| <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" |
| "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> |
| <html> |
| <head> |
| <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/> |
| <title>Coverage Report</title> |
| <link title="Style" type="text/css" rel="stylesheet" href="css/main.css"/> |
| <script type="text/javascript" src="js/popup.js"></script> |
| </head> |
| <body> |
| <h5>Coverage Report - org.apache.shiro.web.filter.authz.AuthorizationFilter</h5> |
| <div class="separator"> </div> |
| <table class="report"> |
| <thead><tr> <td class="heading">Classes in this File</td> <td class="heading"><a class="dfn" href="help.html" onclick="popupwindow('help.html'); return false;">Line Coverage</a></td> <td class="heading"><a class="dfn" href="help.html" onclick="popupwindow('help.html'); return false;">Branch Coverage</a></td> <td class="heading"><a class="dfn" href="help.html" onclick="popupwindow('help.html'); return false;">Complexity</a></td></tr></thead> |
| <tr><td><a href="org.apache.shiro.web.filter.authz.AuthorizationFilter.html">AuthorizationFilter</a></td><td><table cellpadding="0px" cellspacing="0px" class="percentgraph"><tr class="percentgraph"><td align="right" class="percentgraph" width="40">91%</td><td class="percentgraph"><div class="percentgraph"><div class="greenbar" style="width:91px"><span class="text">11/12</span></div></div></td></tr></table></td><td><table cellpadding="0px" cellspacing="0px" class="percentgraph"><tr class="percentgraph"><td align="right" class="percentgraph" width="40">75%</td><td class="percentgraph"><div class="percentgraph"><div class="greenbar" style="width:75px"><span class="text">3/4</span></div></div></td></tr></table></td><td class="value"><span class="hidden">1.6666666666666667;</span>1.667</td></tr> |
| |
| </table> |
| <div class="separator"> </div> |
| <table cellspacing="0" cellpadding="0" class="src"> |
| <tr> <td class="numLine"> 1</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">/*</span></pre></td></tr> |
| <tr> <td class="numLine"> 2</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * Licensed to the Apache Software Foundation (ASF) under one</span></pre></td></tr> |
| <tr> <td class="numLine"> 3</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * or more contributor license agreements. See the NOTICE file</span></pre></td></tr> |
| <tr> <td class="numLine"> 4</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * distributed with this work for additional information</span></pre></td></tr> |
| <tr> <td class="numLine"> 5</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * regarding copyright ownership. The ASF licenses this file</span></pre></td></tr> |
| <tr> <td class="numLine"> 6</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * to you under the Apache License, Version 2.0 (the</span></pre></td></tr> |
| <tr> <td class="numLine"> 7</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * "License"); you may not use this file except in compliance</span></pre></td></tr> |
| <tr> <td class="numLine"> 8</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * with the License. You may obtain a copy of the License at</span></pre></td></tr> |
| <tr> <td class="numLine"> 9</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr> |
| <tr> <td class="numLine"> 10</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * http://www.apache.org/licenses/LICENSE-2.0</span></pre></td></tr> |
| <tr> <td class="numLine"> 11</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr> |
| <tr> <td class="numLine"> 12</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * Unless required by applicable law or agreed to in writing,</span></pre></td></tr> |
| <tr> <td class="numLine"> 13</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * software distributed under the License is distributed on an</span></pre></td></tr> |
| <tr> <td class="numLine"> 14</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY</span></pre></td></tr> |
| <tr> <td class="numLine"> 15</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * KIND, either express or implied. See the License for the</span></pre></td></tr> |
| <tr> <td class="numLine"> 16</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * specific language governing permissions and limitations</span></pre></td></tr> |
| <tr> <td class="numLine"> 17</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * under the License.</span></pre></td></tr> |
| <tr> <td class="numLine"> 18</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr> |
| <tr> <td class="numLine"> 19</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">package</span> org.apache.shiro.web.filter.authz;</pre></td></tr> |
| <tr> <td class="numLine"> 20</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 21</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">import</span> org.apache.shiro.subject.Subject;</pre></td></tr> |
| <tr> <td class="numLine"> 22</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">import</span> org.apache.shiro.util.StringUtils;</pre></td></tr> |
| <tr> <td class="numLine"> 23</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">import</span> org.apache.shiro.web.filter.AccessControlFilter;</pre></td></tr> |
| <tr> <td class="numLine"> 24</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">import</span> org.apache.shiro.web.util.WebUtils;</pre></td></tr> |
| <tr> <td class="numLine"> 25</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 26</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">import</span> javax.servlet.ServletRequest;</pre></td></tr> |
| <tr> <td class="numLine"> 27</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">import</span> javax.servlet.ServletResponse;</pre></td></tr> |
| <tr> <td class="numLine"> 28</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">import</span> javax.servlet.http.HttpServletResponse;</pre></td></tr> |
| <tr> <td class="numLine"> 29</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">import</span> java.io.IOException;</pre></td></tr> |
| <tr> <td class="numLine"> 30</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 31</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr> |
| <tr> <td class="numLine"> 32</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * Superclass for authorization-related filters. If an request is unauthorized, response handling is delegated to the</span></pre></td></tr> |
| <tr> <td class="numLine"> 33</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * {@link #onAccessDenied(javax.servlet.ServletRequest, javax.servlet.ServletResponse) onAccessDenied} method, which</span></pre></td></tr> |
| <tr> <td class="numLine"> 34</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * provides reasonable handling for most applications.</span></pre></td></tr> |
| <tr> <td class="numLine"> 35</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr> |
| <tr> <td class="numLine"> 36</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * @see #onAccessDenied(javax.servlet.ServletRequest, javax.servlet.ServletResponse)</span></pre></td></tr> |
| <tr> <td class="numLine"> 37</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * @since 0.9</span></pre></td></tr> |
| <tr> <td class="numLine"> 38</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr> |
| <tr> <td class="numLineCover"> 39</td> <td class="nbHitsCovered"> 496</td> <td class="src"><pre class="src"> <span class="keyword">public</span> <span class="keyword">abstract</span> <span class="keyword">class</span> AuthorizationFilter <span class="keyword">extends</span> AccessControlFilter {</pre></td></tr> |
| <tr> <td class="numLine"> 40</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 41</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr> |
| <tr> <td class="numLine"> 42</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * The URL to which users should be redirected if they are denied access to an underlying path or resource,</span></pre></td></tr> |
| <tr> <td class="numLine"> 43</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * {@code null} by default which will issue a raw {@link HttpServletResponse#SC_UNAUTHORIZED} response</span></pre></td></tr> |
| <tr> <td class="numLine"> 44</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * (401 Unauthorized).</span></pre></td></tr> |
| <tr> <td class="numLine"> 45</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr> |
| <tr> <td class="numLine"> 46</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">private</span> String unauthorizedUrl;</pre></td></tr> |
| <tr> <td class="numLine"> 47</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 48</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr> |
| <tr> <td class="numLine"> 49</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * Returns the URL to which users should be redirected if they are denied access to an underlying path or resource,</span></pre></td></tr> |
| <tr> <td class="numLine"> 50</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * or {@code null} if a raw {@link HttpServletResponse#SC_UNAUTHORIZED} response should be issued (401 Unauthorized).</span></pre></td></tr> |
| <tr> <td class="numLine"> 51</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * <p/></span></pre></td></tr> |
| <tr> <td class="numLine"> 52</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * The default is {@code null}, ensuring default web server behavior. Override this default by calling the</span></pre></td></tr> |
| <tr> <td class="numLine"> 53</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * {@link #setUnauthorizedUrl(String) setUnauthorizedUrl} method with a meaningful path within your application</span></pre></td></tr> |
| <tr> <td class="numLine"> 54</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * if you would like to show the user a 'nice' page in the event of unauthorized access.</span></pre></td></tr> |
| <tr> <td class="numLine"> 55</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr> |
| <tr> <td class="numLine"> 56</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * @return the URL to which users should be redirected if they are denied access to an underlying path or resource,</span></pre></td></tr> |
| <tr> <td class="numLine"> 57</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * or {@code null} if a raw {@link HttpServletResponse#SC_UNAUTHORIZED} response should be issued (401 Unauthorized).</span></pre></td></tr> |
| <tr> <td class="numLine"> 58</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr> |
| <tr> <td class="numLine"> 59</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">public</span> String getUnauthorizedUrl() {</pre></td></tr> |
| <tr> <td class="numLineCover"> 60</td> <td class="nbHitsCovered"> 4</td> <td class="src"><pre class="src"> <span class="keyword">return</span> unauthorizedUrl;</pre></td></tr> |
| <tr> <td class="numLine"> 61</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLine"> 62</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 63</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr> |
| <tr> <td class="numLine"> 64</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * Sets the URL to which users should be redirected if they are denied access to an underlying path or resource.</span></pre></td></tr> |
| <tr> <td class="numLine"> 65</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * <p/></span></pre></td></tr> |
| <tr> <td class="numLine"> 66</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * If the value is {@code null} a raw {@link HttpServletResponse#SC_UNAUTHORIZED} response will</span></pre></td></tr> |
| <tr> <td class="numLine"> 67</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * be issued (401 Unauthorized), retaining default web server behavior.</span></pre></td></tr> |
| <tr> <td class="numLine"> 68</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * <p/></span></pre></td></tr> |
| <tr> <td class="numLine"> 69</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * Unless overridden by calling this method, the default value is {@code null}. If desired, you can specify a</span></pre></td></tr> |
| <tr> <td class="numLine"> 70</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * meaningful path within your application if you would like to show the user a 'nice' page in the event of</span></pre></td></tr> |
| <tr> <td class="numLine"> 71</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * unauthorized access.</span></pre></td></tr> |
| <tr> <td class="numLine"> 72</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr> |
| <tr> <td class="numLine"> 73</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * @param unauthorizedUrl the URL to which users should be redirected if they are denied access to an underlying</span></pre></td></tr> |
| <tr> <td class="numLine"> 74</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * path or resource, or {@code null} to a ensure raw {@link HttpServletResponse#SC_UNAUTHORIZED} response is</span></pre></td></tr> |
| <tr> <td class="numLine"> 75</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * issued (401 Unauthorized).</span></pre></td></tr> |
| <tr> <td class="numLine"> 76</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr> |
| <tr> <td class="numLine"> 77</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">public</span> <span class="keyword">void</span> setUnauthorizedUrl(String unauthorizedUrl) {</pre></td></tr> |
| <tr> <td class="numLineCover"> 78</td> <td class="nbHitsCovered"> 2</td> <td class="src"><pre class="src"> <span class="keyword">this</span>.unauthorizedUrl = unauthorizedUrl;</pre></td></tr> |
| <tr> <td class="numLineCover"> 79</td> <td class="nbHitsCovered"> 2</td> <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLine"> 80</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 81</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">/**</span></pre></td></tr> |
| <tr> <td class="numLine"> 82</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * Handles the response when access has been denied. It behaves as follows:</span></pre></td></tr> |
| <tr> <td class="numLine"> 83</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * <ul></span></pre></td></tr> |
| <tr> <td class="numLine"> 84</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * <li>If the {@code Subject} is unknown<sup><a href="#known">[1]</a></sup>:</span></pre></td></tr> |
| <tr> <td class="numLine"> 85</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * <ol><li>The incoming request will be saved and they will be redirected to the login page for authentication</span></pre></td></tr> |
| <tr> <td class="numLine"> 86</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * (via the {@link #saveRequestAndRedirectToLogin(javax.servlet.ServletRequest, javax.servlet.ServletResponse)}</span></pre></td></tr> |
| <tr> <td class="numLine"> 87</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * method).</li></span></pre></td></tr> |
| <tr> <td class="numLine"> 88</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * <li>Once successfully authenticated, they will be redirected back to the originally attempted page.</li></ol></span></pre></td></tr> |
| <tr> <td class="numLine"> 89</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * </li></span></pre></td></tr> |
| <tr> <td class="numLine"> 90</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * <li>If the Subject is known:</li></span></pre></td></tr> |
| <tr> <td class="numLine"> 91</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * <ol></span></pre></td></tr> |
| <tr> <td class="numLine"> 92</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * <li>The HTTP {@link HttpServletResponse#SC_UNAUTHORIZED} header will be set (401 Unauthorized)</li></span></pre></td></tr> |
| <tr> <td class="numLine"> 93</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * <li>If the {@link #getUnauthorizedUrl() unauthorizedUrl} has been configured, a redirect will be issued to that</span></pre></td></tr> |
| <tr> <td class="numLine"> 94</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * URL. Otherwise the 401 response is rendered normally</li></span></pre></td></tr> |
| <tr> <td class="numLine"> 95</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * </ul></span></pre></td></tr> |
| <tr> <td class="numLine"> 96</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * <code><a name="known">[1]</a></code>: A {@code Subject} is 'known' when</span></pre></td></tr> |
| <tr> <td class="numLine"> 97</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * <code>subject.{@link org.apache.shiro.subject.Subject#getPrincipal() getPrincipal()}</code> is not {@code null},</span></pre></td></tr> |
| <tr> <td class="numLine"> 98</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * which implicitly means that the subject is either currently authenticated or they have been remembered via</span></pre></td></tr> |
| <tr> <td class="numLine"> 99</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * 'remember me' services.</span></pre></td></tr> |
| <tr> <td class="numLine"> 100</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> *</span></pre></td></tr> |
| <tr> <td class="numLine"> 101</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * @param request the incoming <code>ServletRequest</code></span></pre></td></tr> |
| <tr> <td class="numLine"> 102</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * @param response the outgoing <code>ServletResponse</code></span></pre></td></tr> |
| <tr> <td class="numLine"> 103</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * @return {@code false} always for this implementation.</span></pre></td></tr> |
| <tr> <td class="numLine"> 104</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> * @throws IOException if there is any servlet error.</span></pre></td></tr> |
| <tr> <td class="numLine"> 105</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment"> */</span></pre></td></tr> |
| <tr> <td class="numLine"> 106</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="keyword">protected</span> <span class="keyword">boolean</span> onAccessDenied(ServletRequest request, ServletResponse response) <span class="keyword">throws</span> IOException {</pre></td></tr> |
| <tr> <td class="numLine"> 107</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLineCover"> 108</td> <td class="nbHitsCovered"> 4</td> <td class="src"><pre class="src"> Subject subject = getSubject(request, response);</pre></td></tr> |
| <tr> <td class="numLine"> 109</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">// If the subject isn't identified, redirect to login URL</span></pre></td></tr> |
| <tr> <td class="numLineCover"> 110</td> <td class="nbHitsUncovered"><a title="Line 110: Conditional coverage 50% (1/2)."> 4</a></td> <td class="src"><pre class="src"><span class="srcUncovered"> <a title="Line 110: Conditional coverage 50% (1/2)."> <span class="keyword">if</span> (subject.getPrincipal() == <span class="keyword">null</span>) {</a></span></pre></td></tr> |
| <tr> <td class="numLineCover"> 111</td> <td class="nbHitsUncovered"> 0</td> <td class="src"><pre class="src"><span class="srcUncovered"> saveRequestAndRedirectToLogin(request, response);</span></pre></td></tr> |
| <tr> <td class="numLine"> 112</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> } <span class="keyword">else</span> {</pre></td></tr> |
| <tr> <td class="numLine"> 113</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">// If subject is known but not authorized, redirect to the unauthorized URL if there is one</span></pre></td></tr> |
| <tr> <td class="numLine"> 114</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">// If no unauthorized URL is specified, just return an unauthorized HTTP status code</span></pre></td></tr> |
| <tr> <td class="numLineCover"> 115</td> <td class="nbHitsCovered"> 4</td> <td class="src"><pre class="src"> String unauthorizedUrl = getUnauthorizedUrl();</pre></td></tr> |
| <tr> <td class="numLine"> 116</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> <span class="comment">//SHIRO-142 - ensure that redirect _or_ error code occurs - both cannot happen due to response commit:</span></pre></td></tr> |
| <tr> <td class="numLineCover"> 117</td> <td class="nbHitsCovered"><a title="Line 117: Conditional coverage 100% (2/2)."> 4</a></td> <td class="src"><pre class="src"> <a title="Line 117: Conditional coverage 100% (2/2)."> <span class="keyword">if</span> (StringUtils.hasText(unauthorizedUrl)) {</a></pre></td></tr> |
| <tr> <td class="numLineCover"> 118</td> <td class="nbHitsCovered"> 2</td> <td class="src"><pre class="src"> WebUtils.issueRedirect(request, response, unauthorizedUrl);</pre></td></tr> |
| <tr> <td class="numLine"> 119</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> } <span class="keyword">else</span> {</pre></td></tr> |
| <tr> <td class="numLineCover"> 120</td> <td class="nbHitsCovered"> 2</td> <td class="src"><pre class="src"> WebUtils.toHttp(response).sendError(HttpServletResponse.SC_UNAUTHORIZED);</pre></td></tr> |
| <tr> <td class="numLine"> 121</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLine"> 122</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLineCover"> 123</td> <td class="nbHitsCovered"> 4</td> <td class="src"><pre class="src"> <span class="keyword">return</span> <span class="keyword">false</span>;</pre></td></tr> |
| <tr> <td class="numLine"> 124</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| <tr> <td class="numLine"> 125</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> </pre></td></tr> |
| <tr> <td class="numLine"> 126</td> <td class="nbHits"> </td> |
| <td class="src"><pre class="src"> }</pre></td></tr> |
| </table> |
| |
| <div class="footer">Report generated by <a href="http://cobertura.sourceforge.net/" target="_top">Cobertura</a> 1.9.4.1 on 7/5/16 10:56 AM.</div> |
| </body> |
| </html> |