"> 73</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 74</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr> |
| <tr> <td class="numLine"> 75</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * HTTP Authentication header, equal to <code>WWW-Authenticate</code></span></pre></td></tr> |
| <tr> <td class="numLine"> 76</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr> |
| <tr> <td class="numLine"> 77</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">protected</span> <span class="keyword">static</span> <span class="keyword">final</span> String AUTHENTICATE_HEADER = <span class="string">"WWW-Authenticate"</span>;</pre></td></tr> |
| <tr> <td class="numLine"> 78</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 79</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr> |
| <tr> <td class="numLine"> 80</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * The name that is displayed during the challenge process of authentication, defauls to <code>application</code></span></pre></td></tr> |
| <tr> <td class="numLine"> 81</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * and can be overridden by the {@link #setApplicationName(String) setApplicationName} method.</span></pre></td></tr> |
| <tr> <td class="numLine"> 82</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr> |
| <tr> <td class="numLineCover"> 83</td> <td class="nbHitsCovered"> 51</td> <td class="src"><pre class="src"> <span class="keyword">private</span> String applicationName = <span class="string">"application"</span>;</pre></td></tr> |
| <tr> <td class="numLine"> 84</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 85</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr> |
| <tr> <td class="numLine"> 86</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * The authcScheme to look for in the <code>Authorization</code> header, defaults to <code>BASIC</code></span></pre></td></tr> |
| <tr> <td class="numLine"> 87</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr> |
| <tr> <td class="numLineCover"> 88</td> <td class="nbHitsCovered"> 51</td> <td class="src"><pre class="src"> <span class="keyword">private</span> String authcScheme = HttpServletRequest.BASIC_AUTH;</pre></td></tr> |
| <tr> <td class="numLine"> 89</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 90</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr> |
| <tr> <td class="numLine"> 91</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * The authzScheme value to look for in the <code>Authorization</code> header, defaults to <code>BASIC</code></span></pre></td></tr> |
| <tr> <td class="numLine"> 92</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr> |
| <tr> <td class="numLineCover"> 93</td> <td class="nbHitsCovered"> 51</td> <td class="src"><pre class="src"> <span class="keyword">private</span> String authzScheme = HttpServletRequest.BASIC_AUTH;</pre></td></tr> |
| <tr> <td class="numLine"> 94</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 95</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr> |
| <tr> <td class="numLine"> 96</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * Returns the name to use in the ServletResponse's <b><code>WWW-Authenticate</code></b> header.</span></pre></td></tr> |
| <tr> <td class="numLine"> 97</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * <p/></span></pre></td></tr> |
| <tr> <td class="numLine"> 98</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * Per RFC 2617, this name name is displayed to the end user when they are asked to authenticate. Unless overridden</span></pre></td></tr> |
| <tr> <td class="numLine"> 99</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * by the {@link #setApplicationName(String) setApplicationName(String)} method, the default value is 'application'.</span></pre></td></tr> |
| <tr> <td class="numLine"> 100</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * <p/></span></pre></td></tr> |
| <tr> <td class="numLine"> 101</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * Please see {@link #setApplicationName(String) setApplicationName(String)} for an example of how this functions.</span></pre></td></tr> |
| <tr> <td class="numLine"> 102</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr> |
| <tr> <td class="numLine"> 103</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * @return the name to use in the ServletResponse's 'WWW-Authenticate' header.</span></pre></td></tr> |
| <tr> <td class="numLine"> 104</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr> |
| <tr> <td class="numLine"> 105</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">public</span> String getApplicationName() {</pre></td></tr> |
| <tr> <td class="numLineCover"> 106</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">return</span> applicationName;</span></pre></td></tr> |
| <tr> <td class="numLine"> 107</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLine"> 108</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 109</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr> |
| <tr> <td class="numLine"> 110</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * Sets the name to use in the ServletResponse's <b><code>WWW-Authenticate</code></b> header.</span></pre></td></tr> |
| <tr> <td class="numLine"> 111</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * <p/></span></pre></td></tr> |
| <tr> <td class="numLine"> 112</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * Per RFC 2617, this name name is displayed to the end user when they are asked to authenticate. Unless overridden</span></pre></td></tr> |
| <tr> <td class="numLine"> 113</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * by this method, the default value is &quot;application&quot;</span></pre></td></tr> |
| <tr> <td class="numLine"> 114</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * <p/></span></pre></td></tr> |
| <tr> <td class="numLine"> 115</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * For example, setting this property to the value <b><code>Awesome Webapp</code></b> will result in the</span></pre></td></tr> |
| <tr> <td class="numLine"> 116</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * following header:</span></pre></td></tr> |
| <tr> <td class="numLine"> 117</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * <p/></span></pre></td></tr> |
| <tr> <td class="numLine"> 118</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * <code>WWW-Authenticate: Basic realm=&quot;<b>Awesome Webapp</b>&quot;</code></span></pre></td></tr> |
| <tr> <td class="numLine"> 119</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * <p/></span></pre></td></tr> |
| <tr> <td class="numLine"> 120</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * Side note: As you can see from the header text, the HTTP Basic specification calls</span></pre></td></tr> |
| <tr> <td class="numLine"> 121</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * this the authentication 'realm', but we call this the 'applicationName' instead to avoid confusion with</span></pre></td></tr> |
| <tr> <td class="numLine"> 122</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * Shiro's Realm constructs.</span></pre></td></tr> |
| <tr> <td class="numLine"> 123</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr> |
| <tr> <td class="numLine"> 124</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * @param applicationName the name to use in the ServletResponse's 'WWW-Authenticate' header.</span></pre></td></tr> |
| <tr> <td class="numLine"> 125</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr> |
| <tr> <td class="numLine"> 126</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">public</span> <span class="keyword">void</span> setApplicationName(String applicationName) {</pre></td></tr> |
| <tr> <td class="numLineCover"> 127</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">this</span>.applicationName = applicationName;</span></pre></td></tr> |
| <tr> <td class="numLineCover"> 128</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> }</span></pre></td></tr> |
| <tr> <td class="numLine"> 129</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 130</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr> |
| <tr> <td class="numLine"> 131</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * Returns the HTTP <b><code>Authorization</code></b> header value that this filter will respond to as indicating</span></pre></td></tr> |
| <tr> <td class="numLine"> 132</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * a login request.</span></pre></td></tr> |
| <tr> <td class="numLine"> 133</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * <p/></span></pre></td></tr> |
| <tr> <td class="numLine"> 134</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * Unless overridden by the {@link #setAuthzScheme(String) setAuthzScheme(String)} method, the</span></pre></td></tr> |
| <tr> <td class="numLine"> 135</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * default value is <code>BASIC</code>.</span></pre></td></tr> |
| <tr> <td class="numLine"> 136</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr> |
| <tr> <td class="numLine"> 137</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * @return the Http 'Authorization' header value that this filter will respond to as indicating a login request</span></pre></td></tr> |
| <tr> <td class="numLine"> 138</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr> |
| <tr> <td class="numLine"> 139</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">public</span> String getAuthzScheme() {</pre></td></tr> |
| <tr> <td class="numLineCover"> 140</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">return</span> authzScheme;</span></pre></td></tr> |
| <tr> <td class="numLine"> 141</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLine"> 142</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 143</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr> |
| <tr> <td class="numLine"> 144</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * Sets the HTTP <b><code>Authorization</code></b> header value that this filter will respond to as indicating a</span></pre></td></tr> |
| <tr> <td class="numLine"> 145</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * login request.</span></pre></td></tr> |
| <tr> <td class="numLine"> 146</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * <p/></span></pre></td></tr> |
| <tr> <td class="numLine"> 147</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * Unless overridden by this method, the default value is <code>BASIC</code></span></pre></td></tr> |
| <tr> <td class="numLine"> 148</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr> |
| <tr> <td class="numLine"> 149</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * @param authzScheme the HTTP <code>Authorization</code> header value that this filter will respond to as</span></pre></td></tr> |
| <tr> <td class="numLine"> 150</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * indicating a login request.</span></pre></td></tr> |
| <tr> <td class="numLine"> 151</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr> |
| <tr> <td class="numLine"> 152</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">public</span> <span class="keyword">void</span> setAuthzScheme(String authzScheme) {</pre></td></tr> |
| <tr> <td class="numLineCover"> 153</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">this</span>.authzScheme = authzScheme;</span></pre></td></tr> |
| <tr> <td class="numLineCover"> 154</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> }</span></pre></td></tr> |
| <tr> <td class="numLine"> 155</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 156</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr> |
| <tr> <td class="numLine"> 157</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * Returns the HTTP <b><code>WWW-Authenticate</code></b> header scheme that this filter will use when sending</span></pre></td></tr> |
| <tr> <td class="numLine"> 158</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * the HTTP Basic challenge response. The default value is <code>BASIC</code>.</span></pre></td></tr> |
| <tr> <td class="numLine"> 159</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr> |
| <tr> <td class="numLine"> 160</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * @return the HTTP <code>WWW-Authenticate</code> header scheme that this filter will use when sending the HTTP</span></pre></td></tr> |
| <tr> <td class="numLine"> 161</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * Basic challenge response.</span></pre></td></tr> |
| <tr> <td class="numLine"> 162</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * @see #sendChallenge</span></pre></td></tr> |
| <tr> <td class="numLine"> 163</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr> |
| <tr> <td class="numLine"> 164</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">public</span> String getAuthcScheme() {</pre></td></tr> |
| <tr> <td class="numLineCover"> 165</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">return</span> authcScheme;</span></pre></td></tr> |
| <tr> <td class="numLine"> 166</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLine"> 167</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 168</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr> |
| <tr> <td class="numLine"> 169</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * Sets the HTTP <b><code>WWW-Authenticate</code></b> header scheme that this filter will use when sending the</span></pre></td></tr> |
| <tr> <td class="numLine"> 170</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * HTTP Basic challenge response. The default value is <code>BASIC</code>.</span></pre></td></tr> |
| <tr> <td class="numLine"> 171</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr> |
| <tr> <td class="numLine"> 172</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * @param authcScheme the HTTP <code>WWW-Authenticate</code> header scheme that this filter will use when</span></pre></td></tr> |
| <tr> <td class="numLine"> 173</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * sending the Http Basic challenge response.</span></pre></td></tr> |
| <tr> <td class="numLine"> 174</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * @see #sendChallenge</span></pre></td></tr> |
| <tr> <td class="numLine"> 175</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr> |
| <tr> <td class="numLine"> 176</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">public</span> <span class="keyword">void</span> setAuthcScheme(String authcScheme) {</pre></td></tr> |
| <tr> <td class="numLineCover"> 177</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">this</span>.authcScheme = authcScheme;</span></pre></td></tr> |
| <tr> <td class="numLineCover"> 178</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> }</span></pre></td></tr> |
| <tr> <td class="numLine"> 179</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 180</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr> |
| <tr> <td class="numLine"> 181</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * Processes unauthenticated requests. It handles the two-stage request/challenge authentication protocol.</span></pre></td></tr> |
| <tr> <td class="numLine"> 182</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr> |
| <tr> <td class="numLine"> 183</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * @param request incoming ServletRequest</span></pre></td></tr> |
| <tr> <td class="numLine"> 184</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * @param response outgoing ServletResponse</span></pre></td></tr> |
| <tr> <td class="numLine"> 185</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * @return true if the request should be processed; false if the request should not continue to be processed</span></pre></td></tr> |
| <tr> <td class="numLine"> 186</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr> |
| <tr> <td class="numLine"> 187</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">protected</span> <span class="keyword">boolean</span> onAccessDenied(ServletRequest request, ServletResponse response) <span class="keyword">throws</span> Exception {</pre></td></tr> |
| <tr> <td class="numLineCover"> 188</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">boolean</span> loggedIn = <span class="keyword">false</span>; <span class="comment">//false by default or we wouldn't be in this method</span></span></pre></td></tr> |
| <tr> <td class="numLineCover"> 189</td> <td class="nbHitsUncovered"><a title="Line 189: Conditional coverage 0% (0/2)."> 0</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 189: Conditional coverage 0% (0/2)."> <span class="keyword">if</span> (isLoginAttempt(request, response)) {</a></span></pre></td></tr> |
| <tr> <td class="numLineCover"> 190</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> loggedIn = executeLogin(request, response);</span></pre></td></tr> |
| <tr> <td class="numLine"> 191</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLineCover"> 192</td> <td class="nbHitsUncovered"><a title="Line 192: Conditional coverage 0% (0/2)."> 0</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 192: Conditional coverage 0% (0/2)."> <span class="keyword">if</span> (!loggedIn) {</a></span></pre></td></tr> |
| <tr> <td class="numLineCover"> 193</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> sendChallenge(request, response);</span></pre></td></tr> |
| <tr> <td class="numLine"> 194</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLineCover"> 195</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">return</span> loggedIn;</span></pre></td></tr> |
| <tr> <td class="numLine"> 196</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLine"> 197</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 198</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr> |
| <tr> <td class="numLine"> 199</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * Determines whether the incoming request is an attempt to log in.</span></pre></td></tr> |
| <tr> <td class="numLine"> 200</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * <p/></span></pre></td></tr> |
| <tr> <td class="numLine"> 201</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * The default implementation obtains the value of the request's</span></pre></td></tr> |
| <tr> <td class="numLine"> 202</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * {@link #AUTHORIZATION_HEADER AUTHORIZATION_HEADER}, and if it is not <code>null</code>, delegates</span></pre></td></tr> |
| <tr> <td class="numLine"> 203</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * to {@link #isLoginAttempt(String) isLoginAttempt(authzHeaderValue)}. If the header is <code>null</code>,</span></pre></td></tr> |
| <tr> <td class="numLine"> 204</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * <code>false</code> is returned.</span></pre></td></tr> |
| <tr> <td class="numLine"> 205</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr> |
| <tr> <td class="numLine"> 206</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * @param request incoming ServletRequest</span></pre></td></tr> |
| <tr> <td class="numLine"> 207</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * @param response outgoing ServletResponse</span></pre></td></tr> |
| <tr> <td class="numLine"> 208</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * @return true if the incoming request is an attempt to log in based, false otherwise</span></pre></td></tr> |
| <tr> <td class="numLine"> 209</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr> |
| <tr> <td class="numLine"> 210</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">protected</span> <span class="keyword">boolean</span> isLoginAttempt(ServletRequest request, ServletResponse response) {</pre></td></tr> |
| <tr> <td class="numLineCover"> 211</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> String authzHeader = getAuthzHeader(request);</span></pre></td></tr> |
| <tr> <td class="numLineCover"> 212</td> <td class="nbHitsUncovered"><a title="Line 212: Conditional coverage 0% (0/4) [each condition: 0%, 0%]."> 0</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 212: Conditional coverage 0% (0/4) [each condition: 0%, 0%]."> <span class="keyword">return</span> authzHeader != <span class="keyword">null</span> && isLoginAttempt(authzHeader);</a></span></pre></td></tr> |
| <tr> <td class="numLine"> 213</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLine"> 214</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 215</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr> |
| <tr> <td class="numLine"> 216</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * Delegates to {@link #isLoginAttempt(javax.servlet.ServletRequest, javax.servlet.ServletResponse) isLoginAttempt}.</span></pre></td></tr> |
| <tr> <td class="numLine"> 217</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr> |
| <tr> <td class="numLine"> 218</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> @Override</pre></td></tr> |
| <tr> <td class="numLine"> 219</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">protected</span> <span class="keyword">final</span> <span class="keyword">boolean</span> isLoginRequest(ServletRequest request, ServletResponse response) {</pre></td></tr> |
| <tr> <td class="numLineCover"> 220</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">return</span> <span class="keyword">this</span>.isLoginAttempt(request, response);</span></pre></td></tr> |
| <tr> <td class="numLine"> 221</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLine"> 222</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 223</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr> |
| <tr> <td class="numLine"> 224</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * Returns the {@link #AUTHORIZATION_HEADER AUTHORIZATION_HEADER} from the specified ServletRequest.</span></pre></td></tr> |
| <tr> <td class="numLine"> 225</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * <p/></span></pre></td></tr> |
| <tr> <td class="numLine"> 226</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * This implementation merely casts the request to an <code>HttpServletRequest</code> and returns the header:</span></pre></td></tr> |
| <tr> <td class="numLine"> 227</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * <p/></span></pre></td></tr> |
| <tr> <td class="numLine"> 228</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * <code>HttpServletRequest httpRequest = {@link WebUtils#toHttp(javax.servlet.ServletRequest) toHttp(reaquest)};<br/></span></pre></td></tr> |
| <tr> <td class="numLine"> 229</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * return httpRequest.getHeader({@link #AUTHORIZATION_HEADER AUTHORIZATION_HEADER});</code></span></pre></td></tr> |
| <tr> <td class="numLine"> 230</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr> |
| <tr> <td class="numLine"> 231</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * @param request the incoming <code>ServletRequest</code></span></pre></td></tr> |
| <tr> <td class="numLine"> 232</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * @return the <code>Authorization</code> header's value.</span></pre></td></tr> |
| <tr> <td class="numLine"> 233</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr> |
| <tr> <td class="numLine"> 234</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">protected</span> String getAuthzHeader(ServletRequest request) {</pre></td></tr> |
| <tr> <td class="numLineCover"> 235</td> <td class="nbHitsCovered"> 4</td> <td class="src"><pre class="src"> HttpServletRequest httpRequest = WebUtils.toHttp(request);</pre></td></tr> |
| <tr> <td class="numLineCover"> 236</td> <td class="nbHitsCovered"> 4</td> <td class="src"><pre class="src"> <span class="keyword">return</span> httpRequest.getHeader(AUTHORIZATION_HEADER);</pre></td></tr> |
| <tr> <td class="numLine"> 237</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLine"> 238</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 239</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr> |
| <tr> <td class="numLine"> 240</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * Default implementation that returns <code>true</code> if the specified <code>authzHeader</code></span></pre></td></tr> |
| <tr> <td class="numLine"> 241</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * starts with the same (case-insensitive) characters specified by the</span></pre></td></tr> |
| <tr> <td class="numLine"> 242</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * {@link #getAuthzScheme() authzScheme}, <code>false</code> otherwise.</span></pre></td></tr> |
| <tr> <td class="numLine"> 243</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * <p/></span></pre></td></tr> |
| <tr> <td class="numLine"> 244</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * That is:</span></pre></td></tr> |
| <tr> <td class="numLine"> 245</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * <p/></span></pre></td></tr> |
| <tr> <td class="numLine"> 246</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * <code>String authzScheme = getAuthzScheme().toLowerCase();<br/></span></pre></td></tr> |
| <tr> <td class="numLine"> 247</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * return authzHeader.toLowerCase().startsWith(authzScheme);</code></span></pre></td></tr> |
| <tr> <td class="numLine"> 248</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr> |
| <tr> <td class="numLine"> 249</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * @param authzHeader the 'Authorization' header value (guaranteed to be non-null if the</span></pre></td></tr> |
| <tr> <td class="numLine"> 250</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * {@link #isLoginAttempt(javax.servlet.ServletRequest, javax.servlet.ServletResponse)} method is not overriden).</span></pre></td></tr> |
| <tr> <td class="numLine"> 251</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * @return <code>true</code> if the authzHeader value matches that configured as defined by</span></pre></td></tr> |
| <tr> <td class="numLine"> 252</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * the {@link #getAuthzScheme() authzScheme}.</span></pre></td></tr> |
| <tr> <td class="numLine"> 253</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr> |
| <tr> <td class="numLine"> 254</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">protected</span> <span class="keyword">boolean</span> isLoginAttempt(String authzHeader) {</pre></td></tr> |
| <tr> <td class="numLine"> 255</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">//SHIRO-415: use English Locale:</span></pre></td></tr> |
| <tr> <td class="numLineCover"> 256</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> String authzScheme = getAuthzScheme().toLowerCase(Locale.ENGLISH);</span></pre></td></tr> |
| <tr> <td class="numLineCover"> 257</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">return</span> authzHeader.toLowerCase(Locale.ENGLISH).startsWith(authzScheme);</span></pre></td></tr> |
| <tr> <td class="numLine"> 258</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLine"> 259</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 260</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr> |
| <tr> <td class="numLine"> 261</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * Builds the challenge for authorization by setting a HTTP <code>401</code> (Unauthorized) status as well as the</span></pre></td></tr> |
| <tr> <td class="numLine"> 262</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * response's {@link #AUTHENTICATE_HEADER AUTHENTICATE_HEADER}.</span></pre></td></tr> |
| <tr> <td class="numLine"> 263</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * <p/></span></pre></td></tr> |
| <tr> <td class="numLine"> 264</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * The header value constructed is equal to:</span></pre></td></tr> |
| <tr> <td class="numLine"> 265</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * <p/></span></pre></td></tr> |
| <tr> <td class="numLine"> 266</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * <code>{@link #getAuthcScheme() getAuthcScheme()} + " realm=\"" + {@link #getApplicationName() getApplicationName()} + "\"";</code></span></pre></td></tr> |
| <tr> <td class="numLine"> 267</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr> |
| <tr> <td class="numLine"> 268</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * @param request incoming ServletRequest, ignored by this implementation</span></pre></td></tr> |
| <tr> <td class="numLine"> 269</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * @param response outgoing ServletResponse</span></pre></td></tr> |
| <tr> <td class="numLine"> 270</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * @return false - this sends the challenge to be sent back</span></pre></td></tr> |
| <tr> <td class="numLine"> 271</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr> |
| <tr> <td class="numLine"> 272</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">protected</span> <span class="keyword">boolean</span> sendChallenge(ServletRequest request, ServletResponse response) {</pre></td></tr> |
| <tr> <td class="numLineCover"> 273</td> <td class="nbHitsUncovered"><a title="Line 273: Conditional coverage 0% (0/2)."> 0</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 273: Conditional coverage 0% (0/2)."> <span class="keyword">if</span> (log.isDebugEnabled()) {</a></span></pre></td></tr> |
| <tr> <td class="numLineCover"> 274</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> log.debug(<span class="string">"Authentication required: sending 401 Authentication challenge response."</span>);</span></pre></td></tr> |
| <tr> <td class="numLine"> 275</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLineCover"> 276</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> HttpServletResponse httpResponse = WebUtils.toHttp(response);</span></pre></td></tr> |
| <tr> <td class="numLineCover"> 277</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> httpResponse.setStatus(HttpServletResponse.SC_UNAUTHORIZED);</span></pre></td></tr> |
| <tr> <td class="numLineCover"> 278</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> String authcHeader = getAuthcScheme() + <span class="string">" realm=\""</span> + getApplicationName() + <span class="string">"\""</span>;</span></pre></td></tr> |
| <tr> <td class="numLineCover"> 279</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> httpResponse.setHeader(AUTHENTICATE_HEADER, authcHeader);</span></pre></td></tr> |
| <tr> <td class="numLineCover"> 280</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">return</span> <span class="keyword">false</span>;</span></pre></td></tr> |
| <tr> <td class="numLine"> 281</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLine"> 282</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 283</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr> |
| <tr> <td class="numLine"> 284</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * Creates an AuthenticationToken for use during login attempt with the provided credentials in the http header.</span></pre></td></tr> |
| <tr> <td class="numLine"> 285</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * <p/></span></pre></td></tr> |
| <tr> <td class="numLine"> 286</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * This implementation:</span></pre></td></tr> |
| <tr> <td class="numLine"> 287</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * <ol><li>acquires the username and password based on the request's</span></pre></td></tr> |
| <tr> <td class="numLine"> 288</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * {@link #getAuthzHeader(javax.servlet.ServletRequest) authorization header} via the</span></pre></td></tr> |
| <tr> <td class="numLine"> 289</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * {@link #getPrincipalsAndCredentials(String, javax.servlet.ServletRequest) getPrincipalsAndCredentials} method</li></span></pre></td></tr> |
| <tr> <td class="numLine"> 290</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * <li>The return value of that method is converted to an <code>AuthenticationToken</code> via the</span></pre></td></tr> |
| <tr> <td class="numLine"> 291</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * {@link #createToken(String, String, javax.servlet.ServletRequest, javax.servlet.ServletResponse) createToken} method</li></span></pre></td></tr> |
| <tr> <td class="numLine"> 292</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * <li>The created <code>AuthenticationToken</code> is returned.</li></span></pre></td></tr> |
| <tr> <td class="numLine"> 293</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * </ol></span></pre></td></tr> |
| <tr> <td class="numLine"> 294</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr> |
| <tr> <td class="numLine"> 295</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * @param request incoming ServletRequest</span></pre></td></tr> |
| <tr> <td class="numLine"> 296</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * @param response outgoing ServletResponse</span></pre></td></tr> |
| <tr> <td class="numLine"> 297</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * @return the AuthenticationToken used to execute the login attempt</span></pre></td></tr> |
| <tr> <td class="numLine"> 298</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr> |
| <tr> <td class="numLine"> 299</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">protected</span> AuthenticationToken createToken(ServletRequest request, ServletResponse response) {</pre></td></tr> |
| <tr> <td class="numLineCover"> 300</td> <td class="nbHitsCovered"> 4</td> <td class="src"><pre class="src"> String authorizationHeader = getAuthzHeader(request);</pre></td></tr> |
| <tr> <td class="numLineCover"> 301</td> <td class="nbHitsUncovered"><a title="Line 301: Conditional coverage 75% (3/4) [each condition: 100%, 50%]."> 4</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 301: Conditional coverage 75% (3/4) [each condition: 100%, 50%]."> <span class="keyword">if</span> (authorizationHeader == <span class="keyword">null</span> || authorizationHeader.length() == 0) {</a></span></pre></td></tr> |
| <tr> <td class="numLine"> 302</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">// Create an empty authentication token since there is no</span></pre></td></tr> |
| <tr> <td class="numLine"> 303</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">// Authorization header.</span></pre></td></tr> |
| <tr> <td class="numLineCover"> 304</td> <td class="nbHitsCovered"> 1</td> <td class="src"><pre class="src"> <span class="keyword">return</span> createToken(<span class="string">""</span>, <span class="string">""</span>, request, response);</pre></td></tr> |
| <tr> <td class="numLine"> 305</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLine"> 306</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLineCover"> 307</td> <td class="nbHitsUncovered"><a title="Line 307: Conditional coverage 50% (1/2)."> 3</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 307: Conditional coverage 50% (1/2)."> <span class="keyword">if</span> (log.isDebugEnabled()) {</a></span></pre></td></tr> |
| <tr> <td class="numLineCover"> 308</td> <td class="nbHitsCovered"> 3</td> <td class="src"><pre class="src"> log.debug(<span class="string">"Attempting to execute login with headers ["</span> + authorizationHeader + <span class="string">"]"</span>);</pre></td></tr> |
| <tr> <td class="numLine"> 309</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLine"> 310</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLineCover"> 311</td> <td class="nbHitsCovered"> 3</td> <td class="src"><pre class="src"> String[] prinCred = getPrincipalsAndCredentials(authorizationHeader, request);</pre></td></tr> |
| <tr> <td class="numLineCover"> 312</td> <td class="nbHitsUncovered"><a title="Line 312: Conditional coverage 50% (2/4) [each condition: 50%, 50%]."> 3</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 312: Conditional coverage 50% (2/4) [each condition: 50%, 50%]."> <span class="keyword">if</span> (prinCred == <span class="keyword">null</span> || prinCred.length < 2) {</a></span></pre></td></tr> |
| <tr> <td class="numLine"> 313</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">// Create an authentication token with an empty password,</span></pre></td></tr> |
| <tr> <td class="numLine"> 314</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">// since one hasn't been provided in the request.</span></pre></td></tr> |
| <tr> <td class="numLineCover"> 315</td> <td class="nbHitsUncovered"><a title="Line 315: Conditional coverage 0% (0/4) [each condition: 0%, 0%]."> 0</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 315: Conditional coverage 0% (0/4) [each condition: 0%, 0%]."> String username = prinCred == <span class="keyword">null</span> || prinCred.length == 0 ? <span class="string">""</span> : prinCred[0];</a></span></pre></td></tr> |
| <tr> <td class="numLineCover"> 316</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">return</span> createToken(username, <span class="string">""</span>, request, response);</span></pre></td></tr> |
| <tr> <td class="numLine"> 317</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLine"> 318</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLineCover"> 319</td> <td class="nbHitsCovered"> 3</td> <td class="src"><pre class="src"> String username = prinCred[0];</pre></td></tr> |
| <tr> <td class="numLineCover"> 320</td> <td class="nbHitsCovered"> 3</td> <td class="src"><pre class="src"> String password = prinCred[1];</pre></td></tr> |
| <tr> <td class="numLine"> 321</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLineCover"> 322</td> <td class="nbHitsCovered"> 3</td> <td class="src"><pre class="src"> <span class="keyword">return</span> createToken(username, password, request, response);</pre></td></tr> |
| <tr> <td class="numLine"> 323</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLine"> 324</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 325</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr> |
| <tr> <td class="numLine"> 326</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * Returns the username obtained from the</span></pre></td></tr> |
| <tr> <td class="numLine"> 327</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * {@link #getAuthzHeader(javax.servlet.ServletRequest) authorizationHeader}.</span></pre></td></tr> |
| <tr> <td class="numLine"> 328</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * <p/></span></pre></td></tr> |
| <tr> <td class="numLine"> 329</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * Once the {@code authzHeader} is split per the RFC (based on the space character ' '), the resulting split tokens</span></pre></td></tr> |
| <tr> <td class="numLine"> 330</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * are translated into the username/password pair by the</span></pre></td></tr> |
| <tr> <td class="numLine"> 331</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * {@link #getPrincipalsAndCredentials(String, String) getPrincipalsAndCredentials(scheme,encoded)} method.</span></pre></td></tr> |
| <tr> <td class="numLine"> 332</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr> |
| <tr> <td class="numLine"> 333</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * @param authorizationHeader the authorization header obtained from the request.</span></pre></td></tr> |
| <tr> <td class="numLine"> 334</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * @param request the incoming ServletRequest</span></pre></td></tr> |
| <tr> <td class="numLine"> 335</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * @return the username (index 0)/password pair (index 1) submitted by the user for the given header value and request.</span></pre></td></tr> |
| <tr> <td class="numLine"> 336</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * @see #getAuthzHeader(javax.servlet.ServletRequest)</span></pre></td></tr> |
| <tr> <td class="numLine"> 337</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr> |
| <tr> <td class="numLine"> 338</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">protected</span> String[] getPrincipalsAndCredentials(String authorizationHeader, ServletRequest request) {</pre></td></tr> |
| <tr> <td class="numLineCover"> 339</td> <td class="nbHitsUncovered"><a title="Line 339: Conditional coverage 50% (1/2)."> 3</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 339: Conditional coverage 50% (1/2)."> <span class="keyword">if</span> (authorizationHeader == <span class="keyword">null</span>) {</a></span></pre></td></tr> |
| <tr> <td class="numLineCover"> 340</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">return</span> <span class="keyword">null</span>;</span></pre></td></tr> |
| <tr> <td class="numLine"> 341</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLineCover"> 342</td> <td class="nbHitsCovered"> 3</td> <td class="src"><pre class="src"> String[] authTokens = authorizationHeader.split(<span class="string">" "</span>);</pre></td></tr> |
| <tr> <td class="numLineCover"> 343</td> <td class="nbHitsUncovered"><a title="Line 343: Conditional coverage 50% (2/4) [each condition: 50%, 50%]."> 3</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 343: Conditional coverage 50% (2/4) [each condition: 50%, 50%]."> <span class="keyword">if</span> (authTokens == <span class="keyword">null</span> || authTokens.length < 2) {</a></span></pre></td></tr> |
| <tr> <td class="numLineCover"> 344</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> <span class="keyword">return</span> <span class="keyword">null</span>;</span></pre></td></tr> |
| <tr> <td class="numLine"> 345</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLineCover"> 346</td> <td class="nbHitsCovered"> 3</td> <td class="src"><pre class="src"> <span class="keyword">return</span> getPrincipalsAndCredentials(authTokens[0], authTokens[1]);</pre></td></tr> |
| <tr> <td class="numLine"> 347</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLine"> 348</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 349</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr> |
| <tr> <td class="numLine"> 350</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * Returns the username and password pair based on the specified <code>encoded</code> String obtained from</span></pre></td></tr> |
| <tr> <td class="numLine"> 351</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * the request's authorization header.</span></pre></td></tr> |
| <tr> <td class="numLine"> 352</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * <p/></span></pre></td></tr> |
| <tr> <td class="numLine"> 353</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * Per RFC 2617, the default implementation first Base64 decodes the string and then splits the resulting decoded</span></pre></td></tr> |
| <tr> <td class="numLine"> 354</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * string into two based on the ":" character. That is:</span></pre></td></tr> |
| <tr> <td class="numLine"> 355</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * <p/></span></pre></td></tr> |
| <tr> <td class="numLine"> 356</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * <code>String decoded = Base64.decodeToString(encoded);<br/></span></pre></td></tr> |
| <tr> <td class="numLine"> 357</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * return decoded.split(":");</code></span></pre></td></tr> |
| <tr> <td class="numLine"> 358</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr> |
| <tr> <td class="numLine"> 359</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * @param scheme the {@link #getAuthcScheme() authcScheme} found in the request</span></pre></td></tr> |
| <tr> <td class="numLine"> 360</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * {@link #getAuthzHeader(javax.servlet.ServletRequest) authzHeader}. It is ignored by this implementation,</span></pre></td></tr> |
| <tr> <td class="numLine"> 361</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * but available to overriding implementations should they find it useful.</span></pre></td></tr> |
| <tr> <td class="numLine"> 362</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * @param encoded the Base64-encoded username:password value found after the scheme in the header</span></pre></td></tr> |
| <tr> <td class="numLine"> 363</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * @return the username (index 0)/password (index 1) pair obtained from the encoded header data.</span></pre></td></tr> |
| <tr> <td class="numLine"> 364</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr> |
| <tr> <td class="numLine"> 365</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">protected</span> String[] getPrincipalsAndCredentials(String scheme, String encoded) {</pre></td></tr> |
| <tr> <td class="numLineCover"> 366</td> <td class="nbHitsCovered"> 3</td> <td class="src"><pre class="src"> String decoded = Base64.decodeToString(encoded);</pre></td></tr> |
| <tr> <td class="numLineCover"> 367</td> <td class="nbHitsCovered"> 3</td> <td class="src"><pre class="src"> <span class="keyword">return</span> decoded.split(<span class="string">":"</span>, 2);</pre></td></tr> |
| <tr> <td class="numLine"> 368</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLine"> 369</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| </table> |
| |
| <div class="footer">Report generated by <a href="http://cobertura.sourceforge.net/" target="_top">Cobertura</a> 1.9.4.1 on 5/25/16 11:32 PM.</div> |
| </body> |
| </html> |