src/site/assets/static/1.4.1/shiro-web/jacoco/org.apache.shiro.web.servlet/IniShiroFilter.java.html - shiro-site - Git at Google

 <?xml version="1.0" encoding="UTF-8"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" lang="en"><head><meta http-equiv="Content-Type" content="text/html;charset=UTF-8"/><link rel="stylesheet" href="../jacoco-resources/report.css" type="text/css"/><link rel="shortcut icon" href="../jacoco-resources/report.gif" type="image/gif"/><title>IniShiroFilter.java</title><link rel="stylesheet" href="../jacoco-resources/prettify.css" type="text/css"/><script type="text/javascript" src="../jacoco-resources/prettify.js"></script></head><body onload="window['PR_TAB_WIDTH']=4;prettyPrint()"><div class="breadcrumb" id="breadcrumb"><span class="info"><a href="../jacoco-sessions.html" class="el_session">Sessions</a></span><a href="../index.html" class="el_report">Apache Shiro :: Web</a> &gt; <a href="index.source.html" class="el_package">org.apache.shiro.web.servlet</a> &gt; <span class="el_source">IniShiroFilter.java</span></div><h1>IniShiroFilter.java</h1><pre class="source lang-java linenums">/*
  * Licensed to the Apache Software Foundation (ASF) under one
  * or more contributor license agreements.  See the NOTICE file
  * distributed with this work for additional information
  * regarding copyright ownership.  The ASF licenses this file
  * to you under the Apache License, Version 2.0 (the
  * &quot;License&quot;); you may not use this file except in compliance
  * with the License.  You may obtain a copy of the License at
  *
  *     http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing,
  * software distributed under the License is distributed on an
  * &quot;AS IS&quot; BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  * KIND, either express or implied.  See the License for the
  * specific language governing permissions and limitations
  * under the License.
  */
 package org.apache.shiro.web.servlet;

 import org.apache.shiro.config.ConfigurationException;
 import org.apache.shiro.config.Ini;
 import org.apache.shiro.config.IniFactorySupport;
 import org.apache.shiro.io.ResourceUtils;
 import org.apache.shiro.mgt.SecurityManager;
 import org.apache.shiro.util.CollectionUtils;
 import org.apache.shiro.util.StringUtils;
 import org.apache.shiro.web.config.IniFilterChainResolverFactory;
 import org.apache.shiro.web.config.WebIniSecurityManagerFactory;
 import org.apache.shiro.web.filter.mgt.FilterChainResolver;
 import org.apache.shiro.web.mgt.WebSecurityManager;
 import org.apache.shiro.web.util.WebUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;

 import java.io.InputStream;
 import java.util.Map;

 /**
  * &lt;h1&gt;Deprecated&lt;/h1&gt;
  * This filter has been deprecated as of Shiro 1.2 in favor of using the {@link ShiroFilter} in {@code web.xml} instead.
  * See the {@link ShiroFilter} JavaDoc for usage.
  * &lt;p/&gt;
  * ======================
  * &lt;p/&gt;
  * Servlet Filter that configures and enables all Shiro functions within a web application by using the
  * &lt;a href=&quot;http://en.wikipedia.org/wiki/INI_file&quot;&gt;INI&lt;/a&gt; configuration format.
  * &lt;p/&gt;
  * The actual INI configuration contents are not covered here, but instead in Shiro's
  * &lt;a href=&quot;http://shiro.apache.org/configuration.html&quot;&gt;Configuration Documentation&lt;/a&gt; and additional web-specific
  * &lt;a href=&quot;http://shiro.apache.org/web.html&quot;&gt;Web Documentation&lt;/a&gt;.
  * &lt;h2&gt;Usage&lt;/h2&gt;
  * &lt;h3&gt;Default&lt;/h3&gt;
  * By default, the simplest filter declaration expects a {@code shiro.ini} resource to be located at
  * {@code /WEB-INF/shiro.ini}, or, if not there, falls back to checking the root of the classpath
  * (i.e. {@code classpath:shiro.ini}):
  * &lt;pre&gt;
  * &amp;lt;filter&amp;gt;
  *     &amp;lt;filter-name&amp;gt;ShiroFilter&amp;lt;/filter-name&amp;gt;
  *     &amp;lt;filter-class&amp;gt;org.apache.shiro.web.servlet.IniShiroFilter&amp;lt;/filter-class&amp;gt;
  * &amp;lt;/filter&amp;gt;
  * &lt;/pre&gt;
  * &lt;h3&gt;Custom Path&lt;/h3&gt;
  * If you want the INI configuration to be somewhere other than {@code /WEB-INF/shiro.ini} or
  * {@code classpath:shiro.ini}, you may specify an alternate location via the {@code configPath init-param}:
  * &lt;pre&gt;
  * &amp;lt;filter&amp;gt;
  *     &amp;lt;filter-name&amp;gt;ShiroFilter&amp;lt;/filter-name&amp;gt;
  *     &amp;lt;filter-class&amp;gt;org.apache.shiro.web.servlet.IniShiroFilter&amp;lt;/filter-class&amp;gt;
  *     &amp;lt;init-param&amp;gt;
  *         &amp;lt;param-name&amp;gt;configPath&amp;lt;/param-name&amp;gt;
  *         &amp;lt;param-value&amp;gt;/WEB-INF/someFile.ini&amp;lt;/param-value&amp;gt;
  *     &amp;lt;/init-param&amp;gt;
  * &amp;lt;/filter&amp;gt;
  * &lt;/pre&gt;
  * Unqualified (schemeless or 'non-prefixed') paths are assumed to be {@code ServletContext} resource paths, resolvable
  * via {@link javax.servlet.ServletContext#getResourceAsStream(String) ServletContext#getResourceAsStream}.
  * &lt;p/&gt;
  * Non-ServletContext resources may be loaded from qualified locations by specifying prefixes indicating the source,
  * e.g. {@code file:}, {@code url:}, and {@code classpath:}.  See the
  * {@link ResourceUtils#getInputStreamForPath(String)} JavaDoc for more.
  * &lt;h3&gt;Inline&lt;/h3&gt;
  * For relatively simple environments, you can embed the INI config directly inside the filter declaration with
  * the {@code config init-param}:
  * &lt;pre&gt;
  * &amp;lt;filter&amp;gt;
  *     &amp;lt;filter-name&amp;gt;ShiroFilter&amp;lt;/filter-name&amp;gt;
  *     &amp;lt;filter-class&amp;gt;org.apache.shiro.web.servlet.IniShiroFilter&amp;lt;/filter-class&amp;gt;
  *     &amp;lt;init-param&amp;gt;
  *         &amp;lt;param-name&amp;gt;config&amp;lt;/param-name&amp;gt;
  *         &amp;lt;param-value&amp;gt;
  *             #INI config goes here...
  *      &amp;lt;/param-value&amp;gt;
  *     &amp;lt;/init-param&amp;gt;
  * &amp;lt;/filter&amp;gt;
  * &lt;/pre&gt;
  * Although this is typically not recommended because any Shiro configuration changes would contribute to version control
  * 'noise' in the web.xml file.
  * &lt;p/&gt;
  * When creating the shiro.ini configuration itself, please see Shiro's
  * &lt;a href=&quot;http://shiro.apache.org/configuration.html&quot;&gt;Configuration Documentation&lt;/a&gt; and
  * &lt;a href=&quot;http://shiro.apache.org/web.html&quot;&gt;Web Documentation&lt;/a&gt;.
  *
  * @see &lt;a href=&quot;http://shiro.apache.org/configuration.html&quot;&gt;Apache Shiro INI Configuration&lt;/a&gt;
  * @see &lt;a href=&quot;http://shiro.apache.org/web.html&quot;&gt;Apache Shiro Web Documentation&lt;/a&gt;
  * @since 1.0
  * @deprecated in 1.2 in favor of using the {@link ShiroFilter}
  */
 @Deprecated
 public class IniShiroFilter extends AbstractShiroFilter {

     public static final String CONFIG_INIT_PARAM_NAME = &quot;config&quot;;
     public static final String CONFIG_PATH_INIT_PARAM_NAME = &quot;configPath&quot;;

     public static final String DEFAULT_WEB_INI_RESOURCE_PATH = &quot;/WEB-INF/shiro.ini&quot;;

 <span class="fc" id="L117">    private static final Logger log = LoggerFactory.getLogger(IniShiroFilter.class);</span>

     private String config;
     private String configPath;

 <span class="fc" id="L122">    public IniShiroFilter() {</span>
 <span class="fc" id="L123">    }</span>

     /**
      * Returns the actual INI configuration text to use to build the {@link SecurityManager} and
      * {@link FilterChainResolver} used by the web application or {@code null} if the
      * {@link #getConfigPath() configPath} should be used to load a fallback INI source.
      * &lt;p/&gt;
      * This value is {@code null} by default, but it will be automatically set to the value of the
      * '{@code config}' {@code init-param} if it exists in the {@code FilterConfig} provided by the servlet
      * container at startup.
      *
      * @return the actual INI configuration text to use to build the {@link SecurityManager} and
      *         {@link FilterChainResolver} used by the web application or {@code null} if the
      *         {@link #getConfigPath() configPath} should be used to load a fallback INI source.
      */
     public String getConfig() {
 <span class="fc" id="L139">        return this.config;</span>
     }

     /**
      * Sets the actual INI configuration text to use to build the {@link SecurityManager} and
      * {@link FilterChainResolver} used by the web application.  If this value is {@code null}, the
      * {@link #getConfigPath() configPath} will be checked to see if a .ini file should be loaded instead.
      * &lt;p/&gt;
      * This value is {@code null} by default, but it will be automatically set to the value of the
      * '{@code config}' {@code init-param} if it exists in the {@code FilterConfig} provided by the servlet
      * container at startup.
      *
      * @param config the actual INI configuration text to use to build the {@link SecurityManager} and
      *               {@link FilterChainResolver} used by the web application.
      */
     public void setConfig(String config) {
 <span class="fc" id="L155">        this.config = config;</span>
 <span class="fc" id="L156">    }</span>

     /**
      * Returns the config path to be used to load a .ini file for configuration if a configuration is
      * not specified via the {@link #getConfig() config} attribute.
      * &lt;p/&gt;
      * This value is {@code null} by default, but it will be automatically set to the value of the
      * '{@code configPath}' {@code init-param} if it exists in the {@code FilterConfig} provided by the servlet
      * container at startup.
      *
      * @return the config path to be used to load a .ini file for configuration if a configuration is
      *         not specified via the {@link #getConfig() config} attribute.
      */
     public String getConfigPath() {
 <span class="fc" id="L170">        return configPath;</span>
     }

     /**
      * Sets the config path to be used to load a .ini file for configuration if a configuration is
      * not specified via the {@link #getConfig() config} attribute.
      * &lt;p/&gt;
      * This value is {@code null} by default, but it will be automatically set to the value of the
      * '{@code configPath}' {@code init-param} if it exists in the {@code FilterConfig} provided by the servlet
      * container at startup.
      *
      * @param configPath the config path to be used to load a .ini file for configuration if a configuration is
      *                   not specified via the {@link #getConfig() config} attribute.
      */
     public void setConfigPath(String configPath) {
 <span class="fc" id="L185">        this.configPath = StringUtils.clean(configPath);</span>
 <span class="fc" id="L186">    }</span>

     public void init() throws Exception {
 <span class="fc" id="L189">        applyInitParams();</span>
 <span class="fc" id="L190">        configure();</span>
 <span class="fc" id="L191">    }</span>

     protected void applyInitParams() throws Exception {
 <span class="fc" id="L194">        String config = getInitParam(CONFIG_INIT_PARAM_NAME);</span>
 <span class="fc bfc" id="L195" title="All 2 branches covered.">        if (config != null) {</span>
 <span class="fc" id="L196">            setConfig(config);</span>
         }
 <span class="fc" id="L198">        String configPath = getInitParam(CONFIG_PATH_INIT_PARAM_NAME);</span>
 <span class="fc bfc" id="L199" title="All 2 branches covered.">        if (configPath != null) {</span>
 <span class="fc" id="L200">            setConfigPath(configPath);</span>
         }
 <span class="fc" id="L202">    }</span>

     protected void configure() throws Exception {
 <span class="fc" id="L205">        Ini ini = loadIniFromConfig();</span>

 <span class="fc bfc" id="L207" title="All 2 branches covered.">        if (CollectionUtils.isEmpty(ini)) {</span>
 <span class="fc" id="L208">            log.info(&quot;Null or empty configuration specified via 'config' init-param.  &quot; +</span>
                     &quot;Checking path-based configuration.&quot;);
 <span class="fc" id="L210">            ini = loadIniFromPath();</span>
         }
         //added for SHIRO-178:
 <span class="fc bfc" id="L213" title="All 2 branches covered.">        if (CollectionUtils.isEmpty(ini)) {</span>
 <span class="fc" id="L214">            log.info(&quot;Null or empty configuration specified via '&quot; + CONFIG_INIT_PARAM_NAME + &quot;' or '&quot; +</span>
                     CONFIG_PATH_INIT_PARAM_NAME + &quot;' filter parameters.  Trying the default &quot; +
                     DEFAULT_WEB_INI_RESOURCE_PATH + &quot; file.&quot;);
 <span class="fc" id="L217">            ini = getServletContextIniResource(DEFAULT_WEB_INI_RESOURCE_PATH);</span>
         }
         //although the preferred default is /WEB-INF/shiro.ini per SHIRO-178, keep this
         //for backwards compatibility:
 <span class="fc bfc" id="L221" title="All 2 branches covered.">        if (CollectionUtils.isEmpty(ini)) {</span>
 <span class="fc" id="L222">            log.info(&quot;Null or empty configuration specified via '&quot; + CONFIG_INIT_PARAM_NAME + &quot;' or '&quot; +</span>
                     CONFIG_PATH_INIT_PARAM_NAME + &quot;' filter parameters.  Trying the default &quot; +
                     IniFactorySupport.DEFAULT_INI_RESOURCE_PATH + &quot; file.&quot;);
 <span class="fc" id="L225">            ini = IniFactorySupport.loadDefaultClassPathIni();</span>
         }

 <span class="fc" id="L228">        Map&lt;String, ?&gt; objects = applySecurityManager(ini);</span>
 <span class="fc" id="L229">        applyFilterChainResolver(ini, objects);</span>
 <span class="fc" id="L230">    }</span>

     protected Ini loadIniFromConfig() {
 <span class="fc" id="L233">        Ini ini = null;</span>
 <span class="fc" id="L234">        String config = getConfig();</span>
 <span class="fc bfc" id="L235" title="All 2 branches covered.">        if (config != null) {</span>
 <span class="fc" id="L236">            ini = convertConfigToIni(config);</span>
         }
 <span class="fc" id="L238">        return ini;</span>
     }

     protected Ini loadIniFromPath() {
 <span class="fc" id="L242">        Ini ini = null;</span>
 <span class="fc" id="L243">        String path = getConfigPath();</span>
 <span class="fc bfc" id="L244" title="All 2 branches covered.">        if (path != null) {</span>
 <span class="fc" id="L245">            ini = convertPathToIni(path);</span>
         }
 <span class="fc" id="L247">        return ini;</span>
     }

     protected Map&lt;String, ?&gt; applySecurityManager(Ini ini) {
         WebIniSecurityManagerFactory factory;
 <span class="fc bfc" id="L252" title="All 2 branches covered.">        if (CollectionUtils.isEmpty(ini)) {</span>
 <span class="fc" id="L253">            factory = new WebIniSecurityManagerFactory();</span>
         } else {
 <span class="fc" id="L255">            factory = new WebIniSecurityManagerFactory(ini);</span>
         }

         // Create the security manager and check that it implements WebSecurityManager.
         // Otherwise, it can't be used with the filter.
 <span class="fc" id="L260">        SecurityManager securityManager = factory.getInstance();</span>
 <span class="pc bpc" id="L261" title="1 of 2 branches missed.">        if (!(securityManager instanceof WebSecurityManager)) {</span>
 <span class="nc" id="L262">            String msg = &quot;The configured security manager is not an instance of WebSecurityManager, so &quot; +</span>
                     &quot;it can not be used with the Shiro servlet filter.&quot;;
 <span class="nc" id="L264">            throw new ConfigurationException(msg);</span>
         }

 <span class="fc" id="L267">        setSecurityManager((WebSecurityManager) securityManager);</span>

 <span class="fc" id="L269">        return factory.getBeans();</span>
     }

     protected void applyFilterChainResolver(Ini ini, Map&lt;String, ?&gt; defaults) {
 <span class="pc bpc" id="L273" title="1 of 4 branches missed.">        if (ini == null || ini.isEmpty()) {</span>
             //nothing to use to create the resolver, just return
             //(the AbstractShiroFilter allows a null resolver, in which case the original FilterChain is
             // always used).
 <span class="fc" id="L277">            return;</span>
         }

         //only create a resolver if the 'filters' or 'urls' sections are defined:
 <span class="fc" id="L281">        Ini.Section urls = ini.getSection(IniFilterChainResolverFactory.URLS);</span>
 <span class="fc" id="L282">        Ini.Section filters = ini.getSection(IniFilterChainResolverFactory.FILTERS);</span>
 <span class="pc bpc" id="L283" title="5 of 8 branches missed.">        if ((urls != null &amp;&amp; !urls.isEmpty()) || (filters != null &amp;&amp; !filters.isEmpty())) {</span>
             //either the urls section or the filters section was defined.  Go ahead and create the resolver
             //and set it:
 <span class="fc" id="L286">            IniFilterChainResolverFactory filterChainResolverFactory = new IniFilterChainResolverFactory(ini, defaults);</span>
 <span class="fc" id="L287">            filterChainResolverFactory.setFilterConfig(getFilterConfig());</span>
 <span class="fc" id="L288">            FilterChainResolver resolver = filterChainResolverFactory.getInstance();</span>
 <span class="fc" id="L289">            setFilterChainResolver(resolver);</span>
         }
 <span class="fc" id="L291">    }</span>

     protected Ini convertConfigToIni(String config) {
 <span class="fc" id="L294">        Ini ini = new Ini();</span>
 <span class="fc" id="L295">        ini.load(config);</span>
 <span class="fc" id="L296">        return ini;</span>
     }

     /**
      * Returns the INI instance reflecting the specified servlet context resource path or {@code null} if no
      * resource was found.
      *
      * @param servletContextPath the servlet context resource path of the INI file to load
      * @return the INI instance reflecting the specified servlet context resource path or {@code null} if no
      *         resource was found.
      * @since 1.2
      */
     protected Ini getServletContextIniResource(String servletContextPath) {
 <span class="fc" id="L309">        String path = WebUtils.normalize(servletContextPath);</span>
 <span class="pc bpc" id="L310" title="1 of 2 branches missed.">        if (getServletContext() != null) {</span>
 <span class="fc" id="L311">            InputStream is = getServletContext().getResourceAsStream(path);</span>
 <span class="fc bfc" id="L312" title="All 2 branches covered.">            if (is != null) {</span>
 <span class="fc" id="L313">                Ini ini = new Ini();</span>
 <span class="fc" id="L314">                ini.load(is);</span>
 <span class="pc bpc" id="L315" title="1 of 2 branches missed.">                if (CollectionUtils.isEmpty(ini)) {</span>
 <span class="nc" id="L316">                    log.warn(&quot;ServletContext INI resource '&quot; + servletContextPath + &quot;' exists, but it did not contain &quot; +</span>
                             &quot;any data.&quot;);
                 }
 <span class="fc" id="L319">                return ini;</span>
             }
         }
 <span class="fc" id="L322">        return null;</span>
     }

     /**
      * Converts the specified file path to an {@link Ini} instance.
      * &lt;p/&gt;
      * If the path does not have a resource prefix as defined by {@link ResourceUtils#hasResourcePrefix(String)}, the
      * path is expected to be resolvable by the {@code ServletContext} via
      * {@link javax.servlet.ServletContext#getResourceAsStream(String)}.
      *
      * @param path the path of the INI resource to load into an INI instance.
      * @return an INI instance populated based on the given INI resource path.
      */
     protected Ini convertPathToIni(String path) {

 <span class="fc" id="L337">        Ini ini = new Ini();</span>

         //SHIRO-178: Check for servlet context resource and not
         //only resource paths:
 <span class="fc bfc" id="L341" title="All 2 branches covered.">        if (!ResourceUtils.hasResourcePrefix(path)) {</span>
 <span class="fc" id="L342">            ini = getServletContextIniResource(path);</span>
 <span class="pc bpc" id="L343" title="1 of 2 branches missed.">            if (ini == null) {</span>
 <span class="fc" id="L344">                String msg = &quot;There is no servlet context resource corresponding to configPath '&quot; + path + &quot;'  If &quot; +</span>
                         &quot;the resource is located elsewhere (not immediately resolveable in the servlet context), &quot; +
                         &quot;specify an appropriate classpath:, url:, or file: resource prefix accordingly.&quot;;
 <span class="fc" id="L347">                throw new ConfigurationException(msg);</span>
             }
         } else {
             //normal resource path - load as usual:
 <span class="fc" id="L351">            ini.loadFromPath(path);</span>
         }

 <span class="fc" id="L354">        return ini;</span>
     }
 }
 </pre><div class="footer"><span class="right">Created with <a href="http://www.jacoco.org/jacoco">JaCoCo</a> 0.8.3.201901230119</span></div></body></html>
	<?xml version="1.0" encoding="UTF-8"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" lang="en"><head><meta http-equiv="Content-Type" content="text/html;charset=UTF-8"/><link rel="stylesheet" href="../jacoco-resources/report.css" type="text/css"/><link rel="shortcut icon" href="../jacoco-resources/report.gif" type="image/gif"/><title>IniShiroFilter.java</title><link rel="stylesheet" href="../jacoco-resources/prettify.css" type="text/css"/><script type="text/javascript" src="../jacoco-resources/prettify.js"></script></head><body onload="window['PR_TAB_WIDTH']=4;prettyPrint()"><div class="breadcrumb" id="breadcrumb"><span class="info"><a href="../jacoco-sessions.html" class="el_session">Sessions</a></span><a href="../index.html" class="el_report">Apache Shiro :: Web</a> > <a href="index.source.html" class="el_package">org.apache.shiro.web.servlet</a> > <span class="el_source">IniShiroFilter.java</span></div><h1>IniShiroFilter.java</h1><pre class="source lang-java linenums">/*
	* Licensed to the Apache Software Foundation (ASF) under one
	* or more contributor license agreements. See the NOTICE file
	* distributed with this work for additional information
	* regarding copyright ownership. The ASF licenses this file
	* to you under the Apache License, Version 2.0 (the
	* "License"); you may not use this file except in compliance
	* with the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing,
	* software distributed under the License is distributed on an
	* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	* KIND, either express or implied. See the License for the
	* specific language governing permissions and limitations
	* under the License.
	*/
	package org.apache.shiro.web.servlet;

	import org.apache.shiro.config.ConfigurationException;
	import org.apache.shiro.config.Ini;
	import org.apache.shiro.config.IniFactorySupport;
	import org.apache.shiro.io.ResourceUtils;
	import org.apache.shiro.mgt.SecurityManager;
	import org.apache.shiro.util.CollectionUtils;
	import org.apache.shiro.util.StringUtils;
	import org.apache.shiro.web.config.IniFilterChainResolverFactory;
	import org.apache.shiro.web.config.WebIniSecurityManagerFactory;
	import org.apache.shiro.web.filter.mgt.FilterChainResolver;
	import org.apache.shiro.web.mgt.WebSecurityManager;
	import org.apache.shiro.web.util.WebUtils;
	import org.slf4j.Logger;
	import org.slf4j.LoggerFactory;

	import java.io.InputStream;
	import java.util.Map;

	/**
	* <h1>Deprecated</h1>
	* This filter has been deprecated as of Shiro 1.2 in favor of using the {@link ShiroFilter} in {@code web.xml} instead.
	* See the {@link ShiroFilter} JavaDoc for usage.
	* <p/>
	* ======================
	* <p/>
	* Servlet Filter that configures and enables all Shiro functions within a web application by using the
	* <a href="http://en.wikipedia.org/wiki/INI_file">INI</a> configuration format.
	* <p/>
	* The actual INI configuration contents are not covered here, but instead in Shiro's
	* <a href="http://shiro.apache.org/configuration.html">Configuration Documentation</a> and additional web-specific
	* <a href="http://shiro.apache.org/web.html">Web Documentation</a>.
	* <h2>Usage</h2>
	* <h3>Default</h3>
	* By default, the simplest filter declaration expects a {@code shiro.ini} resource to be located at
	* {@code /WEB-INF/shiro.ini}, or, if not there, falls back to checking the root of the classpath
	* (i.e. {@code classpath:shiro.ini}):
	* <pre>
	* &lt;filter&gt;
	* &lt;filter-name&gt;ShiroFilter&lt;/filter-name&gt;
	* &lt;filter-class&gt;org.apache.shiro.web.servlet.IniShiroFilter&lt;/filter-class&gt;
	* &lt;/filter&gt;
	* </pre>
	* <h3>Custom Path</h3>
	* If you want the INI configuration to be somewhere other than {@code /WEB-INF/shiro.ini} or
	* {@code classpath:shiro.ini}, you may specify an alternate location via the {@code configPath init-param}:
	* <pre>
	* &lt;filter&gt;
	* &lt;filter-name&gt;ShiroFilter&lt;/filter-name&gt;
	* &lt;filter-class&gt;org.apache.shiro.web.servlet.IniShiroFilter&lt;/filter-class&gt;
	* &lt;init-param&gt;
	* &lt;param-name&gt;configPath&lt;/param-name&gt;
	* &lt;param-value&gt;/WEB-INF/someFile.ini&lt;/param-value&gt;
	* &lt;/init-param&gt;
	* &lt;/filter&gt;
	* </pre>
	* Unqualified (schemeless or 'non-prefixed') paths are assumed to be {@code ServletContext} resource paths, resolvable
	* via {@link javax.servlet.ServletContext#getResourceAsStream(String) ServletContext#getResourceAsStream}.
	* <p/>
	* Non-ServletContext resources may be loaded from qualified locations by specifying prefixes indicating the source,
	* e.g. {@code file:}, {@code url:}, and {@code classpath:}. See the
	* {@link ResourceUtils#getInputStreamForPath(String)} JavaDoc for more.
	* <h3>Inline</h3>
	* For relatively simple environments, you can embed the INI config directly inside the filter declaration with
	* the {@code config init-param}:
	* <pre>
	* &lt;filter&gt;
	* &lt;filter-name&gt;ShiroFilter&lt;/filter-name&gt;
	* &lt;filter-class&gt;org.apache.shiro.web.servlet.IniShiroFilter&lt;/filter-class&gt;
	* &lt;init-param&gt;
	* &lt;param-name&gt;config&lt;/param-name&gt;
	* &lt;param-value&gt;
	* #INI config goes here...
	* &lt;/param-value&gt;
	* &lt;/init-param&gt;
	* &lt;/filter&gt;
	* </pre>
	* Although this is typically not recommended because any Shiro configuration changes would contribute to version control
	* 'noise' in the web.xml file.
	* <p/>
	* When creating the shiro.ini configuration itself, please see Shiro's
	* <a href="http://shiro.apache.org/configuration.html">Configuration Documentation</a> and
	* <a href="http://shiro.apache.org/web.html">Web Documentation</a>.
	*
	* @see <a href="http://shiro.apache.org/configuration.html">Apache Shiro INI Configuration</a>
	* @see <a href="http://shiro.apache.org/web.html">Apache Shiro Web Documentation</a>
	* @since 1.0
	* @deprecated in 1.2 in favor of using the {@link ShiroFilter}
	*/
	@Deprecated
	public class IniShiroFilter extends AbstractShiroFilter {

	public static final String CONFIG_INIT_PARAM_NAME = "config";
	public static final String CONFIG_PATH_INIT_PARAM_NAME = "configPath";

	public static final String DEFAULT_WEB_INI_RESOURCE_PATH = "/WEB-INF/shiro.ini";

	<span class="fc" id="L117"> private static final Logger log = LoggerFactory.getLogger(IniShiroFilter.class);</span>

	private String config;
	private String configPath;

	<span class="fc" id="L122"> public IniShiroFilter() {</span>
	<span class="fc" id="L123"> }</span>

	/**
	* Returns the actual INI configuration text to use to build the {@link SecurityManager} and
	* {@link FilterChainResolver} used by the web application or {@code null} if the
	* {@link #getConfigPath() configPath} should be used to load a fallback INI source.
	* <p/>
	* This value is {@code null} by default, but it will be automatically set to the value of the
	* '{@code config}' {@code init-param} if it exists in the {@code FilterConfig} provided by the servlet
	* container at startup.
	*
	* @return the actual INI configuration text to use to build the {@link SecurityManager} and
	* {@link FilterChainResolver} used by the web application or {@code null} if the
	* {@link #getConfigPath() configPath} should be used to load a fallback INI source.
	*/
	public String getConfig() {
	<span class="fc" id="L139"> return this.config;</span>
	}

	/**
	* Sets the actual INI configuration text to use to build the {@link SecurityManager} and
	* {@link FilterChainResolver} used by the web application. If this value is {@code null}, the
	* {@link #getConfigPath() configPath} will be checked to see if a .ini file should be loaded instead.
	* <p/>
	* This value is {@code null} by default, but it will be automatically set to the value of the
	* '{@code config}' {@code init-param} if it exists in the {@code FilterConfig} provided by the servlet
	* container at startup.
	*
	* @param config the actual INI configuration text to use to build the {@link SecurityManager} and
	* {@link FilterChainResolver} used by the web application.
	*/
	public void setConfig(String config) {
	<span class="fc" id="L155"> this.config = config;</span>
	<span class="fc" id="L156"> }</span>

	/**
	* Returns the config path to be used to load a .ini file for configuration if a configuration is
	* not specified via the {@link #getConfig() config} attribute.
	* <p/>
	* This value is {@code null} by default, but it will be automatically set to the value of the
	* '{@code configPath}' {@code init-param} if it exists in the {@code FilterConfig} provided by the servlet
	* container at startup.
	*
	* @return the config path to be used to load a .ini file for configuration if a configuration is
	* not specified via the {@link #getConfig() config} attribute.
	*/
	public String getConfigPath() {
	<span class="fc" id="L170"> return configPath;</span>
	}

	/**
	* Sets the config path to be used to load a .ini file for configuration if a configuration is
	* not specified via the {@link #getConfig() config} attribute.
	* <p/>
	* This value is {@code null} by default, but it will be automatically set to the value of the
	* '{@code configPath}' {@code init-param} if it exists in the {@code FilterConfig} provided by the servlet
	* container at startup.
	*
	* @param configPath the config path to be used to load a .ini file for configuration if a configuration is
	* not specified via the {@link #getConfig() config} attribute.
	*/
	public void setConfigPath(String configPath) {
	<span class="fc" id="L185"> this.configPath = StringUtils.clean(configPath);</span>
	<span class="fc" id="L186"> }</span>

	public void init() throws Exception {
	<span class="fc" id="L189"> applyInitParams();</span>
	<span class="fc" id="L190"> configure();</span>
	<span class="fc" id="L191"> }</span>

	protected void applyInitParams() throws Exception {
	<span class="fc" id="L194"> String config = getInitParam(CONFIG_INIT_PARAM_NAME);</span>
	<span class="fc bfc" id="L195" title="All 2 branches covered."> if (config != null) {</span>
	<span class="fc" id="L196"> setConfig(config);</span>
	}
	<span class="fc" id="L198"> String configPath = getInitParam(CONFIG_PATH_INIT_PARAM_NAME);</span>
	<span class="fc bfc" id="L199" title="All 2 branches covered."> if (configPath != null) {</span>
	<span class="fc" id="L200"> setConfigPath(configPath);</span>
	}
	<span class="fc" id="L202"> }</span>

	protected void configure() throws Exception {
	<span class="fc" id="L205"> Ini ini = loadIniFromConfig();</span>

	<span class="fc bfc" id="L207" title="All 2 branches covered."> if (CollectionUtils.isEmpty(ini)) {</span>
	<span class="fc" id="L208"> log.info("Null or empty configuration specified via 'config' init-param. " +</span>
	"Checking path-based configuration.");
	<span class="fc" id="L210"> ini = loadIniFromPath();</span>
	}
	//added for SHIRO-178:
	<span class="fc bfc" id="L213" title="All 2 branches covered."> if (CollectionUtils.isEmpty(ini)) {</span>
	<span class="fc" id="L214"> log.info("Null or empty configuration specified via '" + CONFIG_INIT_PARAM_NAME + "' or '" +</span>
	CONFIG_PATH_INIT_PARAM_NAME + "' filter parameters. Trying the default " +
	DEFAULT_WEB_INI_RESOURCE_PATH + " file.");
	<span class="fc" id="L217"> ini = getServletContextIniResource(DEFAULT_WEB_INI_RESOURCE_PATH);</span>
	}
	//although the preferred default is /WEB-INF/shiro.ini per SHIRO-178, keep this
	//for backwards compatibility:
	<span class="fc bfc" id="L221" title="All 2 branches covered."> if (CollectionUtils.isEmpty(ini)) {</span>
	<span class="fc" id="L222"> log.info("Null or empty configuration specified via '" + CONFIG_INIT_PARAM_NAME + "' or '" +</span>
	CONFIG_PATH_INIT_PARAM_NAME + "' filter parameters. Trying the default " +
	IniFactorySupport.DEFAULT_INI_RESOURCE_PATH + " file.");
	<span class="fc" id="L225"> ini = IniFactorySupport.loadDefaultClassPathIni();</span>
	}

	<span class="fc" id="L228"> Map<String, ?> objects = applySecurityManager(ini);</span>
	<span class="fc" id="L229"> applyFilterChainResolver(ini, objects);</span>
	<span class="fc" id="L230"> }</span>

	protected Ini loadIniFromConfig() {
	<span class="fc" id="L233"> Ini ini = null;</span>
	<span class="fc" id="L234"> String config = getConfig();</span>
	<span class="fc bfc" id="L235" title="All 2 branches covered."> if (config != null) {</span>
	<span class="fc" id="L236"> ini = convertConfigToIni(config);</span>
	}
	<span class="fc" id="L238"> return ini;</span>
	}

	protected Ini loadIniFromPath() {
	<span class="fc" id="L242"> Ini ini = null;</span>
	<span class="fc" id="L243"> String path = getConfigPath();</span>
	<span class="fc bfc" id="L244" title="All 2 branches covered."> if (path != null) {</span>
	<span class="fc" id="L245"> ini = convertPathToIni(path);</span>
	}
	<span class="fc" id="L247"> return ini;</span>
	}

	protected Map<String, ?> applySecurityManager(Ini ini) {
	WebIniSecurityManagerFactory factory;
	<span class="fc bfc" id="L252" title="All 2 branches covered."> if (CollectionUtils.isEmpty(ini)) {</span>
	<span class="fc" id="L253"> factory = new WebIniSecurityManagerFactory();</span>
	} else {
	<span class="fc" id="L255"> factory = new WebIniSecurityManagerFactory(ini);</span>
	}

	// Create the security manager and check that it implements WebSecurityManager.
	// Otherwise, it can't be used with the filter.
	<span class="fc" id="L260"> SecurityManager securityManager = factory.getInstance();</span>
	<span class="pc bpc" id="L261" title="1 of 2 branches missed."> if (!(securityManager instanceof WebSecurityManager)) {</span>
	<span class="nc" id="L262"> String msg = "The configured security manager is not an instance of WebSecurityManager, so " +</span>
	"it can not be used with the Shiro servlet filter.";
	<span class="nc" id="L264"> throw new ConfigurationException(msg);</span>
	}

	<span class="fc" id="L267"> setSecurityManager((WebSecurityManager) securityManager);</span>

	<span class="fc" id="L269"> return factory.getBeans();</span>
	}

	protected void applyFilterChainResolver(Ini ini, Map<String, ?> defaults) {
	<span class="pc bpc" id="L273" title="1 of 4 branches missed."> if (ini == null \|\| ini.isEmpty()) {</span>
	//nothing to use to create the resolver, just return
	//(the AbstractShiroFilter allows a null resolver, in which case the original FilterChain is
	// always used).
	<span class="fc" id="L277"> return;</span>
	}

	//only create a resolver if the 'filters' or 'urls' sections are defined:
	<span class="fc" id="L281"> Ini.Section urls = ini.getSection(IniFilterChainResolverFactory.URLS);</span>
	<span class="fc" id="L282"> Ini.Section filters = ini.getSection(IniFilterChainResolverFactory.FILTERS);</span>
	<span class="pc bpc" id="L283" title="5 of 8 branches missed."> if ((urls != null && !urls.isEmpty()) \|\| (filters != null && !filters.isEmpty())) {</span>
	//either the urls section or the filters section was defined. Go ahead and create the resolver
	//and set it:
	<span class="fc" id="L286"> IniFilterChainResolverFactory filterChainResolverFactory = new IniFilterChainResolverFactory(ini, defaults);</span>
	<span class="fc" id="L287"> filterChainResolverFactory.setFilterConfig(getFilterConfig());</span>
	<span class="fc" id="L288"> FilterChainResolver resolver = filterChainResolverFactory.getInstance();</span>
	<span class="fc" id="L289"> setFilterChainResolver(resolver);</span>
	}
	<span class="fc" id="L291"> }</span>

	protected Ini convertConfigToIni(String config) {
	<span class="fc" id="L294"> Ini ini = new Ini();</span>
	<span class="fc" id="L295"> ini.load(config);</span>
	<span class="fc" id="L296"> return ini;</span>
	}

	/**
	* Returns the INI instance reflecting the specified servlet context resource path or {@code null} if no
	* resource was found.
	*
	* @param servletContextPath the servlet context resource path of the INI file to load
	* @return the INI instance reflecting the specified servlet context resource path or {@code null} if no
	* resource was found.
	* @since 1.2
	*/
	protected Ini getServletContextIniResource(String servletContextPath) {
	<span class="fc" id="L309"> String path = WebUtils.normalize(servletContextPath);</span>
	<span class="pc bpc" id="L310" title="1 of 2 branches missed."> if (getServletContext() != null) {</span>
	<span class="fc" id="L311"> InputStream is = getServletContext().getResourceAsStream(path);</span>
	<span class="fc bfc" id="L312" title="All 2 branches covered."> if (is != null) {</span>
	<span class="fc" id="L313"> Ini ini = new Ini();</span>
	<span class="fc" id="L314"> ini.load(is);</span>
	<span class="pc bpc" id="L315" title="1 of 2 branches missed."> if (CollectionUtils.isEmpty(ini)) {</span>
	<span class="nc" id="L316"> log.warn("ServletContext INI resource '" + servletContextPath + "' exists, but it did not contain " +</span>
	"any data.");
	}
	<span class="fc" id="L319"> return ini;</span>
	}
	}
	<span class="fc" id="L322"> return null;</span>
	}

	/**
	* Converts the specified file path to an {@link Ini} instance.
	* <p/>
	* If the path does not have a resource prefix as defined by {@link ResourceUtils#hasResourcePrefix(String)}, the
	* path is expected to be resolvable by the {@code ServletContext} via
	* {@link javax.servlet.ServletContext#getResourceAsStream(String)}.
	*
	* @param path the path of the INI resource to load into an INI instance.
	* @return an INI instance populated based on the given INI resource path.
	*/
	protected Ini convertPathToIni(String path) {

	<span class="fc" id="L337"> Ini ini = new Ini();</span>

	//SHIRO-178: Check for servlet context resource and not
	//only resource paths:
	<span class="fc bfc" id="L341" title="All 2 branches covered."> if (!ResourceUtils.hasResourcePrefix(path)) {</span>
	<span class="fc" id="L342"> ini = getServletContextIniResource(path);</span>
	<span class="pc bpc" id="L343" title="1 of 2 branches missed."> if (ini == null) {</span>
	<span class="fc" id="L344"> String msg = "There is no servlet context resource corresponding to configPath '" + path + "' If " +</span>
	"the resource is located elsewhere (not immediately resolveable in the servlet context), " +
	"specify an appropriate classpath:, url:, or file: resource prefix accordingly.";
	<span class="fc" id="L347"> throw new ConfigurationException(msg);</span>
	}
	} else {
	//normal resource path - load as usual:
	<span class="fc" id="L351"> ini.loadFromPath(path);</span>
	}

	<span class="fc" id="L354"> return ini;</span>
	}
	}
	</pre><div class="footer"><span class="right">Created with <a href="http://www.jacoco.org/jacoco">JaCoCo</a> 0.8.3.201901230119</span></div></body></html>