Nuiton-web-commits
Threads by month
- ----- 2026 -----
- June
- May
- April
- March
- February
- January
- ----- 2025 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2024 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- 410 discussions
r221 - branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security
by echatellier@users.nuiton.org 18 Oct '12
by echatellier@users.nuiton.org 18 Oct '12
18 Oct '12
Author: echatellier
Date: 2012-10-18 16:28:15 +0200 (Thu, 18 Oct 2012)
New Revision: 221
Url: http://nuiton.org/repositories/revision/nuiton-web/221
Log:
Fix non connected anonymous connected user
Modified:
branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/SecurityShiroFilter.java
branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/TopiaSecurityRealm.java
Modified: branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/SecurityShiroFilter.java
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/SecurityShiroFilter.java 2012-10-18 14:27:48 UTC (rev 220)
+++ branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/SecurityShiroFilter.java 2012-10-18 14:28:15 UTC (rev 221)
@@ -12,11 +12,19 @@
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
+import org.apache.shiro.mgt.SecurityManager;
+import org.apache.shiro.mgt.SubjectFactory;
import org.apache.shiro.realm.Realm;
+import org.apache.shiro.session.Session;
+import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.Subject;
+import org.apache.shiro.subject.SubjectContext;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.servlet.AbstractShiroFilter;
+import org.apache.shiro.web.subject.WebSubjectContext;
+import org.apache.shiro.web.subject.support.WebDelegatingSubject;
import org.nuiton.topia.TopiaContext;
import org.nuiton.topia.TopiaContextFactory;
import org.nuiton.topia.TopiaException;
@@ -24,40 +32,45 @@
import org.nuiton.util.ApplicationConfig;
import org.nuiton.web.SecurityDAOHelper;
-public class SecurityShiroFilter extends AbstractShiroFilter {
+public class SecurityShiroFilter extends AbstractShiroFilter implements SubjectFactory {
private static final Log log = LogFactory.getLog(SecurityShiroFilter.class);
+ public static final String APP_CONFIG_CONTEXT = SecurityShiroFilter.class.getName() + "#" + ApplicationConfig.class.getName();
+
+ public static final String ROOT_CONTEXT_CONTEXT = SecurityShiroFilter.class.getName() + "#" + TopiaContext.class.getName();
+
protected static final String ANON_LOGIN = "anonymous";
+ protected ApplicationConfig config;
+
+ protected TopiaContext rootContext;
+
@Override
public void init() throws Exception {
// get config from context
- ApplicationConfig config = (ApplicationConfig)getServletContext().getAttribute("ApplicationConfig");
+ config = (ApplicationConfig)getServletContext().getAttribute(APP_CONFIG_CONTEXT);
if (config == null) {
- throw new IllegalArgumentException("No ApplicationConfig attribute found in servlet context");
+ throw new IllegalArgumentException("No APP_CONFIG_CONTEXT attribute found in servlet context");
}
// get topia root context
config.setOption(TopiaContextFactory.CONFIG_PERSISTENCE_CLASSES, SecurityDAOHelper.getImplementationClassesAsString());
Properties props = config.getFlatOptions();
- TopiaContext rootContext = TopiaContextFactory.getContext(props);
+ rootContext = TopiaContextFactory.getContext(props);
initSchema(rootContext);
- getServletContext().setAttribute("rootContext", rootContext);
+ getServletContext().setAttribute(ROOT_CONTEXT_CONTEXT, rootContext);
// see http://shiro.apache.org/configuration.html#Configuration-ProgrammaticConfig…
if (log.isInfoEnabled()) {
log.info("Overriding shiro realms");
}
- //DefaultWebEnvironment env = new DefaultWebEnvironment();
Realm realm = new TopiaSecurityRealm(rootContext, config);
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager(realm);
setSecurityManager(securityManager);
- /*FilterChainResolver resolver = getFilterChainResolver();
- if (resolver != null) {
- setFilterChainResolver(resolver);
- }*/
+ securityManager.setSubjectFactory(this);
+ SecurityUtils.setSecurityManager(securityManager);
}
protected static void initSchema(TopiaContext rootContext) throws TopiaException {
@@ -103,6 +116,10 @@
// get permission
String uri = ((HttpServletRequest)servletRequest).getRequestURI();
String perm = "url" + uri.replace('/', ':');
+ // cas de la permission url: qui est equivalente a url:*
+ if (perm.endsWith(":")) {
+ perm += "/";
+ }
if (subjectUser.isPermitted(perm)) {
if (log.isDebugEnabled()) {
@@ -114,10 +131,50 @@
log.debug("User is NOT permitted to access " + perm);
}
if (ANON_LOGIN.equals(subjectUser.getPrincipal())) {
- ((HttpServletResponse)servletResponse).sendRedirect("/security/login.action");
+ ((HttpServletResponse)servletResponse).sendRedirect(config.getOption("topia.security.loginurl"));
} else {
((HttpServletResponse)servletResponse).sendError(401, "Not authorized to access " + uri);
}
}
}
+
+ @Override
+ public void destroy() {
+ super.destroy();
+
+ if (rootContext != null) {
+ try {
+ rootContext.closeContext();
+ } catch (TopiaException ex) {
+ if (log.isErrorEnabled()) {
+ log.error("Can't close root context", ex);
+ }
+ }
+ }
+ }
+
+ @Override
+ public Subject createSubject(SubjectContext context) {
+ /*if (!(context instanceof WebSubjectContext)) {
+ return super.createSubject(context);
+ }*/
+ WebSubjectContext wsc = (WebSubjectContext) context;
+ SecurityManager securityManager = wsc.resolveSecurityManager();
+ Session session = wsc.resolveSession();
+ boolean sessionEnabled = wsc.isSessionCreationEnabled();
+ PrincipalCollection principals = wsc.resolvePrincipals();
+ boolean authenticated = wsc.resolveAuthenticated();
+
+ // dans le cas du module securité, on va dire que non
+ if (authenticated && ANON_LOGIN.equals(principals.getPrimaryPrincipal())) {
+ authenticated = false;
+ }
+
+ String host = wsc.resolveHost();
+ ServletRequest request = wsc.resolveServletRequest();
+ ServletResponse response = wsc.resolveServletResponse();
+
+ return new WebDelegatingSubject(principals, authenticated, host, session, sessionEnabled,
+ request, response, securityManager);
+ }
}
Modified: branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/TopiaSecurityRealm.java
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/TopiaSecurityRealm.java 2012-10-18 14:27:48 UTC (rev 220)
+++ branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/TopiaSecurityRealm.java 2012-10-18 14:28:15 UTC (rev 221)
@@ -1,8 +1,5 @@
package org.nuiton.web.security;
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.Collection;
import java.util.Properties;
import org.apache.commons.lang3.StringUtils;
@@ -94,8 +91,8 @@
}
// ajout de l'url de login et logout quand meme !!!
- result.addStringPermission("url:security:login.action");
- result.addStringPermission("url:security:logout.action");
+ result.addStringPermission("url" + config.getOption("topia.security.loginurl").replace('/', ':'));
+ result.addStringPermission("url" + config.getOption("topia.security.logouturl").replace('/', ':'));
} catch (Exception ex) {
1
0
r220 - in branches/nuiton-web-1.11-security/nuiton-security/src: . site site/apt site/resources site/resources/img
by echatellier@users.nuiton.org 18 Oct '12
by echatellier@users.nuiton.org 18 Oct '12
18 Oct '12
Author: echatellier
Date: 2012-10-18 16:27:48 +0200 (Thu, 18 Oct 2012)
New Revision: 220
Url: http://nuiton.org/repositories/revision/nuiton-web/220
Log:
Add documentation
Added:
branches/nuiton-web-1.11-security/nuiton-security/src/site/
branches/nuiton-web-1.11-security/nuiton-security/src/site/apt/
branches/nuiton-web-1.11-security/nuiton-security/src/site/apt/index.apt
branches/nuiton-web-1.11-security/nuiton-security/src/site/resources/
branches/nuiton-web-1.11-security/nuiton-security/src/site/resources/img/
branches/nuiton-web-1.11-security/nuiton-security/src/site/resources/img/permissions.png
branches/nuiton-web-1.11-security/nuiton-security/src/site/resources/img/roles.png
branches/nuiton-web-1.11-security/nuiton-security/src/site/site.xml
Added: branches/nuiton-web-1.11-security/nuiton-security/src/site/apt/index.apt
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-security/src/site/apt/index.apt (rev 0)
+++ branches/nuiton-web-1.11-security/nuiton-security/src/site/apt/index.apt 2012-10-18 14:27:48 UTC (rev 220)
@@ -0,0 +1,181 @@
+~~~
+~~ #%L
+~~ Nuiton Web :: Nuiton Security
+~~
+~~ $Id: index.apt 152 2011-12-01 17:16:59Z athimel $
+~~ $HeadURL: http://svn.nuiton.org/svn/nuiton-web/trunk/nuiton-struts2/src/site/apt/inde… $
+~~ %%
+~~ Copyright (C) 2012 CodeLutin, Chatellier Eric
+~~ %%
+~~ This program is free software: you can redistribute it and/or modify
+~~ it under the terms of the GNU Lesser General Public License as
+~~ published by the Free Software Foundation, either version 3 of the
+~~ License, or (at your option) any later version.
+~~
+~~ This program is distributed in the hope that it will be useful,
+~~ but WITHOUT ANY WARRANTY; without even the implied warranty of
+~~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+~~ GNU General Lesser Public License for more details.
+~~
+~~ You should have received a copy of the GNU General Lesser Public
+~~ License along with this program. If not, see
+~~ <http://www.gnu.org/licenses/lgpl-3.0.html>.
+~~ #L%
+~~~
+
+ ----
+ Nuiton Web Security
+ ----
+ ----
+ 2012-10-18
+ ----
+
+ This document decribe how to add nuiton-web security module in an existing
+ web application.
+
+Application Config
+
+ Module configuration is based on {{{http://maven-site.nuiton.org/nuiton-utils/nuiton-utils/apidocs/org/nuiton/util/ApplicationConfig.html}ApplicationConfig}}
+ class. An instance of this class must be set into ServletContext in order
+ to security module to use it.
+
+ For example, on your application ServletContextListener, just add this kind
+ of code:
+
+--------------------------------------------------------------------------------
+@Override
+public void contextInitialized(ServletContextEvent sce) {
+
+ // add application config in servlet context for security module filter
+ ApplicationConfig config = ...;
+ sce.getServletContext().setAttribute(SecurityShiroFilter.APP_CONFIG_CONTEXT, config);
+}
+--------------------------------------------------------------------------------
+
+Filter
+
+ This next step to do is it add a Filter into the web.xml file:
+
+--------------------------------------------------------------------------------
+<filter>
+ <filter-name>ShiroFilter</filter-name>
+ <filter-class>org.nuiton.web.security.SecurityShiroFilter</filter-class>
+</filter>
+
+<filter-mapping>
+ <filter-name>ShiroFilter</filter-name>
+ <url-pattern>/*</url-pattern>
+ <dispatcher>REQUEST</dispatcher>
+ <dispatcher>FORWARD</dispatcher>
+ <dispatcher>INCLUDE</dispatcher>
+ <dispatcher>ERROR</dispatcher>
+</filter-mapping>
+--------------------------------------------------------------------------------
+
+ToPIA configuration
+
+ The security module use ToPIA as his persistence layer. The configuration
+ must contains the hibernate configuration used to connect to database.
+
+ For example for a PostgreSQL database:
+
+--------------------------------------------------------------------------------
+hibernate.dialect=org.hibernate.dialect.PostgreSQLDialect
+hibernate.connection.url=jdbc:postgresql://localhost/mydbname
+hibernate.connection.username=myuser
+hibernate.connection.password=mypass
+--------------------------------------------------------------------------------
+
+Permission configuration
+
+ The last step to do is to configure the permissions list and urls used by the
+ application.
+
+ Here is the syntax:
+
+--------------------------------------------------------------------------------
+topia.security.loginurl=/security/login.action
+topia.security.logouturl=/security/logout.action
+
+topia.security.permission.<category>=categoryname
+topia.security.permission.<category>.<permission>.name=permissionname
+topia.security.permission.<category>.<permission>.perm=permission, urlpermissions
+--------------------------------------------------------------------------------
+
+ The configuration define two url, loginurl and logouturl used to redirect user
+ when he is not authenticated or he want to unlog.
+
+ Next, there is the permission list divided by category. Each category has
+ a display name and a permissions list. Each permissions has also a display
+ name and a list of shiro permission.
+
+ Shiro permission are composed of normal shiro permission and url permissions
+ used by module to filter access to requested page for current authentified
+ shiro subject.
+
+ Here is an example of configuration:
+
+--------------------------------------------------------------------------------
+topia.security.loginurl=/security/login.action
+topia.security.logouturl=/security/logout.action
+
+topia.security.permission.global=Global
+topia.security.permission.global.index.name=Index
+topia.security.permission.global.index.perm=index:read, url:/, url:index.action
+topia.security.permission.global.search.name=Rechercher
+topia.security.permission.global.search.perm=search:read, url:user:search.action
+topia.security.permission.global.placesread.name=Emplacements
+topia.security.permission.global.placesread.perm=places:read, url:user:places.action
+
+topia.security.permission.misc=Divers
+topia.security.permission.misc.deco.name=Decoration
+topia.security.permission.misc.deco.perm=url:css, url:images, url:js
+topia.security.permission.misc.admin.name=Admin
+topia.security.permission.misc.admin.perm=*
+--------------------------------------------------------------------------------
+
+Screenshots
+
+ Here is a couple of screenshot showing how library permission and role
+ management look like:
+
+* Role management
+
+[img/roles.png] Roles management
+
+* Permissions management
+
+[img/permissions.png] Permissions management
+
+Maven
+
+ As of 1.12 version, this module comes with his own jsp, your don't have to
+ write it yourself. This jsps can be extracted during build using maven with
+ following plugin configuration:
+
+--------------------------------------------------------------------------------
+<plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-dependency-plugin</artifactId>
+ <executions>
+ <execution>
+ <phase>generate-resources</phase>
+ <goals>
+ <goal>unpack</goal>
+ </goals>
+ <configuration>
+ <artifactItems>
+ <artifactItem>
+ <groupId>org.nuiton.web</groupId>
+ <artifactId>nuiton-security</artifactId>
+ <version>1.12</version>
+ <type>jar</type>
+ </artifactItem>
+ </artifactItems>
+ <includes>WEB-INF/security/*</includes>
+ <outputDirectory>${project.build.directory}/${project.build.finalName}</outputDirectory>
+ </configuration>
+ </execution>
+ </executions>
+</plugin>
+--------------------------------------------------------------------------------
\ No newline at end of file
Added: branches/nuiton-web-1.11-security/nuiton-security/src/site/resources/img/permissions.png
===================================================================
(Binary files differ)
Property changes on: branches/nuiton-web-1.11-security/nuiton-security/src/site/resources/img/permissions.png
___________________________________________________________________
Added: svn:mime-type
+ image/png
Added: branches/nuiton-web-1.11-security/nuiton-security/src/site/resources/img/roles.png
===================================================================
(Binary files differ)
Property changes on: branches/nuiton-web-1.11-security/nuiton-security/src/site/resources/img/roles.png
___________________________________________________________________
Added: svn:mime-type
+ image/png
Added: branches/nuiton-web-1.11-security/nuiton-security/src/site/site.xml
===================================================================
(Binary files differ)
Property changes on: branches/nuiton-web-1.11-security/nuiton-security/src/site/site.xml
___________________________________________________________________
Added: svn:mime-type
+ application/xml
1
0
r219 - in branches/nuiton-web-1.11-security/nuiton-security/src/main: java/org/nuiton/web/security java/org/nuiton/web/security/actions resources resources/WEB-INF/security xmi
by echatellier@users.nuiton.org 17 Oct '12
by echatellier@users.nuiton.org 17 Oct '12
17 Oct '12
Author: echatellier
Date: 2012-10-17 16:58:08 +0200 (Wed, 17 Oct 2012)
New Revision: 219
Url: http://nuiton.org/repositories/revision/nuiton-web/219
Log:
Update permission management for roles
Modified:
branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/SecurityShiroFilter.java
branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/TopiaSecurityRealm.java
branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/RoleAction.java
branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/RolePermissionsAction.java
branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/UserAction.java
branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/UserRolesAction.java
branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/role-permissions.jsp
branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/user-roles.jsp
branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/struts.xml
branches/nuiton-web-1.11-security/nuiton-security/src/main/xmi/security.properties
branches/nuiton-web-1.11-security/nuiton-security/src/main/xmi/security.zargo
Modified: branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/SecurityShiroFilter.java
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/SecurityShiroFilter.java 2012-10-16 16:31:45 UTC (rev 218)
+++ branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/SecurityShiroFilter.java 2012-10-17 14:58:08 UTC (rev 219)
@@ -12,7 +12,7 @@
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
-import org.apache.shiro.SecurityUtils;
+import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
@@ -28,6 +28,8 @@
private static final Log log = LogFactory.getLog(SecurityShiroFilter.class);
+ protected static final String ANON_LOGIN = "anonymous";
+
@Override
public void init() throws Exception {
@@ -49,15 +51,15 @@
log.info("Overriding shiro realms");
}
//DefaultWebEnvironment env = new DefaultWebEnvironment();
- Realm topiaSecurityRealm = new TopiaSecurityRealm(rootContext, config);
- DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager(topiaSecurityRealm);
+ Realm realm = new TopiaSecurityRealm(rootContext, config);
+ DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager(realm);
setSecurityManager(securityManager);
/*FilterChainResolver resolver = getFilterChainResolver();
if (resolver != null) {
setFilterChainResolver(resolver);
}*/
}
-
+
protected static void initSchema(TopiaContext rootContext) throws TopiaException {
TopiaContext transaction = rootContext.beginTransaction();
boolean testTable = TopiaUtil.isSchemaExist(transaction, SecurityUserImpl.class.getName());
@@ -67,6 +69,14 @@
log.info("Create database schema");
}
rootContext.createSchema();
+
+ // create anon user
+ TopiaContext transaction2 = rootContext.beginTransaction();
+ SecurityUserDAO securityUserDAO = SecurityDAOHelper.getSecurityUserDAO(transaction2);
+ SecurityUser anonUser = securityUserDAO.create();
+ anonUser.setLogin(ANON_LOGIN);
+ transaction2.commitTransaction();
+ transaction2.closeContext();
} else {
if (log.isDebugEnabled()) {
log.debug("Table SecurityUser found, skip schema creation");
@@ -85,27 +95,29 @@
log.debug("Testing permission for user " + subjectUser.getPrincipal());
}
+ // to have permission, a user must be authenticated
+ if (!subjectUser.isAuthenticated()) {
+ subjectUser.login(new UsernamePasswordToken(ANON_LOGIN, ""));
+ }
+
// get permission
String uri = ((HttpServletRequest)servletRequest).getRequestURI();
- String perm = "url:" + uri;
+ String perm = "url" + uri.replace('/', ':');
+
if (subjectUser.isPermitted(perm)) {
if (log.isDebugEnabled()) {
log.debug("User is permitted to access " + perm);
}
super.doFilterInternal(servletRequest, servletResponse, chain);
- } else if (uri.equals("/security/login.action")
- || uri.startsWith("/js/")
- || uri.startsWith("/img/")
- || uri.startsWith("/css/")) {
- if (log.isDebugEnabled()) {
- log.debug("Temp allowing static access " + uri);
- }
- super.doFilterInternal(servletRequest, servletResponse, chain);
} else {
if (log.isDebugEnabled()) {
log.debug("User is NOT permitted to access " + perm);
}
- ((HttpServletResponse)servletResponse).sendRedirect("/security/login.action");
+ if (ANON_LOGIN.equals(subjectUser.getPrincipal())) {
+ ((HttpServletResponse)servletResponse).sendRedirect("/security/login.action");
+ } else {
+ ((HttpServletResponse)servletResponse).sendError(401, "Not authorized to access " + uri);
+ }
}
}
}
Modified: branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/TopiaSecurityRealm.java
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/TopiaSecurityRealm.java 2012-10-16 16:31:45 UTC (rev 218)
+++ branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/TopiaSecurityRealm.java 2012-10-17 14:58:08 UTC (rev 219)
@@ -1,5 +1,11 @@
package org.nuiton.web.security;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collection;
+import java.util.Properties;
+
+import org.apache.commons.lang3.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.shiro.authc.AuthenticationException;
@@ -16,9 +22,6 @@
import org.nuiton.topia.TopiaRuntimeException;
import org.nuiton.util.ApplicationConfig;
import org.nuiton.web.SecurityDAOHelper;
-import org.nuiton.web.security.SecurityUser;
-import org.nuiton.web.security.SecurityUserDAO;
-import org.nuiton.web.security.SecurityUserImpl;
public class TopiaSecurityRealm extends AuthorizingRealm {
@@ -36,11 +39,12 @@
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
- String login = (String) principals.getPrimaryPrincipal();
+ SimpleAuthorizationInfo result = null;
- SimpleAuthorizationInfo result = null;
+ Properties props = config.getFlatOptions();
TopiaContext transaction = null;
try {
+ String login = (String) principals.getPrimaryPrincipal();
transaction = rootContext.beginTransaction();
SecurityUserDAO securityUserDAO = SecurityDAOHelper.getSecurityUserDAO(transaction);
@@ -50,15 +54,49 @@
SecurityUser securityUser = securityUserDAO.findByLogin(login);
result = new SimpleAuthorizationInfo();
- for (SecurityRole role : securityUser.getRoles()) {
+ for (SecurityRole role : securityUser.getSecurityRole()) {
for (String permission : role.getPermissions()) {
- result.addStringPermission(permission);
+ //result.addStringPermission(permission);
if (log.isDebugEnabled()) {
log.debug(" - add permission : " + permission);
}
+
+ for (String prop : props.stringPropertyNames()) {
+ if (prop.startsWith("topia.security.permission.")) {
+ String endProp = StringUtils.removeStart(prop, "topia.security.permission.");
+ String[] subs = endProp.split("\\.");
+ if (subs.length == 3) {
+ if (subs[2].equals("perm")) {
+ if (subs[1].equals(permission)) {
+ String perms = props.getProperty(prop);
+ String[] permTab = perms.split("\\s*\\,\\s*");
+ for (String perm : permTab) {
+ result.addStringPermission(perm);
+ if (log.isDebugEnabled()) {
+ log.debug(" - add string permission : " + perm);
+ }
+ }
+ }
+ }
+ }
+ }
+ }
}
}
+ // si seul l'utilisateur anon existe
+ // on lui offre une promotion
+ if (login.equals(SecurityShiroFilter.ANON_LOGIN) && securityUserDAO.count() == 1) {
+ result.addStringPermission("*");
+ if (log.isDebugEnabled()) {
+ log.debug("Grant all rigth (*) because no user exists");
+ }
+ }
+
+ // ajout de l'url de login et logout quand meme !!!
+ result.addStringPermission("url:security:login.action");
+ result.addStringPermission("url:security:logout.action");
+
} catch (Exception ex) {
} finally {
@@ -70,7 +108,7 @@
}
}
}
-
+
return result;
}
@@ -79,8 +117,12 @@
UsernamePasswordToken usernamePasswordToken = (UsernamePasswordToken) token;
String login = usernamePasswordToken.getUsername();
- char[] password = usernamePasswordToken.getPassword();
+ //char[] password = usernamePasswordToken.getPassword();
+ if (log.isDebugEnabled()) {
+ log.debug("doGetAuthenticationInfo for login : " + login);
+ }
+
AuthenticationInfo result = null;
TopiaContext transaction = null;
try {
@@ -88,40 +130,16 @@
SecurityUserDAO securityUserDAO = SecurityDAOHelper.getSecurityUserDAO(transaction);
SecurityUser securityUser = securityUserDAO.findByLogin(login);
-
- if (securityUser == null) {
- long count = securityUserDAO.count();
- // si il n'y a aucun utilisateur, le premier utilisateur
- // devient un power user, super admin de la mort
- if (count == 0) {
- if (log.isDebugEnabled()) {
- log.debug("Creating new admin user with login : " + login);
- }
- SecurityRoleDAO securityRoleDAO = SecurityDAOHelper.getSecurityRoleDAO(transaction);
-
- securityUser = securityUserDAO.create();
- securityUser.setLogin(login);
- securityUser.setPassword(String.valueOf(password));
-
- // on lui attribut tous les droits
- SecurityRole role = securityRoleDAO.create();
- role.setName("admin");
- role.addPermissions("*:*");
- securityUser.addRoles(role);
-
- transaction.commitTransaction();
+ if (securityUser != null) {
+ if (login.equals(SecurityShiroFilter.ANON_LOGIN)) {
+ result = new SimpleAuthenticationInfo(securityUser.getLogin(),
+ "", getName());
} else {
- if (log.isDebugEnabled()) {
- log.debug(count + " accounts found");
- }
+ result = new SimpleAuthenticationInfo(securityUser.getLogin(),
+ securityUser.getPassword(), getName());
}
}
- if (securityUser != null) {
- result = new SimpleAuthenticationInfo(securityUser.getLogin(),
- securityUser.getPassword(), getName());
- }
-
} catch (TopiaException ex) {
throw new TopiaRuntimeException(ex);
} finally {
Modified: branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/RoleAction.java
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/RoleAction.java 2012-10-16 16:31:45 UTC (rev 218)
+++ branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/RoleAction.java 2012-10-17 14:58:08 UTC (rev 219)
@@ -4,6 +4,7 @@
import org.nuiton.topia.TopiaContext;
import org.nuiton.topia.TopiaException;
import org.nuiton.topia.TopiaRuntimeException;
+import org.nuiton.web.SecurityDAOHelper;
import org.nuiton.web.security.SecurityRole;
import org.nuiton.web.security.SecurityRoleDAO;
import org.nuiton.web.security.SecurityRoleImpl;
@@ -39,6 +40,7 @@
try {
TopiaContext transaction = rootContext.beginTransaction();
+ securityRoleDAO = SecurityDAOHelper.getSecurityRoleDAO(transaction);
if (role.getTopiaId() == null) {
securityRoleDAO.create(role);
} else {
Modified: branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/RolePermissionsAction.java
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/RolePermissionsAction.java 2012-10-16 16:31:45 UTC (rev 218)
+++ branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/RolePermissionsAction.java 2012-10-17 14:58:08 UTC (rev 219)
@@ -1,7 +1,6 @@
package org.nuiton.web.security.actions;
import java.util.ArrayList;
-import java.util.Arrays;
import java.util.Collection;
import java.util.HashMap;
import java.util.List;
@@ -13,7 +12,6 @@
import org.nuiton.web.SecurityDAOHelper;
import org.nuiton.web.security.SecurityRole;
import org.nuiton.web.security.SecurityRoleDAO;
-import org.nuiton.web.security.SecurityUser;
import org.nuiton.web.security.SecurityUserDAO;
public class RolePermissionsAction extends AbstractAction {
@@ -31,12 +29,10 @@
protected Map<String, String> permissions;
/** Id categories with permissions ids. */
protected Map<String, Collection<String>> categoryPermissions;
- /** Id permission with permissions strings. */
- protected Map<String, Collection<String>> shiroPerms;
protected List<SecurityRole> roles;
- protected List<String> userIds;
+ protected List<String> roleIds;
@Override
public String input() throws Exception {
@@ -48,7 +44,7 @@
categories = new HashMap<String, String>();
permissions = new HashMap<String, String>();
categoryPermissions = new HashMap<String, Collection<String>>();
- shiroPerms = new HashMap<String, Collection<String>>();
+
Properties props = config.getFlatOptions();
for (String prop : props.stringPropertyNames()) {
if (prop.startsWith("topia.security.permission.")) {
@@ -56,22 +52,19 @@
String[] subs = endProp.split("\\.");
if (subs.length == 1) {
categories.put(subs[0], props.getProperty(prop));
- } else if (subs.length == 2) {
- String perms = props.getProperty(prop);
- String[] permTab = perms.split("\\s*\\.\\s*");
- Collection<String> permList = Arrays.asList(permTab);
- shiroPerms.put(subs[0], permList);
} else if (subs.length == 3) {
- // name
- String name = props.getProperty(prop);
- permissions.put(subs[1], name);
- // association
- Collection<String> categoryPermissionCol = categoryPermissions.get(subs[0]);
- if (categoryPermissionCol == null) {
- categoryPermissionCol = new ArrayList<String>();
- categoryPermissions.put(subs[0], categoryPermissionCol);
+ if (subs[2].equals("name")) {
+ // name
+ String name = props.getProperty(prop);
+ permissions.put(subs[1], name);
+ // association
+ Collection<String> categoryPermissionCol = categoryPermissions.get(subs[0]);
+ if (categoryPermissionCol == null) {
+ categoryPermissionCol = new ArrayList<String>();
+ categoryPermissions.put(subs[0], categoryPermissionCol);
+ }
+ categoryPermissionCol.add(subs[1]);
}
- categoryPermissionCol.add(subs[1]);
}
}
}
@@ -94,26 +87,28 @@
return categoryPermissions;
}
+ public void setRoleIds(List<String> roleIds) {
+ this.roleIds = roleIds;
+ }
+
@Override
public String execute() throws Exception {
String result = super.execute();
- if (userIds == null) {
+ if (roleIds == null) {
result = input();
} else {
try {
TopiaContext transaction = rootContext.beginTransaction();
- securityUserDAO = SecurityDAOHelper.getSecurityUserDAO(transaction);
securityRoleDAO = SecurityDAOHelper.getSecurityRoleDAO(transaction);
- for (String userId : userIds) {
- SecurityUser securityUser = securityUserDAO.findByTopiaId(userId);
- securityUser.clearRoles();
+ for (String roleId : roleIds) {
+ SecurityRole securityRole = securityRoleDAO.findByTopiaId(roleId);
+ securityRole.clearPermissions();
- String[] roleIds = getParameters("roles-" + userId);
- if (roleIds != null) {
- for (String roleId : roleIds) {
- SecurityRole secuRole = securityRoleDAO.findByTopiaId(roleId);
- securityUser.addRoles(secuRole);
+ String[] permissions = getParameters("permissions-" + roleId);
+ if (permissions != null) {
+ for (String permission : permissions) {
+ securityRole.addPermissions(permission);
}
}
}
Modified: branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/UserAction.java
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/UserAction.java 2012-10-16 16:31:45 UTC (rev 218)
+++ branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/UserAction.java 2012-10-17 14:58:08 UTC (rev 219)
@@ -9,6 +9,8 @@
import org.nuiton.web.security.SecurityUserDAO;
import org.nuiton.web.security.SecurityUserImpl;
+import com.opensymphony.xwork2.Preparable;
+
public class UserAction extends AbstractAction {
/** serialVersionUID. */
Modified: branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/UserRolesAction.java
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/UserRolesAction.java 2012-10-16 16:31:45 UTC (rev 218)
+++ branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/UserRolesAction.java 2012-10-17 14:58:08 UTC (rev 219)
@@ -60,13 +60,13 @@
securityRoleDAO = SecurityDAOHelper.getSecurityRoleDAO(transaction);
for (String userId : userIds) {
SecurityUser securityUser = securityUserDAO.findByTopiaId(userId);
- securityUser.clearRoles();
+ securityUser.clearSecurityRole();
String[] roleIds = getParameters("roles-" + userId);
if (roleIds != null) {
for (String roleId : roleIds) {
SecurityRole secuRole = securityRoleDAO.findByTopiaId(roleId);
- securityUser.addRoles(secuRole);
+ securityUser.addSecurityRole(secuRole);
}
}
}
Modified: branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/role-permissions.jsp
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/role-permissions.jsp 2012-10-16 16:31:45 UTC (rev 218)
+++ branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/role-permissions.jsp 2012-10-17 14:58:08 UTC (rev 219)
@@ -12,25 +12,36 @@
<h2>Permissions des rôles</h2>
- <form action="<s:url action="user-roles" namespace="/security" />" method="post">
+ <form action="<s:url action="role-permissions" namespace="/security" />" method="post">
+ <s:iterator value="roles">
+ <input type="hidden" name="roleIds" value="<s:property value="topiaId" />" />
+ </s:iterator>
<table class="secu-roletable">
<tr>
<td class="empty" />
<s:iterator value="roles">
- <td><s:property value="name" /></td>
+ <td><a href="<s:url action='role!input' namespace='/security'>
+ <s:param name="roleId"><s:property value="topiaId" /></s:param>
+ </s:url>">
+ <s:property value="name" />
+ </a></td>
</s:iterator>
</tr>
<s:iterator value="categories.keys" var="category">
<s:set name="categoryName" value="categories.get(#category)" />
<tr>
- <td colspan="<s:property value="roles.size() + 1" />"><s:property value="#categoryName" /></td>
+ <th colspan="<s:property value="roles.size() + 1" />"><s:property value="#categoryName" /></th>
</tr>
<s:iterator value="categoryPermissions.get(#category)" var="categoryPermission">
<s:set name="permissionName" value="permissions.get(#categoryPermission)" />
<tr>
<td><s:property value="#permissionName" /></td>
- <s:iterator value="roles">
- <td><input type="checkbox" value="" /></td>
+ <s:iterator value="roles" var="role">
+ <td><input type="checkbox" name="permissions-<s:property value="topiaId" />"
+ value="<s:property value="#categoryPermission"/>"
+ <s:if test="#role.permissions.contains(#categoryPermission)" >
+ checked="checked"
+ </s:if> /></td>
</s:iterator>
</tr>
</s:iterator>
Modified: branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/user-roles.jsp
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/user-roles.jsp 2012-10-16 16:31:45 UTC (rev 218)
+++ branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/user-roles.jsp 2012-10-17 14:58:08 UTC (rev 219)
@@ -33,7 +33,7 @@
</s:iterator>
</tr>
<s:iterator value="users" var="user" status="userStatus">
- <input type="hidden" name="userIds" value="<s:property value="topiaId" />" />
+ <input type="hidden" name="userIds" value="<s:property value="topiaId" />" />
<tr>
<s:if test="#userStatus.first">
<th rowspan="<s:property value="users.size()" />" class="vertical">Utilisateurs</th>
@@ -47,9 +47,10 @@
</td>
<s:iterator value="roles" var="role">
<td>
+
<input id="<s:property value="#user.topiaId" /><s:property value="#user.topiaId" />"
type="checkbox" name="roles-<s:property value="#user.topiaId" />" value="<s:property value="#role.topiaId" />"
- <s:if test="#user.roles.contains(#role)" >
+ <s:if test="#user.securityRole.contains(#role)" >
checked="checked"
</s:if> />
</td>
Modified: branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/struts.xml
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/struts.xml 2012-10-16 16:31:45 UTC (rev 218)
+++ branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/struts.xml 2012-10-17 14:58:08 UTC (rev 219)
@@ -15,7 +15,7 @@
<action name="role-permissions" class="org.nuiton.web.security.actions.RolePermissionsAction">
<result name="input">/WEB-INF/security/role-permissions.jsp</result>
<result name="success" type="redirectAction">
- <param name="actionName">user-roles</param>
+ <param name="actionName">role-permissions</param>
</result>
</action>
<action name="role" class="org.nuiton.web.security.actions.RoleAction">
Modified: branches/nuiton-web-1.11-security/nuiton-security/src/main/xmi/security.properties
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-security/src/main/xmi/security.properties 2012-10-16 16:31:45 UTC (rev 218)
+++ branches/nuiton-web-1.11-security/nuiton-security/src/main/xmi/security.properties 2012-10-17 14:58:08 UTC (rev 219)
@@ -1,2 +1,3 @@
model.tagvalue.String=text
-org.nuiton.web.security.SecurityUser.attribute.roles.tagvalue.lazy=false
\ No newline at end of file
+org.nuiton.web.security.SecurityUser.attribute.securityRole.tagvalue.lazy=false
+org.nuiton.web.security.SecurityRole.attribute.permissions.tagvalue.lazy=false
Modified: branches/nuiton-web-1.11-security/nuiton-security/src/main/xmi/security.zargo
===================================================================
(Binary files differ)
1
0
r218 - branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security
by echatellier@users.nuiton.org 16 Oct '12
by echatellier@users.nuiton.org 16 Oct '12
16 Oct '12
Author: echatellier
Date: 2012-10-16 18:31:45 +0200 (Tue, 16 Oct 2012)
New Revision: 218
Url: http://nuiton.org/repositories/revision/nuiton-web/218
Log:
Update view
Added:
branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/role-permissions.jsp
Modified:
branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/user-roles.jsp
branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/user.jsp
Added: branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/role-permissions.jsp
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/role-permissions.jsp (rev 0)
+++ branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/role-permissions.jsp 2012-10-16 16:31:45 UTC (rev 218)
@@ -0,0 +1,54 @@
+<%@ page language="java" contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<%@taglib uri="/struts-tags" prefix="s" %>
+<html xmlns="http://www.w3.org/1999/xhtml">
+ <head>
+ <title>Sécurité</title>
+ </head>
+
+ <body>
+
+ <h1>Sécurité</h1>
+
+ <h2>Permissions des rôles</h2>
+
+ <form action="<s:url action="user-roles" namespace="/security" />" method="post">
+ <table class="secu-roletable">
+ <tr>
+ <td class="empty" />
+ <s:iterator value="roles">
+ <td><s:property value="name" /></td>
+ </s:iterator>
+ </tr>
+ <s:iterator value="categories.keys" var="category">
+ <s:set name="categoryName" value="categories.get(#category)" />
+ <tr>
+ <td colspan="<s:property value="roles.size() + 1" />"><s:property value="#categoryName" /></td>
+ </tr>
+ <s:iterator value="categoryPermissions.get(#category)" var="categoryPermission">
+ <s:set name="permissionName" value="permissions.get(#categoryPermission)" />
+ <tr>
+ <td><s:property value="#permissionName" /></td>
+ <s:iterator value="roles">
+ <td><input type="checkbox" value="" /></td>
+ </s:iterator>
+ </tr>
+ </s:iterator>
+ </s:iterator>
+ </table>
+ <input type="submit" value="Valider" />
+ </form>
+
+ <h2>Gestion</h2>
+
+ <div class="secu-newuser">
+ <a href="<s:url action='user-roles!input' namespace='/security' />">Rôles des utilisateurs</a>
+ </div>
+ <div class="secu-newuser">
+ <a href="<s:url action='user!input' namespace='/security' />">Nouvel utilisateur</a>
+ </div>
+ <div class="secu-newrole">
+ <a href="<s:url action='role!input' namespace='/security' />">Nouveau rôle</a>
+ </div>
+ </body>
+</html>
\ No newline at end of file
Modified: branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/user-roles.jsp
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/user-roles.jsp 2012-10-16 15:25:59 UTC (rev 217)
+++ branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/user-roles.jsp 2012-10-16 16:31:45 UTC (rev 218)
@@ -10,7 +10,7 @@
<h1>Sécurité</h1>
- <h2>Permission</h2>
+ <h2>Rôles des utilisateurs</h2>
<form action="<s:url action="user-roles" namespace="/security" />" method="post">
<table class="secu-roletable">
@@ -63,10 +63,13 @@
<h2>Gestion</h2>
<div class="secu-newuser">
- <a href="<s:url action='secu-user!input' namespace='/secu' />">Nouvel utilisateur</a>
+ <a href="<s:url action='role-permissions!input' namespace='/security' />">Permissions des rôles</a>
</div>
+ <div class="secu-newuser">
+ <a href="<s:url action='user!input' namespace='/security' />">Nouvel utilisateur</a>
+ </div>
<div class="secu-newrole">
- <a href="<s:url action='secu-role!input' namespace='/secu' />">Nouveau rôle</a>
+ <a href="<s:url action='role!input' namespace='/security' />">Nouveau rôle</a>
</div>
</body>
</html>
\ No newline at end of file
Modified: branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/user.jsp
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/user.jsp 2012-10-16 15:25:59 UTC (rev 217)
+++ branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/user.jsp 2012-10-16 16:31:45 UTC (rev 218)
@@ -10,7 +10,7 @@
<h1>Sécurité</h1>
- <s:form action="secu-user" namespace="/secu">
+ <s:form action="user" namespace="/security">
<s:actionerror />
<s:hidden name="userId" value="%{user.topiaId}" />
<s:textfield label="Identifiant" name="user.login" value="%{user.login}"/>
1
0
r217 - in branches/nuiton-web-1.11-security/nuiton-security/src/main: java/org/nuiton/web resources/WEB-INF
by echatellier@users.nuiton.org 16 Oct '12
by echatellier@users.nuiton.org 16 Oct '12
16 Oct '12
Author: echatellier
Date: 2012-10-16 17:25:59 +0200 (Tue, 16 Oct 2012)
New Revision: 217
Url: http://nuiton.org/repositories/revision/nuiton-web/217
Log:
Refactoring secu > security
Implements realm on topia
Add custom servlet filter.
Removed:
branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/secu/
branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/secu/
1
0
Author: echatellier
Date: 2012-10-16 17:25:31 +0200 (Tue, 16 Oct 2012)
New Revision: 216
Url: http://nuiton.org/repositories/revision/nuiton-web/216
Log:
Refactoring secu > security
Implements realm on topia
Add custom servlet filter.
Added:
branches/nuiton-web-1.11-security/nuiton-security/
branches/nuiton-web-1.11-security/nuiton-security/pom.xml
branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/
branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/SecurityShiroFilter.java
branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/TopiaSecurityRealm.java
branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/
branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/AbstractAction.java
branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/LoginAction.java
branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/LogoutAction.java
branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/RoleAction.java
branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/RolePermissionsAction.java
branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/UserAction.java
branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/UserRolesAction.java
branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/
branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/login.jsp
branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/role.jsp
branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/user-roles.jsp
branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/user.jsp
branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/i18n/nuiton-security_en_GB.properties
branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/i18n/nuiton-security_fr_FR.properties
branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/struts.xml
branches/nuiton-web-1.11-security/nuiton-security/src/main/xmi/security.properties
branches/nuiton-web-1.11-security/nuiton-security/src/main/xmi/security.zargo
Removed:
branches/nuiton-web-1.11-security/nuiton-security/pom.xml
branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/secu/actions/SecuRole.java
branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/secu/actions/SecuUser.java
branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/AbstractSecuAction.java
branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/SecuMatrix.java
branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/SecuRole.java
branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/SecuUser.java
branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/secu/secu-login.jsp
branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/secu-login.jsp
branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/secu-matrix.jsp
branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/secu-role.jsp
branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/secu-user.jsp
branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/i18n/nuiton-secu_en_GB.properties
branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/i18n/nuiton-secu_fr_FR.properties
branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/i18n/secu-lib_fr_FR.properties
branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/struts.xml
branches/nuiton-web-1.11-security/nuiton-security/src/main/xmi/secu.properties
branches/nuiton-web-1.11-security/nuiton-security/src/main/xmi/secu.zargo
Modified:
branches/nuiton-web-1.11-security/pom.xml
Deleted: branches/nuiton-web-1.11-security/nuiton-security/pom.xml
===================================================================
(Binary files differ)
Copied: branches/nuiton-web-1.11-security/nuiton-security/pom.xml (from rev 213, branches/nuiton-web-1.11-security/nuiton-secu/pom.xml)
===================================================================
(Binary files differ)
Deleted: branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/secu/actions/SecuRole.java
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-secu/src/main/java/org/nuiton/web/secu/actions/SecuRole.java 2012-10-10 15:30:37 UTC (rev 211)
+++ branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/secu/actions/SecuRole.java 2012-10-16 15:25:31 UTC (rev 216)
@@ -1,76 +0,0 @@
-package org.nuiton.web.secu.actions;
-
-import javax.servlet.http.HttpServletRequest;
-
-import org.apache.commons.lang3.StringUtils;
-import org.nuiton.topia.TopiaContext;
-import org.nuiton.topia.TopiaException;
-import org.nuiton.topia.TopiaRuntimeException;
-import org.nuiton.web.SecuDAOHelper;
-import org.nuiton.web.filter.TopiaTransactionFilter;
-import org.nuiton.web.secu.SecuRoleDAO;
-import org.nuiton.web.secu.SecuRoleImpl;
-
-import com.opensymphony.xwork2.Preparable;
-
-public class SecuRole extends AbstractSecuAction implements Preparable {
-
- /** serialVersionUID. */
- private static final long serialVersionUID = 1L;
-
- /** Topia context associated with request. */
- protected TopiaContext transaction;
-
- protected SecuRoleDAO secuRoleDAO;
-
- protected org.nuiton.web.secu.SecuRole role;
-
- @Override
- public void setServletRequest(HttpServletRequest request) {
- transaction = TopiaTransactionFilter.getTransaction(request);
- }
-
- @Override
- public void prepare() throws Exception {
- secuRoleDAO = SecuDAOHelper.getSecuRoleDAO(transaction);
- }
-
- @Override
- public String input() throws Exception {
- return super.input();
- }
-
- public org.nuiton.web.secu.SecuRole getRole() {
- if (role == null) {
- String roleId = getParameter("roleId");
- if (StringUtils.isNotBlank(roleId)) {
- try {
- role = secuRoleDAO.findByTopiaId(roleId);
- } catch (TopiaException ex) {
- throw new TopiaRuntimeException(ex);
- }
- } else {
- role = new SecuRoleImpl();
- }
- }
- return role;
- }
-
- @Override
- public String execute() throws Exception {
- String result = super.execute();
-
- try {
- if (role.getTopiaId() == null) {
- secuRoleDAO.create(role);
- } else {
- secuRoleDAO.update(role);
- }
- transaction.commitTransaction();
- } catch (Exception ex) {
- addActionError(ex.getMessage());
- result = input();
- }
- return result;
- }
-}
Deleted: branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/secu/actions/SecuUser.java
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-secu/src/main/java/org/nuiton/web/secu/actions/SecuUser.java 2012-10-10 15:30:37 UTC (rev 211)
+++ branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/secu/actions/SecuUser.java 2012-10-16 15:25:31 UTC (rev 216)
@@ -1,76 +0,0 @@
-package org.nuiton.web.secu.actions;
-
-import javax.servlet.http.HttpServletRequest;
-
-import org.apache.commons.lang3.StringUtils;
-import org.nuiton.topia.TopiaContext;
-import org.nuiton.topia.TopiaException;
-import org.nuiton.topia.TopiaRuntimeException;
-import org.nuiton.web.SecuDAOHelper;
-import org.nuiton.web.filter.TopiaTransactionFilter;
-import org.nuiton.web.secu.SecuUserDAO;
-import org.nuiton.web.secu.SecuUserImpl;
-
-import com.opensymphony.xwork2.Preparable;
-
-public class SecuUser extends AbstractSecuAction implements Preparable {
-
- /** serialVersionUID. */
- private static final long serialVersionUID = 1L;
-
- /** Topia context associated with request. */
- protected TopiaContext transaction;
-
- protected SecuUserDAO secuUserDAO;
-
- protected org.nuiton.web.secu.SecuUser user;
-
- @Override
- public void setServletRequest(HttpServletRequest request) {
- transaction = TopiaTransactionFilter.getTransaction(request);
- }
-
- @Override
- public void prepare() throws Exception {
- secuUserDAO = SecuDAOHelper.getSecuUserDAO(transaction);
- }
-
- @Override
- public String input() throws Exception {
- return super.input();
- }
-
- public org.nuiton.web.secu.SecuUser getUser() {
- if (user == null) {
- String roleId = getParameter("userId");
- if (StringUtils.isNotBlank(roleId)) {
- try {
- user = secuUserDAO.findByTopiaId(roleId);
- } catch (TopiaException ex) {
- throw new TopiaRuntimeException(ex);
- }
- } else {
- user = new SecuUserImpl();
- }
- }
- return user;
- }
-
- @Override
- public String execute() throws Exception {
- String result = super.execute();
-
- try {
- if (user.getTopiaId() == null) {
- secuUserDAO.create(user);
- } else {
- secuUserDAO.update(user);
- }
- transaction.commitTransaction();
- } catch (Exception ex) {
- addActionError(ex.getMessage());
- result = input();
- }
- return result;
- }
-}
Added: branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/SecurityShiroFilter.java
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/SecurityShiroFilter.java (rev 0)
+++ branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/SecurityShiroFilter.java 2012-10-16 15:25:31 UTC (rev 216)
@@ -0,0 +1,111 @@
+package org.nuiton.web.security;
+
+import java.io.IOException;
+import java.util.Properties;
+
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.shiro.SecurityUtils;
+import org.apache.shiro.realm.Realm;
+import org.apache.shiro.subject.Subject;
+import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
+import org.apache.shiro.web.servlet.AbstractShiroFilter;
+import org.nuiton.topia.TopiaContext;
+import org.nuiton.topia.TopiaContextFactory;
+import org.nuiton.topia.TopiaException;
+import org.nuiton.topia.framework.TopiaUtil;
+import org.nuiton.util.ApplicationConfig;
+import org.nuiton.web.SecurityDAOHelper;
+
+public class SecurityShiroFilter extends AbstractShiroFilter {
+
+ private static final Log log = LogFactory.getLog(SecurityShiroFilter.class);
+
+ @Override
+ public void init() throws Exception {
+
+ // get config from context
+ ApplicationConfig config = (ApplicationConfig)getServletContext().getAttribute("ApplicationConfig");
+ if (config == null) {
+ throw new IllegalArgumentException("No ApplicationConfig attribute found in servlet context");
+ }
+
+ // get topia root context
+ config.setOption(TopiaContextFactory.CONFIG_PERSISTENCE_CLASSES, SecurityDAOHelper.getImplementationClassesAsString());
+ Properties props = config.getFlatOptions();
+ TopiaContext rootContext = TopiaContextFactory.getContext(props);
+ initSchema(rootContext);
+ getServletContext().setAttribute("rootContext", rootContext);
+
+ // see http://shiro.apache.org/configuration.html#Configuration-ProgrammaticConfig…
+ if (log.isInfoEnabled()) {
+ log.info("Overriding shiro realms");
+ }
+ //DefaultWebEnvironment env = new DefaultWebEnvironment();
+ Realm topiaSecurityRealm = new TopiaSecurityRealm(rootContext, config);
+ DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager(topiaSecurityRealm);
+ setSecurityManager(securityManager);
+ /*FilterChainResolver resolver = getFilterChainResolver();
+ if (resolver != null) {
+ setFilterChainResolver(resolver);
+ }*/
+ }
+
+ protected static void initSchema(TopiaContext rootContext) throws TopiaException {
+ TopiaContext transaction = rootContext.beginTransaction();
+ boolean testTable = TopiaUtil.isSchemaExist(transaction, SecurityUserImpl.class.getName());
+ transaction.closeContext();
+ if (!testTable) {
+ if (log.isInfoEnabled()) {
+ log.info("Create database schema");
+ }
+ rootContext.createSchema();
+ } else {
+ if (log.isDebugEnabled()) {
+ log.debug("Table SecurityUser found, skip schema creation");
+ }
+ }
+ }
+
+ @Override
+ protected void doFilterInternal(ServletRequest servletRequest,
+ ServletResponse servletResponse, FilterChain chain)
+ throws ServletException, IOException {
+
+ // get subject
+ Subject subjectUser = createSubject(servletRequest, servletResponse);
+ if (log.isDebugEnabled()) {
+ log.debug("Testing permission for user " + subjectUser.getPrincipal());
+ }
+
+ // get permission
+ String uri = ((HttpServletRequest)servletRequest).getRequestURI();
+ String perm = "url:" + uri;
+ if (subjectUser.isPermitted(perm)) {
+ if (log.isDebugEnabled()) {
+ log.debug("User is permitted to access " + perm);
+ }
+ super.doFilterInternal(servletRequest, servletResponse, chain);
+ } else if (uri.equals("/security/login.action")
+ || uri.startsWith("/js/")
+ || uri.startsWith("/img/")
+ || uri.startsWith("/css/")) {
+ if (log.isDebugEnabled()) {
+ log.debug("Temp allowing static access " + uri);
+ }
+ super.doFilterInternal(servletRequest, servletResponse, chain);
+ } else {
+ if (log.isDebugEnabled()) {
+ log.debug("User is NOT permitted to access " + perm);
+ }
+ ((HttpServletResponse)servletResponse).sendRedirect("/security/login.action");
+ }
+ }
+}
Property changes on: branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/SecurityShiroFilter.java
___________________________________________________________________
Added: svn:keywords
+ Author Date Id Revision HeadURL
Added: branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/TopiaSecurityRealm.java
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/TopiaSecurityRealm.java (rev 0)
+++ branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/TopiaSecurityRealm.java 2012-10-16 15:25:31 UTC (rev 216)
@@ -0,0 +1,139 @@
+package org.nuiton.web.security;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.shiro.authc.AuthenticationException;
+import org.apache.shiro.authc.AuthenticationInfo;
+import org.apache.shiro.authc.AuthenticationToken;
+import org.apache.shiro.authc.SimpleAuthenticationInfo;
+import org.apache.shiro.authc.UsernamePasswordToken;
+import org.apache.shiro.authz.AuthorizationInfo;
+import org.apache.shiro.authz.SimpleAuthorizationInfo;
+import org.apache.shiro.realm.AuthorizingRealm;
+import org.apache.shiro.subject.PrincipalCollection;
+import org.nuiton.topia.TopiaContext;
+import org.nuiton.topia.TopiaException;
+import org.nuiton.topia.TopiaRuntimeException;
+import org.nuiton.util.ApplicationConfig;
+import org.nuiton.web.SecurityDAOHelper;
+import org.nuiton.web.security.SecurityUser;
+import org.nuiton.web.security.SecurityUserDAO;
+import org.nuiton.web.security.SecurityUserImpl;
+
+public class TopiaSecurityRealm extends AuthorizingRealm {
+
+ private static final Log log = LogFactory.getLog(TopiaSecurityRealm.class);
+
+ protected TopiaContext rootContext;
+
+ protected ApplicationConfig config;
+
+ public TopiaSecurityRealm(TopiaContext rootContext, ApplicationConfig config) {
+ this.rootContext = rootContext;
+ this.config = config;
+ }
+
+ @Override
+ protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
+
+ String login = (String) principals.getPrimaryPrincipal();
+
+ SimpleAuthorizationInfo result = null;
+ TopiaContext transaction = null;
+ try {
+ transaction = rootContext.beginTransaction();
+ SecurityUserDAO securityUserDAO = SecurityDAOHelper.getSecurityUserDAO(transaction);
+
+ if (log.isDebugEnabled()) {
+ log.debug("Build autorisation list for user : " + login);
+ }
+
+ SecurityUser securityUser = securityUserDAO.findByLogin(login);
+ result = new SimpleAuthorizationInfo();
+ for (SecurityRole role : securityUser.getRoles()) {
+ for (String permission : role.getPermissions()) {
+ result.addStringPermission(permission);
+ if (log.isDebugEnabled()) {
+ log.debug(" - add permission : " + permission);
+ }
+ }
+ }
+
+ } catch (Exception ex) {
+
+ } finally {
+ if (transaction != null) {
+ try {
+ transaction.closeContext();
+ } catch (TopiaException ex) {
+ throw new TopiaRuntimeException(ex);
+ }
+ }
+ }
+
+ return result;
+ }
+
+ @Override
+ protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
+
+ UsernamePasswordToken usernamePasswordToken = (UsernamePasswordToken) token;
+ String login = usernamePasswordToken.getUsername();
+ char[] password = usernamePasswordToken.getPassword();
+
+ AuthenticationInfo result = null;
+ TopiaContext transaction = null;
+ try {
+ transaction = rootContext.beginTransaction();
+ SecurityUserDAO securityUserDAO = SecurityDAOHelper.getSecurityUserDAO(transaction);
+
+ SecurityUser securityUser = securityUserDAO.findByLogin(login);
+
+ if (securityUser == null) {
+ long count = securityUserDAO.count();
+ // si il n'y a aucun utilisateur, le premier utilisateur
+ // devient un power user, super admin de la mort
+ if (count == 0) {
+ if (log.isDebugEnabled()) {
+ log.debug("Creating new admin user with login : " + login);
+ }
+ SecurityRoleDAO securityRoleDAO = SecurityDAOHelper.getSecurityRoleDAO(transaction);
+
+ securityUser = securityUserDAO.create();
+ securityUser.setLogin(login);
+ securityUser.setPassword(String.valueOf(password));
+
+ // on lui attribut tous les droits
+ SecurityRole role = securityRoleDAO.create();
+ role.setName("admin");
+ role.addPermissions("*:*");
+ securityUser.addRoles(role);
+
+ transaction.commitTransaction();
+ } else {
+ if (log.isDebugEnabled()) {
+ log.debug(count + " accounts found");
+ }
+ }
+ }
+
+ if (securityUser != null) {
+ result = new SimpleAuthenticationInfo(securityUser.getLogin(),
+ securityUser.getPassword(), getName());
+ }
+
+ } catch (TopiaException ex) {
+ throw new TopiaRuntimeException(ex);
+ } finally {
+ if (transaction != null) {
+ try {
+ transaction.closeContext();
+ } catch (TopiaException ex) {
+ throw new TopiaRuntimeException(ex);
+ }
+ }
+ }
+
+ return result;
+ }
+}
Property changes on: branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/TopiaSecurityRealm.java
___________________________________________________________________
Added: svn:keywords
+ Author Date Id Revision HeadURL
Copied: branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/AbstractAction.java (from rev 211, branches/nuiton-web-1.11-security/nuiton-secu/src/main/java/org/nuiton/web/secu/actions/AbstractSecuAction.java)
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/AbstractAction.java (rev 0)
+++ branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/AbstractAction.java 2012-10-16 15:25:31 UTC (rev 216)
@@ -0,0 +1,68 @@
+package org.nuiton.web.security.actions;
+
+import java.util.Map;
+
+import javax.servlet.ServletContext;
+
+import org.apache.struts2.interceptor.ParameterAware;
+import org.apache.struts2.util.ServletContextAware;
+import org.nuiton.topia.TopiaContext;
+import org.nuiton.util.ApplicationConfig;
+
+import com.opensymphony.xwork2.ActionSupport;
+
+public class AbstractAction extends ActionSupport implements ServletContextAware, ParameterAware {
+
+ /** serialVersionUID. */
+ private static final long serialVersionUID = -1097798007319592593L;
+
+ protected TopiaContext rootContext;
+ protected ApplicationConfig config;
+ protected Map<String, String[]> actionParameters;
+
+ @Override
+ public void setParameters(Map<String, String[]> parameters) {
+ this.actionParameters = parameters;
+ }
+
+ @Override
+ public void setServletContext(ServletContext context) {
+ config = (ApplicationConfig)context.getAttribute("ApplicationConfig");
+ rootContext = (TopiaContext)context.getAttribute("rootContext");
+ }
+
+ /**
+ * Renvoie la valeur d'un paramètre de la request. Cette méthode peut
+ * être appelée pour récupérer la valeur d'un paramètre avant que
+ * l'intercepteur pousse les valeurs saisies dans un formulaire.
+ *
+ * @param parameterKey l'identifiant du paramètre
+ * @return sa valeur
+ */
+ public String getParameter(String parameterKey) {
+ String result = null;
+ if (actionParameters != null) {
+ String[] parameterValues = actionParameters.get(parameterKey);
+ if (parameterValues != null && parameterValues.length >= 1) {
+ result = parameterValues[0];
+ }
+ }
+ return result;
+ }
+
+ /**
+ * Renvoie la valeur d'un paramètre de la request. Cette méthode peut
+ * être appelée pour récupérer la valeur d'un paramètre avant que
+ * l'intercepteur pousse les valeurs saisies dans un formulaire.
+ *
+ * @param parameterKey l'identifiant du paramètre
+ * @return sa valeur
+ */
+ public String[] getParameters(String parameterKey) {
+ String[] result = null;
+ if (actionParameters != null) {
+ result = actionParameters.get(parameterKey);
+ }
+ return result;
+ }
+}
Deleted: branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/AbstractSecuAction.java
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-secu/src/main/java/org/nuiton/web/secu/actions/AbstractSecuAction.java 2012-10-10 15:30:37 UTC (rev 211)
+++ branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/AbstractSecuAction.java 2012-10-16 15:25:31 UTC (rev 216)
@@ -1,68 +0,0 @@
-package org.nuiton.web.secu.actions;
-
-import java.util.Map;
-
-import javax.servlet.http.HttpServletRequest;
-
-import org.apache.struts2.interceptor.ParameterAware;
-import org.apache.struts2.interceptor.ServletRequestAware;
-import org.nuiton.topia.TopiaContext;
-import org.nuiton.web.filter.TopiaTransactionFilter;
-
-import com.opensymphony.xwork2.ActionSupport;
-
-public class AbstractSecuAction extends ActionSupport implements ServletRequestAware, ParameterAware {
-
- /** serialVersionUID. */
- private static final long serialVersionUID = -1097798007319592593L;
-
- /** Topia context associated with request. */
- protected TopiaContext transaction;
-
- protected Map<String, String[]> actionParameters;
-
- @Override
- public void setParameters(Map<String, String[]> parameters) {
- this.actionParameters = parameters;
- }
-
- @Override
- public void setServletRequest(HttpServletRequest request) {
- transaction = TopiaTransactionFilter.getTransaction(request);
- }
-
- /**
- * Renvoie la valeur d'un paramètre de la request. Cette méthode peut
- * être appelée pour récupérer la valeur d'un paramètre avant que
- * l'intercepteur pousse les valeurs saisies dans un formulaire.
- *
- * @param parameterKey l'identifiant du paramètre
- * @return sa valeur
- */
- public String getParameter(String parameterKey) {
- String result = null;
- if (actionParameters != null) {
- String[] parameterValues = actionParameters.get(parameterKey);
- if (parameterValues != null && parameterValues.length >= 1) {
- result = parameterValues[0];
- }
- }
- return result;
- }
-
- /**
- * Renvoie la valeur d'un paramètre de la request. Cette méthode peut
- * être appelée pour récupérer la valeur d'un paramètre avant que
- * l'intercepteur pousse les valeurs saisies dans un formulaire.
- *
- * @param parameterKey l'identifiant du paramètre
- * @return sa valeur
- */
- public String[] getParameters(String parameterKey) {
- String[] result = null;
- if (actionParameters != null) {
- result = actionParameters.get(parameterKey);
- }
- return result;
- }
-}
Copied: branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/LoginAction.java (from rev 214, branches/nuiton-web-1.11-security/nuiton-secu/src/main/java/org/nuiton/web/secu/actions/SecuLogin.java)
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/LoginAction.java (rev 0)
+++ branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/LoginAction.java 2012-10-16 15:25:31 UTC (rev 216)
@@ -0,0 +1,100 @@
+package org.nuiton.web.security.actions;
+
+import static org.nuiton.i18n.I18n._;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.shiro.SecurityUtils;
+import org.apache.shiro.authc.AuthenticationException;
+import org.apache.shiro.authc.ExcessiveAttemptsException;
+import org.apache.shiro.authc.IncorrectCredentialsException;
+import org.apache.shiro.authc.LockedAccountException;
+import org.apache.shiro.authc.UnknownAccountException;
+import org.apache.shiro.authc.UsernamePasswordToken;
+import org.apache.shiro.subject.Subject;
+import org.apache.shiro.web.util.SavedRequest;
+import org.apache.shiro.web.util.WebUtils;
+import org.apache.struts2.interceptor.ServletRequestAware;
+import org.apache.struts2.interceptor.ServletResponseAware;
+
+public class LoginAction extends AbstractAction implements ServletRequestAware, ServletResponseAware {
+
+ private static final Log log = LogFactory.getLog(LoginAction.class);
+
+ /** serialVersionUID. */
+ private static final long serialVersionUID = 1L;
+
+ protected String login;
+
+ protected String password;
+
+ protected HttpServletRequest request;
+ protected HttpServletResponse response;
+
+ @Override
+ public void setServletRequest(HttpServletRequest request) {
+ this.request = request;
+ }
+
+ @Override
+ public void setServletResponse(HttpServletResponse response) {
+ this.response = response;
+ }
+
+ public void setLogin(String login) {
+ this.login = login;
+ }
+
+ public void setPassword(String password) {
+ this.password = password;
+ }
+
+ @Override
+ public String execute() throws Exception {
+ String result = null;
+
+ if (login == null || password == null) {
+ result = input();
+ } else {
+ try {
+ Subject currentUser = SecurityUtils.getSubject();
+ UsernamePasswordToken token = new UsernamePasswordToken(login, password);
+ currentUser.login(token);
+ result = SUCCESS;
+ } catch (UnknownAccountException ex) {
+ addActionError(_("Identifiant ou mot de passe invalide !"));
+ log.warn("Unknow user account", ex);
+ result = input();
+ } catch (IncorrectCredentialsException ex) {
+ addActionError(_("Identifiant ou mot de passe invalide !"));
+ log.warn("Invalid password", ex);
+ result = input();
+ } catch (LockedAccountException ex) {
+ addActionError(_("Compte bloqué. Contacter un administrateur"));
+ log.error("Account locked error", ex);
+ result = input();
+ } catch (ExcessiveAttemptsException ex) {
+ addActionError(_("Nombre de tentatives dépassé"));
+ log.error("Excessive attemps error", ex);
+ result = input();
+ } catch (AuthenticationException ex) {
+ addActionError(ex.getMessage());
+ log.warn("Authentication error", ex);
+ result = input();
+ }
+
+ SavedRequest savedRequest = WebUtils.getAndClearSavedRequest(request);
+ if (savedRequest != null) { // can be
+ response.sendRedirect(savedRequest.getRequestUrl());
+ }
+ }
+ return result;
+ }
+
+
+
+
+}
Copied: branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/LogoutAction.java (from rev 214, branches/nuiton-web-1.11-security/nuiton-secu/src/main/java/org/nuiton/web/secu/actions/SecuLogout.java)
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/LogoutAction.java (rev 0)
+++ branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/LogoutAction.java 2012-10-16 15:25:31 UTC (rev 216)
@@ -0,0 +1,21 @@
+package org.nuiton.web.security.actions;
+
+import org.apache.shiro.SecurityUtils;
+import org.apache.shiro.subject.Subject;
+import org.nuiton.web.security.SecurityUserDAO;
+
+public class LogoutAction extends AbstractAction {
+
+ /** serialVersionUID. */
+ private static final long serialVersionUID = 1L;
+
+ protected SecurityUserDAO securityUserDAO;
+
+ @Override
+ public String execute() throws Exception {
+ Subject currentUser = SecurityUtils.getSubject();
+ currentUser.logout();
+
+ return SUCCESS;
+ }
+}
Copied: branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/RoleAction.java (from rev 214, branches/nuiton-web-1.11-security/nuiton-secu/src/main/java/org/nuiton/web/secu/actions/SecuRole.java)
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/RoleAction.java (rev 0)
+++ branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/RoleAction.java 2012-10-16 15:25:31 UTC (rev 216)
@@ -0,0 +1,55 @@
+package org.nuiton.web.security.actions;
+
+import org.apache.commons.lang3.StringUtils;
+import org.nuiton.topia.TopiaContext;
+import org.nuiton.topia.TopiaException;
+import org.nuiton.topia.TopiaRuntimeException;
+import org.nuiton.web.security.SecurityRole;
+import org.nuiton.web.security.SecurityRoleDAO;
+import org.nuiton.web.security.SecurityRoleImpl;
+
+public class RoleAction extends AbstractAction {
+
+ /** serialVersionUID. */
+ private static final long serialVersionUID = 1L;
+
+ protected SecurityRoleDAO securityRoleDAO;
+
+ protected SecurityRole role;
+
+ public SecurityRole getRole() {
+ if (role == null) {
+ String roleId = getParameter("roleId");
+ if (StringUtils.isNotBlank(roleId)) {
+ try {
+ role = securityRoleDAO.findByTopiaId(roleId);
+ } catch (TopiaException ex) {
+ throw new TopiaRuntimeException(ex);
+ }
+ } else {
+ role = new SecurityRoleImpl();
+ }
+ }
+ return role;
+ }
+
+ @Override
+ public String execute() throws Exception {
+ String result = super.execute();
+
+ try {
+ TopiaContext transaction = rootContext.beginTransaction();
+ if (role.getTopiaId() == null) {
+ securityRoleDAO.create(role);
+ } else {
+ securityRoleDAO.update(role);
+ }
+ transaction.commitTransaction();
+ transaction.closeContext();
+ } catch (Exception ex) {
+ addActionError(ex.getMessage());
+ result = input();
+ }
+ return result;
+ }
+}
Added: branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/RolePermissionsAction.java
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/RolePermissionsAction.java (rev 0)
+++ branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/RolePermissionsAction.java 2012-10-16 15:25:31 UTC (rev 216)
@@ -0,0 +1,128 @@
+package org.nuiton.web.security.actions;
+
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collection;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.Properties;
+
+import org.apache.commons.lang3.StringUtils;
+import org.nuiton.topia.TopiaContext;
+import org.nuiton.web.SecurityDAOHelper;
+import org.nuiton.web.security.SecurityRole;
+import org.nuiton.web.security.SecurityRoleDAO;
+import org.nuiton.web.security.SecurityUser;
+import org.nuiton.web.security.SecurityUserDAO;
+
+public class RolePermissionsAction extends AbstractAction {
+
+ /** serialVersionUID. */
+ private static final long serialVersionUID = 1L;
+
+ protected SecurityUserDAO securityUserDAO;
+
+ protected SecurityRoleDAO securityRoleDAO;
+
+ /** Id categories with name. */
+ protected Map<String, String> categories;
+ /** Id permission with name. */
+ protected Map<String, String> permissions;
+ /** Id categories with permissions ids. */
+ protected Map<String, Collection<String>> categoryPermissions;
+ /** Id permission with permissions strings. */
+ protected Map<String, Collection<String>> shiroPerms;
+
+ protected List<SecurityRole> roles;
+
+ protected List<String> userIds;
+
+ @Override
+ public String input() throws Exception {
+ TopiaContext transaction = rootContext.beginTransaction();
+ securityRoleDAO = SecurityDAOHelper.getSecurityRoleDAO(transaction);
+ roles = securityRoleDAO.findAllWithOrder(SecurityRole.NAME);
+ transaction.closeContext();
+
+ categories = new HashMap<String, String>();
+ permissions = new HashMap<String, String>();
+ categoryPermissions = new HashMap<String, Collection<String>>();
+ shiroPerms = new HashMap<String, Collection<String>>();
+ Properties props = config.getFlatOptions();
+ for (String prop : props.stringPropertyNames()) {
+ if (prop.startsWith("topia.security.permission.")) {
+ String endProp = StringUtils.removeStart(prop, "topia.security.permission.");
+ String[] subs = endProp.split("\\.");
+ if (subs.length == 1) {
+ categories.put(subs[0], props.getProperty(prop));
+ } else if (subs.length == 2) {
+ String perms = props.getProperty(prop);
+ String[] permTab = perms.split("\\s*\\.\\s*");
+ Collection<String> permList = Arrays.asList(permTab);
+ shiroPerms.put(subs[0], permList);
+ } else if (subs.length == 3) {
+ // name
+ String name = props.getProperty(prop);
+ permissions.put(subs[1], name);
+ // association
+ Collection<String> categoryPermissionCol = categoryPermissions.get(subs[0]);
+ if (categoryPermissionCol == null) {
+ categoryPermissionCol = new ArrayList<String>();
+ categoryPermissions.put(subs[0], categoryPermissionCol);
+ }
+ categoryPermissionCol.add(subs[1]);
+ }
+ }
+ }
+ return super.input();
+ }
+
+ public List<SecurityRole> getRoles() {
+ return roles;
+ }
+
+ public Map<String, String> getCategories() {
+ return categories;
+ }
+
+ public Map<String, String> getPermissions() {
+ return permissions;
+ }
+
+ public Map<String, Collection<String>> getCategoryPermissions() {
+ return categoryPermissions;
+ }
+
+ @Override
+ public String execute() throws Exception {
+ String result = super.execute();
+
+ if (userIds == null) {
+ result = input();
+ } else {
+ try {
+ TopiaContext transaction = rootContext.beginTransaction();
+ securityUserDAO = SecurityDAOHelper.getSecurityUserDAO(transaction);
+ securityRoleDAO = SecurityDAOHelper.getSecurityRoleDAO(transaction);
+ for (String userId : userIds) {
+ SecurityUser securityUser = securityUserDAO.findByTopiaId(userId);
+ securityUser.clearRoles();
+
+ String[] roleIds = getParameters("roles-" + userId);
+ if (roleIds != null) {
+ for (String roleId : roleIds) {
+ SecurityRole secuRole = securityRoleDAO.findByTopiaId(roleId);
+ securityUser.addRoles(secuRole);
+ }
+ }
+ }
+ transaction.commitTransaction();
+ } catch (Exception ex) {
+ addActionError(ex.getMessage());
+ result = input();
+ }
+ }
+ return result;
+ }
+}
Property changes on: branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/RolePermissionsAction.java
___________________________________________________________________
Added: svn:keywords
+ Author Date Id Revision HeadURL
Deleted: branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/SecuMatrix.java
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-secu/src/main/java/org/nuiton/web/secu/actions/SecuMatrix.java 2012-10-10 15:30:37 UTC (rev 211)
+++ branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/SecuMatrix.java 2012-10-16 15:25:31 UTC (rev 216)
@@ -1,89 +0,0 @@
-package org.nuiton.web.secu.actions;
-
-import java.util.List;
-
-import javax.servlet.http.HttpServletRequest;
-
-import org.nuiton.web.SecuDAOHelper;
-import org.nuiton.web.filter.TopiaTransactionFilter;
-import org.nuiton.web.secu.SecuRole;
-import org.nuiton.web.secu.SecuRoleDAO;
-import org.nuiton.web.secu.SecuUser;
-import org.nuiton.web.secu.SecuUserDAO;
-
-import com.opensymphony.xwork2.Preparable;
-
-public class SecuMatrix extends AbstractSecuAction implements Preparable {
-
- /** serialVersionUID. */
- private static final long serialVersionUID = 1L;
-
- protected SecuUserDAO secuUserDAO;
-
- protected SecuRoleDAO secuRoleDAO;
-
- protected List<SecuUser> users;
-
- protected List<SecuRole> roles;
-
- protected List<String> userIds;
-
- @Override
- public void setServletRequest(HttpServletRequest request) {
- transaction = TopiaTransactionFilter.getTransaction(request);
- }
-
- @Override
- public void prepare() throws Exception {
- secuUserDAO = SecuDAOHelper.getSecuUserDAO(transaction);
- secuRoleDAO = SecuDAOHelper.getSecuRoleDAO(transaction);
- }
-
- @Override
- public String input() throws Exception {
- users = secuUserDAO.findAllWithOrder(SecuUser.LOGIN);
- roles = secuRoleDAO.findAllWithOrder(SecuRole.NAME);
- return super.input();
- }
-
- public List<SecuUser> getUsers() {
- return users;
- }
-
- public List<SecuRole> getRoles() {
- return roles;
- }
-
- public void setUserIds(List<String> userIds) {
- this.userIds = userIds;
- }
-
- @Override
- public String execute() throws Exception {
- String result = super.execute();
-
- if (userIds == null) {
- result = input();
- } else {
- try {
- for (String userId : userIds) {
- SecuUser secuUser = secuUserDAO.findByTopiaId(userId);
- secuUser.clearPermissions();
-
- String[] permissions = getParameters("permissions-" + userId);
- if (permissions != null) {
- for (String permission : permissions) {
- SecuRole secuRole = secuRoleDAO.findByTopiaId(permission);
- secuUser.addPermissions(secuRole);
- }
- }
- }
- transaction.commitTransaction();
- } catch (Exception ex) {
- addActionError(ex.getMessage());
- result = input();
- }
- }
- return result;
- }
-}
Deleted: branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/SecuRole.java
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-secu/src/main/java/org/nuiton/web/secu/actions/SecuRole.java 2012-10-10 15:30:37 UTC (rev 211)
+++ branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/SecuRole.java 2012-10-16 15:25:31 UTC (rev 216)
@@ -1,76 +0,0 @@
-package org.nuiton.web.secu.actions;
-
-import javax.servlet.http.HttpServletRequest;
-
-import org.apache.commons.lang3.StringUtils;
-import org.nuiton.topia.TopiaContext;
-import org.nuiton.topia.TopiaException;
-import org.nuiton.topia.TopiaRuntimeException;
-import org.nuiton.web.SecuDAOHelper;
-import org.nuiton.web.filter.TopiaTransactionFilter;
-import org.nuiton.web.secu.SecuRoleDAO;
-import org.nuiton.web.secu.SecuRoleImpl;
-
-import com.opensymphony.xwork2.Preparable;
-
-public class SecuRole extends AbstractSecuAction implements Preparable {
-
- /** serialVersionUID. */
- private static final long serialVersionUID = 1L;
-
- /** Topia context associated with request. */
- protected TopiaContext transaction;
-
- protected SecuRoleDAO secuRoleDAO;
-
- protected org.nuiton.web.secu.SecuRole role;
-
- @Override
- public void setServletRequest(HttpServletRequest request) {
- transaction = TopiaTransactionFilter.getTransaction(request);
- }
-
- @Override
- public void prepare() throws Exception {
- secuRoleDAO = SecuDAOHelper.getSecuRoleDAO(transaction);
- }
-
- @Override
- public String input() throws Exception {
- return super.input();
- }
-
- public org.nuiton.web.secu.SecuRole getRole() {
- if (role == null) {
- String roleId = getParameter("roleId");
- if (StringUtils.isNotBlank(roleId)) {
- try {
- role = secuRoleDAO.findByTopiaId(roleId);
- } catch (TopiaException ex) {
- throw new TopiaRuntimeException(ex);
- }
- } else {
- role = new SecuRoleImpl();
- }
- }
- return role;
- }
-
- @Override
- public String execute() throws Exception {
- String result = super.execute();
-
- try {
- if (role.getTopiaId() == null) {
- secuRoleDAO.create(role);
- } else {
- secuRoleDAO.update(role);
- }
- transaction.commitTransaction();
- } catch (Exception ex) {
- addActionError(ex.getMessage());
- result = input();
- }
- return result;
- }
-}
Deleted: branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/SecuUser.java
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-secu/src/main/java/org/nuiton/web/secu/actions/SecuUser.java 2012-10-10 15:30:37 UTC (rev 211)
+++ branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/SecuUser.java 2012-10-16 15:25:31 UTC (rev 216)
@@ -1,76 +0,0 @@
-package org.nuiton.web.secu.actions;
-
-import javax.servlet.http.HttpServletRequest;
-
-import org.apache.commons.lang3.StringUtils;
-import org.nuiton.topia.TopiaContext;
-import org.nuiton.topia.TopiaException;
-import org.nuiton.topia.TopiaRuntimeException;
-import org.nuiton.web.SecuDAOHelper;
-import org.nuiton.web.filter.TopiaTransactionFilter;
-import org.nuiton.web.secu.SecuUserDAO;
-import org.nuiton.web.secu.SecuUserImpl;
-
-import com.opensymphony.xwork2.Preparable;
-
-public class SecuUser extends AbstractSecuAction implements Preparable {
-
- /** serialVersionUID. */
- private static final long serialVersionUID = 1L;
-
- /** Topia context associated with request. */
- protected TopiaContext transaction;
-
- protected SecuUserDAO secuUserDAO;
-
- protected org.nuiton.web.secu.SecuUser user;
-
- @Override
- public void setServletRequest(HttpServletRequest request) {
- transaction = TopiaTransactionFilter.getTransaction(request);
- }
-
- @Override
- public void prepare() throws Exception {
- secuUserDAO = SecuDAOHelper.getSecuUserDAO(transaction);
- }
-
- @Override
- public String input() throws Exception {
- return super.input();
- }
-
- public org.nuiton.web.secu.SecuUser getUser() {
- if (user == null) {
- String roleId = getParameter("userId");
- if (StringUtils.isNotBlank(roleId)) {
- try {
- user = secuUserDAO.findByTopiaId(roleId);
- } catch (TopiaException ex) {
- throw new TopiaRuntimeException(ex);
- }
- } else {
- user = new SecuUserImpl();
- }
- }
- return user;
- }
-
- @Override
- public String execute() throws Exception {
- String result = super.execute();
-
- try {
- if (user.getTopiaId() == null) {
- secuUserDAO.create(user);
- } else {
- secuUserDAO.update(user);
- }
- transaction.commitTransaction();
- } catch (Exception ex) {
- addActionError(ex.getMessage());
- result = input();
- }
- return result;
- }
-}
Copied: branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/UserAction.java (from rev 214, branches/nuiton-web-1.11-security/nuiton-secu/src/main/java/org/nuiton/web/secu/actions/SecuUser.java)
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/UserAction.java (rev 0)
+++ branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/UserAction.java 2012-10-16 15:25:31 UTC (rev 216)
@@ -0,0 +1,57 @@
+package org.nuiton.web.security.actions;
+
+import org.apache.commons.lang3.StringUtils;
+import org.nuiton.topia.TopiaContext;
+import org.nuiton.topia.TopiaException;
+import org.nuiton.topia.TopiaRuntimeException;
+import org.nuiton.web.SecurityDAOHelper;
+import org.nuiton.web.security.SecurityUser;
+import org.nuiton.web.security.SecurityUserDAO;
+import org.nuiton.web.security.SecurityUserImpl;
+
+public class UserAction extends AbstractAction {
+
+ /** serialVersionUID. */
+ private static final long serialVersionUID = 1L;
+
+ protected SecurityUserDAO securityUserDAO;
+
+ protected SecurityUser user;
+
+ public SecurityUser getUser() {
+ if (user == null) {
+ String roleId = getParameter("userId");
+ if (StringUtils.isNotBlank(roleId)) {
+ try {
+ user = securityUserDAO.findByTopiaId(roleId);
+ } catch (TopiaException ex) {
+ throw new TopiaRuntimeException(ex);
+ }
+ } else {
+ user = new SecurityUserImpl();
+ }
+ }
+ return user;
+ }
+
+ @Override
+ public String execute() throws Exception {
+ String result = super.execute();
+
+ try {
+ TopiaContext transaction = rootContext.beginTransaction();
+ securityUserDAO = SecurityDAOHelper.getSecurityUserDAO(transaction);
+ if (user.getTopiaId() == null) {
+ securityUserDAO.create(user);
+ } else {
+ securityUserDAO.update(user);
+ }
+ transaction.commitTransaction();
+ transaction.closeContext();
+ } catch (Exception ex) {
+ addActionError(ex.getMessage());
+ result = input();
+ }
+ return result;
+ }
+}
Copied: branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/UserRolesAction.java (from rev 211, branches/nuiton-web-1.11-security/nuiton-secu/src/main/java/org/nuiton/web/secu/actions/SecuMatrix.java)
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/UserRolesAction.java (rev 0)
+++ branches/nuiton-web-1.11-security/nuiton-security/src/main/java/org/nuiton/web/security/actions/UserRolesAction.java 2012-10-16 15:25:31 UTC (rev 216)
@@ -0,0 +1,82 @@
+package org.nuiton.web.security.actions;
+
+import java.util.List;
+
+import org.nuiton.topia.TopiaContext;
+import org.nuiton.web.SecurityDAOHelper;
+import org.nuiton.web.security.SecurityRole;
+import org.nuiton.web.security.SecurityRoleDAO;
+import org.nuiton.web.security.SecurityUser;
+import org.nuiton.web.security.SecurityUserDAO;
+
+public class UserRolesAction extends AbstractAction {
+
+ /** serialVersionUID. */
+ private static final long serialVersionUID = 1L;
+
+ protected SecurityUserDAO securityUserDAO;
+
+ protected SecurityRoleDAO securityRoleDAO;
+
+ protected List<SecurityUser> users;
+
+ protected List<SecurityRole> roles;
+
+ protected List<String> userIds;
+
+ @Override
+ public String input() throws Exception {
+ TopiaContext transaction = rootContext.beginTransaction();
+ securityUserDAO = SecurityDAOHelper.getSecurityUserDAO(transaction);
+ securityRoleDAO = SecurityDAOHelper.getSecurityRoleDAO(transaction);
+ users = securityUserDAO.findAllWithOrder(SecurityUser.LOGIN);
+ roles = securityRoleDAO.findAllWithOrder(SecurityRole.NAME);
+ transaction.closeContext();
+ return super.input();
+ }
+
+ public List<SecurityUser> getUsers() {
+ return users;
+ }
+
+ public List<SecurityRole> getRoles() {
+ return roles;
+ }
+
+ public void setUserIds(List<String> userIds) {
+ this.userIds = userIds;
+ }
+
+ @Override
+ public String execute() throws Exception {
+ String result = super.execute();
+
+ if (userIds == null) {
+ result = input();
+ } else {
+ try {
+ TopiaContext transaction = rootContext.beginTransaction();
+ securityUserDAO = SecurityDAOHelper.getSecurityUserDAO(transaction);
+ securityRoleDAO = SecurityDAOHelper.getSecurityRoleDAO(transaction);
+ for (String userId : userIds) {
+ SecurityUser securityUser = securityUserDAO.findByTopiaId(userId);
+ securityUser.clearRoles();
+
+ String[] roleIds = getParameters("roles-" + userId);
+ if (roleIds != null) {
+ for (String roleId : roleIds) {
+ SecurityRole secuRole = securityRoleDAO.findByTopiaId(roleId);
+ securityUser.addRoles(secuRole);
+ }
+ }
+ }
+ transaction.commitTransaction();
+ transaction.closeContext();
+ } catch (Exception ex) {
+ addActionError(ex.getMessage());
+ result = input();
+ }
+ }
+ return result;
+ }
+}
Deleted: branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/secu/secu-login.jsp
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-secu/src/main/resources/WEB-INF/secu/secu-login.jsp 2012-10-10 15:30:37 UTC (rev 211)
+++ branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/secu/secu-login.jsp 2012-10-16 15:25:31 UTC (rev 216)
@@ -1,22 +0,0 @@
-<%@ page language="java" contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
-<%@taglib uri="/struts-tags" prefix="s" %>
-<html xmlns="http://www.w3.org/1999/xhtml">
- <head>
- <title>Sécurité</title>
- </head>
-
- <body>
-
- <h1>Sécurité</h1>
-
- <h2>Utilisateur</h2>
-
- <s:form action="secu-login" namespace="/secu">
- <s:actionerror />
- <s:textfield label="Identifiant" name="login" />
- <s:password label="Mot de passe" name="password" />
- <s:submit label="Connexion" />
- </s:form>
- </body>
-</html>
\ No newline at end of file
Copied: branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/login.jsp (from rev 214, branches/nuiton-web-1.11-security/nuiton-secu/src/main/resources/WEB-INF/secu/secu-login.jsp)
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/login.jsp (rev 0)
+++ branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/login.jsp 2012-10-16 15:25:31 UTC (rev 216)
@@ -0,0 +1,22 @@
+<%@ page language="java" contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<%@taglib uri="/struts-tags" prefix="s" %>
+<html xmlns="http://www.w3.org/1999/xhtml">
+ <head>
+ <title>Authentification requise</title>
+ </head>
+
+ <body>
+
+ <h1>Authentification requise</h1>
+
+ <h2>Connexion</h2>
+
+ <s:form action="login" namespace="/security">
+ <s:actionerror />
+ <s:textfield label="Identifiant" name="login" />
+ <s:password label="Mot de passe" name="password" />
+ <s:submit label="Connexion" />
+ </s:form>
+ </body>
+</html>
\ No newline at end of file
Copied: branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/role.jsp (from rev 211, branches/nuiton-web-1.11-security/nuiton-secu/src/main/resources/WEB-INF/secu/secu-role.jsp)
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/role.jsp (rev 0)
+++ branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/role.jsp 2012-10-16 15:25:31 UTC (rev 216)
@@ -0,0 +1,22 @@
+<%@ page language="java" contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<%@taglib uri="/struts-tags" prefix="s" %>
+<html xmlns="http://www.w3.org/1999/xhtml">
+ <head>
+ <title>Sécurité</title>
+ </head>
+
+ <body>
+
+ <h1>Sécurité</h1>
+
+ <h2>Role</h2>
+
+ <s:form action="role" namespace="/security">
+ <s:actionerror />
+ <s:hidden name="roleId" value="%{role.topiaId}" />
+ <s:textfield label="Nom" name="role.name" value="%{role.name}"/>
+ <s:submit label="Valider" />
+ </s:form>
+ </body>
+</html>
\ No newline at end of file
Deleted: branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/secu-login.jsp
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-secu/src/main/resources/WEB-INF/secu/secu-login.jsp 2012-10-10 15:30:37 UTC (rev 211)
+++ branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/secu-login.jsp 2012-10-16 15:25:31 UTC (rev 216)
@@ -1,22 +0,0 @@
-<%@ page language="java" contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
-<%@taglib uri="/struts-tags" prefix="s" %>
-<html xmlns="http://www.w3.org/1999/xhtml">
- <head>
- <title>Sécurité</title>
- </head>
-
- <body>
-
- <h1>Sécurité</h1>
-
- <h2>Utilisateur</h2>
-
- <s:form action="secu-login" namespace="/secu">
- <s:actionerror />
- <s:textfield label="Identifiant" name="login" />
- <s:password label="Mot de passe" name="password" />
- <s:submit label="Connexion" />
- </s:form>
- </body>
-</html>
\ No newline at end of file
Deleted: branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/secu-matrix.jsp
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-secu/src/main/resources/WEB-INF/secu/secu-matrix.jsp 2012-10-10 15:30:37 UTC (rev 211)
+++ branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/secu-matrix.jsp 2012-10-16 15:25:31 UTC (rev 216)
@@ -1,72 +0,0 @@
-<%@ page language="java" contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
-<%@taglib uri="/struts-tags" prefix="s" %>
-<html xmlns="http://www.w3.org/1999/xhtml">
- <head>
- <title>Sécurité</title>
- </head>
-
- <body>
-
- <h1>Sécurité</h1>
-
- <h2>Permission</h2>
-
- <form action="<s:url action="secu-matrix" namespace="/secu" />" method="post">
- <table class="secu-roletable">
- <tr>
- <td colspan="2" class="empty"/>
- <s:if test="!roles.empty">
- <th colspan="<s:property value="roles.size()" />">Rôles</th>
- </s:if>
- </tr>
- <tr>
- <td colspan="2" class="empty"/>
- <s:iterator value="roles">
- <td>
- <a href="<s:url action='secu-role!input' namespace='/secu'>
- <s:param name="roleId"><s:property value="topiaId" /></s:param>
- </s:url>">
- <s:property value="name" />
- </a>
- </td>
- </s:iterator>
- </tr>
- <s:iterator value="users" var="user" status="userStatus">
- <input type="hidden" name="userIds" value="<s:property value="topiaId" />" />
- <tr>
- <s:if test="#userStatus.first">
- <th rowspan="<s:property value="users.size()" />" class="vertical">Utilisateurs</th>
- </s:if>
- <td>
- <a href="<s:url action='secu-user!input' namespace='/secu'>
- <s:param name="userId"><s:property value="topiaId" /></s:param>
- </s:url>">
- <s:property value="login" />
- </a>
- </td>
- <s:iterator value="roles" var="role">
- <td>
- <input id="<s:property value="#user.topiaId" /><s:property value="#user.topiaId" />"
- type="checkbox" name="permissions-<s:property value="#user.topiaId" />" value="<s:property value="#role.topiaId" />"
- <s:if test="#user.permissions.contains(#role)" >
- checked="checked"
- </s:if> />
- </td>
- </s:iterator>
- </tr>
- </s:iterator>
- </table>
- <input type="submit" value="Valider" />
- </form>
-
- <h2>Gestion</h2>
-
- <div class="secu-newuser">
- <a href="<s:url action='secu-user!input' namespace='/secu' />">Nouvel utilisateur</a>
- </div>
- <div class="secu-newrole">
- <a href="<s:url action='secu-role!input' namespace='/secu' />">Nouveau rôle</a>
- </div>
- </body>
-</html>
\ No newline at end of file
Deleted: branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/secu-role.jsp
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-secu/src/main/resources/WEB-INF/secu/secu-role.jsp 2012-10-10 15:30:37 UTC (rev 211)
+++ branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/secu-role.jsp 2012-10-16 15:25:31 UTC (rev 216)
@@ -1,22 +0,0 @@
-<%@ page language="java" contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
-<%@taglib uri="/struts-tags" prefix="s" %>
-<html xmlns="http://www.w3.org/1999/xhtml">
- <head>
- <title>Sécurité</title>
- </head>
-
- <body>
-
- <h1>Sécurité</h1>
-
- <h2>Role</h2>
-
- <s:form action="secu-role" namespace="/secu">
- <s:actionerror />
- <s:hidden name="roleId" value="%{role.topiaId}" />
- <s:textfield label="Nom" name="role.name" value="%{role.name}"/>
- <s:submit label="Valider" />
- </s:form>
- </body>
-</html>
\ No newline at end of file
Deleted: branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/secu-user.jsp
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-secu/src/main/resources/WEB-INF/secu/secu-user.jsp 2012-10-10 15:30:37 UTC (rev 211)
+++ branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/secu-user.jsp 2012-10-16 15:25:31 UTC (rev 216)
@@ -1,21 +0,0 @@
-<%@ page language="java" contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
-<%@taglib uri="/struts-tags" prefix="s" %>
-<html xmlns="http://www.w3.org/1999/xhtml">
- <head>
- <title>Secu</title>
- </head>
-
- <body>
-
- <h1>Sécurité</h1>
-
- <s:form action="secu-user" namespace="/secu">
- <s:actionerror />
- <s:hidden name="userId" value="%{user.topiaId}" />
- <s:textfield label="Identifiant" name="user.login" value="%{user.login}"/>
- <s:password label="Mot de passe" name="user.password" value="%{user.password}" />
- <s:submit label="Valider" />
- </s:form>
- </body>
-</html>
\ No newline at end of file
Copied: branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/user-roles.jsp (from rev 211, branches/nuiton-web-1.11-security/nuiton-secu/src/main/resources/WEB-INF/secu/secu-matrix.jsp)
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/user-roles.jsp (rev 0)
+++ branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/user-roles.jsp 2012-10-16 15:25:31 UTC (rev 216)
@@ -0,0 +1,72 @@
+<%@ page language="java" contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<%@taglib uri="/struts-tags" prefix="s" %>
+<html xmlns="http://www.w3.org/1999/xhtml">
+ <head>
+ <title>Sécurité</title>
+ </head>
+
+ <body>
+
+ <h1>Sécurité</h1>
+
+ <h2>Permission</h2>
+
+ <form action="<s:url action="user-roles" namespace="/security" />" method="post">
+ <table class="secu-roletable">
+ <tr>
+ <td colspan="2" class="empty"/>
+ <s:if test="!roles.empty">
+ <th colspan="<s:property value="roles.size()" />">Rôles</th>
+ </s:if>
+ </tr>
+ <tr>
+ <td colspan="2" class="empty"/>
+ <s:iterator value="roles">
+ <td>
+ <a href="<s:url action='role!input' namespace='/security'>
+ <s:param name="roleId"><s:property value="topiaId" /></s:param>
+ </s:url>">
+ <s:property value="name" />
+ </a>
+ </td>
+ </s:iterator>
+ </tr>
+ <s:iterator value="users" var="user" status="userStatus">
+ <input type="hidden" name="userIds" value="<s:property value="topiaId" />" />
+ <tr>
+ <s:if test="#userStatus.first">
+ <th rowspan="<s:property value="users.size()" />" class="vertical">Utilisateurs</th>
+ </s:if>
+ <td>
+ <a href="<s:url action='user!input' namespace='/security'>
+ <s:param name="userId"><s:property value="topiaId" /></s:param>
+ </s:url>">
+ <s:property value="login" />
+ </a>
+ </td>
+ <s:iterator value="roles" var="role">
+ <td>
+ <input id="<s:property value="#user.topiaId" /><s:property value="#user.topiaId" />"
+ type="checkbox" name="roles-<s:property value="#user.topiaId" />" value="<s:property value="#role.topiaId" />"
+ <s:if test="#user.roles.contains(#role)" >
+ checked="checked"
+ </s:if> />
+ </td>
+ </s:iterator>
+ </tr>
+ </s:iterator>
+ </table>
+ <input type="submit" value="Valider" />
+ </form>
+
+ <h2>Gestion</h2>
+
+ <div class="secu-newuser">
+ <a href="<s:url action='secu-user!input' namespace='/secu' />">Nouvel utilisateur</a>
+ </div>
+ <div class="secu-newrole">
+ <a href="<s:url action='secu-role!input' namespace='/secu' />">Nouveau rôle</a>
+ </div>
+ </body>
+</html>
\ No newline at end of file
Copied: branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/user.jsp (from rev 211, branches/nuiton-web-1.11-security/nuiton-secu/src/main/resources/WEB-INF/secu/secu-user.jsp)
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/user.jsp (rev 0)
+++ branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/WEB-INF/security/user.jsp 2012-10-16 15:25:31 UTC (rev 216)
@@ -0,0 +1,21 @@
+<%@ page language="java" contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<%@taglib uri="/struts-tags" prefix="s" %>
+<html xmlns="http://www.w3.org/1999/xhtml">
+ <head>
+ <title>Secu</title>
+ </head>
+
+ <body>
+
+ <h1>Sécurité</h1>
+
+ <s:form action="secu-user" namespace="/secu">
+ <s:actionerror />
+ <s:hidden name="userId" value="%{user.topiaId}" />
+ <s:textfield label="Identifiant" name="user.login" value="%{user.login}"/>
+ <s:password label="Mot de passe" name="user.password" value="%{user.password}" />
+ <s:submit label="Valider" />
+ </s:form>
+ </body>
+</html>
\ No newline at end of file
Deleted: branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/i18n/nuiton-secu_en_GB.properties
===================================================================
Deleted: branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/i18n/nuiton-secu_fr_FR.properties
===================================================================
Added: branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/i18n/nuiton-security_en_GB.properties
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/i18n/nuiton-security_en_GB.properties (rev 0)
+++ branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/i18n/nuiton-security_en_GB.properties 2012-10-16 15:25:31 UTC (rev 216)
@@ -0,0 +1,3 @@
+Compte\ bloqué.\ Contacter\ un\ administrateur=
+Identifiant\ ou\ mot\ de\ passe\ invalide\ \!=
+Nombre\ de\ tentatives\ dépassé=
Added: branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/i18n/nuiton-security_fr_FR.properties
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/i18n/nuiton-security_fr_FR.properties (rev 0)
+++ branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/i18n/nuiton-security_fr_FR.properties 2012-10-16 15:25:31 UTC (rev 216)
@@ -0,0 +1,3 @@
+Compte\ bloqué.\ Contacter\ un\ administrateur=
+Identifiant\ ou\ mot\ de\ passe\ invalide\ \!=
+Nombre\ de\ tentatives\ dépassé=
Deleted: branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/i18n/secu-lib_fr_FR.properties
===================================================================
Deleted: branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/struts.xml
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-secu/src/main/resources/struts.xml 2012-10-10 15:30:37 UTC (rev 211)
+++ branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/struts.xml 2012-10-16 15:25:31 UTC (rev 216)
@@ -1,34 +0,0 @@
-<!DOCTYPE struts PUBLIC
- "-//Apache Software Foundation//DTD Struts Configuration 2.3//EN"
- "http://struts.apache.org/dtds/struts-2.3.dtd">
-<struts>
-
- <package name="secu" abstract="true" extends="struts-default">
-
- </package>
-
-
- <package name="org.nuiton.web.secu.actions" namespace="/secu" extends="secu">
- <default-action-ref name="secu-matrix"/>
-
- <action name="secu-matrix" class="org.nuiton.web.secu.actions.SecuMatrix">
- <result name="input">/WEB-INF/secu/secu-matrix.jsp</result>
- <result name="success" type="redirectAction">
- <param name="actionName">secu-matrix</param>
- </result>
- </action>
- <action name="secu-role" class="org.nuiton.web.secu.actions.SecuRole">
- <result name="input">/WEB-INF/secu/secu-role.jsp</result>
- <result name="success" type="redirectAction">
- <param name="actionName">secu-matrix</param>
- </result>
- </action>
- <action name="secu-user" class="org.nuiton.web.secu.actions.SecuUser">
- <result name="input">/WEB-INF/secu/secu-user.jsp</result>
- <result name="success" type="redirectAction">
- <param name="actionName">secu-matrix</param>
- </result>
- </action>
- </package>
-
-</struts>
Copied: branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/struts.xml (from rev 214, branches/nuiton-web-1.11-security/nuiton-secu/src/main/resources/struts.xml)
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/struts.xml (rev 0)
+++ branches/nuiton-web-1.11-security/nuiton-security/src/main/resources/struts.xml 2012-10-16 15:25:31 UTC (rev 216)
@@ -0,0 +1,47 @@
+<!DOCTYPE struts PUBLIC
+ "-//Apache Software Foundation//DTD Struts Configuration 2.3//EN"
+ "http://struts.apache.org/dtds/struts-2.3.dtd">
+<struts>
+
+ <package name="org.nuiton.web.secu.actions" namespace="/security" extends="struts-default">
+ <default-action-ref name="user-roles"/>
+
+ <action name="user-roles" class="org.nuiton.web.security.actions.UserRolesAction">
+ <result name="input">/WEB-INF/security/user-roles.jsp</result>
+ <result name="success" type="redirectAction">
+ <param name="actionName">user-roles</param>
+ </result>
+ </action>
+ <action name="role-permissions" class="org.nuiton.web.security.actions.RolePermissionsAction">
+ <result name="input">/WEB-INF/security/role-permissions.jsp</result>
+ <result name="success" type="redirectAction">
+ <param name="actionName">user-roles</param>
+ </result>
+ </action>
+ <action name="role" class="org.nuiton.web.security.actions.RoleAction">
+ <result name="input">/WEB-INF/security/role.jsp</result>
+ <result name="success" type="redirectAction">
+ <param name="actionName">user-roles</param>
+ </result>
+ </action>
+ <action name="user" class="org.nuiton.web.security.actions.UserAction">
+ <result name="input">/WEB-INF/security/user.jsp</result>
+ <result name="success" type="redirectAction">
+ <param name="actionName">user-roles</param>
+ </result>
+ </action>
+ <action name="login" class="org.nuiton.web.security.actions.LoginAction">
+ <result name="input">/WEB-INF/security/login.jsp</result>
+ <result name="success" type="redirectAction">
+ <param name="actionName">user-roles</param>
+ </result>
+ </action>
+ <action name="logout" class="org.nuiton.web.security.actions.LogoutAction">
+ <result name="success" type="redirectAction">
+ <param name="actionName">index</param>
+ <param name="namespace">/</param>
+ </result>
+ </action>
+ </package>
+
+</struts>
Deleted: branches/nuiton-web-1.11-security/nuiton-security/src/main/xmi/secu.properties
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-secu/src/main/xmi/secu.properties 2012-10-10 15:30:37 UTC (rev 211)
+++ branches/nuiton-web-1.11-security/nuiton-security/src/main/xmi/secu.properties 2012-10-16 15:25:31 UTC (rev 216)
@@ -1 +0,0 @@
-model.tagvalue.String=text
Deleted: branches/nuiton-web-1.11-security/nuiton-security/src/main/xmi/secu.zargo
===================================================================
(Binary files differ)
Copied: branches/nuiton-web-1.11-security/nuiton-security/src/main/xmi/security.properties (from rev 211, branches/nuiton-web-1.11-security/nuiton-secu/src/main/xmi/secu.properties)
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-security/src/main/xmi/security.properties (rev 0)
+++ branches/nuiton-web-1.11-security/nuiton-security/src/main/xmi/security.properties 2012-10-16 15:25:31 UTC (rev 216)
@@ -0,0 +1,2 @@
+model.tagvalue.String=text
+org.nuiton.web.security.SecurityUser.attribute.roles.tagvalue.lazy=false
\ No newline at end of file
Added: branches/nuiton-web-1.11-security/nuiton-security/src/main/xmi/security.zargo
===================================================================
(Binary files differ)
Property changes on: branches/nuiton-web-1.11-security/nuiton-security/src/main/xmi/security.zargo
___________________________________________________________________
Added: svn:mime-type
+ application/zip
Modified: branches/nuiton-web-1.11-security/pom.xml
===================================================================
--- branches/nuiton-web-1.11-security/pom.xml 2012-10-16 15:22:08 UTC (rev 215)
+++ branches/nuiton-web-1.11-security/pom.xml 2012-10-16 15:25:31 UTC (rev 216)
@@ -23,7 +23,7 @@
<module>nuiton-tapestry</module>
<module>nuiton-rss</module>
<module>nuiton-gwt</module>
- <module>nuiton-secu</module>
+ <module>nuiton-security</module>
</modules>
<dependencyManagement>
@@ -177,8 +177,13 @@
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-core</artifactId>
- <version>1.2.1</version>
+ <version>${shiroVersion}</version>
</dependency>
+ <dependency>
+ <groupId>org.apache.shiro</groupId>
+ <artifactId>shiro-web</artifactId>
+ <version>${shiroVersion}</version>
+ </dependency>
</dependencies>
@@ -249,7 +254,7 @@
<projectId>nuiton-web</projectId>
<nuitonI18nVersion>2.5</nuitonI18nVersion>
- <nuitonUtilsVersion>2.4.8</nuitonUtilsVersion>
+ <nuitonUtilsVersion>2.6.3</nuitonUtilsVersion>
<nuitonI18nPluginVersion>${nuitonI18nVersion}</nuitonI18nPluginVersion>
<topiaVersion>2.6.10</topiaVersion>
@@ -265,6 +270,7 @@
<!-- Strust 2 -->
<struts2Version>2.3.4</struts2Version>
+ <shiroVersion>1.2.1</shiroVersion>
<servletApiVersion>2.5</servletApiVersion>
<jettyVersion>${jettyPluginVersion}</jettyVersion>
<windstoneVersion>0.9.10-hudson-24</windstoneVersion>
1
0
Author: echatellier
Date: 2012-10-16 17:22:08 +0200 (Tue, 16 Oct 2012)
New Revision: 215
Url: http://nuiton.org/repositories/revision/nuiton-web/215
Log:
Refactoring secu > security
Implements realm on topia
Add custom servlet filter.
Removed:
branches/nuiton-web-1.11-security/nuiton-secu/
1
0
r214 - in branches/nuiton-web-1.11-security/nuiton-secu/src/main: java/org/nuiton/web/secu/actions resources resources/WEB-INF/secu resources/i18n
by echatellier@users.nuiton.org 11 Oct '12
by echatellier@users.nuiton.org 11 Oct '12
11 Oct '12
Author: echatellier
Date: 2012-10-11 11:24:10 +0200 (Thu, 11 Oct 2012)
New Revision: 214
Url: http://nuiton.org/repositories/revision/nuiton-web/214
Log:
Add login/logout actions
Added:
branches/nuiton-web-1.11-security/nuiton-secu/src/main/java/org/nuiton/web/secu/actions/SecuLogin.java
branches/nuiton-web-1.11-security/nuiton-secu/src/main/java/org/nuiton/web/secu/actions/SecuLogout.java
Modified:
branches/nuiton-web-1.11-security/nuiton-secu/src/main/java/org/nuiton/web/secu/actions/SecuRole.java
branches/nuiton-web-1.11-security/nuiton-secu/src/main/java/org/nuiton/web/secu/actions/SecuUser.java
branches/nuiton-web-1.11-security/nuiton-secu/src/main/resources/WEB-INF/secu/secu-login.jsp
branches/nuiton-web-1.11-security/nuiton-secu/src/main/resources/i18n/nuiton-secu_en_GB.properties
branches/nuiton-web-1.11-security/nuiton-secu/src/main/resources/i18n/nuiton-secu_fr_FR.properties
branches/nuiton-web-1.11-security/nuiton-secu/src/main/resources/struts.xml
Added: branches/nuiton-web-1.11-security/nuiton-secu/src/main/java/org/nuiton/web/secu/actions/SecuLogin.java
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-secu/src/main/java/org/nuiton/web/secu/actions/SecuLogin.java (rev 0)
+++ branches/nuiton-web-1.11-security/nuiton-secu/src/main/java/org/nuiton/web/secu/actions/SecuLogin.java 2012-10-11 09:24:10 UTC (rev 214)
@@ -0,0 +1,72 @@
+package org.nuiton.web.secu.actions;
+
+import static org.nuiton.i18n.I18n._;
+import org.apache.shiro.SecurityUtils;
+import org.apache.shiro.authc.AuthenticationException;
+import org.apache.shiro.authc.ExcessiveAttemptsException;
+import org.apache.shiro.authc.IncorrectCredentialsException;
+import org.apache.shiro.authc.LockedAccountException;
+import org.apache.shiro.authc.UnknownAccountException;
+import org.apache.shiro.authc.UsernamePasswordToken;
+import org.apache.shiro.subject.Subject;
+import org.nuiton.web.SecuDAOHelper;
+import org.nuiton.web.secu.SecuUserDAO;
+
+import com.opensymphony.xwork2.Preparable;
+
+public class SecuLogin extends AbstractSecuAction implements Preparable {
+
+ /** serialVersionUID. */
+ private static final long serialVersionUID = 1L;
+
+ protected SecuUserDAO secuUserDAO;
+
+ protected String login;
+
+ protected String password;
+
+ public void setLogin(String login) {
+ this.login = login;
+ }
+
+ public void setPassword(String password) {
+ this.password = password;
+ }
+
+ @Override
+ public void prepare() throws Exception {
+ secuUserDAO = SecuDAOHelper.getSecuUserDAO(transaction);
+ }
+
+ @Override
+ public String execute() throws Exception {
+ String result = null;
+
+ if (login == null || password == null) {
+ result = input();
+ } else {
+ try {
+ Subject currentUser = SecurityUtils.getSubject();
+ UsernamePasswordToken token = new UsernamePasswordToken(login, password);
+ currentUser.login(token);
+ result = SUCCESS;
+ } catch (UnknownAccountException ex) {
+ addActionError(_("Identifiant ou mot de passe invalide !", login));
+ result = input();
+ } catch (IncorrectCredentialsException ex) {
+ addActionError(_("Identifiant ou mot de passe invalide !"));
+ result = input();
+ } catch (LockedAccountException ex) {
+ addActionError(_("Compte bloqué. Contacter un administrateur", login));
+ result = input();
+ } catch (ExcessiveAttemptsException ex) {
+ addActionError(_("Nombre de tentatives dépassé"));
+ result = input();
+ } catch (AuthenticationException ex) {
+ addActionError(ex.getMessage());
+ result = input();
+ }
+ }
+ return result;
+ }
+}
Property changes on: branches/nuiton-web-1.11-security/nuiton-secu/src/main/java/org/nuiton/web/secu/actions/SecuLogin.java
___________________________________________________________________
Added: svn:keywords
+ Author Date Id Revision HeadURL
Added: branches/nuiton-web-1.11-security/nuiton-secu/src/main/java/org/nuiton/web/secu/actions/SecuLogout.java
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-secu/src/main/java/org/nuiton/web/secu/actions/SecuLogout.java (rev 0)
+++ branches/nuiton-web-1.11-security/nuiton-secu/src/main/java/org/nuiton/web/secu/actions/SecuLogout.java 2012-10-11 09:24:10 UTC (rev 214)
@@ -0,0 +1,29 @@
+package org.nuiton.web.secu.actions;
+
+import org.apache.shiro.SecurityUtils;
+import org.apache.shiro.subject.Subject;
+import org.nuiton.web.SecuDAOHelper;
+import org.nuiton.web.secu.SecuUserDAO;
+
+import com.opensymphony.xwork2.Preparable;
+
+public class SecuLogout extends AbstractSecuAction implements Preparable {
+
+ /** serialVersionUID. */
+ private static final long serialVersionUID = 1L;
+
+ protected SecuUserDAO secuUserDAO;
+
+ @Override
+ public void prepare() throws Exception {
+ secuUserDAO = SecuDAOHelper.getSecuUserDAO(transaction);
+ }
+
+ @Override
+ public String execute() throws Exception {
+ Subject currentUser = SecurityUtils.getSubject();
+ currentUser.logout();
+
+ return SUCCESS;
+ }
+}
Property changes on: branches/nuiton-web-1.11-security/nuiton-secu/src/main/java/org/nuiton/web/secu/actions/SecuLogout.java
___________________________________________________________________
Added: svn:keywords
+ Author Date Id Revision HeadURL
Modified: branches/nuiton-web-1.11-security/nuiton-secu/src/main/java/org/nuiton/web/secu/actions/SecuRole.java
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-secu/src/main/java/org/nuiton/web/secu/actions/SecuRole.java 2012-10-11 09:23:41 UTC (rev 213)
+++ branches/nuiton-web-1.11-security/nuiton-secu/src/main/java/org/nuiton/web/secu/actions/SecuRole.java 2012-10-11 09:24:10 UTC (rev 214)
@@ -1,13 +1,9 @@
package org.nuiton.web.secu.actions;
-import javax.servlet.http.HttpServletRequest;
-
import org.apache.commons.lang3.StringUtils;
-import org.nuiton.topia.TopiaContext;
import org.nuiton.topia.TopiaException;
import org.nuiton.topia.TopiaRuntimeException;
import org.nuiton.web.SecuDAOHelper;
-import org.nuiton.web.filter.TopiaTransactionFilter;
import org.nuiton.web.secu.SecuRoleDAO;
import org.nuiton.web.secu.SecuRoleImpl;
@@ -18,28 +14,15 @@
/** serialVersionUID. */
private static final long serialVersionUID = 1L;
- /** Topia context associated with request. */
- protected TopiaContext transaction;
-
protected SecuRoleDAO secuRoleDAO;
protected org.nuiton.web.secu.SecuRole role;
@Override
- public void setServletRequest(HttpServletRequest request) {
- transaction = TopiaTransactionFilter.getTransaction(request);
- }
-
- @Override
public void prepare() throws Exception {
secuRoleDAO = SecuDAOHelper.getSecuRoleDAO(transaction);
}
- @Override
- public String input() throws Exception {
- return super.input();
- }
-
public org.nuiton.web.secu.SecuRole getRole() {
if (role == null) {
String roleId = getParameter("roleId");
Modified: branches/nuiton-web-1.11-security/nuiton-secu/src/main/java/org/nuiton/web/secu/actions/SecuUser.java
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-secu/src/main/java/org/nuiton/web/secu/actions/SecuUser.java 2012-10-11 09:23:41 UTC (rev 213)
+++ branches/nuiton-web-1.11-security/nuiton-secu/src/main/java/org/nuiton/web/secu/actions/SecuUser.java 2012-10-11 09:24:10 UTC (rev 214)
@@ -1,13 +1,9 @@
package org.nuiton.web.secu.actions;
-import javax.servlet.http.HttpServletRequest;
-
import org.apache.commons.lang3.StringUtils;
-import org.nuiton.topia.TopiaContext;
import org.nuiton.topia.TopiaException;
import org.nuiton.topia.TopiaRuntimeException;
import org.nuiton.web.SecuDAOHelper;
-import org.nuiton.web.filter.TopiaTransactionFilter;
import org.nuiton.web.secu.SecuUserDAO;
import org.nuiton.web.secu.SecuUserImpl;
@@ -18,28 +14,15 @@
/** serialVersionUID. */
private static final long serialVersionUID = 1L;
- /** Topia context associated with request. */
- protected TopiaContext transaction;
-
protected SecuUserDAO secuUserDAO;
protected org.nuiton.web.secu.SecuUser user;
@Override
- public void setServletRequest(HttpServletRequest request) {
- transaction = TopiaTransactionFilter.getTransaction(request);
- }
-
- @Override
public void prepare() throws Exception {
secuUserDAO = SecuDAOHelper.getSecuUserDAO(transaction);
}
- @Override
- public String input() throws Exception {
- return super.input();
- }
-
public org.nuiton.web.secu.SecuUser getUser() {
if (user == null) {
String roleId = getParameter("userId");
Modified: branches/nuiton-web-1.11-security/nuiton-secu/src/main/resources/WEB-INF/secu/secu-login.jsp
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-secu/src/main/resources/WEB-INF/secu/secu-login.jsp 2012-10-11 09:23:41 UTC (rev 213)
+++ branches/nuiton-web-1.11-security/nuiton-secu/src/main/resources/WEB-INF/secu/secu-login.jsp 2012-10-11 09:24:10 UTC (rev 214)
@@ -3,14 +3,14 @@
<%@taglib uri="/struts-tags" prefix="s" %>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
- <title>Sécurité</title>
+ <title>Authentification requise</title>
</head>
<body>
- <h1>Sécurité</h1>
+ <h1>Authentification requise</h1>
- <h2>Utilisateur</h2>
+ <h2>Connexion</h2>
<s:form action="secu-login" namespace="/secu">
<s:actionerror />
Modified: branches/nuiton-web-1.11-security/nuiton-secu/src/main/resources/i18n/nuiton-secu_en_GB.properties
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-secu/src/main/resources/i18n/nuiton-secu_en_GB.properties 2012-10-11 09:23:41 UTC (rev 213)
+++ branches/nuiton-web-1.11-security/nuiton-secu/src/main/resources/i18n/nuiton-secu_en_GB.properties 2012-10-11 09:24:10 UTC (rev 214)
@@ -0,0 +1,3 @@
+Compte\ bloqué.\ Contacter\ un\ administrateur=
+Identifiant\ ou\ mot\ de\ passe\ invalide\ \!=
+Nombre\ de\ tentatives\ dépassé=
Modified: branches/nuiton-web-1.11-security/nuiton-secu/src/main/resources/i18n/nuiton-secu_fr_FR.properties
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-secu/src/main/resources/i18n/nuiton-secu_fr_FR.properties 2012-10-11 09:23:41 UTC (rev 213)
+++ branches/nuiton-web-1.11-security/nuiton-secu/src/main/resources/i18n/nuiton-secu_fr_FR.properties 2012-10-11 09:24:10 UTC (rev 214)
@@ -0,0 +1,3 @@
+Compte\ bloqué.\ Contacter\ un\ administrateur=
+Identifiant\ ou\ mot\ de\ passe\ invalide\ \!=
+Nombre\ de\ tentatives\ dépassé=
Modified: branches/nuiton-web-1.11-security/nuiton-secu/src/main/resources/struts.xml
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-secu/src/main/resources/struts.xml 2012-10-11 09:23:41 UTC (rev 213)
+++ branches/nuiton-web-1.11-security/nuiton-secu/src/main/resources/struts.xml 2012-10-11 09:24:10 UTC (rev 214)
@@ -7,7 +7,6 @@
</package>
-
<package name="org.nuiton.web.secu.actions" namespace="/secu" extends="secu">
<default-action-ref name="secu-matrix"/>
@@ -29,6 +28,17 @@
<param name="actionName">secu-matrix</param>
</result>
</action>
+ <action name="secu-login" class="org.nuiton.web.secu.actions.SecuLogin">
+ <result name="input">/WEB-INF/secu/secu-login.jsp</result>
+ <result name="success" type="redirectAction">
+ <param name="actionName">secu-matrix</param>
+ </result>
+ </action>
+ <action name="secu-logout" class="org.nuiton.web.secu.actions.SecuLogout">
+ <result name="success" type="redirectAction">
+ <param name="actionName">secu-login</param>
+ </result>
+ </action>
</package>
</struts>
1
0
r213 - in branches/nuiton-web-1.11-security: . nuiton-gwt nuiton-secu
by echatellier@users.nuiton.org 11 Oct '12
by echatellier@users.nuiton.org 11 Oct '12
11 Oct '12
Author: echatellier
Date: 2012-10-11 11:23:41 +0200 (Thu, 11 Oct 2012)
New Revision: 213
Url: http://nuiton.org/repositories/revision/nuiton-web/213
Log:
Update to nuiton-i18n 2.5
Add shiro deps
Modified:
branches/nuiton-web-1.11-security/nuiton-gwt/
branches/nuiton-web-1.11-security/nuiton-gwt/pom.xml
branches/nuiton-web-1.11-security/nuiton-secu/pom.xml
branches/nuiton-web-1.11-security/pom.xml
Property changes on: branches/nuiton-web-1.11-security/nuiton-gwt
___________________________________________________________________
Modified: svn:ignore
- *.iml
target
+ *.iml
target
.classpath
.project
.settings
Modified: branches/nuiton-web-1.11-security/nuiton-gwt/pom.xml
===================================================================
--- branches/nuiton-web-1.11-security/nuiton-gwt/pom.xml 2012-10-11 02:49:15 UTC (rev 212)
+++ branches/nuiton-web-1.11-security/nuiton-gwt/pom.xml 2012-10-11 09:23:41 UTC (rev 213)
@@ -46,7 +46,7 @@
<!-- extract i18n keys from source -->
<groupId>org.nuiton.i18n</groupId>
- <artifactId>maven-i18n-plugin</artifactId>
+ <artifactId>i18n-maven-plugin</artifactId>
<executions>
<execution>
<id>scan-gwt-java-source</id>
Modified: branches/nuiton-web-1.11-security/nuiton-secu/pom.xml
===================================================================
(Binary files differ)
Modified: branches/nuiton-web-1.11-security/pom.xml
===================================================================
--- branches/nuiton-web-1.11-security/pom.xml 2012-10-11 02:49:15 UTC (rev 212)
+++ branches/nuiton-web-1.11-security/pom.xml 2012-10-11 09:23:41 UTC (rev 213)
@@ -172,6 +172,13 @@
</exclusion>
</exclusions>
</dependency>
+
+ <!-- Shiro -->
+ <dependency>
+ <groupId>org.apache.shiro</groupId>
+ <artifactId>shiro-core</artifactId>
+ <version>1.2.1</version>
+ </dependency>
</dependencies>
@@ -241,7 +248,7 @@
<!-- redmine configuration -->
<projectId>nuiton-web</projectId>
- <nuitonI18nVersion>2.4.1</nuitonI18nVersion>
+ <nuitonI18nVersion>2.5</nuitonI18nVersion>
<nuitonUtilsVersion>2.4.8</nuitonUtilsVersion>
<nuitonI18nPluginVersion>${nuitonI18nVersion}</nuitonI18nPluginVersion>
@@ -288,7 +295,7 @@
<plugin>
<groupId>org.nuiton.i18n</groupId>
- <artifactId>maven-i18n-plugin</artifactId>
+ <artifactId>i18n-maven-plugin</artifactId>
<version>${nuitonI18nPluginVersion}</version>
</plugin>
@@ -298,6 +305,11 @@
<version>${gwtPluginVersion}</version>
</plugin>
+ <plugin>
+ <groupId>org.nuiton.eugene</groupId>
+ <artifactId>eugene-maven-plugin</artifactId>
+ <version>2.5</version>
+ </plugin>
</plugins>
</pluginManagement>
1
0
Author: tchemit
Date: 2012-10-11 04:49:15 +0200 (Thu, 11 Oct 2012)
New Revision: 212
Url: http://nuiton.org/repositories/revision/nuiton-web/212
Log:
Update mavenpom4redmineAndCentral to 3.4.
Modified:
trunk/pom.xml
Modified: trunk/pom.xml
===================================================================
--- trunk/pom.xml 2012-10-10 15:30:37 UTC (rev 211)
+++ trunk/pom.xml 2012-10-11 02:49:15 UTC (rev 212)
@@ -10,7 +10,7 @@
<parent>
<groupId>org.nuiton</groupId>
<artifactId>mavenpom4redmineAndCentral</artifactId>
- <version>3.3.7</version>
+ <version>3.4</version>
</parent>
<groupId>org.nuiton.web</groupId>
1
0