1 /* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
2 *
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 package org.acegisecurity.util;
17
18 import org.acegisecurity.intercept.web.FilterInvocation;
19
20 import org.springframework.mock.web.MockHttpServletRequest;
21 import org.springframework.mock.web.MockHttpServletResponse;
22
23 import org.springframework.util.Assert;
24
25 import java.io.IOException;
26
27 import javax.servlet.FilterChain;
28 import javax.servlet.ServletException;
29 import javax.servlet.ServletRequest;
30 import javax.servlet.ServletResponse;
31
32
33 /**
34 * Static utility methods for creating <code>FilterInvocation</code>s usable within Acegi Security.<p>The generated
35 * <code>FilterInvocation</code> objects are not intended for use with <code>AbstractSecurityInterceptor</code>
36 * subclasses. Instead they are generally used by <code>WebInvocationPrivilegeEvaluator</code>.</p>
37 *
38 * @author Ben Alex
39 * @version $Id: FilterInvocationUtils.java 1784 2007-02-24 21:00:24Z luke_t $
40 */
41 public final class FilterInvocationUtils {
42 //~ Constructors ===================================================================================================
43
44 private FilterInvocationUtils() {
45 }
46
47 //~ Methods ========================================================================================================
48
49 /**
50 * Creates a <code>FilterInvocation</code> for the specified <code>contextPath</code> and <code>Uri</code>.
51 * Note the normal subclasses of <code>AbstractFilterInvocationDefinitionSource</code> disregard the
52 * <code>contextPath</code> when evaluating which secure object metadata applies to a given
53 * <code>FilterInvocation</code>, so generally the <code>contextPath</code> is unimportant unless you are using a
54 * custom <code>FilterInvocationDefinitionSource</code>.
55 *
56 * @param contextPath the <code>contextPath</code> that will be contained within the
57 * <code>FilterInvocation</code><code>HttpServletRequest</code>
58 * @param uri the URI of the request, such as <code>/foo/default.jsp</code>
59 *
60 * @return a fully-formed <code>FilterInvocation</code> (never <code>null</code>)
61 *
62 * @throws UnsupportedOperationException DOCUMENT ME!
63 */
64 public static FilterInvocation create(String contextPath, String uri) {
65 Assert.hasText(contextPath, "contextPath required");
66 Assert.hasText(uri, "URI required");
67
68 MockHttpServletRequest req = new MockHttpServletRequest();
69 req.setRequestURI(contextPath + uri);
70 req.setContextPath(contextPath);
71 req.setServletPath(null);
72
73 FilterInvocation fi = new FilterInvocation(req, new MockHttpServletResponse(),
74 new FilterChain() {
75 public void doFilter(ServletRequest arg0, ServletResponse arg1)
76 throws IOException, ServletException {
77 throw new UnsupportedOperationException(
78 "WebInvocationPrivilegeEvaluator does not support filter chains");
79 }
80 });
81
82 return fi;
83 }
84
85 /**
86 * Creates a <code>FilterInvocation</code> for the specified <code>Uri</code>. The <code>contextPath</code>
87 * is set to a default value.
88 *
89 * @param uri the URI of the request, such as <code>/foo/default.jsp</code>
90 *
91 * @return a fully-formed <code>FilterInvocation</code> (never <code>null</code>)
92 */
93 public static FilterInvocation create(String uri) {
94 return create("/notused", uri);
95 }
96 }