From 19e7a87af0e8b17a418497b41c8b8c98708cd01f Mon Sep 17 00:00:00 2001 From: Ioakeim Samaras Date: Tue, 1 Oct 2019 14:57:08 +0300 Subject: [PATCH] [UI] Fix ONAP Portal SDK redirection bug Whenever a login redirection is needed, the user is redirected to the UI login page. JIRA: VAL-60 Signed-off-by: Ioakeim Samaras Change-Id: I220ef9b046ff4263717877480f750b2e8299c690 --- ui/CHANGELOG.md | 8 ++++ ui/pom.xml | 2 +- .../validation/ui/conf/ExternalAppConfig.java | 2 +- .../ui/controller/ModelsViewsController.java | 6 +++ .../validation/ui/login/LoginStrategyImpl.java | 43 ++++++++++++++++++---- ui/src/main/resources/portal.properties | 2 +- ui/src/main/webapp/WEB-INF/conf/system.properties | 3 +- ui/src/main/webapp/WEB-INF/jsp/login.jsp | 1 + ui/src/main/webapp/WEB-INF/jsp/login_external.jsp | 1 + 9 files changed, 56 insertions(+), 12 deletions(-) diff --git a/ui/CHANGELOG.md b/ui/CHANGELOG.md index 1c801c7..0125a8e 100644 --- a/ui/CHANGELOG.md +++ b/ui/CHANGELOG.md @@ -216,3 +216,11 @@ All notable changes to this project will be documented in this file. - MariaDB has been substituted with MySQL ### Removed + +## [0.4.2-SNAPSHOT] - 1 October 2019 +### Added + +### Changed +- Redirection bug during session timeouts and unauthorized accesses of resources fixed. + +### Removed diff --git a/ui/pom.xml b/ui/pom.xml index 3e39f70..357c073 100644 --- a/ui/pom.xml +++ b/ui/pom.xml @@ -14,7 +14,7 @@ org.akraino.validation ui - 0.4.1-SNAPSHOT + 0.4.2-SNAPSHOT Bluval UI Maven Webapp war diff --git a/ui/src/main/java/org/akraino/validation/ui/conf/ExternalAppConfig.java b/ui/src/main/java/org/akraino/validation/ui/conf/ExternalAppConfig.java index 85265c0..738722a 100644 --- a/ui/src/main/java/org/akraino/validation/ui/conf/ExternalAppConfig.java +++ b/ui/src/main/java/org/akraino/validation/ui/conf/ExternalAppConfig.java @@ -169,7 +169,7 @@ public class ExternalAppConfig extends AppConfig implements Configurable { @Override public void addInterceptors(InterceptorRegistry registry) { super.setExcludeUrlPathsForSessionTimeout("/login_external", "*/login_external.htm", "login", "/login.htm", - "/api*", "/single_signon.htm", "/single_signon", "logout", "/logout.htm"); + "/api*", "/single_signon.htm", "/single_signon", "logout", "/logout.htm", "/process_csp"); super.addInterceptors(registry); } diff --git a/ui/src/main/java/org/akraino/validation/ui/controller/ModelsViewsController.java b/ui/src/main/java/org/akraino/validation/ui/controller/ModelsViewsController.java index 2ae1c4f..db75754 100644 --- a/ui/src/main/java/org/akraino/validation/ui/controller/ModelsViewsController.java +++ b/ui/src/main/java/org/akraino/validation/ui/controller/ModelsViewsController.java @@ -20,6 +20,7 @@ import java.util.HashMap; import java.util.Map; import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; import org.onap.portalsdk.core.controller.RestrictedBaseController; import org.springframework.stereotype.Controller; @@ -179,6 +180,11 @@ public class ModelsViewsController extends RestrictedBaseController { return new ModelAndView(defaultViewName); } + @RequestMapping(value = { "/process_csp" }, method = RequestMethod.GET) + public ModelAndView processCsp(HttpServletRequest request, HttpServletResponse response) throws Exception { + return new ModelAndView("redirect:login.htm?redirectUrl=" + request.getParameter("redirectUrl")); + } + @RequestMapping(value = { "/logout.htm" }, method = RequestMethod.GET) public ModelAndView login() { Map model = new HashMap<>(); diff --git a/ui/src/main/java/org/akraino/validation/ui/login/LoginStrategyImpl.java b/ui/src/main/java/org/akraino/validation/ui/login/LoginStrategyImpl.java index ea14483..bebc35a 100644 --- a/ui/src/main/java/org/akraino/validation/ui/login/LoginStrategyImpl.java +++ b/ui/src/main/java/org/akraino/validation/ui/login/LoginStrategyImpl.java @@ -65,6 +65,7 @@ public class LoginStrategyImpl extends LoginStrategy { LoginBean commandBean = new LoginBean(); String loginId = request.getParameter("loginId"); String password = request.getParameter("password"); + String redirectUrl = request.getParameter("redirectUrl"); commandBean.setLoginId(loginId); commandBean.setLoginPwd(password); commandBean.setUserid(loginId); @@ -77,15 +78,25 @@ public class LoginStrategyImpl extends LoginStrategy { : "login.error.external.invalid"; Map model = new HashMap<>(); model.put("error", loginErrorMessage); - return new ModelAndView("login_external", "model", model); + if (redirectUrl == null || redirectUrl.equals("")) { + return new ModelAndView("login_external", "model", model); + } else { + return new ModelAndView( + "redirect:login_external.htm?redirectUrl=" + request.getParameter("redirectUrl")); + } } else { // store the currently logged in user's information in the session UserUtils.setUserSession(request, commandBean.getUser(), commandBean.getMenu(), commandBean.getBusinessDirectMenu(), SystemProperties.getProperty(SystemProperties.LOGIN_METHOD_BACKDOOR), roleFunctionList); initateSessionMgtHandler(request); - // user has been authenticated, now take them to the welcome page - return new ModelAndView("redirect:welcome.htm"); + // user has been authenticated, now take them to the welcome or redirection page + if (redirectUrl == null || redirectUrl.equals("")) { + return new ModelAndView("redirect:welcome.htm"); + } else { + return new ModelAndView("redirect:" + + redirectUrl.substring(redirectUrl.lastIndexOf("/bluvalui/") + 10, redirectUrl.length())); + } } } @@ -97,6 +108,7 @@ public class LoginStrategyImpl extends LoginStrategy { LoginBean commandBean = new LoginBean(); String loginId = request.getParameter("loginId"); String password = request.getParameter("password"); + String redirectUrl = request.getParameter("redirectUrl"); commandBean.setLoginId(loginId); commandBean.setLoginPwd(password); commandBean.setUserid(loginId); @@ -113,15 +125,25 @@ public class LoginStrategyImpl extends LoginStrategy { : "login.error.external.invalid"; Map model = new HashMap<>(); model.put("error", loginErrorMessage); - return new ModelAndView("login_external", "model", model); + if (redirectUrl == null || redirectUrl.equals("")) { + return new ModelAndView("login_external", "model", model); + } else { + return new ModelAndView( + "redirect:login_external.htm?redirectUrl=" + request.getParameter("redirectUrl")); + } } else { // store the currently logged in user's information in the session UserUtils.setUserSession(request, commandBean.getUser(), commandBean.getMenu(), commandBean.getBusinessDirectMenu(), SystemProperties.getProperty(SystemProperties.LOGIN_METHOD_BACKDOOR), roleFunctionList); initateSessionMgtHandler(request); - // user has been authenticated, now take them to the welcome page - return new ModelAndView("redirect:welcome"); + // user has been authenticated, now take them to the welcome or redirection page + if (redirectUrl == null || redirectUrl.equals("")) { + return new ModelAndView("redirect:welcome.htm"); + } else { + return new ModelAndView("redirect:" + + redirectUrl.substring(redirectUrl.lastIndexOf("/bluvalui/") + 10, redirectUrl.length())); + } } } catch (CipherUtilException e) { LOGGER.error(EELFLoggerDelegate.errorLogger, "Error in Cipher." + UserUtils.getStackTrace(e)); @@ -130,8 +152,13 @@ public class LoginStrategyImpl extends LoginStrategy { commandBean.getBusinessDirectMenu(), SystemProperties.getProperty(SystemProperties.LOGIN_METHOD_BACKDOOR), roleFunctionList); initateSessionMgtHandler(request); - // user has been authenticated, now take them to the welcome page - return new ModelAndView("redirect:welcome"); + // user has been authenticated, now take them to the welcome or redirection page + if (redirectUrl == null || redirectUrl.equals("")) { + return new ModelAndView("redirect:welcome.htm"); + } else { + return new ModelAndView("redirect:" + + redirectUrl.substring(redirectUrl.lastIndexOf("/bluvalui/") + 10, redirectUrl.length())); + } } } diff --git a/ui/src/main/resources/portal.properties b/ui/src/main/resources/portal.properties index 8269919..cdc5496 100644 --- a/ui/src/main/resources/portal.properties +++ b/ui/src/main/resources/portal.properties @@ -56,7 +56,7 @@ use_rest_for_functional_menu=true portal.api.impl.class = org.onap.portalapp.service.OnBoardingApiServiceImpl # URL of the Portal where this app is onboarded -ecomp_redirect_url = +ecomp_redirect_url = https://bluval.akraino.org:8443/bluvalui/ # URL of the ECOMP Portal REST API ecomp_rest_url = http://portal.onap.org:50580/ecompportal/auxapi diff --git a/ui/src/main/webapp/WEB-INF/conf/system.properties b/ui/src/main/webapp/WEB-INF/conf/system.properties index 0a4930f..0ab13fc 100644 --- a/ui/src/main/webapp/WEB-INF/conf/system.properties +++ b/ui/src/main/webapp/WEB-INF/conf/system.properties @@ -78,8 +78,9 @@ instance_uuid=8da691c9-987d-43ed-a358-00ac2f35685d # Application base URL has the host and app context only; a proper prefix of the on-boarded URL. # Only required for applications using FE/BE separation. For example: # app_base_url = https://www.onap.org/app_context/ +app_base_url = https://bluval.akraino.org:8443/bluvalui #authenticate user server authenticate_user_server=http://todo_enter_auth_server_hostname:8383/openid-connect-server-webapp/allUsers #cookie domain -cookie_domain = onap.org \ No newline at end of file +cookie_domain = \ No newline at end of file diff --git a/ui/src/main/webapp/WEB-INF/jsp/login.jsp b/ui/src/main/webapp/WEB-INF/jsp/login.jsp index b1554a7..3730375 100644 --- a/ui/src/main/webapp/WEB-INF/jsp/login.jsp +++ b/ui/src/main/webapp/WEB-INF/jsp/login.jsp @@ -99,6 +99,7 @@ limitations under the License. style="width: 140px;height:25px;border-radius:7px;font-size:18px;padding-left:5px;" maxlength="30">

+ diff --git a/ui/src/main/webapp/WEB-INF/jsp/login_external.jsp b/ui/src/main/webapp/WEB-INF/jsp/login_external.jsp index a007d05..7861541 100644 --- a/ui/src/main/webapp/WEB-INF/jsp/login_external.jsp +++ b/ui/src/main/webapp/WEB-INF/jsp/login_external.jsp @@ -99,6 +99,7 @@ limitations under the License. style="width: 140px;height:25px;border-radius:7px;font-size:18px;padding-left:5px;" maxlength="30">

+ -- 2.16.6