dhis2-devs team mailing list archive
-
dhis2-devs team
-
Mailing list archive
-
Message #11334
[Branch ~dhis2-devs-core/dhis2/trunk] Rev 3208: redirect to referrer after login, also added general functionality for running actions on login
------------------------------------------------------------
revno: 3208
committer: Morten Olav Hansen <mortenoh@xxxxxxxxx>
branch nick: dhis2
timestamp: Tue 2011-03-29 23:28:45 +0200
message:
redirect to referrer after login, also added general functionality for running actions on login
added:
dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/DefaultAuthenticationSuccessHandler.java
dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/intercept/LoginInterceptor.java
renamed:
dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/action/LoggedInAction.java => dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/action/RestrictOrganisationUnitsAction.java
modified:
dhis-2/dhis-web/dhis-web-commons/src/main/resources/META-INF/dhis/security.xml
dhis-2/dhis-web/dhis-web-commons/src/main/resources/dhis-web-commons.xml
dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/action/RestrictOrganisationUnitsAction.java
--
lp:dhis2
https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk
Your team DHIS 2 developers is subscribed to branch lp:dhis2.
To unsubscribe from this branch go to https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk/+edit-subscription
=== added file 'dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/DefaultAuthenticationSuccessHandler.java'
--- dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/DefaultAuthenticationSuccessHandler.java 1970-01-01 00:00:00 +0000
+++ dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/DefaultAuthenticationSuccessHandler.java 2011-03-29 21:28:45 +0000
@@ -0,0 +1,63 @@
+package org.hisp.dhis.security;
+
+/*
+ * Copyright (c) 2004-2010, University of Oslo
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ * * Redistributions of source code must retain the above copyright notice, this
+ * list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ * * Neither the name of the HISP project nor the names of its contributors may
+ * be used to endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
+ * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+ * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+import java.io.IOException;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.hisp.dhis.security.intercept.LoginInterceptor;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
+
+/**
+ * Since ActionContext is not available at this point, we set a mark in the
+ * session that signales that login has just occured, and that LoginInterceptor
+ * should be run.
+ *
+ * @author mortenoh
+ */
+public class DefaultAuthenticationSuccessHandler
+ extends SavedRequestAwareAuthenticationSuccessHandler
+{
+ private static final Log log = LogFactory.getLog( DefaultAuthenticationSuccessHandler.class );
+
+ @Override
+ public void onAuthenticationSuccess( HttpServletRequest request, HttpServletResponse response,
+ Authentication authentication )
+ throws ServletException, IOException
+ {
+ request.getSession().setAttribute( LoginInterceptor.JLI_SESSION_VARIABLE, Boolean.TRUE );
+
+ super.onAuthenticationSuccess( request, response, authentication );
+ }
+}
=== renamed file 'dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/action/LoggedInAction.java' => 'dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/action/RestrictOrganisationUnitsAction.java'
--- dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/action/LoggedInAction.java 2010-04-12 21:23:33 +0000
+++ dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/action/RestrictOrganisationUnitsAction.java 2011-03-29 21:28:45 +0000
@@ -41,7 +41,7 @@
* @author Torgeir Lorange Ostby
* @version $Id: LoggedInAction.java 5649 2008-09-05 20:07:34Z larshelg $
*/
-public class LoggedInAction
+public class RestrictOrganisationUnitsAction
implements Action
{
// -------------------------------------------------------------------------
=== added file 'dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/intercept/LoginInterceptor.java'
--- dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/intercept/LoginInterceptor.java 1970-01-01 00:00:00 +0000
+++ dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/intercept/LoginInterceptor.java 2011-03-29 21:28:45 +0000
@@ -0,0 +1,96 @@
+package org.hisp.dhis.security.intercept;
+
+/*
+ * Copyright (c) 2004-2010, University of Oslo
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ * * Redistributions of source code must retain the above copyright notice, this
+ * list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ * * Neither the name of the HISP project nor the names of its contributors may
+ * be used to endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
+ * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+ * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+import java.util.ArrayList;
+import java.util.List;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.struts2.ServletActionContext;
+
+import com.opensymphony.xwork2.Action;
+import com.opensymphony.xwork2.ActionInvocation;
+import com.opensymphony.xwork2.interceptor.Interceptor;
+
+/**
+ * Interceptor that will run a list of actions when the user first logins.
+ *
+ * @author mortenoh
+ */
+public class LoginInterceptor
+ implements Interceptor
+{
+ private static final long serialVersionUID = -5376334780350610573L;
+
+ private static final Log log = LogFactory.getLog( LoginInterceptor.class );
+
+ public static final String JLI_SESSION_VARIABLE = "JLI";
+
+ private List<Action> actions = new ArrayList<Action>();
+
+ /**
+ * @param actions List of actions to run on login.
+ */
+ public void setActions( List<Action> actions )
+ {
+ this.actions = actions;
+ }
+
+ @Override
+ public String intercept( ActionInvocation invocation )
+ throws Exception
+ {
+ Boolean jli = (Boolean) ServletActionContext.getRequest().getSession()
+ .getAttribute( LoginInterceptor.JLI_SESSION_VARIABLE );
+
+ if ( jli != null )
+ {
+ log.info( "JLI marker is present. Running " + actions.size() + " JLI actions." );
+
+ for ( Action a : actions )
+ {
+ a.execute();
+ }
+
+ ServletActionContext.getRequest().getSession().removeAttribute( LoginInterceptor.JLI_SESSION_VARIABLE );
+ }
+
+ return invocation.invoke();
+ }
+
+ @Override
+ public void destroy()
+ {
+ }
+
+ @Override
+ public void init()
+ {
+ }
+}
=== modified file 'dhis-2/dhis-web/dhis-web-commons/src/main/resources/META-INF/dhis/security.xml'
--- dhis-2/dhis-web/dhis-web-commons/src/main/resources/META-INF/dhis/security.xml 2011-03-23 19:21:50 +0000
+++ dhis-2/dhis-web/dhis-web-commons/src/main/resources/META-INF/dhis/security.xml 2011-03-29 21:28:45 +0000
@@ -7,9 +7,9 @@
<sec:global-method-security jsr250-annotations="disabled" pre-post-annotations="disabled" secured-annotations="disabled" />
<sec:http access-decision-manager-ref="accessDecisionManager" use-expressions="true" realm="DHIS2">
- <sec:form-login default-target-url="/dhis-web-commons-security/loggedIn.action" always-use-default-target="true"
+ <sec:form-login default-target-url="/" always-use-default-target="false"
login-processing-url="/dhis-web-commons-security/login.action" authentication-failure-url="/dhis-web-commons/security/loginfailed.html"
- login-page="/dhis-web-commons/security/login.html" />
+ login-page="/dhis-web-commons/security/login.html" authentication-success-handler-ref="defaultAuthenticationSuccessHandler"/>
<sec:http-basic />
<sec:logout logout-url="/dhis-web-commons-security/logout.action" />
@@ -25,8 +25,10 @@
<sec:custom-filter ref="automaticAccessFilter" before="LOGOUT_FILTER" />
</sec:http>
+ <bean id="defaultAuthenticationSuccessHandler" class="org.hisp.dhis.security.DefaultAuthenticationSuccessHandler" />
+
<!-- Security : Action -->
- <bean id="org.hisp.dhis.security.action.LoggedInAction" class="org.hisp.dhis.security.action.LoggedInAction" scope="prototype">
+ <bean id="restrictOrganisationUnitsAction" class="org.hisp.dhis.security.action.RestrictOrganisationUnitsAction" scope="prototype">
<property name="currentUserService" ref="org.hisp.dhis.user.CurrentUserService" />
<property name="selectionManager" ref="org.hisp.dhis.ouwt.manager.OrganisationUnitSelectionManager" />
<property name="selectionTreeManager" ref="org.hisp.dhis.oust.manager.SelectionTreeManager" />
@@ -130,6 +132,14 @@
<!-- Security : Interceptor -->
+ <bean id="loginInterceptor" class="org.hisp.dhis.security.intercept.LoginInterceptor">
+ <property name="actions">
+ <list>
+ <ref bean="restrictOrganisationUnitsAction" />
+ </list>
+ </property>
+ </bean>
+
<bean id="org.hisp.dhis.security.intercept.XWorkSecurityInterceptor" class="org.hisp.dhis.security.intercept.XWorkSecurityInterceptor">
<property name="accessDecisionManager" ref="accessDecisionManager" />
<property name="authenticationManager" ref="authenticationManager" />
=== modified file 'dhis-2/dhis-web/dhis-web-commons/src/main/resources/dhis-web-commons.xml'
--- dhis-2/dhis-web/dhis-web-commons/src/main/resources/dhis-web-commons.xml 2011-01-31 08:47:19 +0000
+++ dhis-2/dhis-web/dhis-web-commons/src/main/resources/dhis-web-commons.xml 2011-03-29 21:28:45 +0000
@@ -73,6 +73,7 @@
class="org.hisp.dhis.security.intercept.XWorkSecurityInterceptor" />
<interceptor name="postHttpMethodInterceptor"
class="org.hisp.dhis.security.intercept.HttpMethodInterceptor" />
+ <interceptor name="loginInterceptor" class="loginInterceptor" />
<interceptor-stack name="commonInterceptors">
<interceptor-ref name="staticParams" />
@@ -84,6 +85,7 @@
the access denied error pages can use internationalisation.
-->
<interceptor-ref name="securityInterceptor" />
+ <interceptor-ref name="loginInterceptor" />
<interceptor-ref name="sortOrderInterceptor" />
<interceptor-ref name="displayPropertyInterceptor" />
<interceptor-ref name="systemSettingInterceptor" />
@@ -265,17 +267,6 @@
</package>
- <!-- Security -->
-
- <package name="dhis-web-commons-security" extends="dhis-web-commons"
- namespace="/dhis-web-commons-security">
-
- <action name="loggedIn" class="org.hisp.dhis.security.action.LoggedInAction">
- <result name="success" type="redirect">/</result>
- </action>
-
- </package>
-
<!-- i18n -->
<package name="dhis-web-commons-i18n" extends="dhis-web-commons"