Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
First cut of adding a login page and related session handling
- Loading branch information
Showing
17 changed files
with
330 additions
and
84 deletions.
There are no files selected for viewing
8 changes: 8 additions & 0 deletions
8
hawtio-web/src/main/java/io/hawt/system/AuthenticateResult.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
package io.hawt.system; | ||
|
||
/** | ||
* @author Stan Lewis | ||
*/ | ||
public enum AuthenticateResult { | ||
AUTHORIZED, NOT_AUTHORIZED, NO_CREDENTIALS | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,41 @@ | ||
package io.hawt.system; | ||
|
||
import io.hawt.web.AuthenticationFilter; | ||
import org.slf4j.Logger; | ||
import org.slf4j.LoggerFactory; | ||
|
||
import javax.servlet.http.HttpServletResponse; | ||
import java.io.IOException; | ||
|
||
/** | ||
* @author Stan Lewis | ||
*/ | ||
public class Helpers { | ||
|
||
private static final transient Logger LOG = LoggerFactory.getLogger(AuthenticationFilter.class); | ||
|
||
private static final String HEADER_WWW_AUTHENTICATE = "WWW-Authenticate"; | ||
|
||
public static void doForbidden(HttpServletResponse response) { | ||
try { | ||
response.setStatus(HttpServletResponse.SC_FORBIDDEN); | ||
response.setContentLength(0); | ||
response.flushBuffer(); | ||
} catch (IOException ioe) { | ||
LOG.debug("Failed to send forbidden response: {}", ioe); | ||
} | ||
} | ||
|
||
public static void doAuthPrompt(String realm, HttpServletResponse response) { | ||
// request authentication | ||
try { | ||
response.setHeader(HEADER_WWW_AUTHENTICATE, Authenticator.AUTHENTICATION_SCHEME_BASIC + " realm=\"" + realm + "\""); | ||
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); | ||
response.setContentLength(0); | ||
response.flushBuffer(); | ||
} catch (IOException ioe) { | ||
LOG.debug("Failed to send auth response: {}", ioe); | ||
} | ||
|
||
} | ||
} |
21 changes: 21 additions & 0 deletions
21
hawtio-web/src/main/java/io/hawt/system/SubjectThreadLocal.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
package io.hawt.system; | ||
|
||
import javax.security.auth.Subject; | ||
|
||
/** | ||
* @author Stan Lewis | ||
*/ | ||
public class SubjectThreadLocal { | ||
|
||
private static final ThreadLocal<Subject> tsSubject = new ThreadLocal<Subject>(); | ||
|
||
public static void put(Subject subject) { | ||
tsSubject.set(subject); | ||
} | ||
|
||
public static Subject take() { | ||
Subject answer = tsSubject.get(); | ||
tsSubject.remove(); | ||
return answer; | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
40 changes: 0 additions & 40 deletions
40
hawtio-web/src/main/java/io/hawt/web/AuthenticationServlet.java
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,53 @@ | ||
package io.hawt.web; | ||
|
||
import io.hawt.system.Helpers; | ||
import io.hawt.system.SubjectThreadLocal; | ||
import org.slf4j.Logger; | ||
import org.slf4j.LoggerFactory; | ||
|
||
import javax.security.auth.Subject; | ||
import javax.servlet.ServletException; | ||
import javax.servlet.http.HttpServlet; | ||
import javax.servlet.http.HttpServletRequest; | ||
import javax.servlet.http.HttpServletResponse; | ||
import javax.servlet.http.HttpSession; | ||
import java.io.IOException; | ||
import java.security.Principal; | ||
import java.util.GregorianCalendar; | ||
import java.util.Set; | ||
|
||
/** | ||
* @author Stan Lewis | ||
*/ | ||
public class LoginServlet extends HttpServlet { | ||
|
||
private static final transient Logger LOG = LoggerFactory.getLogger(LoginServlet.class); | ||
|
||
@Override | ||
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { | ||
|
||
Subject subject = SubjectThreadLocal.take(); | ||
if (subject == null) { | ||
Helpers.doForbidden(resp); | ||
return; | ||
} | ||
Set<Principal> principals = subject.getPrincipals(); | ||
|
||
String username = null; | ||
|
||
for (Principal principal : principals) { | ||
if (principal.getClass().getSimpleName().equals("UserPrincipal")) { | ||
LOG.info("Authorizing user " + username); | ||
username = principal.getName(); | ||
} | ||
} | ||
|
||
HttpSession session = req.getSession(true); | ||
session.setAttribute("user", username); | ||
session.setAttribute("org.osgi.service.http.authentication.remote.user", username); | ||
session.setAttribute("org.osgi.service.http.authentication.type", HttpServletRequest.BASIC_AUTH); | ||
session.setAttribute("loginTime", GregorianCalendar.getInstance().getTimeInMillis()); | ||
session.setMaxInactiveInterval(900); | ||
} | ||
|
||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
<div ng-controller="Core.LoginController"> | ||
|
||
|
||
<div class="login-wrapper"> | ||
<div class="login-form"> | ||
<form name="login" class="form-inline" ng-submit="doLogin()"> | ||
<input type="text" class="input-medium" placeholder="User Name" required ng-model="username"> | ||
<input type="password" class="input-medium" placeholder="Password" required ng-model="password"> | ||
<label class="checkbox"> | ||
<input type="checkbox"> Remember me | ||
</label> | ||
<button type="submit" class="btn btn-success" ng-disabled="!login.$valid"><i class="icon-check"></i> Sign In</button> | ||
</form> | ||
</div> | ||
</div> | ||
|
||
|
||
</div> | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.