Coverage Report

Coverage Report - org.acegisecurity.providers.siteminder.SiteminderAuthenticationProvider

Classes in this File

Line Coverage

Branch Coverage

Complexity

SiteminderAuthenticationProvider

87%

100%

3.4

 /* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  *
  *     http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 
 package org.acegisecurity.providers.siteminder;
 
 import org.acegisecurity.AccountExpiredException;
 import org.acegisecurity.AuthenticationException;
 import org.acegisecurity.AuthenticationServiceException;
 import org.acegisecurity.CredentialsExpiredException;
 import org.acegisecurity.DisabledException;
 import org.acegisecurity.LockedException;
 import org.acegisecurity.providers.AuthenticationProvider;
 import org.acegisecurity.providers.UsernamePasswordAuthenticationToken;
 import org.acegisecurity.providers.dao.AbstractUserDetailsAuthenticationProvider;
 import org.acegisecurity.userdetails.UserDetails;
 import org.acegisecurity.userdetails.UserDetailsService;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.springframework.dao.DataAccessException;
 import org.springframework.util.Assert;
 
 /**
  * An {@link AuthenticationProvider} implementation that retrieves user details from an {@link UserDetailsService}.
  *
  * @author Scott McCrory
  * @version $Id: SiteminderAuthenticationProvider.java 1582 2006-07-15 15:18:51Z smccrory $
  */
 public class SiteminderAuthenticationProvider extends AbstractUserDetailsAuthenticationProvider {
         
 
     /**
      * Our logging object
      */
     private static final Log logger = LogFactory.getLog(SiteminderAuthenticationProvider.class);
 
     //~ Instance fields ================================================================================================
 
     /**
      * Our user details service (which does the real work of checking the user against a back-end user store).
      */
     private UserDetailsService userDetailsService;
     
     //~ Methods ========================================================================================================
 
     /**
      * @see org.acegisecurity.providers.dao.AbstractUserDetailsAuthenticationProvider#additionalAuthenticationChecks(org.acegisecurity.userdetails.UserDetails, org.acegisecurity.providers.UsernamePasswordAuthenticationToken)
      */
     protected void additionalAuthenticationChecks(final UserDetails user,
             final UsernamePasswordAuthenticationToken authentication) throws AuthenticationException {
 
         // No need for password authentication checks - we only expect one identifying string
         // from the HTTP Request header (as populated by Siteminder), but we do need to see if
         // the user's account is OK to let them in.
         if (!user.isEnabled()) {
             throw new DisabledException(messages.getMessage("AbstractUserDetailsAuthenticationProvider.disabled",
                     "Account disabled"));
         }
 
         if (!user.isAccountNonExpired()) {
             throw new AccountExpiredException(messages.getMessage("AbstractUserDetailsAuthenticationProvider.expired",
                     "Account expired"));
         }
 
         if (!user.isAccountNonLocked()) {
             throw new LockedException(messages.getMessage("AbstractUserDetailsAuthenticationProvider.locked",
                     "Account locked"));
         }
 
         if (!user.isCredentialsNonExpired()) {
             throw new CredentialsExpiredException(messages.getMessage(
                     "AbstractUserDetailsAuthenticationProvider.credentialsExpired", "Credentials expired"));
         }
 
     }
 
     /**
      * @see org.acegisecurity.providers.dao.AbstractUserDetailsAuthenticationProvider#doAfterPropertiesSet()
      */
     protected void doAfterPropertiesSet() throws Exception {
         Assert.notNull(this.userDetailsService, "A UserDetailsService must be set");
     }
 
     /**
      * Return the user details service.
      * @return The user details service.
      */
     public UserDetailsService getUserDetailsService() {
         return userDetailsService;
     }
 
     /**
      * @see org.acegisecurity.providers.dao.AbstractUserDetailsAuthenticationProvider#retrieveUser(java.lang.String, org.acegisecurity.providers.UsernamePasswordAuthenticationToken)
      */
     protected final UserDetails retrieveUser(final String username,
             final UsernamePasswordAuthenticationToken authentication) throws AuthenticationException {
 
         UserDetails loadedUser;
 
         try {
             loadedUser = this.getUserDetailsService().loadUserByUsername(username);
         } catch (DataAccessException repositoryProblem) {
             throw new AuthenticationServiceException(repositoryProblem.getMessage(), repositoryProblem);
         }
 
         if (loadedUser == null) {
             throw new AuthenticationServiceException(
                     "UserDetailsService returned null, which is an interface contract violation");
         }
 
         return loadedUser;
     }
 
     /**
      * Sets the user details service.
      * @param userDetailsService The user details service.
      */
     public void setUserDetailsService(final UserDetailsService userDetailsService) {
         this.userDetailsService = userDetailsService;
     }
 
 }

1		/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
2		*
3		* Licensed under the Apache License, Version 2.0 (the "License");
4		* you may not use this file except in compliance with the License.
5		* You may obtain a copy of the License at
6		*
7		* http://www.apache.org/licenses/LICENSE-2.0
8		*
9		* Unless required by applicable law or agreed to in writing, software
10		* distributed under the License is distributed on an "AS IS" BASIS,
11		* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12		* See the License for the specific language governing permissions and
13		* limitations under the License.
14		*/
15
16		package org.acegisecurity.providers.siteminder;
17
18		import org.acegisecurity.AccountExpiredException;
19		import org.acegisecurity.AuthenticationException;
20		import org.acegisecurity.AuthenticationServiceException;
21		import org.acegisecurity.CredentialsExpiredException;
22		import org.acegisecurity.DisabledException;
23		import org.acegisecurity.LockedException;
24		import org.acegisecurity.providers.AuthenticationProvider;
25		import org.acegisecurity.providers.UsernamePasswordAuthenticationToken;
26		import org.acegisecurity.providers.dao.AbstractUserDetailsAuthenticationProvider;
27		import org.acegisecurity.userdetails.UserDetails;
28		import org.acegisecurity.userdetails.UserDetailsService;
29		import org.apache.commons.logging.Log;
30		import org.apache.commons.logging.LogFactory;
31		import org.springframework.dao.DataAccessException;
32		import org.springframework.util.Assert;
33
34		/**
35		* An {@link AuthenticationProvider} implementation that retrieves user details from an {@link UserDetailsService}.
36		*
37		* @author Scott McCrory
38		* @version $Id: SiteminderAuthenticationProvider.java 1582 2006-07-15 15:18:51Z smccrory $
39		*/
40	18	public class SiteminderAuthenticationProvider extends AbstractUserDetailsAuthenticationProvider {
41
42
43		/**
44		* Our logging object
45		*/
46	2	private static final Log logger = LogFactory.getLog(SiteminderAuthenticationProvider.class);
47
48		//~ Instance fields ================================================================================================
49
50		/**
51		* Our user details service (which does the real work of checking the user against a back-end user store).
52		*/
53		private UserDetailsService userDetailsService;
54
55		//~ Methods ========================================================================================================
56
57		/**
58		* @see org.acegisecurity.providers.dao.AbstractUserDetailsAuthenticationProvider#additionalAuthenticationChecks(org.acegisecurity.userdetails.UserDetails, org.acegisecurity.providers.UsernamePasswordAuthenticationToken)
59		*/
60		protected void additionalAuthenticationChecks(final UserDetails user,
61		final UsernamePasswordAuthenticationToken authentication) throws AuthenticationException {
62
63		// No need for password authentication checks - we only expect one identifying string
64		// from the HTTP Request header (as populated by Siteminder), but we do need to see if
65		// the user's account is OK to let them in.
66	5	if (!user.isEnabled()) {
67	0	throw new DisabledException(messages.getMessage("AbstractUserDetailsAuthenticationProvider.disabled",
68		"Account disabled"));
69		}
70
71	5	if (!user.isAccountNonExpired()) {
72	0	throw new AccountExpiredException(messages.getMessage("AbstractUserDetailsAuthenticationProvider.expired",
73		"Account expired"));
74		}
75
76	5	if (!user.isAccountNonLocked()) {
77	0	throw new LockedException(messages.getMessage("AbstractUserDetailsAuthenticationProvider.locked",
78		"Account locked"));
79		}
80
81	5	if (!user.isCredentialsNonExpired()) {
82	1	throw new CredentialsExpiredException(messages.getMessage(
83		"AbstractUserDetailsAuthenticationProvider.credentialsExpired", "Credentials expired"));
84		}
85
86	4	}
87
88		/**
89		* @see org.acegisecurity.providers.dao.AbstractUserDetailsAuthenticationProvider#doAfterPropertiesSet()
90		*/
91		protected void doAfterPropertiesSet() throws Exception {
92	2	Assert.notNull(this.userDetailsService, "A UserDetailsService must be set");
93	1	}
94
95		/**
96		* Return the user details service.
97		* @return The user details service.
98		*/
99		public UserDetailsService getUserDetailsService() {
100	14	return userDetailsService;
101		}
102
103		/**
104		* @see org.acegisecurity.providers.dao.AbstractUserDetailsAuthenticationProvider#retrieveUser(java.lang.String, org.acegisecurity.providers.UsernamePasswordAuthenticationToken)
105		*/
106		protected final UserDetails retrieveUser(final String username,
107		final UsernamePasswordAuthenticationToken authentication) throws AuthenticationException {
108
109		UserDetails loadedUser;
110
111		try {
112	13	loadedUser = this.getUserDetailsService().loadUserByUsername(username);
113	1	} catch (DataAccessException repositoryProblem) {
114	1	throw new AuthenticationServiceException(repositoryProblem.getMessage(), repositoryProblem);
115	8	}
116
117	8	if (loadedUser == null) {
118	1	throw new AuthenticationServiceException(
119		"UserDetailsService returned null, which is an interface contract violation");
120		}
121
122	7	return loadedUser;
123		}
124
125		/**
126		* Sets the user details service.
127		* @param userDetailsService The user details service.
128		*/
129		public void setUserDetailsService(final UserDetailsService userDetailsService) {
130	15	this.userDetailsService = userDetailsService;
131	15	}
132
133		}