src/java/de/uhilger/um/Digester.java | ●●●●● patch | view | raw | blame | history | |
src/java/de/uhilger/um/api/UserMgr.java | ●●●●● patch | view | raw | blame | history | |
web/META-INF/context.xml | ●●●●● patch | view | raw | blame | history | |
web/WEB-INF/create_database.sql | ●●●●● patch | view | raw | blame | history | |
web/WEB-INF/web.xml | ●●●●● patch | view | raw | blame | history | |
web/login_error.jsp | ●●●●● patch | view | raw | blame | history | |
web/login_form.html | ●●●●● patch | view | raw | blame | history |
src/java/de/uhilger/um/Digester.java
@@ -34,7 +34,8 @@ /** Name des MD5-Algorithmus zum Verschlüsseln */ public static final String MD5 = "MD5"; public static final String SHA256 = "sha-256"; /** * Einen Ausdruck verschlüsseln * src/java/de/uhilger/um/api/UserMgr.java
@@ -94,7 +94,11 @@ String kw = user.getPw(); String digesterClassName = ctx.getInitParameter(P_DIGESTER); Digester digester = (Digester) Class.forName(digesterClassName).newInstance(); String digestedPw = digester.digest(kw, Digester.MD5, null); /* MD5 geht nicht mehr, vgl. http://stackoverflow.com/questions/39967289/how-to-use-digest-authentication-in-tomcat-8-5 */ String digestedPw = digester.digest(kw, Digester.SHA256, null); user.setPw(digestedPw); getDb().insert(user, UserMapper); return user; web/META-INF/context.xml
@@ -6,7 +6,7 @@ username="dbadmin" password="changeit" driverClassName="org.apache.derby.jdbc.ClientDriver" url="jdbc:derby://127.0.0.1:1527/udb_test;create=true" url="jdbc:derby://127.0.0.1:1528/udb;create=true" maxActive="60" maxIdle="30" maxWait="5000" web/WEB-INF/create_database.sql
@@ -3,7 +3,7 @@ CREATE TABLE APP.USERS ( USER_NAME VARCHAR(250) NOT NULL, USER_PASS VARCHAR(250) NOT NULL, USER_PASS VARCHAR(1024) NOT NULL, USER_FIRST VARCHAR(250), USER_LAST VARCHAR(250), USER_EMAIL VARCHAR(250), web/WEB-INF/web.xml
@@ -37,4 +37,27 @@ 30 </session-timeout> </session-config> <security-constraint> <display-name>nutzerAdminConstraint</display-name> <web-resource-collection> <web-resource-name>nutzerAdmin</web-resource-name> <description>Nutzer-Administration</description> <url-pattern>/ui/*</url-pattern> </web-resource-collection> <auth-constraint> <description>nutzerAdminAuthContraint</description> <role-name>nutzerAdmin</role-name> </auth-constraint> </security-constraint> <login-config> <auth-method>FORM</auth-method> <form-login-config> <form-login-page>/login_form.html</form-login-page> <form-error-page>/login_error.jsp</form-error-page> </form-login-config> </login-config> <security-role> <description/> <role-name>nutzerAdmin</role-name> </security-role> </web-app> web/login_error.jsp
New file @@ -0,0 +1,25 @@ <%@page contentType="text/html" pageEncoding="ISO-8859-1"%> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <style> body { font-family:Arial,Helvetica,sans-serif; font-size:10pt; } </style> <title>Fehler</title> <% String url = request.getRequestURL().toString(); url = url.substring(0, url.lastIndexOf("/")); %> </head> <body> <p>Hoppla! Die Anmeldung hat nicht geklappt.</p> <p>Klicken Sie <a href="<%=url%>">hier</a> um zur Hauptseite zu gelangen.</p> </body> </html> web/login_form.html
New file @@ -0,0 +1,87 @@ <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="description" content=""> <meta name="author" content=""> <!--<link rel="icon" href="../../favicon.ico">--> <title>Anmeldung Nutzerverwaltung</title> <!-- Bootstrap core CSS --> <link rel="stylesheet" href="/jslib/bootstrap-3.3.2/css/bootstrap.min.css"> <!-- Custom styles for this template --> <!--<link href="signin.css" rel="stylesheet">--> <style type="text/css"> body { padding-top: 40px; padding-bottom: 40px; background-color: #eee; } .form-signin { max-width: 330px; padding: 15px; margin: 0 auto; } .form-signin .form-signin-heading, .form-signin .checkbox { margin-bottom: 10px; } .form-signin .checkbox { font-weight: normal; } .form-signin .form-control { position: relative; height: auto; -webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box; padding: 10px; font-size: 16px; } .form-signin .form-control:focus { z-index: 2; } .form-signin input[type="text"] { margin-bottom: -1px; border-bottom-right-radius: 0; border-bottom-left-radius: 0; } .form-signin input[type="password"] { margin-bottom: 10px; border-top-left-radius: 0; border-top-right-radius: 0; } </style> <!-- HTML5 shim and Respond.js IE8 support of HTML5 elements and media queries --> <!--[if lt IE 9]> <script src="https://oss.maxcdn.com/html5shiv/3.7.2/html5shiv.min.js"></script> <script src="https://oss.maxcdn.com/respond/1.4.2/respond.min.js"></script> <![endif]--> </head> <body> <div class="container"> <form class="form-signin" role="form" method="POST" action="j_security_check" name="loginform"> <h2 class="form-signin-heading">Anmeldung Nutzerverwaltung</h2> <input name="j_username" type="text" class="form-control" placeholder="Benutzerkennung" required autofocus> <input name="j_password" type="password" class="form-control" placeholder="Kennwort" required> <!-- <label class="checkbox"> <input type="checkbox" value="remember-me"> Remember me </label> --> <button class="btn btn-lg btn-primary btn-block" type="submit">Senden</button> </form> </div> <!-- /container --> </body> </html>