Whenever a login redirection is needed,
the user is redirected to the UI login page.
JIRA: VAL-60
Signed-off-by: Ioakeim Samaras <ioakeim.samaras@ericsson.com>
Change-Id: I220ef9b046ff4263717877480f750b2e8299c690
- MariaDB has been substituted with MySQL
### Removed
- MariaDB has been substituted with MySQL
### Removed
+
+## [0.4.2-SNAPSHOT] - 1 October 2019
+### Added
+
+### Changed
+- Redirection bug during session timeouts and unauthorized accesses of resources fixed.
+
+### Removed
<groupId>org.akraino.validation</groupId>
<artifactId>ui</artifactId>
<groupId>org.akraino.validation</groupId>
<artifactId>ui</artifactId>
- <version>0.4.1-SNAPSHOT</version>
+ <version>0.4.2-SNAPSHOT</version>
<name>Bluval UI Maven Webapp</name>
<packaging>war</packaging>
<name>Bluval UI Maven Webapp</name>
<packaging>war</packaging>
@Override
public void addInterceptors(InterceptorRegistry registry) {
super.setExcludeUrlPathsForSessionTimeout("/login_external", "*/login_external.htm", "login", "/login.htm",
@Override
public void addInterceptors(InterceptorRegistry registry) {
super.setExcludeUrlPathsForSessionTimeout("/login_external", "*/login_external.htm", "login", "/login.htm",
- "/api*", "/single_signon.htm", "/single_signon", "logout", "/logout.htm");
+ "/api*", "/single_signon.htm", "/single_signon", "logout", "/logout.htm", "/process_csp");
super.addInterceptors(registry);
}
super.addInterceptors(registry);
}
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
import org.onap.portalsdk.core.controller.RestrictedBaseController;
import org.springframework.stereotype.Controller;
import org.onap.portalsdk.core.controller.RestrictedBaseController;
import org.springframework.stereotype.Controller;
return new ModelAndView(defaultViewName);
}
return new ModelAndView(defaultViewName);
}
+ @RequestMapping(value = { "/process_csp" }, method = RequestMethod.GET)
+ public ModelAndView processCsp(HttpServletRequest request, HttpServletResponse response) throws Exception {
+ return new ModelAndView("redirect:login.htm?redirectUrl=" + request.getParameter("redirectUrl"));
+ }
+
@RequestMapping(value = { "/logout.htm" }, method = RequestMethod.GET)
public ModelAndView login() {
Map<String, Object> model = new HashMap<>();
@RequestMapping(value = { "/logout.htm" }, method = RequestMethod.GET)
public ModelAndView login() {
Map<String, Object> model = new HashMap<>();
LoginBean commandBean = new LoginBean();
String loginId = request.getParameter("loginId");
String password = request.getParameter("password");
LoginBean commandBean = new LoginBean();
String loginId = request.getParameter("loginId");
String password = request.getParameter("password");
+ String redirectUrl = request.getParameter("redirectUrl");
commandBean.setLoginId(loginId);
commandBean.setLoginPwd(password);
commandBean.setUserid(loginId);
commandBean.setLoginId(loginId);
commandBean.setLoginPwd(password);
commandBean.setUserid(loginId);
: "login.error.external.invalid";
Map<String, String> model = new HashMap<>();
model.put("error", loginErrorMessage);
: "login.error.external.invalid";
Map<String, String> model = new HashMap<>();
model.put("error", loginErrorMessage);
- return new ModelAndView("login_external", "model", model);
+ if (redirectUrl == null || redirectUrl.equals("")) {
+ return new ModelAndView("login_external", "model", model);
+ } else {
+ return new ModelAndView(
+ "redirect:login_external.htm?redirectUrl=" + request.getParameter("redirectUrl"));
+ }
} else {
// store the currently logged in user's information in the session
UserUtils.setUserSession(request, commandBean.getUser(), commandBean.getMenu(),
commandBean.getBusinessDirectMenu(),
SystemProperties.getProperty(SystemProperties.LOGIN_METHOD_BACKDOOR), roleFunctionList);
initateSessionMgtHandler(request);
} else {
// store the currently logged in user's information in the session
UserUtils.setUserSession(request, commandBean.getUser(), commandBean.getMenu(),
commandBean.getBusinessDirectMenu(),
SystemProperties.getProperty(SystemProperties.LOGIN_METHOD_BACKDOOR), roleFunctionList);
initateSessionMgtHandler(request);
- // user has been authenticated, now take them to the welcome page
- return new ModelAndView("redirect:welcome.htm");
+ // user has been authenticated, now take them to the welcome or redirection page
+ if (redirectUrl == null || redirectUrl.equals("")) {
+ return new ModelAndView("redirect:welcome.htm");
+ } else {
+ return new ModelAndView("redirect:"
+ + redirectUrl.substring(redirectUrl.lastIndexOf("/bluvalui/") + 10, redirectUrl.length()));
+ }
LoginBean commandBean = new LoginBean();
String loginId = request.getParameter("loginId");
String password = request.getParameter("password");
LoginBean commandBean = new LoginBean();
String loginId = request.getParameter("loginId");
String password = request.getParameter("password");
+ String redirectUrl = request.getParameter("redirectUrl");
commandBean.setLoginId(loginId);
commandBean.setLoginPwd(password);
commandBean.setUserid(loginId);
commandBean.setLoginId(loginId);
commandBean.setLoginPwd(password);
commandBean.setUserid(loginId);
: "login.error.external.invalid";
Map<String, String> model = new HashMap<>();
model.put("error", loginErrorMessage);
: "login.error.external.invalid";
Map<String, String> model = new HashMap<>();
model.put("error", loginErrorMessage);
- return new ModelAndView("login_external", "model", model);
+ if (redirectUrl == null || redirectUrl.equals("")) {
+ return new ModelAndView("login_external", "model", model);
+ } else {
+ return new ModelAndView(
+ "redirect:login_external.htm?redirectUrl=" + request.getParameter("redirectUrl"));
+ }
} else {
// store the currently logged in user's information in the session
UserUtils.setUserSession(request, commandBean.getUser(), commandBean.getMenu(),
commandBean.getBusinessDirectMenu(),
SystemProperties.getProperty(SystemProperties.LOGIN_METHOD_BACKDOOR), roleFunctionList);
initateSessionMgtHandler(request);
} else {
// store the currently logged in user's information in the session
UserUtils.setUserSession(request, commandBean.getUser(), commandBean.getMenu(),
commandBean.getBusinessDirectMenu(),
SystemProperties.getProperty(SystemProperties.LOGIN_METHOD_BACKDOOR), roleFunctionList);
initateSessionMgtHandler(request);
- // user has been authenticated, now take them to the welcome page
- return new ModelAndView("redirect:welcome");
+ // user has been authenticated, now take them to the welcome or redirection page
+ if (redirectUrl == null || redirectUrl.equals("")) {
+ return new ModelAndView("redirect:welcome.htm");
+ } else {
+ return new ModelAndView("redirect:"
+ + redirectUrl.substring(redirectUrl.lastIndexOf("/bluvalui/") + 10, redirectUrl.length()));
+ }
}
} catch (CipherUtilException e) {
LOGGER.error(EELFLoggerDelegate.errorLogger, "Error in Cipher." + UserUtils.getStackTrace(e));
}
} catch (CipherUtilException e) {
LOGGER.error(EELFLoggerDelegate.errorLogger, "Error in Cipher." + UserUtils.getStackTrace(e));
commandBean.getBusinessDirectMenu(),
SystemProperties.getProperty(SystemProperties.LOGIN_METHOD_BACKDOOR), roleFunctionList);
initateSessionMgtHandler(request);
commandBean.getBusinessDirectMenu(),
SystemProperties.getProperty(SystemProperties.LOGIN_METHOD_BACKDOOR), roleFunctionList);
initateSessionMgtHandler(request);
- // user has been authenticated, now take them to the welcome page
- return new ModelAndView("redirect:welcome");
+ // user has been authenticated, now take them to the welcome or redirection page
+ if (redirectUrl == null || redirectUrl.equals("")) {
+ return new ModelAndView("redirect:welcome.htm");
+ } else {
+ return new ModelAndView("redirect:"
+ + redirectUrl.substring(redirectUrl.lastIndexOf("/bluvalui/") + 10, redirectUrl.length()));
+ }
portal.api.impl.class = org.onap.portalapp.service.OnBoardingApiServiceImpl
# URL of the Portal where this app is onboarded
portal.api.impl.class = org.onap.portalapp.service.OnBoardingApiServiceImpl
# URL of the Portal where this app is onboarded
+ecomp_redirect_url = https://bluval.akraino.org:8443/bluvalui/
# URL of the ECOMP Portal REST API
ecomp_rest_url = http://portal.onap.org:50580/ecompportal/auxapi
# URL of the ECOMP Portal REST API
ecomp_rest_url = http://portal.onap.org:50580/ecompportal/auxapi
# Application base URL has the host and app context only; a proper prefix of the on-boarded URL.
# Only required for applications using FE/BE separation. For example:
# app_base_url = https://www.onap.org/app_context/
# Application base URL has the host and app context only; a proper prefix of the on-boarded URL.
# Only required for applications using FE/BE separation. For example:
# app_base_url = https://www.onap.org/app_context/
+app_base_url = https://bluval.akraino.org:8443/bluvalui
#authenticate user server
authenticate_user_server=http://todo_enter_auth_server_hostname:8383/openid-connect-server-webapp/allUsers
#cookie domain
#authenticate user server
authenticate_user_server=http://todo_enter_auth_server_hostname:8383/openid-connect-server-webapp/allUsers
#cookie domain
-cookie_domain = onap.org
\ No newline at end of file
+cookie_domain =
\ No newline at end of file
style="width: 140px;height:25px;border-radius:7px;font-size:18px;padding-left:5px;" maxlength="30">
<br />
<br />
style="width: 140px;height:25px;border-radius:7px;font-size:18px;padding-left:5px;" maxlength="30">
<br />
<br />
+ <input type="hidden" id="redirectUrl" name="redirectUrl" value="${param.redirectUrl}">
<input id="loginBtn" type="submit" alt="Login" value="Login">
</form>
</div>
<input id="loginBtn" type="submit" alt="Login" value="Login">
</form>
</div>
style="width: 140px;height:25px;border-radius:7px;font-size:18px;padding-left:5px;" maxlength="30">
<br />
<br />
style="width: 140px;height:25px;border-radius:7px;font-size:18px;padding-left:5px;" maxlength="30">
<br />
<br />
+ <input type="hidden" id="redirectUrl" name="redirectUrl" value="${param.redirectUrl}">
<input id="loginBtn" type="submit" alt="Login" value="Login">
</form>
</div>
<input id="loginBtn" type="submit" alt="Login" value="Login">
</form>
</div>