Commit 231ab247 authored by Gradl, Tobias's avatar Gradl, Tobias
Browse files

703: Implement simple sample application based on current frameworks

Task-Url: https://minfba.de.dariah.eu/mantisbt/view.php?id=703
parent 787fab85
package eu.dariah.de.dariahsp.configuration;
import org.springframework.context.annotation.ConditionContext;
import org.springframework.context.annotation.Conditional;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.ConfigurationCondition;
import org.springframework.context.annotation.ImportResource;
import org.springframework.core.type.AnnotatedTypeMetadata;
@Configuration
@Conditional(ConditionalLocalSecurityConfiguration.Condition.class)
@ImportResource("file:**/WebContent/WEB-INF/spring/security/security-context-local.xml")
public class ConditionalLocalSecurityConfiguration {
static class Condition implements ConfigurationCondition {
@Override
public ConfigurationPhase getConfigurationPhase() {
return ConfigurationPhase.PARSE_CONFIGURATION;
}
@Override
public boolean matches(ConditionContext context, AnnotatedTypeMetadata metadata) {
return System.getProperty("saml")==null || !Boolean.parseBoolean(System.getProperty("saml"));
}
}
}
package eu.dariah.de.dariahsp.configuration;
import org.springframework.context.annotation.ConditionContext;
import org.springframework.context.annotation.Conditional;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.ConfigurationCondition;
import org.springframework.context.annotation.ImportResource;
import org.springframework.core.type.AnnotatedTypeMetadata;
@Configuration
@Conditional(ConditionalSamlSecurityConfiguration.Condition.class)
@ImportResource("file:**/WebContent/WEB-INF/spring/security/security-context-saml.xml")
public class ConditionalSamlSecurityConfiguration {
static class Condition implements ConfigurationCondition {
@Override
public ConfigurationPhase getConfigurationPhase() {
return ConfigurationPhase.PARSE_CONFIGURATION;
}
@Override
public boolean matches(ConditionContext context, AnnotatedTypeMetadata metadata) {
return System.getProperty("saml")!=null && Boolean.parseBoolean(System.getProperty("saml"));
}
}
}
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>eu.dariah.de</groupId>
<artifactId>dariahsp</artifactId>
<version>0.0.4-SNAPSHOT</version>
</parent>
<artifactId>dariahsp-sample</artifactId>
<packaging>war</packaging>
<name>dariahsp - sample web application</name>
<description>Sample application for testing dariahsp-core</description>
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>eu.dariah.de</groupId>
<artifactId>dariahsp</artifactId>
<version>0.0.4-SNAPSHOT</version>
</parent>
<artifactId>dariahsp-sample</artifactId>
<packaging>war</packaging>
<name>dariahsp - sample web application</name>
<description>Sample application for testing dariahsp-core</description>
<properties>
<org.apache.tiles-version>3.0.7</org.apache.tiles-version>
</properties>
<dependencies>
<!-- DARIAH libraries -->
<dependency>
<groupId>eu.dariah.de</groupId>
<artifactId>dariahsp-core</artifactId>
<version>${project.version}</version>
</dependency>
<!-- Spring -->
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-context</artifactId>
<version>${org.springframework-version}</version>
<exclusions>
<!-- Exclude Commons Logging in favor of SLF4j -->
<exclusion>
<groupId>commons-logging</groupId>
<artifactId>commons-logging</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-core</artifactId>
<version>${org.springframework-version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-beans</artifactId>
<version>${org.springframework-version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-webmvc</artifactId>
<version>${org.springframework-version}</version>
</dependency>
<!-- Tiles -->
<dependency>
<groupId>org.apache.tiles</groupId>
<artifactId>tiles-core</artifactId>
<version>${org.apache.tiles-version}</version>
</dependency>
<dependency>
<groupId>org.apache.tiles</groupId>
<artifactId>tiles-jsp</artifactId>
<version>${org.apache.tiles-version}</version>
</dependency>
<dependency>
<groupId>org.apache.tiles</groupId>
<artifactId>tiles-api</artifactId>
<version>${org.apache.tiles-version}</version>
</dependency>
<!-- Other Web dependencies -->
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>jstl</artifactId>
<version>1.2</version>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>javax.servlet-api</artifactId>
<version>3.1.0</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>javax.servlet.jsp</groupId>
<artifactId>jsp-api</artifactId>
<version>2.2</version>
<scope>provided</scope>
</dependency>
<!-- Backend test (user persistence) -->
<!-- <dependency>
<groupId>de.flapdoodle.embed</groupId>
<artifactId>de.flapdoodle.embed.mongo</artifactId>
<version>2.0.0-SNAPSHOT</version>
</dependency> -->
<!-- Test Artifacts -->
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-test</artifactId>
<version>${org.springframework-version}</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>${junit-version}</version>
<scope>test</scope>
</dependency>
</dependencies>
</project>
package eu.dariah.de.dariahsp.sample.controller;
import java.io.IOException;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
@Controller
@RequestMapping(value="")
public class HomeController {
@Autowired private ServletContext servletContext;
@RequestMapping(value = {"", "/"}, method = RequestMethod.GET)
public String getHome(HttpServletResponse response) throws IOException {
return "home";
}
@RequestMapping(value = "/login", method = RequestMethod.GET)
public String getLogin(@RequestParam(value = "error", required = false) String error, @RequestParam(value = "url", defaultValue = "/") String url, HttpServletResponse response, Model model) throws IOException {
if (error != null) {
model.addAttribute("error", true);
}
String ctx = servletContext.getContextPath();
if (url.startsWith(ctx)) {
url = url.substring(ctx.length());
}
model.addAttribute("redirectUrl", url);
return "common/login";
}
}
auth.islocal = true
\ No newline at end of file
<?xml version="1.0" encoding="UTF-8" ?>
<configuration>
<property file="${application.conf}" />
<appender name="console" class="ch.qos.logback.core.ConsoleAppender">
<encoder>
<pattern>%d %-5level [%thread] %logger{32}\(%line\): %msg%n</pattern>
</encoder>
<filter class="ch.qos.logback.classic.filter.ThresholdFilter">
<level>TRACE</level>
</filter>
</appender>
<root>
<level value="info"/>
<appender-ref ref="console" />
<appender-ref ref="dailyRolling" />
</root>
<logger name="eu.dariah.de">
<level value="debug" />
</logger>
</configuration>
\ No newline at end of file
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:p="http://www.springframework.org/schema/p"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:mongo="http://www.springframework.org/schema/data/mongo"
xsi:schemaLocation="http://www.springframework.org/schema/data/mongo http://www.springframework.org/schema/data/mongo/spring-mongo-1.7.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd">
<bean id="configLocation" class="java.lang.String">
<constructor-arg value="classpath:dariahsp.conf" />
</bean>
<bean id="propertyPlaceholderConfigurer" class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
<property name="locations">
<list>
<value>classpath:dariahsp.conf</value>
</list>
</property>
</bean>
<context:component-scan base-package="eu.dariah.de.dariahsp.configuration" />
</beans>
\ No newline at end of file
<beans xmlns:sec="http://www.springframework.org/schema/security"
xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd">
<!-- <context:component-scan base-package="de.dariah.samlsp.orm.dao"/>
<context:component-scan base-package="de.dariah.samlsp.orm.service" /> -->
<sec:http security="none" pattern="/resources/**"/>
<sec:http disable-url-rewriting="true" auto-config="true" use-expressions="false" entry-point-ref="ajaxEntryPoint" access-decision-manager-ref="accessDecisionManager" >
<sec:csrf disabled="true"/>
<sec:intercept-url pattern="/test/jumboFluid" requires-channel="http" access="IS_AUTHENTICATED_FULLY" />
<sec:form-login
authentication-success-handler-ref="simpleUrlAuthenticationSuccessHandler"
login-page="/login"
authentication-failure-url="/login?error"
username-parameter="username"
password-parameter="password"
/>
<sec:logout invalidate-session="true" logout-url="/logout" logout-success-url="/" />
</sec:http>
<bean id="simpleUrlAuthenticationSuccessHandler" class="org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler">
<property name="defaultTargetUrl" value="/"/>
<property name="targetUrlParameter" value="redirectUrl"/>
</bean>
<sec:global-method-security pre-post-annotations="enabled" secured-annotations="enabled" />
<bean id="ajaxEntryPoint" class="org.springframework.security.web.authentication.Http403ForbiddenEntryPoint">
</bean>
<bean id="authInfoHelper" class="eu.dariah.de.dariahsp.web.AuthInfoHelper">
<property name="roleLevelVoter" ref="roleLevelVoter" />
</bean>
<sec:authentication-manager alias="authenticationManager">
<sec:authentication-provider ref="localAuthenticationProvider" />
</sec:authentication-manager>
<bean id="localAuthenticationProvider" class="eu.dariah.de.dariahsp.web.LocalAuthenticationProvider">
<property name="localUserDb" ref="localUserDb" />
<!-- <property name="userService">
<bean class="eu.dariah.de.minfba.schereg.service.UserServiceImpl" />
</property> -->
</bean>
<sec:user-service id="localUserDb">
<sec:user name="tgradl" password="hairad" authorities="ROLE_ADMINISTRATOR" />
<sec:user name="tgradl_user" password="hairad" authorities="" />
<sec:user name="ahenrich" password="hairad" authorities="ROLE_CONTRIBUTOR" />
<sec:user name="teckart" password="niralc" authorities="ROLE_CONTRIBUTOR" />
<sec:user name="nutzer_hab" password="augusT66" authorities="ROLE_CONTRIBUTOR" />
<sec:user name="nutzer_ksw" password="goEthe49" authorities="ROLE_CONTRIBUTOR" />
</sec:user-service>
<bean id="accessDecisionManager" class="org.springframework.security.access.vote.UnanimousBased">
<constructor-arg name="decisionVoters">
<list>
<bean class="org.springframework.security.access.vote.AuthenticatedVoter" />
<ref bean="roleLevelVoter" />
</list>
</constructor-arg>
<property name="allowIfAllAbstainDecisions" value="false" />
</bean>
<bean id="roleLevelVoter" class="eu.dariah.de.dariahsp.web.RoleLevelVoter">
<property name="roleLevels">
<map>
<entry key="ROLE_ADMINISTRATOR" value="100" />
<entry key="ROLE_CONTRIBUTOR" value="60" />
<entry key="ROLE_USER" value="20" />
</map>
</property>
</bean>
</beans>
\ No newline at end of file
<beans xmlns:sec="http://www.springframework.org/schema/security"
xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd">
<!-- <context:component-scan base-package="de.dariah.samlsp.orm.dao"/>
<context:component-scan base-package="de.dariah.samlsp.orm.service" /> -->
<sec:http security="none" pattern="/resources/**"/>
<sec:http disable-url-rewriting="true" auto-config="true" use-expressions="false" entry-point-ref="ajaxEntryPoint" access-decision-manager-ref="accessDecisionManager" >
<sec:csrf disabled="true"/>
<sec:intercept-url pattern="/test/jumboFluid" requires-channel="http" access="IS_AUTHENTICATED_FULLY" />
<sec:form-login
authentication-success-handler-ref="simpleUrlAuthenticationSuccessHandler"
login-page="/login"
authentication-failure-url="/login?error"
username-parameter="username"
password-parameter="password"
/>
<sec:logout invalidate-session="true" logout-url="/logout" logout-success-url="/" />
</sec:http>
<bean id="simpleUrlAuthenticationSuccessHandler" class="org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler">
<property name="defaultTargetUrl" value="/"/>
<property name="targetUrlParameter" value="redirectUrl"/>
</bean>
<sec:global-method-security pre-post-annotations="enabled" secured-annotations="enabled" />
<bean id="ajaxEntryPoint" class="org.springframework.security.web.authentication.Http403ForbiddenEntryPoint">
</bean>
<bean id="authInfoHelper" class="eu.dariah.de.dariahsp.web.AuthInfoHelper">
<property name="roleLevelVoter" ref="roleLevelVoter" />
</bean>
<sec:authentication-manager alias="authenticationManager">
<sec:authentication-provider ref="localAuthenticationProvider" />
</sec:authentication-manager>
<bean id="localAuthenticationProvider" class="eu.dariah.de.dariahsp.web.LocalAuthenticationProvider">
<property name="localUserDb" ref="localUserDb" />
<!-- <property name="userService">
<bean class="eu.dariah.de.minfba.schereg.service.UserServiceImpl" />
</property> -->
</bean>
<sec:user-service id="localUserDb">
<sec:user name="tgradl" password="hairad" authorities="ROLE_ADMINISTRATOR" />
<sec:user name="tgradl_user" password="hairad" authorities="" />
<sec:user name="ahenrich" password="hairad" authorities="ROLE_CONTRIBUTOR" />
<sec:user name="teckart" password="niralc" authorities="ROLE_CONTRIBUTOR" />
<sec:user name="nutzer_hab" password="augusT66" authorities="ROLE_CONTRIBUTOR" />
<sec:user name="nutzer_ksw" password="goEthe49" authorities="ROLE_CONTRIBUTOR" />
</sec:user-service>
<bean id="accessDecisionManager" class="org.springframework.security.access.vote.UnanimousBased">
<constructor-arg name="decisionVoters">
<list>
<bean class="org.springframework.security.access.vote.AuthenticatedVoter" />
<ref bean="roleLevelVoter" />
</list>
</constructor-arg>
<property name="allowIfAllAbstainDecisions" value="false" />
</bean>
<bean id="roleLevelVoter" class="eu.dariah.de.dariahsp.web.RoleLevelVoter">
<property name="roleLevels">
<map>
<entry key="ROLE_ADMINISTRATOR" value="100" />
<entry key="ROLE_CONTRIBUTOR" value="60" />
<entry key="ROLE_USER" value="20" />
</map>
</property>
</bean>
</beans>
\ No newline at end of file
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:p="http://www.springframework.org/schema/p"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xmlns:sec="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.0.xsd
http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-4.0.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd">
<mvc:annotation-driven />
<mvc:resources location="/resources/" mapping="/resources/**" cache-period="31556926"/>
<sec:global-method-security pre-post-annotations="enabled" secured-annotations="enabled" />
<!-- View resolution and dispatching -->
<bean id="viewResolver" class="org.springframework.web.servlet.view.UrlBasedViewResolver">
<property name="viewClass" value="org.springframework.web.servlet.view.tiles3.TilesView" />
</bean>
<bean id="tilesConfigurer" class="org.springframework.web.servlet.view.tiles3.TilesConfigurer">
<property name="definitions">
<list>
<value>/WEB-INF/view/views.xml</value>
</list>
</property>
</bean>
<context:component-scan base-package="eu.dariah.de.dariahsp.sample.controller" />
</beans>
\ No newline at end of file
<%@ taglib prefix="tiles" uri="http://tiles.apache.org/tags-tiles" %>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<%@ taglib prefix="s" uri="http://www.springframework.org/tags" %>
<tiles:importAttribute name="fluidLayout" />
<div class="jumbotron jumbotron-small">
<div class="container<c:if test="${fluidLayout==true}">-fluid</c:if>">
<div class="row">
<!-- Notifications -->
<div id="notifications-area" class="col-sm-10 col-sm-offset-1"></div>
<div class="xs-hidden sm-visible col-sm-3 col-lg-2 col-sm-offset-1">
<div class="pull-right dariah-flower-white-45">DARIAHSP Test App</div>
</div>
<div class="col-sm-6 col-lg-7 col-sm-offset-1">
<h1>Local Login</h1>
</div>
</div>
</div>
</div>
<div class="container<c:if test="${fluidLayout==true}">-fluid</c:if>">
<div class="row">
<!-- Notifications -->
<div id="notifications-area" class="col-sm-10 col-sm-offset-1"></div>
<div id="main-content-wrapper" class="col-sm-10 col-sm-offset-1">
<ul class="breadcrumb">
<li class="active">Local Login</li>
</ul>
<div id="main-content">
<h2>Local Login</h2>
<c:if test="${not empty error}">
<div class="alert alert-danger" role="alert">Invalid credentials</div>
</c:if>
<form name='loginForm' class="form-horizontal" action="<c:url value='/login' />" method='POST'>
<input type="hidden" name="redirectUrl" id="redirectUrl" value="${redirectUrl}" />
<div class="form-group">
<label for="username" class="col-sm-2 control-label">Username</label>
<div class="col-sm-4">
<input type="text" class="form-control" id="username" name="username" autofocus>
</div>
</div>
<div class="form-group">
<label for="password" class="col-sm-2 control-label">Password</label>
<div class="col-sm-4">
<input type="password" class="form-control" id="password" name="password">
</div>
</div>
<div class="form-group">
<div class="col-sm-offset-2 col-sm-10">
<button name="submit" type="submit" value="submit" class="btn btn-primary">Signin</button>
</div>
</div>
</form>
</div>
</div>
</div>
</div>
\ No newline at end of file
<%@ page language="java" contentType="text/html;charset=UTF-8" pageEncoding="UTF-8" %>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<%@ taglib prefix="s" uri="http://www.springframework.org/tags" %>
<%@ taglib prefix="sf" uri="http://www.springframework.org/tags/form" %>
<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
<%@ taglib prefix="tiles" uri="http://tiles.apache.org/tags-tiles" %>
<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt" %>
<tiles:importAttribute name="fluidLayout" />
<s:url value="/search/simple/" var="query_url" />
<s:url value="/search/extended/" var="extended_search_url" />
<div class="jumbotron">
<div class="container<c:if test="${fluidLayout==true}">-fluid</c:if>">
<div class="row">
<div class="xs-hidden sm-visible col-sm-3 col-lg-2 col-sm-offset-1">
<div class="pull-right dariah-flower-white-83">DARIAHSP Test App</div>
</div>
</div>
</div>
</div>
<%@ taglib prefix="tiles" uri="http://tiles.apache.org/tags-tiles" %>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<head>
<meta charset="utf-8">
<title><tiles:insertAttribute name="title"/></title>
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="author" content="Tobias Gradl, University of Bamberg">
<meta name="description" content="<tiles:insertAttribute name="title" />">
<meta name="_csrf" content="${_csrf.token}"/>
<!-- default header name is X-CSRF-TOKEN -->
<meta name="_csrf_header" content="${_csrf.headerName}"/>
<tiles:importAttribute name="styles" />
<c:forEach items="${styles}" var="css">
<link rel="stylesheet" href="<s:url value="/resources/css/${css}" />" type="text/css" media="screen, projection" />
</c:forEach>
<!-- HTML5 shim, for IE6-8 support of HTML5 elements -->
<!--[if lt IE 9]>
<script src="http://html5shim.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link rel="shortcut icon" type="image/png" href="<s:url value="/resources/img/page_icon.png" />" />
</head>
\ No newline at end of file
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>