Split rest authentication into two. For web apps integration url is /c/restful/

This commit is contained in:
Paulo Gustavo Veiga
2012-11-10 17:19:28 -03:00
parent 6a9d1c684e
commit a228ea6ed5
39 changed files with 178 additions and 113 deletions

View File

@@ -113,6 +113,11 @@
<url-pattern>/service/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>mvc-rest</servlet-name>
<url-pattern>/c/restful/*</url-pattern>
</servlet-mapping>
<welcome-file-list>
<welcome-file>
index.jsp

View File

@@ -2,14 +2,11 @@
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:sec="http://www.springframework.org/schema/security"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.1.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context.xsd">
http://www.springframework.org/schema/security/spring-security-3.1.xsd">
<bean id="encoder"
class="com.wisemapping.security.CustomPasswordEncoder"/>
@@ -39,17 +36,19 @@
<sec:http pattern="/c/try" security="none"/>
<sec:http use-expressions="true" create-session="never" pattern="/service/**">
<sec:http use-expressions="true" create-session="stateless" pattern="/service/**">
<sec:intercept-url pattern="/service/admin/users/**" access="isAuthenticated() and hasRole('ROLE_ADMIN')"/>
<sec:intercept-url pattern="/service/**" access="isAuthenticated() and hasRole('ROLE_USER')"/>
<sec:http-basic/>
</sec:http>
<sec:http use-expressions="true" access-denied-page="/c/login">
<sec:intercept-url pattern="/c/restful/admin/users/**" access="isAuthenticated() and hasRole('ROLE_ADMIN')"/>
<sec:intercept-url pattern="/c/**/*" access="isAuthenticated() and hasRole('ROLE_USER')"/>
<sec:form-login login-page="/c/login"
default-target-url='/c/maps/'
always-use-default-target='false'
authentication-success-handler-ref="authenticationSuccessHandler"
always-use-default-target="false"
authentication-failure-url="/c/login?login_error=2"
login-processing-url="/c/j_spring_security_check"/>
<sec:remember-me key="wisemapping-hashed-key"/>
@@ -67,7 +66,13 @@
</bean>
<bean id="userDetailsService" class="com.wisemapping.security.UserDetailsService">
<!--suppress SpringModelInspection -->
<property name="userService" ref="userService"/>
<property name="adminUser" value="${admin.user}"/>
</bean>
<bean id="authenticationSuccessHandler" class="com.wisemapping.security.AuthenticationSuccessHandler">
<property name="defaultTargetUrl" value="/c/maps/"/>
<property name="alwaysUseDefaultTargetUrl" value="false"/>
</bean>
</beans>

View File

@@ -11,7 +11,7 @@
http://www.springframework.org/schema/mvc
http://www.springframework.org/schema/mvc/spring-mvc-3.1.xsd">
<context:component-scan base-package="com.wisemapping.ncontroller"/>
<context:component-scan base-package="com.wisemapping.webmvc"/>
<context:annotation-config/>
<mvc:annotation-driven/>
<context:property-placeholder location="/WEB-INF/app.properties" ignore-unresolvable="true"/>

View File

@@ -212,7 +212,7 @@ function updateStarred(spanElem) {
$(spanElem).addClass('starredOff');
}
jQuery.ajax("service/maps/" + mapId + "/starred", {
jQuery.ajax("c/restful/maps/" + mapId + "/starred", {
async:false,
dataType:'json',
data:"" + starred,
@@ -250,7 +250,7 @@ $(function () {
function () {
$("#new-dialog-modal").dialogForm({
redirect:"c/maps/{header.resourceId}/edit",
url:"service/maps"
url:"c/restful/maps"
});
});
@@ -270,7 +270,7 @@ $(function () {
// Initialize dialog ...
$("#duplicate-dialog-modal").dialogForm({
redirect:"c/maps/{header.resourceId}/edit",
url:"service/maps/" + mapId
url:"c/restful/maps/" + mapId
});
}
});
@@ -304,7 +304,7 @@ $(function () {
rowData.description = reqBodyData.description;
dataTable.fnAddData(JSON.parse(JSON.stringify(rowData)));
},
url:"service/maps/" + mapId
url:"c/restful/maps/" + mapId
});
}
});
@@ -322,7 +322,7 @@ $(function () {
// Remove old entry ...
tableUI.dataTableExt.removeSelectedRows();
},
url:"service/maps/batch?ids=" + jQuery.makeArray(mapIds).join(',')
url:"c/restful/maps/batch?ids=" + jQuery.makeArray(mapIds).join(',')
});
}
});
@@ -385,7 +385,7 @@ $(function () {
$('#foldersContainer .active i').addClass('icon-white');
// Reload the table data ...
dataTable.fnReloadAjax("service/maps/?q=" + $(this).attr('data-filter'), callbackOnTableInit, true);
dataTable.fnReloadAjax("c/restful/maps/?q=" + $(this).attr('data-filter'), callbackOnTableInit, true);
event.preventDefault();
});
});

View File

@@ -116,7 +116,7 @@
$('#changePasswordMsg').removeClass('alert-info').addClass('alert-error').show();
$('#changePasswordMsg').text('<spring:message code="PASSWORD_MISSMATCH"/>');
} else {
postChange("service/account/password", inputVal, 'changePasswordMsg', '<spring:message code="CHANGE_PASSWORD_SUCCESS"/>');
postChange("c/restful/account/password", inputVal, 'changePasswordMsg', '<spring:message code="CHANGE_PASSWORD_SUCCESS"/>');
}
event.preventDefault();
});
@@ -125,15 +125,15 @@
var fistname = $('#changeUserForm #firstname').val();
var lastname = $('#changeUserForm #lastname').val();
postChange("service/account/firstname", fistname, 'changeInfoMsg', '<spring:message code="INFO_UPDATE_SUCCESS"/>');
postChange("service/account/lastname", lastname, 'changeInfoMsg', '<spring:message code="INFO_UPDATE_SUCCESS"/>');
postChange("c/restful/account/firstname", fistname, 'changeInfoMsg', '<spring:message code="INFO_UPDATE_SUCCESS"/>');
postChange("c/restful/account/lastname", lastname, 'changeInfoMsg', '<spring:message code="INFO_UPDATE_SUCCESS"/>');
event.preventDefault();
});
$('#languageForm').submit(function (event) {
var locale = $('#languageForm option:selected').val();
postChange("service/account/locale", locale, 'languageMsg', '<spring:message code="INFO_UPDATE_SUCCESS"/>');
postChange("c/restful/account/locale", locale, 'languageMsg', '<spring:message code="INFO_UPDATE_SUCCESS"/>');
event.preventDefault();
});
</script>

View File

@@ -40,7 +40,7 @@
}
});
</script>
<form method="GET" class="form-horizontal" action="service/maps/${mindmap.id}"
<form method="GET" class="form-horizontal" action="c/restful/maps/${mindmap.id}"
enctype="application/x-www-form-urlencoded" id="iframeExportForm">
<input name="svgXml" id="svgXml" value="" type="hidden"/>
<input name="download" id="download" type="hidden" value="mm"/>

View File

@@ -9,6 +9,7 @@
<%--@elvariable id="editorTryMode" type="java.lang.Boolean"--%>
<%--@elvariable id="editorTryMode" type="java.lang.String"--%>
<%--@elvariable id="mapXml" type="com.wisemapping.model.User"--%>
<%--@elvariable id="lockInfo" type="com.wisemapping.service.LockInfo"--%>
<html>
<head>
<base href="${requestScope['site.baseurl']}/">
@@ -37,13 +38,14 @@
<c:if test="${!memoryPersistence && !readOnlyMode}">
options.persistenceManager = new mindplot.RESTPersistenceManager(
{
saveUrl:"service/maps/{id}/document",
revertUrl:"service/maps/{id}/history/latest",
lockUrl:"service/maps/{id}/lock",
saveUrl:"c/restful/maps/{id}/document",
revertUrl:"c/restful/maps/{id}/history/latest",
lockUrl:"c/restful/maps/{id}/lock",
timestamp: ${lockTimestamp},
session: ${lockSession}
}
);
</c:if>
var userOptions = ${mindmap.properties};
options.zoom = userOptions.zoom;
@@ -68,7 +70,7 @@
}
<c:if test="${mindmapLocked}">
$notify("<spring:message code="MINDMAP_LOCKED" arguments="${lockInfo.collaborator.email}"/>", false);
$notify("<spring:message code="MINDMAP_LOCKED" arguments="${lockInfo.user.fullName},${lockInfo.user.email}"/>", false);
</c:if>
});

View File

@@ -6,7 +6,7 @@
</p>
<div>
<form method="GET" class="form-horizontal" action="service/maps/${mindmap.id}"
<form method="GET" class="form-horizontal" action="c/restful/maps/${mindmap.id}"
enctype="application/x-www-form-urlencoded" id="dialogMainForm">
<input name="svgXml" id="svgXml" value="" type="hidden"/>
<input name="download" type="hidden" value="mm"/>
@@ -75,7 +75,7 @@
var form = $('#dialogMainForm');
// Restore default ..
form.attr('action', 'service/maps/${mindmap.id}.' + formatType);
form.attr('action', 'c/restful/maps/${mindmap.id}.' + formatType);
if (formatType == 'image' || formatType == 'svg' || formatType == 'pdf') {
@@ -85,7 +85,7 @@
}
// Change to transform url ...
form.attr('method', "POST");
form.attr('action', 'service/transform.' + formatType);
form.attr('action', 'c/restful/transform.' + formatType);
// Load page SVG ...
var svgXml = window.parent.document.getElementById('workspaceContainer').innerHTML;

View File

@@ -26,7 +26,7 @@
<script type="text/javascript">
var tableElem = $('#historyTable');
jQuery.ajax("service/maps/${mindmapId}/history", {
jQuery.ajax("c/restful/maps/${mindmapId}/history", {
async:false,
dataType:'json',
type:'GET',
@@ -54,7 +54,7 @@
});
tableElem.find('tr a.revert').each(function () {
$(this).click(function (event) {
var url = "service/maps/${mindmapId}/history/" + $(this).closest("tr").attr("data-history-id");
var url = "c/restful/maps/${mindmapId}/history/" + $(this).closest("tr").attr("data-history-id");
jQuery.post(url, function (data) {
window.parent.location = "c/maps/${mindmapId}/edit";
});

View File

@@ -48,7 +48,7 @@
description = description == undefined ? "" : description;
// Save status on click ...
jQuery.ajax("service/maps?title=" + encodeURI(title) + "&description=" + encodeURI(description),
jQuery.ajax("c/restful/maps?title=" + encodeURI(title) + "&description=" + encodeURI(description),
{
async:false,
data:fileContent,

View File

@@ -33,7 +33,7 @@
$(function () {
$('#mindmapListTable').dataTable({
bProcessing:true,
sAjaxSource:"service/maps/",
sAjaxSource:"c/restful/maps/",
sAjaxDataProp:'mindmapsInfo',
fnInitComplete:function () {
$('#mindmapListTable tbody').change(updateStatusToolbar);

View File

@@ -105,7 +105,7 @@ solid black" src="${baseUrl}/c/maps/${mindmap.id}/embed?zoom=1"&gt; &lt;/iframe&
// Save status on click ...
$('#dialogMainForm').submit(function (event) {
jQuery.ajax("service/maps/${mindmap.id}/publish", {
jQuery.ajax("c/restful/maps/${mindmap.id}/publish", {
async:false,
dataType:'json',
data:$('#dialogMainForm #enablePublicView')[0].checked ? 'true' : 'false',

View File

@@ -164,7 +164,7 @@ var removeCollab = function (email) {
};
$(function () {
jQuery.ajax("service/maps/${mindmap.id}/collabs", {
jQuery.ajax("c/restful/maps/${mindmap.id}/collabs", {
async:false,
dataType:'json',
type:'GET',
@@ -284,7 +284,7 @@ var submitDialogForm = function () {
});
collabs['message'] = $("#collabMessage").val();
jQuery.ajax("service/maps/${mindmap.id}/collabs", {
jQuery.ajax("c/restful/maps/${mindmap.id}/collabs", {
async:false,
dataType:'json',
type:'PUT',