From b7475d69c0d52f1639a13fae0afc617767852173 Mon Sep 17 00:00:00 2001 From: ulrich <not disclosed> Date: Sun, 19 Feb 2017 10:19:09 +0000 Subject: [PATCH] Abmelden eingeabaut --- src/java/de/uhilger/filecms/pub/SessionManager.java | 68 +++++++++++ web/WEB-INF/web.xml | 50 ++++++++ web/logout.html | 16 ++ web/login_error.jsp | 25 ++++ web/login_form.html | 87 ++++++++++++++ web/ui/ui.js | 22 +++ src/java/de/uhilger/filecms/api/Api.java | 61 ++++++++++ 7 files changed, 325 insertions(+), 4 deletions(-) diff --git a/src/java/de/uhilger/filecms/api/Api.java b/src/java/de/uhilger/filecms/api/Api.java new file mode 100644 index 0000000..625e070 --- /dev/null +++ b/src/java/de/uhilger/filecms/api/Api.java @@ -0,0 +1,61 @@ +/* + * Nutzerverwaltung - User and role management in your browser + * Copyright (C) 2011-2017 Ulrich Hilger, http://uhilger.de + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see http://www.gnu.org/licenses/ + */ + +package de.uhilger.filecms.api; + +import de.uhilger.transit.web.RequestKontext; +import de.uhilger.transit.web.WebKontext; +import javax.servlet.ServletContext; +import javax.servlet.http.HttpServletRequest; + +/** + * + */ +public abstract class Api implements WebKontext, RequestKontext { + + /** Zeiger zum Servlet-Kontext dieser Anwendung */ + private ServletContext ctx; + + private HttpServletRequest request; + + + /* ------------- Implementierung WebKontext ------------- */ + + @Override + public ServletContext getServletContext() { + return ctx; + } + + @Override + public void setServletContext(ServletContext servletContext) { + this.ctx = servletContext; + } + + /* ------------- Implementierung RequestKontext ------------- */ + + @Override + public HttpServletRequest getRequest() { + return request; + } + + @Override + public void setRequest(HttpServletRequest r) { + this.request = r; + } + +} diff --git a/src/java/de/uhilger/filecms/pub/SessionManager.java b/src/java/de/uhilger/filecms/pub/SessionManager.java new file mode 100644 index 0000000..3ebf15e --- /dev/null +++ b/src/java/de/uhilger/filecms/pub/SessionManager.java @@ -0,0 +1,68 @@ +/* + * Nutzerverwaltung - User and role management in your browser + * Copyright (C) 2011-2017 Ulrich Hilger, http://uhilger.de + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see http://www.gnu.org/licenses/ + */ + +package de.uhilger.filecms.pub; + +//import de.uhilger.um.api.Api; +//import static de.uhilger.um.api.UserMgr.MP_USER_DATA; +//import static de.uhilger.um.api.UserMgr.SQL_GET_USER_DATA; +//import static de.uhilger.um.api.UserMgr.WITHOUT_BLOBS; +//import de.uhilger.um.daten.UserData; +import de.uhilger.filecms.api.Api; +import java.util.logging.Logger; + +/** + * + */ +public class SessionManager extends Api { + + private static final Logger logger = Logger.getLogger(SessionManager.class.getName()); + + // /um/pub?c=de.uhilger.um.pub.SessionManager&m=getSessionUser + /* + public UserData getSessionUser() { + UserData userData = new UserData(); + userData.setFirstName("nicht angemeldet"); + userData.setLastName("nicht angemeldet"); + userData.setId("nicht angemeldet"); + userData.setEmail("nicht angemeldet"); + Object p = getRequest().getUserPrincipal(); + if(p instanceof Principal) { + String id = ((Principal) p).getName(); + logger.finer("User-ID: " + id); + List userDataList = getDb().select(getSql(SQL_GET_USER_DATA), getMapper(MP_USER_DATA), WITHOUT_BLOBS, id); + if(userDataList != null && userDataList.size() > 0) { + Object o = userDataList.get(0); + if(o instanceof UserData) { + userData = (UserData) o; + } + } + } else { + logger.finer("getUserPrincipal returned null or no Principal"); + } + return userData; + } +*/ + + public String expireSession() { + getRequest().getSession().invalidate(); + return "Die aktuelle Sitzung ist nicht mehr gueltig."; + } + + +} diff --git a/web/WEB-INF/web.xml b/web/WEB-INF/web.xml index 2749043..88a01a6 100644 --- a/web/WEB-INF/web.xml +++ b/web/WEB-INF/web.xml @@ -22,6 +22,14 @@ <param-value>de.uhilger.filecms.api</param-value> </init-param> </servlet> + <servlet> + <servlet-name>PublicTransit</servlet-name> + <servlet-class>de.uhilger.transit.web.TransitServlet</servlet-class> + <init-param> + <param-name>klassen</param-name> + <param-value>de.uhilger.filecms.pub</param-value> + </init-param> + </servlet> <servlet-mapping> <servlet-name>TransitRS</servlet-name> <url-pattern>/rpc/*</url-pattern> @@ -29,6 +37,10 @@ <servlet-mapping> <servlet-name>Transit</servlet-name> <url-pattern>/svc</url-pattern> + </servlet-mapping> + <servlet-mapping> + <servlet-name>PublicTransit</servlet-name> + <url-pattern>/pub</url-pattern> </servlet-mapping> <session-config> <session-timeout> @@ -39,4 +51,42 @@ <welcome-file>index.jsp</welcome-file> <welcome-file>index.html</welcome-file> </welcome-file-list> + <security-constraint> + <display-name>UI-Constraint</display-name> + <web-resource-collection> + <web-resource-name>UI</web-resource-name> + <description>Bedienoberflaeche</description> + <url-pattern>/ui/*</url-pattern> + </web-resource-collection> + <auth-constraint> + <description>UI-Auth-Constraint</description> + <role-name>ownFileAdmin</role-name> + </auth-constraint> + </security-constraint> + <security-constraint> + <display-name>API-Constraint</display-name> + <web-resource-collection> + <web-resource-name>API</web-resource-name> + <description>Programmschnittstelle</description> + <url-pattern>/rpc/*</url-pattern> + <url-pattern>/svc/*</url-pattern> + <url-pattern>/rpc</url-pattern> + <url-pattern>/svc</url-pattern> + </web-resource-collection> + <auth-constraint> + <description>API-Auth-Constraint</description> + <role-name>ownFileAdmin</role-name> + </auth-constraint> + </security-constraint> + <login-config> + <auth-method>FORM</auth-method> + <form-login-config> + <form-login-page>/login_form.html</form-login-page> + <form-error-page>/login_error.jsp</form-error-page> + </form-login-config> + </login-config> + <security-role> + <description/> + <role-name>ownFileAdmin</role-name> + </security-role> </web-app> diff --git a/web/login_error.jsp b/web/login_error.jsp new file mode 100644 index 0000000..720fe3f --- /dev/null +++ b/web/login_error.jsp @@ -0,0 +1,25 @@ +<%@page contentType="text/html" pageEncoding="ISO-8859-1"%> +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" + "http://www.w3.org/TR/html4/loose.dtd"> + +<html> +<head> + <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> + <style> + body { + font-family:Arial,Helvetica,sans-serif; + font-size:10pt; + } + </style> + <title>Fehler</title> + <% + String url = request.getRequestURL().toString(); + url = url.substring(0, url.lastIndexOf("/")); + %> +</head> +<body> +<p>Hoppla! Die Anmeldung hat nicht geklappt.</p> + +<p>Klicken Sie <a href="<%=url%>">hier</a> um zur Hauptseite zu gelangen.</p> +</body> +</html> diff --git a/web/login_form.html b/web/login_form.html new file mode 100644 index 0000000..9719e85 --- /dev/null +++ b/web/login_form.html @@ -0,0 +1,87 @@ +<!DOCTYPE html> +<html lang="en"> + <head> + <meta charset="utf-8"> + <meta http-equiv="X-UA-Compatible" content="IE=edge"> + <meta name="viewport" content="width=device-width, initial-scale=1"> + <meta name="description" content=""> + <meta name="author" content=""> + <!--<link rel="icon" href="../../favicon.ico">--> + + <title>Anmeldung Dateiverwaltung</title> + + <!-- Bootstrap core CSS --> + <link rel="stylesheet" href="/jslib/bootstrap/css/bootstrap.min.css"> + + <!-- Custom styles for this template --> + <!--<link href="signin.css" rel="stylesheet">--> + <style type="text/css"> + body { + padding-top: 40px; + padding-bottom: 40px; + background-color: #eee; + } + + .form-signin { + max-width: 330px; + padding: 15px; + margin: 0 auto; + } + .form-signin .form-signin-heading, + .form-signin .checkbox { + margin-bottom: 10px; + } + .form-signin .checkbox { + font-weight: normal; + } + .form-signin .form-control { + position: relative; + height: auto; + -webkit-box-sizing: border-box; + -moz-box-sizing: border-box; + box-sizing: border-box; + padding: 10px; + font-size: 16px; + } + .form-signin .form-control:focus { + z-index: 2; + } + .form-signin input[type="text"] { + margin-bottom: -1px; + border-bottom-right-radius: 0; + border-bottom-left-radius: 0; + } + .form-signin input[type="password"] { + margin-bottom: 10px; + border-top-left-radius: 0; + border-top-right-radius: 0; + } + </style> + + <!-- HTML5 shim and Respond.js IE8 support of HTML5 elements and media queries --> + <!--[if lt IE 9]> + <script src="https://oss.maxcdn.com/html5shiv/3.7.2/html5shiv.min.js"></script> + <script src="https://oss.maxcdn.com/respond/1.4.2/respond.min.js"></script> + <![endif]--> + </head> + + <body> + + <div class="container"> + + <form class="form-signin" role="form" method="POST" action="j_security_check" name="loginform"> + <h2 class="form-signin-heading">Anmeldung Dateiverwaltung</h2> + <input name="j_username" type="text" class="form-control" placeholder="Benutzerkennung" required autofocus> + <input name="j_password" type="password" class="form-control" placeholder="Kennwort" required> + <!-- + <label class="checkbox"> + <input type="checkbox" value="remember-me"> Remember me + </label> + --> + <button class="btn btn-lg btn-primary btn-block" type="submit">Senden</button> + </form> + + </div> <!-- /container --> + + </body> +</html> diff --git a/web/logout.html b/web/logout.html new file mode 100644 index 0000000..df55d93 --- /dev/null +++ b/web/logout.html @@ -0,0 +1,16 @@ +<!DOCTYPE html> +<html lang="en"> + <head> + <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> + <meta name="viewport" content="width=device-width, initial-scale=1.0"> + <link rel="stylesheet" type="text/css" href="/jslib/bootstrap/css/bootstrap.min.css"> + <title>Abgemeldet</title> + </head> + <body> + <div style="margin: 20px;"> + <h3>Abmeldung</h3> + <p>Sie haben sich erfolgreich abgemeldet.</p> + <p>zurück zur <a href="ui/">Anmeldung</a> • <a href="/">Hauptseite</a></p> + </div> + </body> +</html> diff --git a/web/ui/ui.js b/web/ui/ui.js index fbd30d5..6d50cfd 100644 --- a/web/ui/ui.js +++ b/web/ui/ui.js @@ -8,7 +8,8 @@ $('#closeFile').on('click', fm_menu_datei_schliessen); $('#myModal').on('hidden.bs.modal', function (e) { $('#modal_ok').attr('onclick','').unbind('click'); - }) + }); + $('#logout').click(fm_logout); fm_get_login(); } @@ -26,10 +27,12 @@ $('#dateiansicht').show(); } +/* ----- API Calls ------------- */ + function fm_get_login() { var m = '?c=de.uhilger.um.pub.SessionManager&m=getSessionUser'; var u = '../../um/pub' + m; - fm_get(u, function(resp) { + fm_get(u, "json", function(resp) { $('#userMenu').text(resp.UserData.firstName); }); } @@ -65,6 +68,17 @@ */ } +function fm_logout() { + var m = '?c=de.uhilger.filecms.pub.SessionManager&m=expireSession'; + var u = '../pub' + m; + + fm_get(u, "text", function(resp) { + $('#userMenu').text('nicht angemeldet'); + window.location.href = '../logout.html'; + }); +} + + /* ---- codemirror editor handling -------- */ function fm_code_edit(content) { @@ -92,11 +106,11 @@ /* -------- helper functions ----------- */ -function fm_get(u, scallback) { +function fm_get(u, dtype, scallback) { $.ajax({ url: u, type: "GET", - dataType: "json", + dataType: dtype, success: scallback, error: function (xhr, status, errorThrown) { alert("Error: " + errorThrown + " Status: " + status + " URL: " + u); -- Gitblit v1.9.3