| <?xml version="1.0" encoding="UTF-8"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" lang="en"><head><meta http-equiv="Content-Type" content="text/html;charset=UTF-8"/><link rel="stylesheet" href="../../jacoco-resources/report.css" type="text/css"/><link rel="shortcut icon" href="../../jacoco-resources/report.gif" type="image/gif"/><title>AuthenticatingFilter.java</title><link rel="stylesheet" href="../../jacoco-resources/prettify.css" type="text/css"/><script type="text/javascript" src="../../jacoco-resources/prettify.js"></script></head><body onload="window['PR_TAB_WIDTH']=4;prettyPrint()"><div class="breadcrumb" id="breadcrumb"><span class="info"><a href="../../jacoco-sessions.html" class="el_session">Sessions</a></span><a href="../../index.html" class="el_report">Apache Shiro :: Jar Bundle</a> > <a href="../index.html" class="el_bundle">shiro-web</a> > <a href="index.source.html" class="el_package">org.apache.shiro.web.filter.authc</a> > <span class="el_source">AuthenticatingFilter.java</span></div><h1>AuthenticatingFilter.java</h1><pre class="source lang-java linenums">/* |
| * Licensed to the Apache Software Foundation (ASF) under one |
| * or more contributor license agreements. See the NOTICE file |
| * distributed with this work for additional information |
| * regarding copyright ownership. The ASF licenses this file |
| * to you under the Apache License, Version 2.0 (the |
| * "License"); you may not use this file except in compliance |
| * with the License. You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, |
| * software distributed under the License is distributed on an |
| * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| * KIND, either express or implied. See the License for the |
| * specific language governing permissions and limitations |
| * under the License. |
| */ |
| package org.apache.shiro.web.filter.authc; |
| |
| import org.apache.shiro.authc.AuthenticationException; |
| import org.apache.shiro.authc.AuthenticationToken; |
| import org.apache.shiro.authc.UsernamePasswordToken; |
| import org.apache.shiro.authz.UnauthenticatedException; |
| import org.apache.shiro.subject.Subject; |
| |
| import javax.servlet.ServletException; |
| import javax.servlet.ServletRequest; |
| import javax.servlet.ServletResponse; |
| import java.io.IOException; |
| import java.util.Arrays; |
| |
| /** |
| * An <code>AuthenticationFilter</code> that is capable of automatically performing an authentication attempt |
| * based on the incoming request. |
| * |
| * @since 0.9 |
| */ |
| <span class="fc" id="L39">public abstract class AuthenticatingFilter extends AuthenticationFilter {</span> |
| public static final String PERMISSIVE = "permissive"; |
| |
| //TODO - complete JavaDoc |
| |
| protected boolean executeLogin(ServletRequest request, ServletResponse response) throws Exception { |
| <span class="nc" id="L45"> AuthenticationToken token = createToken(request, response);</span> |
| <span class="nc bnc" id="L46" title="All 2 branches missed."> if (token == null) {</span> |
| <span class="nc" id="L47"> String msg = "createToken method implementation returned null. A valid non-null AuthenticationToken " +</span> |
| "must be created in order to execute a login attempt."; |
| <span class="nc" id="L49"> throw new IllegalStateException(msg);</span> |
| } |
| try { |
| <span class="nc" id="L52"> Subject subject = getSubject(request, response);</span> |
| <span class="nc" id="L53"> subject.login(token);</span> |
| <span class="nc" id="L54"> return onLoginSuccess(token, subject, request, response);</span> |
| <span class="nc" id="L55"> } catch (AuthenticationException e) {</span> |
| <span class="nc" id="L56"> return onLoginFailure(token, e, request, response);</span> |
| } |
| } |
| |
| protected abstract AuthenticationToken createToken(ServletRequest request, ServletResponse response) throws Exception; |
| |
| protected AuthenticationToken createToken(String username, String password, |
| ServletRequest request, ServletResponse response) { |
| <span class="fc" id="L64"> boolean rememberMe = isRememberMe(request);</span> |
| <span class="fc" id="L65"> String host = getHost(request);</span> |
| <span class="fc" id="L66"> return createToken(username, password, rememberMe, host);</span> |
| } |
| |
| protected AuthenticationToken createToken(String username, String password, |
| boolean rememberMe, String host) { |
| <span class="fc" id="L71"> return new UsernamePasswordToken(username, password, rememberMe, host);</span> |
| } |
| |
| protected boolean onLoginSuccess(AuthenticationToken token, Subject subject, |
| ServletRequest request, ServletResponse response) throws Exception { |
| <span class="nc" id="L76"> return true;</span> |
| } |
| |
| protected boolean onLoginFailure(AuthenticationToken token, AuthenticationException e, |
| ServletRequest request, ServletResponse response) { |
| <span class="nc" id="L81"> return false;</span> |
| } |
| |
| /** |
| * Returns the host name or IP associated with the current subject. This method is primarily provided for use |
| * during construction of an <code>AuthenticationToken</code>. |
| * <p/> |
| * The default implementation merely returns {@link ServletRequest#getRemoteHost()}. |
| * |
| * @param request the incoming ServletRequest |
| * @return the <code>InetAddress</code> to associate with the login attempt. |
| */ |
| protected String getHost(ServletRequest request) { |
| <span class="fc" id="L94"> return request.getRemoteHost();</span> |
| } |
| |
| /** |
| * Returns <code>true</code> if &quot;rememberMe&quot; should be enabled for the login attempt associated with the |
| * current <code>request</code>, <code>false</code> otherwise. |
| * <p/> |
| * This implementation always returns <code>false</code> and is provided as a template hook to subclasses that |
| * support <code>rememberMe</code> logins and wish to determine <code>rememberMe</code> in a custom mannner |
| * based on the current <code>request</code>. |
| * |
| * @param request the incoming ServletRequest |
| * @return <code>true</code> if &quot;rememberMe&quot; should be enabled for the login attempt associated with the |
| * current <code>request</code>, <code>false</code> otherwise. |
| */ |
| protected boolean isRememberMe(ServletRequest request) { |
| <span class="fc" id="L110"> return false;</span> |
| } |
| |
| /** |
| * Determines whether the current subject should be allowed to make the current request. |
| * <p/> |
| * The default implementation returns <code>true</code> if the user is authenticated. Will also return |
| * <code>true</code> if the {@link #isLoginRequest} returns false and the &quot;permissive&quot; flag is set. |
| * |
| * @return <code>true</code> if request should be allowed access |
| */ |
| @Override |
| protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) { |
| <span class="pc bpc" id="L123" title="1 of 2 branches missed."> return super.isAccessAllowed(request, response, mappedValue) ||</span> |
| <span class="pc bpc" id="L124" title="3 of 4 branches missed."> (!isLoginRequest(request, response) && isPermissive(mappedValue));</span> |
| } |
| |
| /** |
| * Returns <code>true</code> if the mappedValue contains the {@link #PERMISSIVE} qualifier. |
| * |
| * @return <code>true</code> if this filter should be permissive |
| */ |
| protected boolean isPermissive(Object mappedValue) { |
| <span class="nc bnc" id="L133" title="All 2 branches missed."> if(mappedValue != null) {</span> |
| <span class="nc" id="L134"> String[] values = (String[]) mappedValue;</span> |
| <span class="nc bnc" id="L135" title="All 2 branches missed."> return Arrays.binarySearch(values, PERMISSIVE) >= 0;</span> |
| } |
| <span class="nc" id="L137"> return false;</span> |
| } |
| |
| /** |
| * Overrides the default behavior to call {@link #onAccessDenied} and swallow the exception if the exception is |
| * {@link UnauthenticatedException}. |
| */ |
| @Override |
| protected void cleanup(ServletRequest request, ServletResponse response, Exception existing) throws ServletException, IOException { |
| <span class="nc bnc" id="L146" title="All 6 branches missed."> if (existing instanceof UnauthenticatedException || (existing instanceof ServletException && existing.getCause() instanceof UnauthenticatedException))</span> |
| { |
| try { |
| <span class="nc" id="L149"> onAccessDenied(request, response);</span> |
| <span class="nc" id="L150"> existing = null;</span> |
| <span class="nc" id="L151"> } catch (Exception e) {</span> |
| <span class="nc" id="L152"> existing = e;</span> |
| <span class="nc" id="L153"> }</span> |
| } |
| <span class="nc" id="L155"> super.cleanup(request, response, existing);</span> |
| |
| <span class="nc" id="L157"> }</span> |
| } |
| </pre><div class="footer"><span class="right">Created with <a href="http://www.eclemma.org/jacoco">JaCoCo</a> 0.7.7.201606060606</span></div></body></html> |