Commit Acegi Security, projet ok mais des bugs dans la securite (a voir)

2008-01-27 19:53:45 +00:00
parent fb9b5349d2
commit 41f2c4d54a
15 changed files with 265 additions and 21 deletions
--- a/YACOSWeb/WebContent/WEB-INF/jsp/denied.jsp
+++ b/YACOSWeb/WebContent/WEB-INF/jsp/denied.jsp
@@ -0,0 +1,10 @@
+<%@ include file="/WEB-INF/decorators/include.jsp"%>
+
+<html>
+<head></head>
+<body>
+
+Acces denied. Sorry for this inconvenience.
+
+</body>
+</html>
--- a/YACOSWeb/WebContent/WEB-INF/jsp/login.jsp
+++ b/YACOSWeb/WebContent/WEB-INF/jsp/login.jsp
@@ -0,0 +1,42 @@
+<%@ include file="/WEB-INF/decorators/include.jsp"%>
+<%@ page import="org.acegisecurity.context.SecurityContextHolder" %>
+
+
+<html>
+<head></head>
+<body>
+
+
+<form action="<c:url value='j_acegi_security_check'/>" method="POST">
+
+  <table>
+    <tr>
+      <td>User:</td>
+       <td><input type='text' name='j_username' />
+      </td>
+    </tr>
+    <tr>
+      <td>Password:</td>
+      <td><input type='password' name='j_password' /></td>
+    </tr>
+    <tr>
+      <td><input type="checkbox" name="_acegi_security_remember_me" /></td>
+      <td>Se souvenir de moi</td>
+    </tr>
+    <tr>
+    	<td><input name="submit" type="submit" /></td>
+    	<td><input name="reset" type="reset" /></td>
+    </tr>
+
+  </table>
+</form>
+ <authz:authentication operation="username"></authz:authentication>
+<authz:authorize ifAllGranted="ROLE_AUTHOR"> 
+
+ <h1>Welcome: <%= SecurityContextHolder.getContext().getAuthentication().getName() %></h1> 
+ </authz:authorize>
+
+
+
+</body>
+</html>
--- a/YACOSWeb/WebContent/WEB-INF/jsp/main.jsp
+++ b/YACOSWeb/WebContent/WEB-INF/jsp/main.jsp
@@ -1,4 +1,5 @@
 <%@ include file="/WEB-INF/decorators/include.jsp"%>
+<%@ page import="org.acegisecurity.context.SecurityContextHolder" %>

 <html>
 <head></head>
@@ -8,7 +9,13 @@ ${user}
 ${conference}
 Page d'accueil <20> changer de place (controller dans system et non dans author)
 Si conf active : page d'intro de la conf
-si pas de conf active : page d'intro du site (visiteur)
+si pas de conf active : page d'intro du site (visiteur)<br/><br/>
+
+<b> UserName : </b><authz:authentication operation="username"></authz:authentication><br/>
+Seulement si ROLE_AUTHOR :
+<authz:authorize ifAllGranted="ROLE_AUTHOR"> 
+ <h1>Bienvenue: <%= SecurityContextHolder.getContext().getAuthentication().getName() %></h1> 
+</authz:authorize>

  </body>
 </html>
--- a/YACOSWeb/WebContent/WEB-INF/jsp/secure/authenticatedusers.jsp
+++ b/YACOSWeb/WebContent/WEB-INF/jsp/secure/authenticatedusers.jsp
@@ -0,0 +1,14 @@
+<%@ include file="/WEB-INF/decorators/include.jsp"%>
+<%@ page import="org.acegisecurity.context.SecurityContextHolder" %>
+
+<html>
+<head></head>
+<body>
+
+
+<h1>Welcome: <%= SecurityContextHolder.getContext().getAuthentication().getName() %></h1>
+<p><a href="../../">Home</a>
+<p><a href="../../j_acegi_logout">Logout</a>
+
+</body>
+</html>