Nuiton-web-commits
Threads by month
- ----- 2026 -----
- June
- May
- April
- March
- February
- January
- ----- 2025 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2024 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- 410 discussions
Author: tchemit
Date: 2012-10-26 13:43:59 +0200 (Fri, 26 Oct 2012)
New Revision: 231
Url: http://nuiton.org/repositories/revision/nuiton-web/231
Log:
Update mavenpom4redmineAndCentral to 3.4.2.
Modified:
trunk/pom.xml
Modified: trunk/pom.xml
===================================================================
--- trunk/pom.xml 2012-10-24 15:05:53 UTC (rev 230)
+++ trunk/pom.xml 2012-10-26 11:43:59 UTC (rev 231)
@@ -10,7 +10,7 @@
<parent>
<groupId>org.nuiton</groupId>
<artifactId>mavenpom4redmineAndCentral</artifactId>
- <version>3.4</version>
+ <version>3.4.2</version>
</parent>
<groupId>org.nuiton.web</groupId>
1
0
r230 - in trunk/nuiton-security/src/main: java/org/nuiton/web/security java/org/nuiton/web/security/actions resources/WEB-INF/security resources/i18n
by echatellier@users.nuiton.org 24 Oct '12
by echatellier@users.nuiton.org 24 Oct '12
24 Oct '12
Author: echatellier
Date: 2012-10-24 17:05:53 +0200 (Wed, 24 Oct 2012)
New Revision: 230
Url: http://nuiton.org/repositories/revision/nuiton-web/230
Log:
Encode password using md5 hash
Add user and role delete action
Modified:
trunk/nuiton-security/src/main/java/org/nuiton/web/security/SecurityShiroFilter.java
trunk/nuiton-security/src/main/java/org/nuiton/web/security/TopiaSecurityRealm.java
trunk/nuiton-security/src/main/java/org/nuiton/web/security/actions/RoleAction.java
trunk/nuiton-security/src/main/java/org/nuiton/web/security/actions/UserAction.java
trunk/nuiton-security/src/main/resources/WEB-INF/security/login.jsp
trunk/nuiton-security/src/main/resources/WEB-INF/security/role-permissions.jsp
trunk/nuiton-security/src/main/resources/WEB-INF/security/role.jsp
trunk/nuiton-security/src/main/resources/WEB-INF/security/user-roles.jsp
trunk/nuiton-security/src/main/resources/WEB-INF/security/user.jsp
trunk/nuiton-security/src/main/resources/i18n/nuiton-security_en_GB.properties
trunk/nuiton-security/src/main/resources/i18n/nuiton-security_fr_FR.properties
Modified: trunk/nuiton-security/src/main/java/org/nuiton/web/security/SecurityShiroFilter.java
===================================================================
--- trunk/nuiton-security/src/main/java/org/nuiton/web/security/SecurityShiroFilter.java 2012-10-24 12:43:58 UTC (rev 229)
+++ trunk/nuiton-security/src/main/java/org/nuiton/web/security/SecurityShiroFilter.java 2012-10-24 15:05:53 UTC (rev 230)
@@ -59,7 +59,7 @@
public static final String ROOT_CONTEXT_CONTEXT = SecurityShiroFilter.class.getName() + "#" + TopiaContext.class.getName();
- protected static final String ANON_LOGIN = "anonymous";
+ public static final String ANON_LOGIN = "anonymous";
public static final String SESSION_SAVED_URL = "savedUrl";
Modified: trunk/nuiton-security/src/main/java/org/nuiton/web/security/TopiaSecurityRealm.java
===================================================================
--- trunk/nuiton-security/src/main/java/org/nuiton/web/security/TopiaSecurityRealm.java 2012-10-24 12:43:58 UTC (rev 229)
+++ trunk/nuiton-security/src/main/java/org/nuiton/web/security/TopiaSecurityRealm.java 2012-10-24 15:05:53 UTC (rev 230)
@@ -34,6 +34,7 @@
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UsernamePasswordToken;
+import org.apache.shiro.authc.credential.CredentialsMatcher;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
@@ -42,9 +43,10 @@
import org.nuiton.topia.TopiaException;
import org.nuiton.topia.TopiaRuntimeException;
import org.nuiton.util.ApplicationConfig;
+import org.nuiton.util.StringUtil;
import org.nuiton.web.SecurityDAOHelper;
-public class TopiaSecurityRealm extends AuthorizingRealm {
+public class TopiaSecurityRealm extends AuthorizingRealm implements CredentialsMatcher {
private static final Log log = LogFactory.getLog(TopiaSecurityRealm.class);
@@ -55,9 +57,21 @@
public TopiaSecurityRealm(TopiaContext rootContext, ApplicationConfig config) {
this.rootContext = rootContext;
this.config = config;
+
+ setCredentialsMatcher(this);
}
@Override
+ public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) {
+ char[] tokenCredentials = (char[]) token.getCredentials();
+ String submittedPassword = String.valueOf(tokenCredentials);
+ String submittedHashedPassword = StringUtil.encodeMD5(submittedPassword);
+
+ String expectedHashedPassword = (String) info.getCredentials();
+ return expectedHashedPassword.equals(submittedHashedPassword);
+ }
+
+ @Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
SimpleAuthorizationInfo result = null;
@@ -162,7 +176,7 @@
if (securityUser != null) {
if (login.equals(SecurityShiroFilter.ANON_LOGIN)) {
result = new SimpleAuthenticationInfo(securityUser.getLogin(),
- "", getName());
+ StringUtil.encodeMD5(""), getName());
} else {
result = new SimpleAuthenticationInfo(securityUser.getLogin(),
securityUser.getPassword(), getName());
Modified: trunk/nuiton-security/src/main/java/org/nuiton/web/security/actions/RoleAction.java
===================================================================
--- trunk/nuiton-security/src/main/java/org/nuiton/web/security/actions/RoleAction.java 2012-10-24 12:43:58 UTC (rev 229)
+++ trunk/nuiton-security/src/main/java/org/nuiton/web/security/actions/RoleAction.java 2012-10-24 15:05:53 UTC (rev 230)
@@ -26,6 +26,8 @@
package org.nuiton.web.security.actions;
import org.apache.commons.lang3.StringUtils;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
import org.nuiton.topia.TopiaContext;
import org.nuiton.topia.TopiaException;
import org.nuiton.topia.TopiaRuntimeException;
@@ -39,6 +41,8 @@
/** serialVersionUID. */
private static final long serialVersionUID = 1L;
+ private static final Log log = LogFactory.getLog(RoleAction.class);
+
protected SecurityRoleDAO securityRoleDAO;
protected SecurityRole role;
@@ -48,7 +52,10 @@
String roleId = getParameter("roleId");
if (StringUtils.isNotBlank(roleId)) {
try {
+ TopiaContext transaction = rootContext.beginTransaction();
+ securityRoleDAO = SecurityDAOHelper.getSecurityRoleDAO(transaction);
role = securityRoleDAO.findByTopiaId(roleId);
+ transaction.closeContext();
} catch (TopiaException ex) {
throw new TopiaRuntimeException(ex);
}
@@ -59,6 +66,27 @@
return role;
}
+ public String delete() throws Exception {
+ try {
+ String roleId = getParameter("roleId");
+ if (StringUtils.isNotBlank(roleId)) {
+ TopiaContext transaction = rootContext.beginTransaction();
+ securityRoleDAO = SecurityDAOHelper.getSecurityRoleDAO(transaction);
+ SecurityRole role = securityRoleDAO.findByTopiaId(roleId);
+ securityRoleDAO.delete(role);
+ transaction.commitTransaction();
+ transaction.closeContext();
+ }
+
+ } catch (Exception ex) {
+ if (log.isErrorEnabled()) {
+ log.error("Can't delete role", ex);
+ }
+ }
+
+ return SUCCESS;
+ }
+
@Override
public String execute() throws Exception {
String result = super.execute();
@@ -66,10 +94,10 @@
try {
TopiaContext transaction = rootContext.beginTransaction();
securityRoleDAO = SecurityDAOHelper.getSecurityRoleDAO(transaction);
- if (role.getTopiaId() == null) {
- securityRoleDAO.create(role);
+ if (getRole().getTopiaId() == null) {
+ securityRoleDAO.create(getRole());
} else {
- securityRoleDAO.update(role);
+ securityRoleDAO.update(getRole());
}
transaction.commitTransaction();
transaction.closeContext();
Modified: trunk/nuiton-security/src/main/java/org/nuiton/web/security/actions/UserAction.java
===================================================================
--- trunk/nuiton-security/src/main/java/org/nuiton/web/security/actions/UserAction.java 2012-10-24 12:43:58 UTC (rev 229)
+++ trunk/nuiton-security/src/main/java/org/nuiton/web/security/actions/UserAction.java 2012-10-24 15:05:53 UTC (rev 230)
@@ -24,10 +24,14 @@
package org.nuiton.web.security.actions;
+import static org.nuiton.i18n.I18n._;
import org.apache.commons.lang3.StringUtils;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
import org.nuiton.topia.TopiaContext;
import org.nuiton.topia.TopiaException;
import org.nuiton.topia.TopiaRuntimeException;
+import org.nuiton.util.StringUtil;
import org.nuiton.web.SecurityDAOHelper;
import org.nuiton.web.security.SecurityUser;
import org.nuiton.web.security.SecurityUserDAO;
@@ -38,16 +42,25 @@
/** serialVersionUID. */
private static final long serialVersionUID = 1L;
+ private static final Log log = LogFactory.getLog(UserAction.class);
+
protected SecurityUserDAO securityUserDAO;
protected SecurityUser user;
+ protected String password;
+
+ protected String confirm;
+
public SecurityUser getUser() {
if (user == null) {
String roleId = getParameter("userId");
if (StringUtils.isNotBlank(roleId)) {
try {
+ TopiaContext transaction = rootContext.beginTransaction();
+ securityUserDAO = SecurityDAOHelper.getSecurityUserDAO(transaction);
user = securityUserDAO.findByTopiaId(roleId);
+ transaction.closeContext();
} catch (TopiaException ex) {
throw new TopiaRuntimeException(ex);
}
@@ -58,13 +71,56 @@
return user;
}
+ public void setPassword(String password) {
+ this.password = password;
+ }
+
+ public void setConfirm(String confirm) {
+ this.confirm = confirm;
+ }
+
+ public String delete() throws Exception {
+ try {
+ String roleId = getParameter("userId");
+ if (StringUtils.isNotBlank(roleId)) {
+ TopiaContext transaction = rootContext.beginTransaction();
+ securityUserDAO = SecurityDAOHelper.getSecurityUserDAO(transaction);
+ SecurityUser user = securityUserDAO.findByTopiaId(roleId);
+ securityUserDAO.delete(user);
+ transaction.commitTransaction();
+ transaction.closeContext();
+ }
+ } catch (Exception ex) {
+ if (log.isErrorEnabled()) {
+ log.error("Can't delete user", ex);
+ }
+ }
+
+ return SUCCESS;
+ }
+
@Override
+ public void validate() {
+ if (StringUtils.isNotBlank(password)) {
+ if (!password.equals(confirm)) {
+ addActionError(_("Les mots de passes ne sont pas identiques !"));
+ }
+ }
+ }
+
+ @Override
public String execute() throws Exception {
String result = super.execute();
try {
TopiaContext transaction = rootContext.beginTransaction();
securityUserDAO = SecurityDAOHelper.getSecurityUserDAO(transaction);
+
+ SecurityUser user = getUser();
+ if (StringUtils.isNotBlank(password)) {
+ String md5Password = StringUtil.encodeMD5(password);
+ user.setPassword(md5Password);
+ }
if (user.getTopiaId() == null) {
securityUserDAO.create(user);
} else {
Modified: trunk/nuiton-security/src/main/resources/WEB-INF/security/login.jsp
===================================================================
--- trunk/nuiton-security/src/main/resources/WEB-INF/security/login.jsp 2012-10-24 12:43:58 UTC (rev 229)
+++ trunk/nuiton-security/src/main/resources/WEB-INF/security/login.jsp 2012-10-24 15:05:53 UTC (rev 230)
@@ -1,24 +1,12 @@
<%--
#%L
- Nuiton Web :: Nuiton Security
+ SGQ :: Web
$Id:$
$HeadURL:$
%%
- Copyright (C) 2012 CodeLutin, Chatellier Eric
+ Copyright (C) 2012 Herboristerie Cailleau
%%
- This program is free software: you can redistribute it and/or modify
- it under the terms of the GNU Lesser General Public License as
- published by the Free Software Foundation, either version 3 of the
- License, or (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Lesser Public License for more details.
-
- You should have received a copy of the GNU General Lesser Public
- License along with this program. If not, see
- <http://www.gnu.org/licenses/lgpl-3.0.html>.
+ Herboristerie Cailleau - Tous droits réservés
#L%
--%>
<%@ page language="java" contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
Modified: trunk/nuiton-security/src/main/resources/WEB-INF/security/role-permissions.jsp
===================================================================
--- trunk/nuiton-security/src/main/resources/WEB-INF/security/role-permissions.jsp 2012-10-24 12:43:58 UTC (rev 229)
+++ trunk/nuiton-security/src/main/resources/WEB-INF/security/role-permissions.jsp 2012-10-24 15:05:53 UTC (rev 230)
@@ -1,24 +1,12 @@
<%--
#%L
- Nuiton Web :: Nuiton Security
+ SGQ :: Web
$Id:$
$HeadURL:$
%%
- Copyright (C) 2012 CodeLutin, Chatellier Eric
+ Copyright (C) 2012 Herboristerie Cailleau
%%
- This program is free software: you can redistribute it and/or modify
- it under the terms of the GNU Lesser General Public License as
- published by the Free Software Foundation, either version 3 of the
- License, or (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Lesser Public License for more details.
-
- You should have received a copy of the GNU General Lesser Public
- License along with this program. If not, see
- <http://www.gnu.org/licenses/lgpl-3.0.html>.
+ Herboristerie Cailleau - Tous droits réservés
#L%
--%>
<%@ page language="java" contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
Modified: trunk/nuiton-security/src/main/resources/WEB-INF/security/role.jsp
===================================================================
--- trunk/nuiton-security/src/main/resources/WEB-INF/security/role.jsp 2012-10-24 12:43:58 UTC (rev 229)
+++ trunk/nuiton-security/src/main/resources/WEB-INF/security/role.jsp 2012-10-24 15:05:53 UTC (rev 230)
@@ -1,24 +1,12 @@
<%--
#%L
- Nuiton Web :: Nuiton Security
+ SGQ :: Web
$Id:$
$HeadURL:$
%%
- Copyright (C) 2012 CodeLutin, Chatellier Eric
+ Copyright (C) 2012 Herboristerie Cailleau
%%
- This program is free software: you can redistribute it and/or modify
- it under the terms of the GNU Lesser General Public License as
- published by the Free Software Foundation, either version 3 of the
- License, or (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Lesser Public License for more details.
-
- You should have received a copy of the GNU General Lesser Public
- License along with this program. If not, see
- <http://www.gnu.org/licenses/lgpl-3.0.html>.
+ Herboristerie Cailleau - Tous droits réservés
#L%
--%>
<%@ page language="java" contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
@@ -33,14 +21,14 @@
<div class="security-div">
<h1>Sécurité</h1>
-
- <s:if test='%{product.topiaId != null}'>
- <h2>Nouveau rôle</h2>
+
+ <s:if test='%{role.topiaId != null}'>
+ <h2>Modification d'un rôle</h2>
</s:if>
<s:else>
- <h2>Modification d'un rôle</h2>
+ <h2>Nouveau rôle</h2>
</s:else>
-
+
<s:form action="role" namespace="/security" class="security-form">
<s:actionerror />
<s:hidden name="roleId" value="%{role.topiaId}" />
@@ -49,5 +37,12 @@
</s:form>
</div>
+ <s:if test='%{role.topiaId != null}'>
+ <s:a action="role!delete" namespace="/security" class="delete">
+ <s:param name="roleId"><s:property value="role.topiaId" /></s:param>
+ Supprimer
+ </s:a>
+ </s:if>
+
</body>
</html>
\ No newline at end of file
Modified: trunk/nuiton-security/src/main/resources/WEB-INF/security/user-roles.jsp
===================================================================
--- trunk/nuiton-security/src/main/resources/WEB-INF/security/user-roles.jsp 2012-10-24 12:43:58 UTC (rev 229)
+++ trunk/nuiton-security/src/main/resources/WEB-INF/security/user-roles.jsp 2012-10-24 15:05:53 UTC (rev 230)
@@ -1,24 +1,12 @@
<%--
#%L
- Nuiton Web :: Nuiton Security
+ SGQ :: Web
$Id:$
$HeadURL:$
%%
- Copyright (C) 2012 CodeLutin, Chatellier Eric
+ Copyright (C) 2012 Herboristerie Cailleau
%%
- This program is free software: you can redistribute it and/or modify
- it under the terms of the GNU Lesser General Public License as
- published by the Free Software Foundation, either version 3 of the
- License, or (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Lesser Public License for more details.
-
- You should have received a copy of the GNU General Lesser Public
- License along with this program. If not, see
- <http://www.gnu.org/licenses/lgpl-3.0.html>.
+ Herboristerie Cailleau - Tous droits réservés
#L%
--%>
<%@ page language="java" contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
@@ -63,11 +51,16 @@
<th rowspan="<s:property value="users.size()" />" class="vertical">Utilisateurs</th>
</s:if>
<td>
- <a href="<s:url action='user!input' namespace='/security'>
- <s:param name="userId"><s:property value="topiaId" /></s:param>
- </s:url>">
+ <s:if test="login == @org.nuiton.web.security.SecurityShiroFilter@ANON_LOGIN">
<s:property value="login" />
- </a>
+ </s:if>
+ <s:else>
+ <a href="<s:url action='user!input' namespace='/security'>
+ <s:param name="userId"><s:property value="topiaId" /></s:param>
+ </s:url>">
+ <s:property value="login" />
+ </a>
+ </s:else>
</td>
<s:iterator value="roles" var="role">
<td>
Modified: trunk/nuiton-security/src/main/resources/WEB-INF/security/user.jsp
===================================================================
--- trunk/nuiton-security/src/main/resources/WEB-INF/security/user.jsp 2012-10-24 12:43:58 UTC (rev 229)
+++ trunk/nuiton-security/src/main/resources/WEB-INF/security/user.jsp 2012-10-24 15:05:53 UTC (rev 230)
@@ -1,24 +1,12 @@
<%--
#%L
- Nuiton Web :: Nuiton Security
+ SGQ :: Web
$Id:$
$HeadURL:$
%%
- Copyright (C) 2012 CodeLutin, Chatellier Eric
+ Copyright (C) 2012 Herboristerie Cailleau
%%
- This program is free software: you can redistribute it and/or modify
- it under the terms of the GNU Lesser General Public License as
- published by the Free Software Foundation, either version 3 of the
- License, or (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Lesser Public License for more details.
-
- You should have received a copy of the GNU General Lesser Public
- License along with this program. If not, see
- <http://www.gnu.org/licenses/lgpl-3.0.html>.
+ Herboristerie Cailleau - Tous droits réservés
#L%
--%>
<%@ page language="java" contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
@@ -26,7 +14,7 @@
<%@taglib uri="/struts-tags" prefix="s" %>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
- <title>Secu</title>
+ <title>Sécurité</title>
</head>
<body>
@@ -34,14 +22,28 @@
<div class="security-div">
<h1>Sécurité</h1>
- <h2>Nouvel utilisateur</h2>
+ <s:if test='%{role.topiaId != null}'>
+ <h2>Modification d'un utilisateur</h2>
+ </s:if>
+ <s:else>
+ <h2>Nouveau utilisateur</h2>
+ </s:else>
+
<s:form action="user" namespace="/security" class="security-form">
<s:actionerror />
<s:hidden name="userId" value="%{user.topiaId}" />
<s:textfield label="Identifiant" name="user.login" value="%{user.login}"/>
- <s:password label="Mot de passe" name="user.password" value="%{user.password}" />
+ <s:password label="Mot de passe" name="password" />
+ <s:password label="Confirmation" name="confirm" />
<s:submit label="Valider" />
</s:form>
+
+ <s:if test='%{user.topiaId != null}'>
+ <s:a action="user!delete" namespace="/security" class="delete">
+ <s:param name="userId"><s:property value="user.topiaId" /></s:param>
+ Supprimer
+ </s:a>
+ </s:if>
</div>
</body>
</html>
\ No newline at end of file
Modified: trunk/nuiton-security/src/main/resources/i18n/nuiton-security_en_GB.properties
===================================================================
--- trunk/nuiton-security/src/main/resources/i18n/nuiton-security_en_GB.properties 2012-10-24 12:43:58 UTC (rev 229)
+++ trunk/nuiton-security/src/main/resources/i18n/nuiton-security_en_GB.properties 2012-10-24 15:05:53 UTC (rev 230)
@@ -1,3 +1,4 @@
Compte\ bloqué.\ Contacter\ un\ administrateur=
Identifiant\ ou\ mot\ de\ passe\ invalide\ \!=
+Les\ mots\ de\ passes\ ne\ sont\ pas\ identiques\ \!=
Nombre\ de\ tentatives\ dépassé=
Modified: trunk/nuiton-security/src/main/resources/i18n/nuiton-security_fr_FR.properties
===================================================================
--- trunk/nuiton-security/src/main/resources/i18n/nuiton-security_fr_FR.properties 2012-10-24 12:43:58 UTC (rev 229)
+++ trunk/nuiton-security/src/main/resources/i18n/nuiton-security_fr_FR.properties 2012-10-24 15:05:53 UTC (rev 230)
@@ -1,3 +1,4 @@
Compte\ bloqué.\ Contacter\ un\ administrateur=
Identifiant\ ou\ mot\ de\ passe\ invalide\ \!=
+Les\ mots\ de\ passes\ ne\ sont\ pas\ identiques\ \!=
Nombre\ de\ tentatives\ dépassé=
1
0
r229 - in trunk/nuiton-security: . src src/license src/main/java/org/nuiton/web/security src/main/java/org/nuiton/web/security/actions src/main/resources src/main/resources/WEB-INF/security src/main/xmi
by echatellier@users.nuiton.org 24 Oct '12
by echatellier@users.nuiton.org 24 Oct '12
24 Oct '12
Author: echatellier
Date: 2012-10-24 14:43:58 +0200 (Wed, 24 Oct 2012)
New Revision: 229
Url: http://nuiton.org/repositories/revision/nuiton-web/229
Log:
Fix headers, third party and deps
Added:
trunk/nuiton-security/src/license/
trunk/nuiton-security/src/license/THIRD-PARTY.properties
Modified:
trunk/nuiton-security/LICENSE.txt
trunk/nuiton-security/pom.xml
trunk/nuiton-security/src/main/java/org/nuiton/web/security/SecurityShiroFilter.java
trunk/nuiton-security/src/main/java/org/nuiton/web/security/SecuritySubjectFactory.java
trunk/nuiton-security/src/main/java/org/nuiton/web/security/SecurityUtil.java
trunk/nuiton-security/src/main/java/org/nuiton/web/security/TopiaSecurityRealm.java
trunk/nuiton-security/src/main/java/org/nuiton/web/security/actions/AbstractAction.java
trunk/nuiton-security/src/main/java/org/nuiton/web/security/actions/LoginAction.java
trunk/nuiton-security/src/main/java/org/nuiton/web/security/actions/LogoutAction.java
trunk/nuiton-security/src/main/java/org/nuiton/web/security/actions/RoleAction.java
trunk/nuiton-security/src/main/java/org/nuiton/web/security/actions/RolePermissionsAction.java
trunk/nuiton-security/src/main/java/org/nuiton/web/security/actions/UserAction.java
trunk/nuiton-security/src/main/java/org/nuiton/web/security/actions/UserRolesAction.java
trunk/nuiton-security/src/main/resources/WEB-INF/security/login.jsp
trunk/nuiton-security/src/main/resources/WEB-INF/security/role-permissions.jsp
trunk/nuiton-security/src/main/resources/WEB-INF/security/role.jsp
trunk/nuiton-security/src/main/resources/WEB-INF/security/user-roles.jsp
trunk/nuiton-security/src/main/resources/WEB-INF/security/user.jsp
trunk/nuiton-security/src/main/resources/struts.xml
trunk/nuiton-security/src/main/xmi/security.properties
Modified: trunk/nuiton-security/LICENSE.txt
===================================================================
--- trunk/nuiton-security/LICENSE.txt 2012-10-23 15:29:49 UTC (rev 228)
+++ trunk/nuiton-security/LICENSE.txt 2012-10-24 12:43:58 UTC (rev 229)
@@ -0,0 +1,166 @@
+ GNU LESSER GENERAL PUBLIC LICENSE
+ Version 3, 29 June 2007
+
+ Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
+ Everyone is permitted to copy and distribute verbatim copies
+ of this license document, but changing it is not allowed.
+
+
+ This version of the GNU Lesser General Public License incorporates
+the terms and conditions of version 3 of the GNU General Public
+License, supplemented by the additional permissions listed below.
+
+ 0. Additional Definitions.
+
+ As used herein, "this License" refers to version 3 of the GNU Lesser
+General Public License, and the "GNU GPL" refers to version 3 of the GNU
+General Public License.
+
+ "The Library" refers to a covered work governed by this License,
+other than an Application or a Combined Work as defined below.
+
+ An "Application" is any work that makes use of an interface provided
+by the Library, but which is not otherwise based on the Library.
+Defining a subclass of a class defined by the Library is deemed a mode
+of using an interface provided by the Library.
+
+ A "Combined Work" is a work produced by combining or linking an
+Application with the Library. The particular version of the Library
+with which the Combined Work was made is also called the "Linked
+Version".
+
+ The "Minimal Corresponding Source" for a Combined Work means the
+Corresponding Source for the Combined Work, excluding any source code
+for portions of the Combined Work that, considered in isolation, are
+based on the Application, and not on the Linked Version.
+
+ The "Corresponding Application Code" for a Combined Work means the
+object code and/or source code for the Application, including any data
+and utility programs needed for reproducing the Combined Work from the
+Application, but excluding the System Libraries of the Combined Work.
+
+ 1. Exception to Section 3 of the GNU GPL.
+
+ You may convey a covered work under sections 3 and 4 of this License
+without being bound by section 3 of the GNU GPL.
+
+ 2. Conveying Modified Versions.
+
+ If you modify a copy of the Library, and, in your modifications, a
+facility refers to a function or data to be supplied by an Application
+that uses the facility (other than as an argument passed when the
+facility is invoked), then you may convey a copy of the modified
+version:
+
+ a) under this License, provided that you make a good faith effort to
+ ensure that, in the event an Application does not supply the
+ function or data, the facility still operates, and performs
+ whatever part of its purpose remains meaningful, or
+
+ b) under the GNU GPL, with none of the additional permissions of
+ this License applicable to that copy.
+
+ 3. Object Code Incorporating Material from Library Header Files.
+
+ The object code form of an Application may incorporate material from
+a header file that is part of the Library. You may convey such object
+code under terms of your choice, provided that, if the incorporated
+material is not limited to numerical parameters, data structure
+layouts and accessors, or small macros, inline functions and templates
+(ten or fewer lines in length), you do both of the following:
+
+ a) Give prominent notice with each copy of the object code that the
+ Library is used in it and that the Library and its use are
+ covered by this License.
+
+ b) Accompany the object code with a copy of the GNU GPL and this license
+ document.
+
+ 4. Combined Works.
+
+ You may convey a Combined Work under terms of your choice that,
+taken together, effectively do not restrict modification of the
+portions of the Library contained in the Combined Work and reverse
+engineering for debugging such modifications, if you also do each of
+the following:
+
+ a) Give prominent notice with each copy of the Combined Work that
+ the Library is used in it and that the Library and its use are
+ covered by this License.
+
+ b) Accompany the Combined Work with a copy of the GNU GPL and this license
+ document.
+
+ c) For a Combined Work that displays copyright notices during
+ execution, include the copyright notice for the Library among
+ these notices, as well as a reference directing the user to the
+ copies of the GNU GPL and this license document.
+
+ d) Do one of the following:
+
+ 0) Convey the Minimal Corresponding Source under the terms of this
+ License, and the Corresponding Application Code in a form
+ suitable for, and under terms that permit, the user to
+ recombine or relink the Application with a modified version of
+ the Linked Version to produce a modified Combined Work, in the
+ manner specified by section 6 of the GNU GPL for conveying
+ Corresponding Source.
+
+ 1) Use a suitable shared library mechanism for linking with the
+ Library. A suitable mechanism is one that (a) uses at run time
+ a copy of the Library already present on the user's computer
+ system, and (b) will operate properly with a modified version
+ of the Library that is interface-compatible with the Linked
+ Version.
+
+ e) Provide Installation Information, but only if you would otherwise
+ be required to provide such information under section 6 of the
+ GNU GPL, and only to the extent that such information is
+ necessary to install and execute a modified version of the
+ Combined Work produced by recombining or relinking the
+ Application with a modified version of the Linked Version. (If
+ you use option 4d0, the Installation Information must accompany
+ the Minimal Corresponding Source and Corresponding Application
+ Code. If you use option 4d1, you must provide the Installation
+ Information in the manner specified by section 6 of the GNU GPL
+ for conveying Corresponding Source.)
+
+ 5. Combined Libraries.
+
+ You may place library facilities that are a work based on the
+Library side by side in a single library together with other library
+facilities that are not Applications and are not covered by this
+License, and convey such a combined library under terms of your
+choice, if you do both of the following:
+
+ a) Accompany the combined library with a copy of the same work based
+ on the Library, uncombined with any other library facilities,
+ conveyed under the terms of this License.
+
+ b) Give prominent notice with the combined library that part of it
+ is a work based on the Library, and explaining where to find the
+ accompanying uncombined form of the same work.
+
+ 6. Revised Versions of the GNU Lesser General Public License.
+
+ The Free Software Foundation may publish revised and/or new versions
+of the GNU Lesser General Public License from time to time. Such new
+versions will be similar in spirit to the present version, but may
+differ in detail to address new problems or concerns.
+
+ Each version is given a distinguishing version number. If the
+Library as you received it specifies that a certain numbered version
+of the GNU Lesser General Public License "or any later version"
+applies to it, you have the option of following the terms and
+conditions either of that published version or of any later version
+published by the Free Software Foundation. If the Library as you
+received it does not specify a version number of the GNU Lesser
+General Public License, you may choose any version of the GNU Lesser
+General Public License ever published by the Free Software Foundation.
+
+ If the Library as you received it specifies that a proxy can decide
+whether future versions of the GNU Lesser General Public License shall
+apply, that proxy's public statement of acceptance of any version is
+permanent authorization for you to choose that version for the
+Library.
+
Modified: trunk/nuiton-security/pom.xml
===================================================================
(Binary files differ)
Added: trunk/nuiton-security/src/license/THIRD-PARTY.properties
===================================================================
--- trunk/nuiton-security/src/license/THIRD-PARTY.properties (rev 0)
+++ trunk/nuiton-security/src/license/THIRD-PARTY.properties 2012-10-24 12:43:58 UTC (rev 229)
@@ -0,0 +1,25 @@
+# Generated by org.codehaus.mojo.license.AddThirdPartyMojo
+#-------------------------------------------------------------------------------
+# Already used licenses in project :
+# - BSD License
+# - BSD-style license
+# - COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) Version 1.0
+# - GNU Library or Lesser General Public License
+# - Indiana University Extreme! Lab Software License, vesion 1.1.1
+# - Lesser General Public License (LGPL) v 3.0
+# - Lesser General Public License (LPGL)
+# - Lesser General Public License (LPGL) v 2.1
+# - MIT License
+# - MPL 1.1
+# - The Apache Software License, Version 2.0
+# - license.txt
+#-------------------------------------------------------------------------------
+# Please fill the missing licenses for dependencies :
+#
+#
+#Wed Oct 24 14:21:56 CEST 2012
+antlr--antlr--2.7.6=BSD License
+commons-primitives--commons-primitives--1.0=The Apache Software License, Version 2.0
+dom4j--dom4j--1.6.1=BSD License
+javax.servlet--servlet-api--2.5=License Agreement for Java(TM) Servlet API Specification Interface Classes
+javax.transaction--jta--1.1=COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) Version 1.0
Modified: trunk/nuiton-security/src/main/java/org/nuiton/web/security/SecurityShiroFilter.java
===================================================================
--- trunk/nuiton-security/src/main/java/org/nuiton/web/security/SecurityShiroFilter.java 2012-10-23 15:29:49 UTC (rev 228)
+++ trunk/nuiton-security/src/main/java/org/nuiton/web/security/SecurityShiroFilter.java 2012-10-24 12:43:58 UTC (rev 229)
@@ -1,3 +1,27 @@
+/*
+ * #%L
+ * Nuiton Web :: Nuiton Security
+ * $Id$
+ * $HeadURL$
+ * %%
+ * Copyright (C) 2012 CodeLutin, Chatellier Eric
+ * %%
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Lesser Public License for more details.
+ *
+ * You should have received a copy of the GNU General Lesser Public
+ * License along with this program. If not, see
+ * <http://www.gnu.org/licenses/lgpl-3.0.html>.
+ * #L%
+ */
+
package org.nuiton.web.security;
import java.io.IOException;
Modified: trunk/nuiton-security/src/main/java/org/nuiton/web/security/SecuritySubjectFactory.java
===================================================================
--- trunk/nuiton-security/src/main/java/org/nuiton/web/security/SecuritySubjectFactory.java 2012-10-23 15:29:49 UTC (rev 228)
+++ trunk/nuiton-security/src/main/java/org/nuiton/web/security/SecuritySubjectFactory.java 2012-10-24 12:43:58 UTC (rev 229)
@@ -1,3 +1,27 @@
+/*
+ * #%L
+ * Nuiton Web :: Nuiton Security
+ * $Id$
+ * $HeadURL$
+ * %%
+ * Copyright (C) 2012 CodeLutin, Chatellier Eric
+ * %%
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Lesser Public License for more details.
+ *
+ * You should have received a copy of the GNU General Lesser Public
+ * License along with this program. If not, see
+ * <http://www.gnu.org/licenses/lgpl-3.0.html>.
+ * #L%
+ */
+
package org.nuiton.web.security;
import javax.servlet.ServletRequest;
Modified: trunk/nuiton-security/src/main/java/org/nuiton/web/security/SecurityUtil.java
===================================================================
--- trunk/nuiton-security/src/main/java/org/nuiton/web/security/SecurityUtil.java 2012-10-23 15:29:49 UTC (rev 228)
+++ trunk/nuiton-security/src/main/java/org/nuiton/web/security/SecurityUtil.java 2012-10-24 12:43:58 UTC (rev 229)
@@ -1,3 +1,27 @@
+/*
+ * #%L
+ * Nuiton Web :: Nuiton Security
+ * $Id$
+ * $HeadURL$
+ * %%
+ * Copyright (C) 2012 CodeLutin, Chatellier Eric
+ * %%
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Lesser Public License for more details.
+ *
+ * You should have received a copy of the GNU General Lesser Public
+ * License along with this program. If not, see
+ * <http://www.gnu.org/licenses/lgpl-3.0.html>.
+ * #L%
+ */
+
package org.nuiton.web.security;
public class SecurityUtil {
Modified: trunk/nuiton-security/src/main/java/org/nuiton/web/security/TopiaSecurityRealm.java
===================================================================
--- trunk/nuiton-security/src/main/java/org/nuiton/web/security/TopiaSecurityRealm.java 2012-10-23 15:29:49 UTC (rev 228)
+++ trunk/nuiton-security/src/main/java/org/nuiton/web/security/TopiaSecurityRealm.java 2012-10-24 12:43:58 UTC (rev 229)
@@ -1,3 +1,27 @@
+/*
+ * #%L
+ * Nuiton Web :: Nuiton Security
+ * $Id$
+ * $HeadURL$
+ * %%
+ * Copyright (C) 2012 CodeLutin, Chatellier Eric
+ * %%
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Lesser Public License for more details.
+ *
+ * You should have received a copy of the GNU General Lesser Public
+ * License along with this program. If not, see
+ * <http://www.gnu.org/licenses/lgpl-3.0.html>.
+ * #L%
+ */
+
package org.nuiton.web.security;
import java.util.Properties;
Modified: trunk/nuiton-security/src/main/java/org/nuiton/web/security/actions/AbstractAction.java
===================================================================
--- trunk/nuiton-security/src/main/java/org/nuiton/web/security/actions/AbstractAction.java 2012-10-23 15:29:49 UTC (rev 228)
+++ trunk/nuiton-security/src/main/java/org/nuiton/web/security/actions/AbstractAction.java 2012-10-24 12:43:58 UTC (rev 229)
@@ -1,3 +1,27 @@
+/*
+ * #%L
+ * Nuiton Web :: Nuiton Security
+ * $Id$
+ * $HeadURL$
+ * %%
+ * Copyright (C) 2012 CodeLutin, Chatellier Eric
+ * %%
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Lesser Public License for more details.
+ *
+ * You should have received a copy of the GNU General Lesser Public
+ * License along with this program. If not, see
+ * <http://www.gnu.org/licenses/lgpl-3.0.html>.
+ * #L%
+ */
+
package org.nuiton.web.security.actions;
import java.util.Map;
@@ -12,6 +36,7 @@
import com.opensymphony.xwork2.ActionSupport;
+
public class AbstractAction extends ActionSupport implements ServletContextAware, ParameterAware {
/** serialVersionUID. */
Modified: trunk/nuiton-security/src/main/java/org/nuiton/web/security/actions/LoginAction.java
===================================================================
--- trunk/nuiton-security/src/main/java/org/nuiton/web/security/actions/LoginAction.java 2012-10-23 15:29:49 UTC (rev 228)
+++ trunk/nuiton-security/src/main/java/org/nuiton/web/security/actions/LoginAction.java 2012-10-24 12:43:58 UTC (rev 229)
@@ -1,3 +1,27 @@
+/*
+ * #%L
+ * Nuiton Web :: Nuiton Security
+ * $Id$
+ * $HeadURL$
+ * %%
+ * Copyright (C) 2012 CodeLutin, Chatellier Eric
+ * %%
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Lesser Public License for more details.
+ *
+ * You should have received a copy of the GNU General Lesser Public
+ * License along with this program. If not, see
+ * <http://www.gnu.org/licenses/lgpl-3.0.html>.
+ * #L%
+ */
+
package org.nuiton.web.security.actions;
import static org.nuiton.i18n.I18n._;
@@ -2,3 +26,2 @@
-import javax.servlet.ServletRequest;
import javax.servlet.http.HttpServletRequest;
@@ -17,8 +40,6 @@
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.Subject;
-import org.apache.shiro.web.util.SavedRequest;
-import org.apache.shiro.web.util.WebUtils;
import org.apache.struts2.interceptor.ServletRequestAware;
import org.apache.struts2.interceptor.ServletResponseAware;
import org.nuiton.web.security.SecurityShiroFilter;
Modified: trunk/nuiton-security/src/main/java/org/nuiton/web/security/actions/LogoutAction.java
===================================================================
--- trunk/nuiton-security/src/main/java/org/nuiton/web/security/actions/LogoutAction.java 2012-10-23 15:29:49 UTC (rev 228)
+++ trunk/nuiton-security/src/main/java/org/nuiton/web/security/actions/LogoutAction.java 2012-10-24 12:43:58 UTC (rev 229)
@@ -1,3 +1,27 @@
+/*
+ * #%L
+ * Nuiton Web :: Nuiton Security
+ * $Id$
+ * $HeadURL$
+ * %%
+ * Copyright (C) 2012 CodeLutin, Chatellier Eric
+ * %%
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Lesser Public License for more details.
+ *
+ * You should have received a copy of the GNU General Lesser Public
+ * License along with this program. If not, see
+ * <http://www.gnu.org/licenses/lgpl-3.0.html>.
+ * #L%
+ */
+
package org.nuiton.web.security.actions;
import org.apache.shiro.SecurityUtils;
Modified: trunk/nuiton-security/src/main/java/org/nuiton/web/security/actions/RoleAction.java
===================================================================
--- trunk/nuiton-security/src/main/java/org/nuiton/web/security/actions/RoleAction.java 2012-10-23 15:29:49 UTC (rev 228)
+++ trunk/nuiton-security/src/main/java/org/nuiton/web/security/actions/RoleAction.java 2012-10-24 12:43:58 UTC (rev 229)
@@ -1,3 +1,28 @@
+/*
+ * #%L
+ * Nuiton Web :: Nuiton Security
+ * $Id$
+ * $HeadURL$
+ * %%
+ * Copyright (C) 2012 CodeLutin, Chatellier Eric
+ * %%
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Lesser Public License for more details.
+ *
+ * You should have received a copy of the GNU General Lesser Public
+ * License along with this program. If not, see
+ * <http://www.gnu.org/licenses/lgpl-3.0.html>.
+ * #L%
+ */
+
+
package org.nuiton.web.security.actions;
import org.apache.commons.lang3.StringUtils;
Modified: trunk/nuiton-security/src/main/java/org/nuiton/web/security/actions/RolePermissionsAction.java
===================================================================
--- trunk/nuiton-security/src/main/java/org/nuiton/web/security/actions/RolePermissionsAction.java 2012-10-23 15:29:49 UTC (rev 228)
+++ trunk/nuiton-security/src/main/java/org/nuiton/web/security/actions/RolePermissionsAction.java 2012-10-24 12:43:58 UTC (rev 229)
@@ -1,3 +1,27 @@
+/*
+ * #%L
+ * Nuiton Web :: Nuiton Security
+ * $Id$
+ * $HeadURL$
+ * %%
+ * Copyright (C) 2012 CodeLutin, Chatellier Eric
+ * %%
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Lesser Public License for more details.
+ *
+ * You should have received a copy of the GNU General Lesser Public
+ * License along with this program. If not, see
+ * <http://www.gnu.org/licenses/lgpl-3.0.html>.
+ * #L%
+ */
+
package org.nuiton.web.security.actions;
import java.util.ArrayList;
Modified: trunk/nuiton-security/src/main/java/org/nuiton/web/security/actions/UserAction.java
===================================================================
--- trunk/nuiton-security/src/main/java/org/nuiton/web/security/actions/UserAction.java 2012-10-23 15:29:49 UTC (rev 228)
+++ trunk/nuiton-security/src/main/java/org/nuiton/web/security/actions/UserAction.java 2012-10-24 12:43:58 UTC (rev 229)
@@ -1,3 +1,27 @@
+/*
+ * #%L
+ * Nuiton Web :: Nuiton Security
+ * $Id$
+ * $HeadURL$
+ * %%
+ * Copyright (C) 2012 CodeLutin, Chatellier Eric
+ * %%
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Lesser Public License for more details.
+ *
+ * You should have received a copy of the GNU General Lesser Public
+ * License along with this program. If not, see
+ * <http://www.gnu.org/licenses/lgpl-3.0.html>.
+ * #L%
+ */
+
package org.nuiton.web.security.actions;
import org.apache.commons.lang3.StringUtils;
Modified: trunk/nuiton-security/src/main/java/org/nuiton/web/security/actions/UserRolesAction.java
===================================================================
--- trunk/nuiton-security/src/main/java/org/nuiton/web/security/actions/UserRolesAction.java 2012-10-23 15:29:49 UTC (rev 228)
+++ trunk/nuiton-security/src/main/java/org/nuiton/web/security/actions/UserRolesAction.java 2012-10-24 12:43:58 UTC (rev 229)
@@ -1,3 +1,27 @@
+/*
+ * #%L
+ * Nuiton Web :: Nuiton Security
+ * $Id$
+ * $HeadURL$
+ * %%
+ * Copyright (C) 2012 CodeLutin, Chatellier Eric
+ * %%
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Lesser Public License for more details.
+ *
+ * You should have received a copy of the GNU General Lesser Public
+ * License along with this program. If not, see
+ * <http://www.gnu.org/licenses/lgpl-3.0.html>.
+ * #L%
+ */
+
package org.nuiton.web.security.actions;
import java.util.List;
Modified: trunk/nuiton-security/src/main/resources/WEB-INF/security/login.jsp
===================================================================
--- trunk/nuiton-security/src/main/resources/WEB-INF/security/login.jsp 2012-10-23 15:29:49 UTC (rev 228)
+++ trunk/nuiton-security/src/main/resources/WEB-INF/security/login.jsp 2012-10-24 12:43:58 UTC (rev 229)
@@ -1,3 +1,26 @@
+<%--
+ #%L
+ Nuiton Web :: Nuiton Security
+ $Id:$
+ $HeadURL:$
+ %%
+ Copyright (C) 2012 CodeLutin, Chatellier Eric
+ %%
+ This program is free software: you can redistribute it and/or modify
+ it under the terms of the GNU Lesser General Public License as
+ published by the Free Software Foundation, either version 3 of the
+ License, or (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Lesser Public License for more details.
+
+ You should have received a copy of the GNU General Lesser Public
+ License along with this program. If not, see
+ <http://www.gnu.org/licenses/lgpl-3.0.html>.
+ #L%
+ --%>
<%@ page language="java" contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<%@taglib uri="/struts-tags" prefix="s" %>
Modified: trunk/nuiton-security/src/main/resources/WEB-INF/security/role-permissions.jsp
===================================================================
--- trunk/nuiton-security/src/main/resources/WEB-INF/security/role-permissions.jsp 2012-10-23 15:29:49 UTC (rev 228)
+++ trunk/nuiton-security/src/main/resources/WEB-INF/security/role-permissions.jsp 2012-10-24 12:43:58 UTC (rev 229)
@@ -1,3 +1,26 @@
+<%--
+ #%L
+ Nuiton Web :: Nuiton Security
+ $Id:$
+ $HeadURL:$
+ %%
+ Copyright (C) 2012 CodeLutin, Chatellier Eric
+ %%
+ This program is free software: you can redistribute it and/or modify
+ it under the terms of the GNU Lesser General Public License as
+ published by the Free Software Foundation, either version 3 of the
+ License, or (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Lesser Public License for more details.
+
+ You should have received a copy of the GNU General Lesser Public
+ License along with this program. If not, see
+ <http://www.gnu.org/licenses/lgpl-3.0.html>.
+ #L%
+ --%>
<%@ page language="java" contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<%@taglib uri="/struts-tags" prefix="s" %>
Modified: trunk/nuiton-security/src/main/resources/WEB-INF/security/role.jsp
===================================================================
--- trunk/nuiton-security/src/main/resources/WEB-INF/security/role.jsp 2012-10-23 15:29:49 UTC (rev 228)
+++ trunk/nuiton-security/src/main/resources/WEB-INF/security/role.jsp 2012-10-24 12:43:58 UTC (rev 229)
@@ -1,3 +1,26 @@
+<%--
+ #%L
+ Nuiton Web :: Nuiton Security
+ $Id:$
+ $HeadURL:$
+ %%
+ Copyright (C) 2012 CodeLutin, Chatellier Eric
+ %%
+ This program is free software: you can redistribute it and/or modify
+ it under the terms of the GNU Lesser General Public License as
+ published by the Free Software Foundation, either version 3 of the
+ License, or (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Lesser Public License for more details.
+
+ You should have received a copy of the GNU General Lesser Public
+ License along with this program. If not, see
+ <http://www.gnu.org/licenses/lgpl-3.0.html>.
+ #L%
+ --%>
<%@ page language="java" contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<%@taglib uri="/struts-tags" prefix="s" %>
@@ -10,8 +33,13 @@
<div class="security-div">
<h1>Sécurité</h1>
-
- <h2>Nouveau Rôle</h2>
+
+ <s:if test='%{product.topiaId != null}'>
+ <h2>Nouveau rôle</h2>
+ </s:if>
+ <s:else>
+ <h2>Modification d'un rôle</h2>
+ </s:else>
<s:form action="role" namespace="/security" class="security-form">
<s:actionerror />
Modified: trunk/nuiton-security/src/main/resources/WEB-INF/security/user-roles.jsp
===================================================================
--- trunk/nuiton-security/src/main/resources/WEB-INF/security/user-roles.jsp 2012-10-23 15:29:49 UTC (rev 228)
+++ trunk/nuiton-security/src/main/resources/WEB-INF/security/user-roles.jsp 2012-10-24 12:43:58 UTC (rev 229)
@@ -1,3 +1,26 @@
+<%--
+ #%L
+ Nuiton Web :: Nuiton Security
+ $Id:$
+ $HeadURL:$
+ %%
+ Copyright (C) 2012 CodeLutin, Chatellier Eric
+ %%
+ This program is free software: you can redistribute it and/or modify
+ it under the terms of the GNU Lesser General Public License as
+ published by the Free Software Foundation, either version 3 of the
+ License, or (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Lesser Public License for more details.
+
+ You should have received a copy of the GNU General Lesser Public
+ License along with this program. If not, see
+ <http://www.gnu.org/licenses/lgpl-3.0.html>.
+ #L%
+ --%>
<%@ page language="java" contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<%@taglib uri="/struts-tags" prefix="s" %>
Modified: trunk/nuiton-security/src/main/resources/WEB-INF/security/user.jsp
===================================================================
--- trunk/nuiton-security/src/main/resources/WEB-INF/security/user.jsp 2012-10-23 15:29:49 UTC (rev 228)
+++ trunk/nuiton-security/src/main/resources/WEB-INF/security/user.jsp 2012-10-24 12:43:58 UTC (rev 229)
@@ -1,3 +1,26 @@
+<%--
+ #%L
+ Nuiton Web :: Nuiton Security
+ $Id:$
+ $HeadURL:$
+ %%
+ Copyright (C) 2012 CodeLutin, Chatellier Eric
+ %%
+ This program is free software: you can redistribute it and/or modify
+ it under the terms of the GNU Lesser General Public License as
+ published by the Free Software Foundation, either version 3 of the
+ License, or (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Lesser Public License for more details.
+
+ You should have received a copy of the GNU General Lesser Public
+ License along with this program. If not, see
+ <http://www.gnu.org/licenses/lgpl-3.0.html>.
+ #L%
+ --%>
<%@ page language="java" contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<%@taglib uri="/struts-tags" prefix="s" %>
Modified: trunk/nuiton-security/src/main/resources/struts.xml
===================================================================
--- trunk/nuiton-security/src/main/resources/struts.xml 2012-10-23 15:29:49 UTC (rev 228)
+++ trunk/nuiton-security/src/main/resources/struts.xml 2012-10-24 12:43:58 UTC (rev 229)
@@ -1,3 +1,26 @@
+<!--
+ #%L
+ Nuiton Web :: Nuiton Security
+ $Id:$
+ $HeadURL:$
+ %%
+ Copyright (C) 2012 CodeLutin, Chatellier Eric
+ %%
+ This program is free software: you can redistribute it and/or modify
+ it under the terms of the GNU Lesser General Public License as
+ published by the Free Software Foundation, either version 3 of the
+ License, or (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Lesser Public License for more details.
+
+ You should have received a copy of the GNU General Lesser Public
+ License along with this program. If not, see
+ <http://www.gnu.org/licenses/lgpl-3.0.html>.
+ #L%
+ -->
<!DOCTYPE struts PUBLIC
"-//Apache Software Foundation//DTD Struts Configuration 2.3//EN"
"http://struts.apache.org/dtds/struts-2.3.dtd">
Modified: trunk/nuiton-security/src/main/xmi/security.properties
===================================================================
--- trunk/nuiton-security/src/main/xmi/security.properties 2012-10-23 15:29:49 UTC (rev 228)
+++ trunk/nuiton-security/src/main/xmi/security.properties 2012-10-24 12:43:58 UTC (rev 229)
@@ -1,3 +1,26 @@
+###
+# #%L
+# Nuiton Web :: Nuiton Security
+# $Id:$
+# $HeadURL:$
+# %%
+# Copyright (C) 2012 CodeLutin, Chatellier Eric
+# %%
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Lesser General Public License as
+# published by the Free Software Foundation, either version 3 of the
+# License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Lesser Public License for more details.
+#
+# You should have received a copy of the GNU General Lesser Public
+# License along with this program. If not, see
+# <http://www.gnu.org/licenses/lgpl-3.0.html>.
+# #L%
+###
model.tagvalue.String=text
org.nuiton.web.security.SecurityUser.attribute.securityRole.tagvalue.lazy=false
org.nuiton.web.security.SecurityRole.attribute.permissions.tagvalue.lazy=false
1
0
r228 - trunk/nuiton-security/src/main/java/org/nuiton/web/security
by echatellier@users.nuiton.org 23 Oct '12
by echatellier@users.nuiton.org 23 Oct '12
23 Oct '12
Author: echatellier
Date: 2012-10-23 17:29:49 +0200 (Tue, 23 Oct 2012)
New Revision: 228
Url: http://nuiton.org/repositories/revision/nuiton-web/228
Log:
Add configuration option to split url on various characters
Added:
trunk/nuiton-security/src/main/java/org/nuiton/web/security/SecurityUtil.java
Modified:
trunk/nuiton-security/src/main/java/org/nuiton/web/security/SecurityShiroFilter.java
trunk/nuiton-security/src/main/java/org/nuiton/web/security/TopiaSecurityRealm.java
Modified: trunk/nuiton-security/src/main/java/org/nuiton/web/security/SecurityShiroFilter.java
===================================================================
--- trunk/nuiton-security/src/main/java/org/nuiton/web/security/SecurityShiroFilter.java 2012-10-19 13:11:36 UTC (rev 227)
+++ trunk/nuiton-security/src/main/java/org/nuiton/web/security/SecurityShiroFilter.java 2012-10-23 15:29:49 UTC (rev 228)
@@ -114,13 +114,9 @@
// get permission
String uri = ((HttpServletRequest)servletRequest).getRequestURI();
- String perm = "url" + uri.replace('/', ':');
- // cas de la permission url: qui est equivalente a url:*
- if (perm.endsWith(":")) {
- perm += "/";
- }
+ String perm = SecurityUtil.convertToShiroPerm(uri, config.getOption("topia.security.separators"));
- if (subjectUser.isPermitted(perm)) {
+ if (subjectUser.isPermitted("url" + perm)) {
if (log.isDebugEnabled()) {
log.debug("User is permitted to access " + perm);
}
@@ -136,7 +132,12 @@
}
// save request and redirect to login
Session session = subjectUser.getSession();
- session.setAttribute(SESSION_SAVED_URL, ((HttpServletRequest)servletRequest).getRequestURL().toString());
+ HttpServletRequest httpServletRequest = (HttpServletRequest)servletRequest;
+ StringBuffer requestURL = new StringBuffer(httpServletRequest.getRequestURL());
+ if (httpServletRequest.getQueryString() != null) {
+ requestURL.append('?').append(httpServletRequest.getQueryString());
+ }
+ session.setAttribute(SESSION_SAVED_URL, requestURL.toString());
((HttpServletResponse)servletResponse).sendRedirect(config.getOption("topia.security.loginurl"));
} else {
((HttpServletResponse)servletResponse).sendError(401, "Not authorized to access " + uri);
Added: trunk/nuiton-security/src/main/java/org/nuiton/web/security/SecurityUtil.java
===================================================================
--- trunk/nuiton-security/src/main/java/org/nuiton/web/security/SecurityUtil.java (rev 0)
+++ trunk/nuiton-security/src/main/java/org/nuiton/web/security/SecurityUtil.java 2012-10-23 15:29:49 UTC (rev 228)
@@ -0,0 +1,27 @@
+package org.nuiton.web.security;
+
+public class SecurityUtil {
+
+ /**
+ * Split url with separators definined in separator string.
+ *
+ * @param url url to convert
+ * @param separators each string character is used a separator char (null allowed)
+ * @return shiro permission (: separator)
+ */
+ public static String convertToShiroPerm(String url, String separators) {
+ String perm = url;
+ if (separators != null) {
+ for (int i = 0; i < separators.length(); i++) {
+ perm = perm.replace(separators.charAt(i), ':');
+ }
+ }
+
+ // cas de la permission url: qui est equivalente a url:*
+ if (perm.endsWith(":")) {
+ perm += "/";
+ }
+
+ return perm;
+ }
+}
Property changes on: trunk/nuiton-security/src/main/java/org/nuiton/web/security/SecurityUtil.java
___________________________________________________________________
Added: svn:keywords
+ Author Date Id Revision HeadURL
Modified: trunk/nuiton-security/src/main/java/org/nuiton/web/security/TopiaSecurityRealm.java
===================================================================
--- trunk/nuiton-security/src/main/java/org/nuiton/web/security/TopiaSecurityRealm.java 2012-10-19 13:11:36 UTC (rev 227)
+++ trunk/nuiton-security/src/main/java/org/nuiton/web/security/TopiaSecurityRealm.java 2012-10-23 15:29:49 UTC (rev 228)
@@ -97,8 +97,10 @@
}
// ajout de l'url de login et logout quand meme !!!
- result.addStringPermission("url" + config.getOption("topia.security.loginurl").replace('/', ':'));
- result.addStringPermission("url" + config.getOption("topia.security.logouturl").replace('/', ':'));
+ result.addStringPermission("url" + SecurityUtil.convertToShiroPerm(config.getOption("topia.security.loginurl"),
+ config.getOption("topia.security.separators")));
+ result.addStringPermission("url" + SecurityUtil.convertToShiroPerm(config.getOption("topia.security.logouturl"),
+ config.getOption("topia.security.separators")));
} catch (Exception ex) {
1
0
r227 - in trunk/nuiton-security/src: main/java/org/nuiton/web/security site/apt
by echatellier@users.nuiton.org 19 Oct '12
by echatellier@users.nuiton.org 19 Oct '12
19 Oct '12
Author: echatellier
Date: 2012-10-19 15:11:36 +0200 (Fri, 19 Oct 2012)
New Revision: 227
Url: http://nuiton.org/repositories/revision/nuiton-web/227
Log:
Use ; separator because , is part of shiro synthax
Modified:
trunk/nuiton-security/src/main/java/org/nuiton/web/security/TopiaSecurityRealm.java
trunk/nuiton-security/src/site/apt/index.apt
Modified: trunk/nuiton-security/src/main/java/org/nuiton/web/security/TopiaSecurityRealm.java
===================================================================
--- trunk/nuiton-security/src/main/java/org/nuiton/web/security/TopiaSecurityRealm.java 2012-10-19 08:42:55 UTC (rev 226)
+++ trunk/nuiton-security/src/main/java/org/nuiton/web/security/TopiaSecurityRealm.java 2012-10-19 13:11:36 UTC (rev 227)
@@ -66,7 +66,8 @@
if (subs[2].equals("perm")) {
if (subs[1].equals(permission)) {
String perms = props.getProperty(prop);
- String[] permTab = perms.split("\\s*\\,\\s*");
+ // use ; separator because shiro use ,
+ String[] permTab = perms.split("\\s*\\;\\s*");
for (String perm : permTab) {
result.addStringPermission(perm);
if (log.isDebugEnabled()) {
Modified: trunk/nuiton-security/src/site/apt/index.apt
===================================================================
--- trunk/nuiton-security/src/site/apt/index.apt 2012-10-19 08:42:55 UTC (rev 226)
+++ trunk/nuiton-security/src/site/apt/index.apt 2012-10-19 13:11:36 UTC (rev 227)
@@ -99,7 +99,7 @@
topia.security.permission.<category>=categoryname
topia.security.permission.<category>.<permission>.name=permissionname
-topia.security.permission.<category>.<permission>.perm=permission, urlpermissions
+topia.security.permission.<category>.<permission>.perm=permission; urlpermissions
--------------------------------------------------------------------------------
The configuration define two url, loginurl and logouturl used to redirect user
@@ -121,15 +121,15 @@
topia.security.permission.global=Global
topia.security.permission.global.index.name=Index
-topia.security.permission.global.index.perm=index:read, url:/, url:index.action
+topia.security.permission.global.index.perm=index:read; url:/,index.action
topia.security.permission.global.search.name=Rechercher
-topia.security.permission.global.search.perm=search:read, url:user:search.action
+topia.security.permission.global.search.perm=search:read; url:user:search.action
topia.security.permission.global.placesread.name=Emplacements
-topia.security.permission.global.placesread.perm=places:read, url:user:places.action
+topia.security.permission.global.placesread.perm=places:read; url:user:places.action
topia.security.permission.misc=Divers
topia.security.permission.misc.deco.name=Decoration
-topia.security.permission.misc.deco.perm=url:css, url:images, url:js
+topia.security.permission.misc.deco.perm=url:css; url:images; url:js
topia.security.permission.misc.admin.name=Admin
topia.security.permission.misc.admin.perm=*
--------------------------------------------------------------------------------
1
0
r226 - in trunk/nuiton-security/src/main/java/org/nuiton/web/security: . actions
by echatellier@users.nuiton.org 19 Oct '12
by echatellier@users.nuiton.org 19 Oct '12
19 Oct '12
Author: echatellier
Date: 2012-10-19 10:42:55 +0200 (Fri, 19 Oct 2012)
New Revision: 226
Url: http://nuiton.org/repositories/revision/nuiton-web/226
Log:
Correction de la redirection apr?\195?\168s login sur la page demand?\195?\169e.
La methode "shiro" marche plus :(
Added:
trunk/nuiton-security/src/main/java/org/nuiton/web/security/SecuritySubjectFactory.java
Modified:
trunk/nuiton-security/src/main/java/org/nuiton/web/security/SecurityShiroFilter.java
trunk/nuiton-security/src/main/java/org/nuiton/web/security/TopiaSecurityRealm.java
trunk/nuiton-security/src/main/java/org/nuiton/web/security/actions/LoginAction.java
Modified: trunk/nuiton-security/src/main/java/org/nuiton/web/security/SecurityShiroFilter.java
===================================================================
--- trunk/nuiton-security/src/main/java/org/nuiton/web/security/SecurityShiroFilter.java 2012-10-18 15:00:51 UTC (rev 225)
+++ trunk/nuiton-security/src/main/java/org/nuiton/web/security/SecurityShiroFilter.java 2012-10-19 08:42:55 UTC (rev 226)
@@ -14,17 +14,12 @@
import org.apache.commons.logging.LogFactory;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
-import org.apache.shiro.mgt.SecurityManager;
-import org.apache.shiro.mgt.SubjectFactory;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.session.Session;
-import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.Subject;
-import org.apache.shiro.subject.SubjectContext;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.servlet.AbstractShiroFilter;
-import org.apache.shiro.web.subject.WebSubjectContext;
-import org.apache.shiro.web.subject.support.WebDelegatingSubject;
+import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.nuiton.topia.TopiaContext;
import org.nuiton.topia.TopiaContextFactory;
import org.nuiton.topia.TopiaException;
@@ -32,7 +27,7 @@
import org.nuiton.util.ApplicationConfig;
import org.nuiton.web.SecurityDAOHelper;
-public class SecurityShiroFilter extends AbstractShiroFilter implements SubjectFactory {
+public class SecurityShiroFilter extends AbstractShiroFilter {
private static final Log log = LogFactory.getLog(SecurityShiroFilter.class);
@@ -41,6 +36,8 @@
public static final String ROOT_CONTEXT_CONTEXT = SecurityShiroFilter.class.getName() + "#" + TopiaContext.class.getName();
protected static final String ANON_LOGIN = "anonymous";
+
+ public static final String SESSION_SAVED_URL = "savedUrl";
protected ApplicationConfig config;
@@ -66,10 +63,12 @@
if (log.isInfoEnabled()) {
log.info("Overriding shiro realms");
}
+
Realm realm = new TopiaSecurityRealm(rootContext, config);
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager(realm);
+ securityManager.setSubjectFactory(new SecuritySubjectFactory());
+ securityManager.setSessionManager(new DefaultWebSessionManager());
setSecurityManager(securityManager);
- securityManager.setSubjectFactory(this);
SecurityUtils.setSecurityManager(securityManager);
}
@@ -130,7 +129,14 @@
if (log.isDebugEnabled()) {
log.debug("User is NOT permitted to access " + perm);
}
+ // anon n'est pas considéré comme authenticated
if (ANON_LOGIN.equals(subjectUser.getPrincipal())) {
+ if (log.isDebugEnabled()) {
+ log.debug("Redirecting user to login page");
+ }
+ // save request and redirect to login
+ Session session = subjectUser.getSession();
+ session.setAttribute(SESSION_SAVED_URL, ((HttpServletRequest)servletRequest).getRequestURL().toString());
((HttpServletResponse)servletResponse).sendRedirect(config.getOption("topia.security.loginurl"));
} else {
((HttpServletResponse)servletResponse).sendError(401, "Not authorized to access " + uri);
@@ -152,29 +158,6 @@
}
}
}
-
- @Override
- public Subject createSubject(SubjectContext context) {
- /*if (!(context instanceof WebSubjectContext)) {
- return super.createSubject(context);
- }*/
- WebSubjectContext wsc = (WebSubjectContext) context;
- SecurityManager securityManager = wsc.resolveSecurityManager();
- Session session = wsc.resolveSession();
- boolean sessionEnabled = wsc.isSessionCreationEnabled();
- PrincipalCollection principals = wsc.resolvePrincipals();
- boolean authenticated = wsc.resolveAuthenticated();
-
- // dans le cas du module securité, on va dire que non
- if (authenticated && ANON_LOGIN.equals(principals.getPrimaryPrincipal())) {
- authenticated = false;
- }
-
- String host = wsc.resolveHost();
- ServletRequest request = wsc.resolveServletRequest();
- ServletResponse response = wsc.resolveServletResponse();
-
- return new WebDelegatingSubject(principals, authenticated, host, session, sessionEnabled,
- request, response, securityManager);
- }
+
+
}
Added: trunk/nuiton-security/src/main/java/org/nuiton/web/security/SecuritySubjectFactory.java
===================================================================
--- trunk/nuiton-security/src/main/java/org/nuiton/web/security/SecuritySubjectFactory.java (rev 0)
+++ trunk/nuiton-security/src/main/java/org/nuiton/web/security/SecuritySubjectFactory.java 2012-10-19 08:42:55 UTC (rev 226)
@@ -0,0 +1,41 @@
+package org.nuiton.web.security;
+
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+
+import org.apache.shiro.mgt.SecurityManager;
+import org.apache.shiro.session.Session;
+import org.apache.shiro.subject.PrincipalCollection;
+import org.apache.shiro.subject.Subject;
+import org.apache.shiro.subject.SubjectContext;
+import org.apache.shiro.web.mgt.DefaultWebSubjectFactory;
+import org.apache.shiro.web.subject.WebSubjectContext;
+import org.apache.shiro.web.subject.support.WebDelegatingSubject;
+
+public class SecuritySubjectFactory extends DefaultWebSubjectFactory {
+
+ @Override
+ public Subject createSubject(SubjectContext context) {
+ if (!(context instanceof WebSubjectContext)) {
+ return super.createSubject(context);
+ }
+ WebSubjectContext wsc = (WebSubjectContext) context;
+ SecurityManager securityManager = wsc.resolveSecurityManager();
+ Session session = wsc.resolveSession();
+ boolean sessionEnabled = wsc.isSessionCreationEnabled();
+ PrincipalCollection principals = wsc.resolvePrincipals();
+ boolean authenticated = wsc.resolveAuthenticated();
+
+ // dans le cas du module securité, on va dire que non
+ if (authenticated && SecurityShiroFilter.ANON_LOGIN.equals(principals.getPrimaryPrincipal())) {
+ authenticated = false;
+ }
+
+ String host = wsc.resolveHost();
+ ServletRequest request = wsc.resolveServletRequest();
+ ServletResponse response = wsc.resolveServletResponse();
+
+ return new WebDelegatingSubject(principals, authenticated, host, session, sessionEnabled,
+ request, response, securityManager);
+ }
+}
Property changes on: trunk/nuiton-security/src/main/java/org/nuiton/web/security/SecuritySubjectFactory.java
___________________________________________________________________
Added: svn:keywords
+ Author Date Id Revision HeadURL
Modified: trunk/nuiton-security/src/main/java/org/nuiton/web/security/TopiaSecurityRealm.java
===================================================================
--- trunk/nuiton-security/src/main/java/org/nuiton/web/security/TopiaSecurityRealm.java 2012-10-18 15:00:51 UTC (rev 225)
+++ trunk/nuiton-security/src/main/java/org/nuiton/web/security/TopiaSecurityRealm.java 2012-10-19 08:42:55 UTC (rev 226)
@@ -55,7 +55,7 @@
for (String permission : role.getPermissions()) {
//result.addStringPermission(permission);
if (log.isDebugEnabled()) {
- log.debug(" - add permission : " + permission);
+ log.debug("- add permission : " + permission);
}
for (String prop : props.stringPropertyNames()) {
@@ -70,7 +70,7 @@
for (String perm : permTab) {
result.addStringPermission(perm);
if (log.isDebugEnabled()) {
- log.debug(" - add string permission : " + perm);
+ log.debug(" string permission : " + perm);
}
}
}
Modified: trunk/nuiton-security/src/main/java/org/nuiton/web/security/actions/LoginAction.java
===================================================================
--- trunk/nuiton-security/src/main/java/org/nuiton/web/security/actions/LoginAction.java 2012-10-18 15:00:51 UTC (rev 225)
+++ trunk/nuiton-security/src/main/java/org/nuiton/web/security/actions/LoginAction.java 2012-10-19 08:42:55 UTC (rev 226)
@@ -2,6 +2,7 @@
import static org.nuiton.i18n.I18n._;
+import javax.servlet.ServletRequest;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
@@ -14,11 +15,13 @@
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
+import org.apache.shiro.session.Session;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.util.SavedRequest;
import org.apache.shiro.web.util.WebUtils;
import org.apache.struts2.interceptor.ServletRequestAware;
import org.apache.struts2.interceptor.ServletResponseAware;
+import org.nuiton.web.security.SecurityShiroFilter;
public class LoginAction extends AbstractAction implements ServletRequestAware, ServletResponseAware {
@@ -64,6 +67,18 @@
UsernamePasswordToken token = new UsernamePasswordToken(login, password);
currentUser.login(token);
result = SUCCESS;
+
+ // marche pas :(
+ //SavedRequest savedRequest = WebUtils.getAndClearSavedRequest(request);
+ Session session = currentUser.getSession();
+ String requestURL = (String)session.getAttribute(SecurityShiroFilter.SESSION_SAVED_URL);
+ if (request != null) { // can be
+ if (log.isDebugEnabled()) {
+ log.debug("Redirecting to saved url " + requestURL);
+ }
+ session.removeAttribute(SecurityShiroFilter.SESSION_SAVED_URL);
+ response.sendRedirect(requestURL);
+ }
} catch (UnknownAccountException ex) {
addActionError(_("Identifiant ou mot de passe invalide !"));
log.warn("Unknow user account", ex);
@@ -85,16 +100,8 @@
log.warn("Authentication error", ex);
result = input();
}
-
- SavedRequest savedRequest = WebUtils.getAndClearSavedRequest(request);
- if (savedRequest != null) { // can be
- response.sendRedirect(savedRequest.getRequestUrl());
- }
}
return result;
}
-
-
-
}
1
0
r225 - trunk/nuiton-security/src/main/java/org/nuiton/web/security
by echatellier@users.nuiton.org 18 Oct '12
by echatellier@users.nuiton.org 18 Oct '12
18 Oct '12
Author: echatellier
Date: 2012-10-18 17:00:51 +0200 (Thu, 18 Oct 2012)
New Revision: 225
Url: http://nuiton.org/repositories/revision/nuiton-web/225
Log:
Ajout d'un flag system pour donner tous les droits ?\195?\160 tous les utilisateurs
Modified:
trunk/nuiton-security/src/main/java/org/nuiton/web/security/TopiaSecurityRealm.java
Modified: trunk/nuiton-security/src/main/java/org/nuiton/web/security/TopiaSecurityRealm.java
===================================================================
--- trunk/nuiton-security/src/main/java/org/nuiton/web/security/TopiaSecurityRealm.java 2012-10-18 14:47:26 UTC (rev 224)
+++ trunk/nuiton-security/src/main/java/org/nuiton/web/security/TopiaSecurityRealm.java 2012-10-18 15:00:51 UTC (rev 225)
@@ -90,6 +90,11 @@
}
}
+ // si la securité est desactivee,
+ if (config.getOptionAsBoolean("topia.security.disable")) {
+ result.addStringPermission("*");
+ }
+
// ajout de l'url de login et logout quand meme !!!
result.addStringPermission("url" + config.getOption("topia.security.loginurl").replace('/', ':'));
result.addStringPermission("url" + config.getOption("topia.security.logouturl").replace('/', ':'));
1
0
Author: echatellier
Date: 2012-10-18 16:47:26 +0200 (Thu, 18 Oct 2012)
New Revision: 224
Url: http://nuiton.org/repositories/revision/nuiton-web/224
Log:
fixes #2366: Update to struts 2.3.4.1
fixes #2367: Update to topia 2.7
Modified:
trunk/pom.xml
Modified: trunk/pom.xml
===================================================================
--- trunk/pom.xml 2012-10-18 14:43:55 UTC (rev 223)
+++ trunk/pom.xml 2012-10-18 14:47:26 UTC (rev 224)
@@ -257,7 +257,7 @@
<nuitonUtilsVersion>2.6.3</nuitonUtilsVersion>
<nuitonI18nPluginVersion>${nuitonI18nVersion}</nuitonI18nPluginVersion>
- <topiaVersion>2.6.10</topiaVersion>
+ <topiaVersion>2.7</topiaVersion>
<!-- Tapestry -->
<tapestryVersion>5.2.4</tapestryVersion>
@@ -268,7 +268,7 @@
<gwtPluginVersion>2.2.0</gwtPluginVersion>
<!-- Strust 2 -->
- <struts2Version>2.3.4</struts2Version>
+ <struts2Version>2.3.4.1</struts2Version>
<shiroVersion>1.2.1</shiroVersion>
<servletApiVersion>2.5</servletApiVersion>
1
0
Author: echatellier
Date: 2012-10-18 16:43:55 +0200 (Thu, 18 Oct 2012)
New Revision: 223
Url: http://nuiton.org/repositories/revision/nuiton-web/223
Log:
merge security module into trunk
refs #2363
fixes #2364, #2365
Added:
trunk/nuiton-security/
Modified:
trunk/
trunk/nuiton-gwt/
trunk/nuiton-gwt/pom.xml
trunk/pom.xml
Property changes on: trunk
___________________________________________________________________
Added: svn:mergeinfo
+ /branches/nuiton-web-1.11-security:210-222
Property changes on: trunk/nuiton-gwt
___________________________________________________________________
Modified: svn:ignore
- *.iml
target
+ *.iml
target
.classpath
.project
.settings
Modified: trunk/nuiton-gwt/pom.xml
===================================================================
--- trunk/nuiton-gwt/pom.xml 2012-10-18 14:28:45 UTC (rev 222)
+++ trunk/nuiton-gwt/pom.xml 2012-10-18 14:43:55 UTC (rev 223)
@@ -46,7 +46,7 @@
<!-- extract i18n keys from source -->
<groupId>org.nuiton.i18n</groupId>
- <artifactId>maven-i18n-plugin</artifactId>
+ <artifactId>i18n-maven-plugin</artifactId>
<executions>
<execution>
<id>scan-gwt-java-source</id>
Property changes on: trunk/nuiton-security
___________________________________________________________________
Added: svn:ignore
+ target
.classpath
.project
.settings
Modified: trunk/pom.xml
===================================================================
--- trunk/pom.xml 2012-10-18 14:28:45 UTC (rev 222)
+++ trunk/pom.xml 2012-10-18 14:43:55 UTC (rev 223)
@@ -23,6 +23,7 @@
<module>nuiton-tapestry</module>
<module>nuiton-rss</module>
<module>nuiton-gwt</module>
+ <module>nuiton-security</module>
</modules>
<dependencyManagement>
@@ -171,6 +172,18 @@
</exclusion>
</exclusions>
</dependency>
+
+ <!-- Shiro -->
+ <dependency>
+ <groupId>org.apache.shiro</groupId>
+ <artifactId>shiro-core</artifactId>
+ <version>${shiroVersion}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.shiro</groupId>
+ <artifactId>shiro-web</artifactId>
+ <version>${shiroVersion}</version>
+ </dependency>
</dependencies>
@@ -240,8 +253,8 @@
<!-- redmine configuration -->
<projectId>nuiton-web</projectId>
- <nuitonI18nVersion>2.4.1</nuitonI18nVersion>
- <nuitonUtilsVersion>2.4.8</nuitonUtilsVersion>
+ <nuitonI18nVersion>2.5</nuitonI18nVersion>
+ <nuitonUtilsVersion>2.6.3</nuitonUtilsVersion>
<nuitonI18nPluginVersion>${nuitonI18nVersion}</nuitonI18nPluginVersion>
<topiaVersion>2.6.10</topiaVersion>
@@ -257,6 +270,7 @@
<!-- Strust 2 -->
<struts2Version>2.3.4</struts2Version>
+ <shiroVersion>1.2.1</shiroVersion>
<servletApiVersion>2.5</servletApiVersion>
<jettyVersion>${jettyPluginVersion}</jettyVersion>
<windstoneVersion>0.9.10-hudson-24</windstoneVersion>
@@ -287,7 +301,7 @@
<plugin>
<groupId>org.nuiton.i18n</groupId>
- <artifactId>maven-i18n-plugin</artifactId>
+ <artifactId>i18n-maven-plugin</artifactId>
<version>${nuitonI18nPluginVersion}</version>
</plugin>
@@ -297,6 +311,11 @@
<version>${gwtPluginVersion}</version>
</plugin>
+ <plugin>
+ <groupId>org.nuiton.eugene</groupId>
+ <artifactId>eugene-maven-plugin</artifactId>
+ <version>2.5</version>
+ </plugin>
</plugins>
</pluginManagement>
1
0
r222 - in branches/nuiton-web-1.11-security/nuiton-security/src/main: java/org/nuiton/web/security/actions resources/WEB-INF/security
by echatellier@users.nuiton.org 18 Oct '12
by echatellier@users.nuiton.org 18 Oct '12
18 Oct '12
Author: echatellier
Date: 2012-10-18 16:28:45 +0200 (Thu, 18 Oct 2012)
New Revision: 222
Url: http://nuiton.org/repositories/revision/nuiton-web/222
Log:
Add div and class for css style
Modified:
branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/AbstractAction.java
branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/UserAction.java
branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/login.jsp
branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/role-permissions.jsp
branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/role.jsp
branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/user-roles.jsp
branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/user.jsp
Modified: branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/AbstractAction.java
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/AbstractAction.java 2012-10-18 14:28:15 UTC (rev 221)
+++ branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/AbstractAction.java 2012-10-18 14:28:45 UTC (rev 222)
@@ -8,6 +8,7 @@
import org.apache.struts2.util.ServletContextAware;
import org.nuiton.topia.TopiaContext;
import org.nuiton.util.ApplicationConfig;
+import org.nuiton.web.security.SecurityShiroFilter;
import com.opensymphony.xwork2.ActionSupport;
@@ -27,8 +28,8 @@
@Override
public void setServletContext(ServletContext context) {
- config = (ApplicationConfig)context.getAttribute("ApplicationConfig");
- rootContext = (TopiaContext)context.getAttribute("rootContext");
+ config = (ApplicationConfig)context.getAttribute(SecurityShiroFilter.APP_CONFIG_CONTEXT);
+ rootContext = (TopiaContext)context.getAttribute(SecurityShiroFilter.ROOT_CONTEXT_CONTEXT);
}
/**
Modified: branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/UserAction.java
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/UserAction.java 2012-10-18 14:28:15 UTC (rev 221)
+++ branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/UserAction.java 2012-10-18 14:28:45 UTC (rev 222)
@@ -9,8 +9,6 @@
import org.nuiton.web.security.SecurityUserDAO;
import org.nuiton.web.security.SecurityUserImpl;
-import com.opensymphony.xwork2.Preparable;
-
public class UserAction extends AbstractAction {
/** serialVersionUID. */
Modified: branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/login.jsp
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/login.jsp 2012-10-18 14:28:15 UTC (rev 221)
+++ branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/login.jsp 2012-10-18 14:28:45 UTC (rev 222)
@@ -7,16 +7,18 @@
</head>
<body>
-
- <h1>Authentification requise</h1>
+
+ <div class="security-div">
+ <h1>Authentification requise</h1>
+
+ <h2>Connexion</h2>
- <h2>Connexion</h2>
-
- <s:form action="login" namespace="/security">
- <s:actionerror />
- <s:textfield label="Identifiant" name="login" />
- <s:password label="Mot de passe" name="password" />
- <s:submit label="Connexion" />
- </s:form>
+ <s:form action="login" namespace="/security" class="security-form">
+ <s:actionerror />
+ <s:textfield label="Identifiant" name="login" />
+ <s:password label="Mot de passe" name="password" />
+ <s:submit label="Connexion" />
+ </s:form>
+ </div>
</body>
</html>
\ No newline at end of file
Modified: branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/role-permissions.jsp
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/role-permissions.jsp 2012-10-18 14:28:15 UTC (rev 221)
+++ branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/role-permissions.jsp 2012-10-18 14:28:45 UTC (rev 222)
@@ -8,58 +8,62 @@
<body>
- <h1>Sécurité</h1>
+ <div class="security-div">
- <h2>Permissions des rôles</h2>
+ <h1>Sécurité</h1>
- <form action="<s:url action="role-permissions" namespace="/security" />" method="post">
- <s:iterator value="roles">
- <input type="hidden" name="roleIds" value="<s:property value="topiaId" />" />
- </s:iterator>
- <table class="secu-roletable">
- <tr>
- <td class="empty" />
+ <h2>Permissions des rôles</h2>
+
+ <form action="<s:url action="role-permissions" namespace="/security" />" method="post" class="security-form">
<s:iterator value="roles">
- <td><a href="<s:url action='role!input' namespace='/security'>
- <s:param name="roleId"><s:property value="topiaId" /></s:param>
- </s:url>">
- <s:property value="name" />
- </a></td>
+ <input type="hidden" name="roleIds" value="<s:property value="topiaId" />" />
</s:iterator>
- </tr>
- <s:iterator value="categories.keys" var="category">
- <s:set name="categoryName" value="categories.get(#category)" />
+ <table class="security-table">
<tr>
- <th colspan="<s:property value="roles.size() + 1" />"><s:property value="#categoryName" /></th>
+ <td class="security-empty" />
+ <s:iterator value="roles">
+ <td><a href="<s:url action='role!input' namespace='/security'>
+ <s:param name="roleId"><s:property value="topiaId" /></s:param>
+ </s:url>">
+ <s:property value="name" />
+ </a></td>
+ </s:iterator>
</tr>
- <s:iterator value="categoryPermissions.get(#category)" var="categoryPermission">
- <s:set name="permissionName" value="permissions.get(#categoryPermission)" />
- <tr>
- <td><s:property value="#permissionName" /></td>
- <s:iterator value="roles" var="role">
- <td><input type="checkbox" name="permissions-<s:property value="topiaId" />"
- value="<s:property value="#categoryPermission"/>"
- <s:if test="#role.permissions.contains(#categoryPermission)" >
- checked="checked"
- </s:if> /></td>
+ <s:iterator value="categories.keys" var="category">
+ <s:set name="categoryName" value="categories.get(#category)" />
+ <tr>
+ <th colspan="<s:property value="roles.size() + 1" />"><s:property value="#categoryName" /></th>
+ </tr>
+ <s:iterator value="categoryPermissions.get(#category)" var="categoryPermission">
+ <s:set name="permissionName" value="permissions.get(#categoryPermission)" />
+ <tr>
+ <td><s:property value="#permissionName" /></td>
+ <s:iterator value="roles" var="role">
+ <td><input type="checkbox" name="permissions-<s:property value="topiaId" />"
+ value="<s:property value="#categoryPermission"/>"
+ <s:if test="#role.permissions.contains(#categoryPermission)" >
+ checked="checked"
+ </s:if> /></td>
+ </s:iterator>
+ </tr>
</s:iterator>
- </tr>
</s:iterator>
- </s:iterator>
- </table>
- <input type="submit" value="Valider" />
- </form>
+ </table>
+ <input type="submit" value="Valider" />
+ </form>
+
+ <h2>Gestion</h2>
+
+ <div class="secu-newuser">
+ <a href="<s:url action='user-roles!input' namespace='/security' />">Rôles des utilisateurs</a>
+ </div>
+ <div class="secu-newuser">
+ <a href="<s:url action='user!input' namespace='/security' />">Nouvel utilisateur</a>
+ </div>
+ <div class="secu-newrole">
+ <a href="<s:url action='role!input' namespace='/security' />">Nouveau rôle</a>
+ </div>
+ </div>
- <h2>Gestion</h2>
-
- <div class="secu-newuser">
- <a href="<s:url action='user-roles!input' namespace='/security' />">Rôles des utilisateurs</a>
- </div>
- <div class="secu-newuser">
- <a href="<s:url action='user!input' namespace='/security' />">Nouvel utilisateur</a>
- </div>
- <div class="secu-newrole">
- <a href="<s:url action='role!input' namespace='/security' />">Nouveau rôle</a>
- </div>
</body>
</html>
\ No newline at end of file
Modified: branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/role.jsp
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/role.jsp 2012-10-18 14:28:15 UTC (rev 221)
+++ branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/role.jsp 2012-10-18 14:28:45 UTC (rev 222)
@@ -7,16 +7,19 @@
</head>
<body>
+
+ <div class="security-div">
+ <h1>Sécurité</h1>
+
+ <h2>Nouveau Rôle</h2>
- <h1>Sécurité</h1>
-
- <h2>Role</h2>
+ <s:form action="role" namespace="/security" class="security-form">
+ <s:actionerror />
+ <s:hidden name="roleId" value="%{role.topiaId}" />
+ <s:textfield label="Nom" name="role.name" value="%{role.name}"/>
+ <s:submit label="Valider" />
+ </s:form>
+ </div>
- <s:form action="role" namespace="/security">
- <s:actionerror />
- <s:hidden name="roleId" value="%{role.topiaId}" />
- <s:textfield label="Nom" name="role.name" value="%{role.name}"/>
- <s:submit label="Valider" />
- </s:form>
</body>
</html>
\ No newline at end of file
Modified: branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/user-roles.jsp
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/user-roles.jsp 2012-10-18 14:28:15 UTC (rev 221)
+++ branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/user-roles.jsp 2012-10-18 14:28:45 UTC (rev 222)
@@ -8,69 +8,71 @@
<body>
- <h1>Sécurité</h1>
-
- <h2>Rôles des utilisateurs</h2>
+ <div class="security-div">
+ <h1>Sécurité</h1>
- <form action="<s:url action="user-roles" namespace="/security" />" method="post">
- <table class="secu-roletable">
- <tr>
- <td colspan="2" class="empty"/>
- <s:if test="!roles.empty">
- <th colspan="<s:property value="roles.size()" />">Rôles</th>
- </s:if>
- </tr>
- <tr>
- <td colspan="2" class="empty"/>
- <s:iterator value="roles">
- <td>
- <a href="<s:url action='role!input' namespace='/security'>
- <s:param name="roleId"><s:property value="topiaId" /></s:param>
- </s:url>">
- <s:property value="name" />
- </a>
- </td>
- </s:iterator>
- </tr>
- <s:iterator value="users" var="user" status="userStatus">
- <input type="hidden" name="userIds" value="<s:property value="topiaId" />" />
+ <h2>Rôles des utilisateurs</h2>
+
+ <form action="<s:url action="user-roles" namespace="/security" />" method="post" class="security-form">
+ <table class="security-table">
<tr>
- <s:if test="#userStatus.first">
- <th rowspan="<s:property value="users.size()" />" class="vertical">Utilisateurs</th>
+ <td colspan="2" class="security-empty"/>
+ <s:if test="!roles.empty">
+ <th colspan="<s:property value="roles.size()" />">Rôles</th>
</s:if>
- <td>
- <a href="<s:url action='user!input' namespace='/security'>
- <s:param name="userId"><s:property value="topiaId" /></s:param>
- </s:url>">
- <s:property value="login" />
- </a>
- </td>
- <s:iterator value="roles" var="role">
+ </tr>
+ <tr>
+ <td colspan="2" class="security-empty"/>
+ <s:iterator value="roles">
<td>
-
- <input id="<s:property value="#user.topiaId" /><s:property value="#user.topiaId" />"
- type="checkbox" name="roles-<s:property value="#user.topiaId" />" value="<s:property value="#role.topiaId" />"
- <s:if test="#user.securityRole.contains(#role)" >
- checked="checked"
- </s:if> />
+ <a href="<s:url action='role!input' namespace='/security'>
+ <s:param name="roleId"><s:property value="topiaId" /></s:param>
+ </s:url>">
+ <s:property value="name" />
+ </a>
</td>
</s:iterator>
</tr>
- </s:iterator>
- </table>
- <input type="submit" value="Valider" />
- </form>
-
- <h2>Gestion</h2>
-
- <div class="secu-newuser">
- <a href="<s:url action='role-permissions!input' namespace='/security' />">Permissions des rôles</a>
+ <s:iterator value="users" var="user" status="userStatus">
+ <input type="hidden" name="userIds" value="<s:property value="topiaId" />" />
+ <tr>
+ <s:if test="#userStatus.first">
+ <th rowspan="<s:property value="users.size()" />" class="vertical">Utilisateurs</th>
+ </s:if>
+ <td>
+ <a href="<s:url action='user!input' namespace='/security'>
+ <s:param name="userId"><s:property value="topiaId" /></s:param>
+ </s:url>">
+ <s:property value="login" />
+ </a>
+ </td>
+ <s:iterator value="roles" var="role">
+ <td>
+
+ <input id="<s:property value="#user.topiaId" /><s:property value="#user.topiaId" />"
+ type="checkbox" name="roles-<s:property value="#user.topiaId" />" value="<s:property value="#role.topiaId" />"
+ <s:if test="#user.securityRole.contains(#role)" >
+ checked="checked"
+ </s:if> />
+ </td>
+ </s:iterator>
+ </tr>
+ </s:iterator>
+ </table>
+ <input type="submit" value="Valider" />
+ </form>
+
+ <h2>Gestion</h2>
+
+ <div class="secu-newuser">
+ <a href="<s:url action='role-permissions!input' namespace='/security' />">Permissions des rôles</a>
+ </div>
+ <div class="secu-newuser">
+ <a href="<s:url action='user!input' namespace='/security' />">Nouvel utilisateur</a>
+ </div>
+ <div class="secu-newrole">
+ <a href="<s:url action='role!input' namespace='/security' />">Nouveau rôle</a>
+ </div>
</div>
- <div class="secu-newuser">
- <a href="<s:url action='user!input' namespace='/security' />">Nouvel utilisateur</a>
- </div>
- <div class="secu-newrole">
- <a href="<s:url action='role!input' namespace='/security' />">Nouveau rôle</a>
- </div>
</body>
</html>
\ No newline at end of file
Modified: branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/user.jsp
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/user.jsp 2012-10-18 14:28:15 UTC (rev 221)
+++ branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/user.jsp 2012-10-18 14:28:45 UTC (rev 222)
@@ -8,14 +8,17 @@
<body>
- <h1>Sécurité</h1>
+ <div class="security-div">
+ <h1>Sécurité</h1>
- <s:form action="user" namespace="/security">
- <s:actionerror />
- <s:hidden name="userId" value="%{user.topiaId}" />
- <s:textfield label="Identifiant" name="user.login" value="%{user.login}"/>
- <s:password label="Mot de passe" name="user.password" value="%{user.password}" />
- <s:submit label="Valider" />
- </s:form>
+ <h2>Nouvel utilisateur</h2>
+ <s:form action="user" namespace="/security" class="security-form">
+ <s:actionerror />
+ <s:hidden name="userId" value="%{user.topiaId}" />
+ <s:textfield label="Identifiant" name="user.login" value="%{user.login}"/>
+ <s:password label="Mot de passe" name="user.password" value="%{user.password}" />
+ <s:submit label="Valider" />
+ </s:form>
+ </div>
</body>
</html>
\ No newline at end of file
1
0