From b7475d69c0d52f1639a13fae0afc617767852173 Mon Sep 17 00:00:00 2001
From: ulrich <not disclosed>
Date: Sun, 19 Feb 2017 10:19:09 +0000
Subject: [PATCH] Abmelden eingeabaut
---
src/java/de/uhilger/filecms/pub/SessionManager.java | 68 +++++++++++
web/WEB-INF/web.xml | 50 ++++++++
web/logout.html | 16 ++
web/login_error.jsp | 25 ++++
web/login_form.html | 87 ++++++++++++++
web/ui/ui.js | 22 +++
src/java/de/uhilger/filecms/api/Api.java | 61 ++++++++++
7 files changed, 325 insertions(+), 4 deletions(-)
diff --git a/src/java/de/uhilger/filecms/api/Api.java b/src/java/de/uhilger/filecms/api/Api.java
new file mode 100644
index 0000000..625e070
--- /dev/null
+++ b/src/java/de/uhilger/filecms/api/Api.java
@@ -0,0 +1,61 @@
+/*
+ * Nutzerverwaltung - User and role management in your browser
+ * Copyright (C) 2011-2017 Ulrich Hilger, http://uhilger.de
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see http://www.gnu.org/licenses/
+ */
+
+package de.uhilger.filecms.api;
+
+import de.uhilger.transit.web.RequestKontext;
+import de.uhilger.transit.web.WebKontext;
+import javax.servlet.ServletContext;
+import javax.servlet.http.HttpServletRequest;
+
+/**
+ *
+ */
+public abstract class Api implements WebKontext, RequestKontext {
+
+ /** Zeiger zum Servlet-Kontext dieser Anwendung */
+ private ServletContext ctx;
+
+ private HttpServletRequest request;
+
+
+ /* ------------- Implementierung WebKontext ------------- */
+
+ @Override
+ public ServletContext getServletContext() {
+ return ctx;
+ }
+
+ @Override
+ public void setServletContext(ServletContext servletContext) {
+ this.ctx = servletContext;
+ }
+
+ /* ------------- Implementierung RequestKontext ------------- */
+
+ @Override
+ public HttpServletRequest getRequest() {
+ return request;
+ }
+
+ @Override
+ public void setRequest(HttpServletRequest r) {
+ this.request = r;
+ }
+
+}
diff --git a/src/java/de/uhilger/filecms/pub/SessionManager.java b/src/java/de/uhilger/filecms/pub/SessionManager.java
new file mode 100644
index 0000000..3ebf15e
--- /dev/null
+++ b/src/java/de/uhilger/filecms/pub/SessionManager.java
@@ -0,0 +1,68 @@
+/*
+ * Nutzerverwaltung - User and role management in your browser
+ * Copyright (C) 2011-2017 Ulrich Hilger, http://uhilger.de
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see http://www.gnu.org/licenses/
+ */
+
+package de.uhilger.filecms.pub;
+
+//import de.uhilger.um.api.Api;
+//import static de.uhilger.um.api.UserMgr.MP_USER_DATA;
+//import static de.uhilger.um.api.UserMgr.SQL_GET_USER_DATA;
+//import static de.uhilger.um.api.UserMgr.WITHOUT_BLOBS;
+//import de.uhilger.um.daten.UserData;
+import de.uhilger.filecms.api.Api;
+import java.util.logging.Logger;
+
+/**
+ *
+ */
+public class SessionManager extends Api {
+
+ private static final Logger logger = Logger.getLogger(SessionManager.class.getName());
+
+ // /um/pub?c=de.uhilger.um.pub.SessionManager&m=getSessionUser
+ /*
+ public UserData getSessionUser() {
+ UserData userData = new UserData();
+ userData.setFirstName("nicht angemeldet");
+ userData.setLastName("nicht angemeldet");
+ userData.setId("nicht angemeldet");
+ userData.setEmail("nicht angemeldet");
+ Object p = getRequest().getUserPrincipal();
+ if(p instanceof Principal) {
+ String id = ((Principal) p).getName();
+ logger.finer("User-ID: " + id);
+ List userDataList = getDb().select(getSql(SQL_GET_USER_DATA), getMapper(MP_USER_DATA), WITHOUT_BLOBS, id);
+ if(userDataList != null && userDataList.size() > 0) {
+ Object o = userDataList.get(0);
+ if(o instanceof UserData) {
+ userData = (UserData) o;
+ }
+ }
+ } else {
+ logger.finer("getUserPrincipal returned null or no Principal");
+ }
+ return userData;
+ }
+*/
+
+ public String expireSession() {
+ getRequest().getSession().invalidate();
+ return "Die aktuelle Sitzung ist nicht mehr gueltig.";
+ }
+
+
+}
diff --git a/web/WEB-INF/web.xml b/web/WEB-INF/web.xml
index 2749043..88a01a6 100644
--- a/web/WEB-INF/web.xml
+++ b/web/WEB-INF/web.xml
@@ -22,6 +22,14 @@
<param-value>de.uhilger.filecms.api</param-value>
</init-param>
</servlet>
+ <servlet>
+ <servlet-name>PublicTransit</servlet-name>
+ <servlet-class>de.uhilger.transit.web.TransitServlet</servlet-class>
+ <init-param>
+ <param-name>klassen</param-name>
+ <param-value>de.uhilger.filecms.pub</param-value>
+ </init-param>
+ </servlet>
<servlet-mapping>
<servlet-name>TransitRS</servlet-name>
<url-pattern>/rpc/*</url-pattern>
@@ -29,6 +37,10 @@
<servlet-mapping>
<servlet-name>Transit</servlet-name>
<url-pattern>/svc</url-pattern>
+ </servlet-mapping>
+ <servlet-mapping>
+ <servlet-name>PublicTransit</servlet-name>
+ <url-pattern>/pub</url-pattern>
</servlet-mapping>
<session-config>
<session-timeout>
@@ -39,4 +51,42 @@
<welcome-file>index.jsp</welcome-file>
<welcome-file>index.html</welcome-file>
</welcome-file-list>
+ <security-constraint>
+ <display-name>UI-Constraint</display-name>
+ <web-resource-collection>
+ <web-resource-name>UI</web-resource-name>
+ <description>Bedienoberflaeche</description>
+ <url-pattern>/ui/*</url-pattern>
+ </web-resource-collection>
+ <auth-constraint>
+ <description>UI-Auth-Constraint</description>
+ <role-name>ownFileAdmin</role-name>
+ </auth-constraint>
+ </security-constraint>
+ <security-constraint>
+ <display-name>API-Constraint</display-name>
+ <web-resource-collection>
+ <web-resource-name>API</web-resource-name>
+ <description>Programmschnittstelle</description>
+ <url-pattern>/rpc/*</url-pattern>
+ <url-pattern>/svc/*</url-pattern>
+ <url-pattern>/rpc</url-pattern>
+ <url-pattern>/svc</url-pattern>
+ </web-resource-collection>
+ <auth-constraint>
+ <description>API-Auth-Constraint</description>
+ <role-name>ownFileAdmin</role-name>
+ </auth-constraint>
+ </security-constraint>
+ <login-config>
+ <auth-method>FORM</auth-method>
+ <form-login-config>
+ <form-login-page>/login_form.html</form-login-page>
+ <form-error-page>/login_error.jsp</form-error-page>
+ </form-login-config>
+ </login-config>
+ <security-role>
+ <description/>
+ <role-name>ownFileAdmin</role-name>
+ </security-role>
</web-app>
diff --git a/web/login_error.jsp b/web/login_error.jsp
new file mode 100644
index 0000000..720fe3f
--- /dev/null
+++ b/web/login_error.jsp
@@ -0,0 +1,25 @@
+<%@page contentType="text/html" pageEncoding="ISO-8859-1"%>
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
+ "http://www.w3.org/TR/html4/loose.dtd">
+
+<html>
+<head>
+ <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
+ <style>
+ body {
+ font-family:Arial,Helvetica,sans-serif;
+ font-size:10pt;
+ }
+ </style>
+ <title>Fehler</title>
+ <%
+ String url = request.getRequestURL().toString();
+ url = url.substring(0, url.lastIndexOf("/"));
+ %>
+</head>
+<body>
+<p>Hoppla! Die Anmeldung hat nicht geklappt.</p>
+
+<p>Klicken Sie <a href="<%=url%>">hier</a> um zur Hauptseite zu gelangen.</p>
+</body>
+</html>
diff --git a/web/login_form.html b/web/login_form.html
new file mode 100644
index 0000000..9719e85
--- /dev/null
+++ b/web/login_form.html
@@ -0,0 +1,87 @@
+<!DOCTYPE html>
+<html lang="en">
+ <head>
+ <meta charset="utf-8">
+ <meta http-equiv="X-UA-Compatible" content="IE=edge">
+ <meta name="viewport" content="width=device-width, initial-scale=1">
+ <meta name="description" content="">
+ <meta name="author" content="">
+ <!--<link rel="icon" href="../../favicon.ico">-->
+
+ <title>Anmeldung Dateiverwaltung</title>
+
+ <!-- Bootstrap core CSS -->
+ <link rel="stylesheet" href="/jslib/bootstrap/css/bootstrap.min.css">
+
+ <!-- Custom styles for this template -->
+ <!--<link href="signin.css" rel="stylesheet">-->
+ <style type="text/css">
+ body {
+ padding-top: 40px;
+ padding-bottom: 40px;
+ background-color: #eee;
+ }
+
+ .form-signin {
+ max-width: 330px;
+ padding: 15px;
+ margin: 0 auto;
+ }
+ .form-signin .form-signin-heading,
+ .form-signin .checkbox {
+ margin-bottom: 10px;
+ }
+ .form-signin .checkbox {
+ font-weight: normal;
+ }
+ .form-signin .form-control {
+ position: relative;
+ height: auto;
+ -webkit-box-sizing: border-box;
+ -moz-box-sizing: border-box;
+ box-sizing: border-box;
+ padding: 10px;
+ font-size: 16px;
+ }
+ .form-signin .form-control:focus {
+ z-index: 2;
+ }
+ .form-signin input[type="text"] {
+ margin-bottom: -1px;
+ border-bottom-right-radius: 0;
+ border-bottom-left-radius: 0;
+ }
+ .form-signin input[type="password"] {
+ margin-bottom: 10px;
+ border-top-left-radius: 0;
+ border-top-right-radius: 0;
+ }
+ </style>
+
+ <!-- HTML5 shim and Respond.js IE8 support of HTML5 elements and media queries -->
+ <!--[if lt IE 9]>
+ <script src="https://oss.maxcdn.com/html5shiv/3.7.2/html5shiv.min.js"></script>
+ <script src="https://oss.maxcdn.com/respond/1.4.2/respond.min.js"></script>
+ <![endif]-->
+ </head>
+
+ <body>
+
+ <div class="container">
+
+ <form class="form-signin" role="form" method="POST" action="j_security_check" name="loginform">
+ <h2 class="form-signin-heading">Anmeldung Dateiverwaltung</h2>
+ <input name="j_username" type="text" class="form-control" placeholder="Benutzerkennung" required autofocus>
+ <input name="j_password" type="password" class="form-control" placeholder="Kennwort" required>
+ <!--
+ <label class="checkbox">
+ <input type="checkbox" value="remember-me"> Remember me
+ </label>
+ -->
+ <button class="btn btn-lg btn-primary btn-block" type="submit">Senden</button>
+ </form>
+
+ </div> <!-- /container -->
+
+ </body>
+</html>
diff --git a/web/logout.html b/web/logout.html
new file mode 100644
index 0000000..df55d93
--- /dev/null
+++ b/web/logout.html
@@ -0,0 +1,16 @@
+<!DOCTYPE html>
+<html lang="en">
+ <head>
+ <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
+ <meta name="viewport" content="width=device-width, initial-scale=1.0">
+ <link rel="stylesheet" type="text/css" href="/jslib/bootstrap/css/bootstrap.min.css">
+ <title>Abgemeldet</title>
+ </head>
+ <body>
+ <div style="margin: 20px;">
+ <h3>Abmeldung</h3>
+ <p>Sie haben sich erfolgreich abgemeldet.</p>
+ <p>zurück zur <a href="ui/">Anmeldung</a> • <a href="/">Hauptseite</a></p>
+ </div>
+ </body>
+</html>
diff --git a/web/ui/ui.js b/web/ui/ui.js
index fbd30d5..6d50cfd 100644
--- a/web/ui/ui.js
+++ b/web/ui/ui.js
@@ -8,7 +8,8 @@
$('#closeFile').on('click', fm_menu_datei_schliessen);
$('#myModal').on('hidden.bs.modal', function (e) {
$('#modal_ok').attr('onclick','').unbind('click');
- })
+ });
+ $('#logout').click(fm_logout);
fm_get_login();
}
@@ -26,10 +27,12 @@
$('#dateiansicht').show();
}
+/* ----- API Calls ------------- */
+
function fm_get_login() {
var m = '?c=de.uhilger.um.pub.SessionManager&m=getSessionUser';
var u = '../../um/pub' + m;
- fm_get(u, function(resp) {
+ fm_get(u, "json", function(resp) {
$('#userMenu').text(resp.UserData.firstName);
});
}
@@ -65,6 +68,17 @@
*/
}
+function fm_logout() {
+ var m = '?c=de.uhilger.filecms.pub.SessionManager&m=expireSession';
+ var u = '../pub' + m;
+
+ fm_get(u, "text", function(resp) {
+ $('#userMenu').text('nicht angemeldet');
+ window.location.href = '../logout.html';
+ });
+}
+
+
/* ---- codemirror editor handling -------- */
function fm_code_edit(content) {
@@ -92,11 +106,11 @@
/* -------- helper functions ----------- */
-function fm_get(u, scallback) {
+function fm_get(u, dtype, scallback) {
$.ajax({
url: u,
type: "GET",
- dataType: "json",
+ dataType: dtype,
success: scallback,
error: function (xhr, status, errorThrown) {
alert("Error: " + errorThrown + " Status: " + status + " URL: " + u);
--
Gitblit v1.9.3