Coverage Report

Coverage Report - org.acegisecurity.ui.basicauth.BasicProcessingFilterEntryPoint

Classes in this File

90%

 /* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  *
  *     http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 
 package org.acegisecurity.ui.basicauth;
 
 import java.io.IOException;
 
 import javax.servlet.ServletException;
 import javax.servlet.ServletRequest;
 import javax.servlet.ServletResponse;
 import javax.servlet.http.HttpServletResponse;
 
 import org.acegisecurity.AuthenticationException;
 import org.acegisecurity.ui.AuthenticationEntryPoint;
 import org.springframework.beans.factory.InitializingBean;
 import org.springframework.util.Assert;
 
 
 /**
  * Used by the <code>SecurityEnforcementFilter</code> to commence authentication via the {@link
  * BasicProcessingFilter}.<P>Once a user agent is authenticated using BASIC authentication, logout requires that
  * the browser be closed or an unauthorized (401) header be sent. The simplest way of achieving the latter is to call
  * the {@link #commence(ServletRequest, ServletResponse, AuthenticationException)} method below. This will indicate to
  * the browser its credentials are no longer authorized, causing it to prompt the user to login again.</p>
  *
  * @author Ben Alex
  * @version $Id: BasicProcessingFilterEntryPoint.java 1948 2007-08-25 00:15:30Z benalex $
  */
 public class BasicProcessingFilterEntryPoint implements AuthenticationEntryPoint, InitializingBean {
     //~ Instance fields ================================================================================================
 
     private String realmName;
 
     //~ Methods ========================================================================================================
 
         public void afterPropertiesSet() throws Exception {
                 Assert.hasText(realmName, "realmName must be specified");
     }
 
     public void commence(ServletRequest request, ServletResponse response, AuthenticationException authException)
         throws IOException, ServletException {
         HttpServletResponse httpResponse = (HttpServletResponse) response;
         httpResponse.addHeader("WWW-Authenticate", "Basic realm=\"" + realmName + "\"");
         httpResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED, authException.getMessage());
     }
 
     public String getRealmName() {
         return realmName;
     }
 
     public void setRealmName(String realmName) {
         this.realmName = realmName;
     }
 
 }

1		/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
2		*
3		* Licensed under the Apache License, Version 2.0 (the "License");
4		* you may not use this file except in compliance with the License.
5		* You may obtain a copy of the License at
6		*
7		* http://www.apache.org/licenses/LICENSE-2.0
8		*
9		* Unless required by applicable law or agreed to in writing, software
10		* distributed under the License is distributed on an "AS IS" BASIS,
11		* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12		* See the License for the specific language governing permissions and
13		* limitations under the License.
14		*/
15
16		package org.acegisecurity.ui.basicauth;
17
18		import java.io.IOException;
19
20		import javax.servlet.ServletException;
21		import javax.servlet.ServletRequest;
22		import javax.servlet.ServletResponse;
23		import javax.servlet.http.HttpServletResponse;
24
25		import org.acegisecurity.AuthenticationException;
26		import org.acegisecurity.ui.AuthenticationEntryPoint;
27		import org.springframework.beans.factory.InitializingBean;
28		import org.springframework.util.Assert;
29
30
31		/**
32		* Used by the <code>SecurityEnforcementFilter</code> to commence authentication via the {@link
33		* BasicProcessingFilter}.<P>Once a user agent is authenticated using BASIC authentication, logout requires that
34		* the browser be closed or an unauthorized (401) header be sent. The simplest way of achieving the latter is to call
35		* the {@link #commence(ServletRequest, ServletResponse, AuthenticationException)} method below. This will indicate to
36		* the browser its credentials are no longer authorized, causing it to prompt the user to login again.</p>
37		*
38		* @author Ben Alex
39		* @version $Id: BasicProcessingFilterEntryPoint.java 1948 2007-08-25 00:15:30Z benalex $
40		*/
41	15	public class BasicProcessingFilterEntryPoint implements AuthenticationEntryPoint, InitializingBean {
42		//~ Instance fields ================================================================================================
43
44		private String realmName;
45
46		//~ Methods ========================================================================================================
47
48		public void afterPropertiesSet() throws Exception {
49	1	Assert.hasText(realmName, "realmName must be specified");
50	0	}
51
52		public void commence(ServletRequest request, ServletResponse response, AuthenticationException authException)
53		throws IOException, ServletException {
54	4	HttpServletResponse httpResponse = (HttpServletResponse) response;
55	4	httpResponse.addHeader("WWW-Authenticate", "Basic realm=\"" + realmName + "\"");
56	4	httpResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED, authException.getMessage());
57	4	}
58
59		public String getRealmName() {
60	1	return realmName;
61		}
62
63		public void setRealmName(String realmName) {
64	2	this.realmName = realmName;
65	2	}
66
67		}