Changeset 877
- Timestamp:
- 11/11/10 14:14:31 (14 years ago)
- Location:
- VirtualCollectionRegistry/trunk/VirtualCollectionRegistry
- Files:
-
- 11 added
- 9 edited
Legend:
- Unmodified
- Added
- Removed
-
VirtualCollectionRegistry/trunk/VirtualCollectionRegistry/pom.xml
r855 r877 145 145 146 146 <dependency> 147 <groupId>commons-codec</groupId> 148 <artifactId>commons-codec</artifactId> 149 <version>1.4</version> 150 <type>jar</type> 151 </dependency> 152 153 <dependency> 147 154 <groupId>javax.xml.bind</groupId> 148 155 <artifactId>jaxb-api</artifactId> -
VirtualCollectionRegistry/trunk/VirtualCollectionRegistry/src/main/java/eu/clarin/cmdi/virtualcollectionregistry/gui/Application.java
r805 r877 1 1 package eu.clarin.cmdi.virtualcollectionregistry.gui; 2 2 3 import java.io.BufferedReader; 4 import java.io.FileInputStream; 5 import java.io.IOException; 6 import java.io.InputStreamReader; 7 import java.util.HashSet; 8 import java.util.Set; 9 3 10 import org.apache.wicket.Page; 4 import org.apache.wicket.protocol.http.WebApplication; 11 import org.apache.wicket.authentication.AuthenticatedWebApplication; 12 import org.apache.wicket.authentication.AuthenticatedWebSession; 13 import org.apache.wicket.authorization.strategies.role.Roles; 14 import org.apache.wicket.markup.html.WebPage; 5 15 import org.apache.wicket.session.pagemap.LeastRecentlyAccessedEvictionStrategy; 6 16 17 import eu.clarin.cmdi.virtualcollectionregistry.gui.pages.AdminPage; 18 import eu.clarin.cmdi.virtualcollectionregistry.gui.pages.CreateVirtualCollectionPage; 7 19 import eu.clarin.cmdi.virtualcollectionregistry.gui.pages.HomePage; 20 import eu.clarin.cmdi.virtualcollectionregistry.gui.pages.LoginPage; 8 21 9 public class Application extends WebApplication { 22 public class Application extends AuthenticatedWebApplication { 23 private static final String CONFIG_PARAM_ADMINDB = "admindb"; 24 private Set<String> adminUsers = 25 new HashSet<String>(); 10 26 11 27 @Override 12 28 protected void init() { 13 29 super.init(); 30 31 String s = getServletContext().getInitParameter(CONFIG_PARAM_ADMINDB); 32 if (s != null) { 33 try { 34 loadAdminDatabase(s); 35 } catch (IOException e ) { 36 // FIXME: handle error 37 } 38 } 39 if (adminUsers.isEmpty()) { 40 // FIXME: better logging 41 System.err.println("WARNING: no admin users have been defined"); 42 } 14 43 getMarkupSettings().setDefaultMarkupEncoding("utf-8"); 15 44 getRequestCycleSettings().setResponseRequestEncoding("utf-8"); … … 20 49 getMarkupSettings().setStripWicketTags(true); 21 50 } 51 mountBookmarkablePage("/home", HomePage.class); 52 mountBookmarkablePage("/create", CreateVirtualCollectionPage.class); 53 mountBookmarkablePage("/admin", AdminPage.class); 22 54 } 23 55 … … 27 59 } 28 60 61 @Override 62 protected Class<? extends WebPage> getSignInPageClass() { 63 return LoginPage.class; 64 } 65 66 @Override 67 protected Class<? extends AuthenticatedWebSession> getWebSessionClass() { 68 return ApplicationSession.class; 69 } 70 71 public boolean hasAnyRole(String[] roles) { 72 if (roles != null) { 73 final Roles sessionRoles = AuthenticatedWebSession.get().getRoles(); 74 if (sessionRoles != null) { 75 for (String role : roles) { 76 if (sessionRoles.hasRole(role)) { 77 return true; 78 } 79 } 80 } 81 } 82 return false; 83 } 84 85 boolean isAdmin(String user) { 86 return adminUsers.contains(user); 87 } 88 89 private void loadAdminDatabase(String filename) throws IOException { 90 adminUsers.clear(); 91 BufferedReader reader = new BufferedReader(new InputStreamReader( 92 new FileInputStream(filename))); 93 String line; 94 while ((line = reader.readLine()) != null) { 95 line = line.trim(); 96 if (line.isEmpty() || line.startsWith("#")) { 97 continue; 98 } 99 adminUsers.add(line); 100 } // while 101 reader.close(); 102 } 103 29 104 } // class Application -
VirtualCollectionRegistry/trunk/VirtualCollectionRegistry/src/main/java/eu/clarin/cmdi/virtualcollectionregistry/gui/pages/AuthenticationStatePanel.html
r805 r877 9 9 <div wicket:id="login"></div> 10 10 <wicket:fragment wicket:id="loginFragment"> 11 <!-- Anonymous [Login] -->11 Anonymous <a wicket:id="loginLink" href="#">[Login]</a> 12 12 </wicket:fragment> 13 13 14 14 <div wicket:id="logout"></div> 15 15 <wicket:fragment wicket:id="logoutFragment"> 16 <$Username> [Logout] 16 <span wicket:id="username">username</span> 17 <!-- <a wicket:id="logoutLink" href="#">[Logout]</a> --> 17 18 </wicket:fragment> 18 19 </wicket:panel> -
VirtualCollectionRegistry/trunk/VirtualCollectionRegistry/src/main/java/eu/clarin/cmdi/virtualcollectionregistry/gui/pages/AuthenticationStatePanel.java
r805 r877 1 1 package eu.clarin.cmdi.virtualcollectionregistry.gui.pages; 2 2 3 import org.apache.wicket.Page; 4 import org.apache.wicket.authentication.AuthenticatedWebSession; 5 import org.apache.wicket.markup.html.basic.Label; 6 import org.apache.wicket.markup.html.link.StatelessLink; 3 7 import org.apache.wicket.markup.html.panel.Fragment; 4 8 import org.apache.wicket.markup.html.panel.Panel; 9 import org.apache.wicket.model.Model; 10 11 import eu.clarin.cmdi.virtualcollectionregistry.gui.ApplicationSession; 5 12 6 13 @SuppressWarnings("serial") … … 18 25 super(id, "loginFragment", AuthenticationStatePanel.this); 19 26 setRenderBodyOnly(true); 27 final StatelessLink loginLink = new StatelessLink("loginLink") { 28 @Override 29 public void onClick() { 30 } 31 32 @Override 33 protected CharSequence getURL() { 34 final Page page = getPage(); 35 StringBuilder url = 36 new StringBuilder(urlFor(page.getClass(), 37 page.getPageParameters())); 38 if (url.indexOf("?") != -1) { 39 url.append('&'); 40 } else { 41 url.append('?'); 42 } 43 url.append("authAction=LOGIN"); 44 return url.toString(); 45 } 46 }; 47 add(loginLink); 20 48 } 21 49 22 50 @Override 23 51 public boolean isVisible() { 52 return !((AuthenticatedWebSession) getSession()).isSignedIn(); 53 } 54 55 @Override 56 protected boolean getStatelessHint() { 24 57 return true; 25 58 } … … 27 60 28 61 private class LogoutFragment extends Fragment { 62 private Label usernameLabel; 63 29 64 public LogoutFragment(String id) { 30 65 super(id, "logoutFragment", AuthenticationStatePanel.this); 31 66 setRenderBodyOnly(true); 67 usernameLabel = new Label("username"); 68 add(usernameLabel); 69 // final StatelessLink logoutLink = new StatelessLink("logoutLink") { 70 // @Override 71 // public void onClick() { 72 // } 73 // }; 74 // add(logoutLink); 32 75 } 33 76 34 77 @Override 35 78 public boolean isVisible() { 36 return false; 79 return ((AuthenticatedWebSession) getSession()).isSignedIn(); 80 } 81 82 @Override 83 protected void onBeforeRender() { 84 ApplicationSession session = (ApplicationSession) getSession(); 85 usernameLabel.setDefaultModel(new Model<String>(session.getUser())); 86 super.onBeforeRender(); 37 87 } 38 88 } // private class LogoutFragment 39 89 90 @Override 91 protected boolean getStatelessHint() { 92 return true; 93 } 94 40 95 } // class AuthenticationStatePanel -
VirtualCollectionRegistry/trunk/VirtualCollectionRegistry/src/main/java/eu/clarin/cmdi/virtualcollectionregistry/gui/pages/BasePage.java
r805 r877 1 1 package eu.clarin.cmdi.virtualcollectionregistry.gui.pages; 2 2 3 import java.security.Principal; 4 5 import javax.servlet.http.HttpServletRequest; 6 7 import org.apache.wicket.RestartResponseException; 3 8 import org.apache.wicket.markup.html.WebPage; 4 9 import org.apache.wicket.markup.html.basic.Label; … … 6 11 7 12 import eu.clarin.cmdi.virtualcollectionregistry.VirtualCollectionRegistry; 13 import eu.clarin.cmdi.virtualcollectionregistry.gui.ApplicationSession; 8 14 9 15 public class BasePage extends WebPage { 10 16 11 p ublicBasePage() {17 protected BasePage() { 12 18 super(); 13 19 // authentication state … … 22 28 new Model<String>("Create Virtual Collection"), 23 29 CreateVirtualCollectionPage.class)); 30 menu.addMenuItem(new MenuItem<AdminPage>( 31 new Model<String>("Admin Page"), 32 AdminPage.class)); 24 33 add(menu); 25 34 … … 29 38 } 30 39 40 @Override 41 protected void onBeforeRender() { 42 // skip lazy auto-auth for login page 43 if (!this.getClass().isInstance(LoginPage.class)) { 44 final HttpServletRequest request = 45 getWebRequestCycle().getWebRequest().getHttpServletRequest(); 46 final ApplicationSession session = 47 (ApplicationSession) getSession(); 48 if (!session.isSignedIn()) { 49 if (request.getAuthType() != null) { 50 // FIXME: better logging 51 System.err.println("Auth, but no authed session -> login"); 52 final Principal principal = request.getUserPrincipal(); 53 if (!session.signIn(principal)) { 54 throw new RestartResponseException(getApplication() 55 .getApplicationSettings() 56 .getAccessDeniedPage()); 57 } 58 } 59 } else { 60 if (request.getAuthType() == null) { 61 // FIXME: better logging 62 System.err.println("Lost Session!"); 63 session.invalidate(); 64 throw new RestartResponseException(getApplication() 65 .getApplicationSettings() 66 .getPageExpiredErrorPage()); 67 } 68 } 69 } 70 super.onBeforeRender(); 71 } 72 31 73 } // class BasePage -
VirtualCollectionRegistry/trunk/VirtualCollectionRegistry/src/main/java/eu/clarin/cmdi/virtualcollectionregistry/gui/pages/CreateVirtualCollectionPage.java
r805 r877 1 1 package eu.clarin.cmdi.virtualcollectionregistry.gui.pages; 2 3 import org.apache.wicket.authorization.strategies.role.Roles; 4 import org.apache.wicket.authorization.strategies.role.annotations.AuthorizeInstantiation; 2 5 3 6 import eu.clarin.cmdi.virtualcollectionregistry.gui.wizard.CreateVirtualCollectionWizard; 4 7 8 @AuthorizeInstantiation(Roles.USER) 5 9 public class CreateVirtualCollectionPage extends BasePage { 6 10 -
VirtualCollectionRegistry/trunk/VirtualCollectionRegistry/src/main/java/eu/clarin/cmdi/virtualcollectionregistry/gui/pages/HomePage.java
r805 r877 8 8 } 9 9 10 } // class Home page10 } // class HomePage -
VirtualCollectionRegistry/trunk/VirtualCollectionRegistry/src/main/java/eu/clarin/cmdi/virtualcollectionregistry/gui/pages/MenuItem.java
r805 r877 1 1 package eu.clarin.cmdi.virtualcollectionregistry.gui.pages; 2 2 3 import org.apache.wicket.authorization.IAuthorizationStrategy; 4 import org.apache.wicket.authorization.strategies.role.annotations.AuthorizeAction; 3 5 import org.apache.wicket.markup.ComponentTag; 4 6 import org.apache.wicket.markup.html.WebPage; … … 8 10 import org.apache.wicket.markup.html.panel.Panel; 9 11 import org.apache.wicket.model.IModel; 12 13 import eu.clarin.cmdi.virtualcollectionregistry.gui.Application; 10 14 11 15 @SuppressWarnings("serial") … … 24 28 } 25 29 } 26 30 31 @Override 32 public boolean isVisible() { 33 boolean visible = true; 34 final IAuthorizationStrategy strategy = getApplication() 35 .getSecuritySettings().getAuthorizationStrategy(); 36 if (!strategy.isInstantiationAuthorized(pageClass)) { 37 AuthorizeAction a = 38 pageClass.getAnnotation(AuthorizeAction.class); 39 if ((a != null) && "ENABLE".equals(a.action())) { 40 final Application app = (Application) getApplication(); 41 if (app.hasAnyRole(a.deny())) { 42 visible = false; 43 } else { 44 visible = app.hasAnyRole(a.roles()); 45 } 46 } 47 } 48 return visible; 49 } 27 50 }; 28 51 pageLink.add(new Label("title", title)); -
VirtualCollectionRegistry/trunk/VirtualCollectionRegistry/src/main/webapp/WEB-INF/web.xml
r844 r877 18 18 <filter-name>PersistenceFilter</filter-name> 19 19 <servlet-name>REST-Web-Service</servlet-name> 20 </filter-mapping> 21 22 <filter> 23 <filter-name>AuthFilter</filter-name> 24 <filter-class>eu.clarin.cmdi.virtualcollectionregistry.gui.auth.AuthFilter</filter-class> 25 </filter> 26 27 <filter-mapping> 28 <filter-name>AuthFilter</filter-name> 29 <url-pattern>/app/*</url-pattern> 20 30 </filter-mapping> 21 31
Note: See TracChangeset
for help on using the changeset viewer.