Skip to content

Commit

Permalink
Merge pull request #43 from CityOfNewYork/v2.1
Browse files Browse the repository at this point in the history 
Merge v2.1 changes into master
  • Loading branch information
@zgary
zgary authored Oct 16, 2018
2 parents 96eb28d + b274b92 commit 0c899c0
Show file tree
Hide file tree
Showing 17 changed files with 525 additions and 353 deletions.
8 changes: 6 additions & 2 deletions dspace-api/src/main/java/org/dspace/app/util/Util.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -559,8 +559,12 @@ public static void validateCsrf(HttpServletRequest request) throws AuthorizeExce
HttpSession session = request.getSession();
String storedToken = (String) session.getAttribute("csrfToken");
String formToken = request.getParameter("csrf_token");
if (!storedToken.equals(formToken)) {
throw new AuthorizeException("CSRF Token is Invalid");
if (storedToken == null) {
throw new AuthorizeException("CSRF Token cannot be null");
} else {
if (!storedToken.equals(formToken)) {
throw new AuthorizeException("CSRF Token is Invalid");
}
}
}
}
11 changes: 9 additions & 2 deletions dspace-jspui/src/main/java/org/dspace/app/webui/servlet/SAMLLogoutServlet.java
View file
Original file line number Diff line number Diff line change
@@ -1,16 +1,23 @@
package org.dspace.app.webui.servlet;

import java.io.IOException;
import org.springframework.security.core.context.SecurityContextHolder;

import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

/**
*
*/
public class SAMLLogoutServlet extends HttpServlet {
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws IOException {
// TODO: Logout of Dspace
// Log out user from app after client session timeout
if (request.getSession().getAttribute("SPRING_SECURITY_CONTEXT") != null) {
SecurityContextHolder.clearContext();
request.getSession().invalidate();
request.getSession();
}
response.sendRedirect(request.getContextPath());
}
}
4 changes: 4 additions & 0 deletions dspace-jspui/src/main/java/org/dspace/app/webui/servlet/SAMLServlet.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -99,6 +99,10 @@ protected void doDSGet(Context context, HttpServletRequest request, HttpServletR

// Store user's last active time from request to session
request.getSession().setAttribute("last.active", request.getAttribute("last.active"));
} else if (credential.getAttributeAsString("userType").equals(PUBLIC_USER_TYPE)) {
request.getSession().invalidate();
request.getSession();
request.getSession().setAttribute("userType", PUBLIC_USER_TYPE);
}
response.sendRedirect(request.getContextPath());
}
Expand Down
328 changes: 0 additions & 328 deletions dspace-jspui/src/main/webapp/WEB-INF/spring/securityContext.xml
View file

This file was deleted.

62 changes: 46 additions & 16 deletions dspace-jspui/src/main/webapp/WEB-INF/web.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -63,15 +63,15 @@
<filter-name>rdf-content-negotiation</filter-name>
<filter-class>org.dspace.rdf.negotiation.NegotiationFilter</filter-class>
</filter>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<!--<filter>-->
<!--<filter-name>springSecurityFilterChain</filter-name>-->
<!--<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>-->
<!--</filter>-->

<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!--<filter-mapping>-->
<!--<filter-name>springSecurityFilterChain</filter-name>-->
<!--<url-pattern>/*</url-pattern>-->
<!--</filter-mapping>-->

<!-- Filter mappings -->
<filter-mapping>
Expand Down Expand Up @@ -284,6 +284,11 @@
<servlet-class>org.dspace.app.webui.servlet.InternalErrorServlet</servlet-class>
</servlet>

<servlet>
<servlet-name>logout</servlet-name>
<servlet-class>org.dspace.app.webui.servlet.LogoutServlet</servlet-class>
</servlet>

<servlet>
<servlet-name>metadataexport</servlet-name>
<servlet-class>org.dspace.app.webui.servlet.MetadataExportServlet</servlet-class>
Expand Down Expand Up @@ -325,15 +330,25 @@
</servlet>

<servlet>
<servlet-name>saml-login</servlet-name>
<servlet-class>org.dspace.app.webui.servlet.SAMLServlet</servlet-class>
<servlet-name>password-login</servlet-name>
<servlet-class>org.dspace.app.webui.servlet.PasswordServlet</servlet-class>
</servlet>

<servlet>
<servlet-name>saml-logout</servlet-name>
<servlet-class>org.dspace.app.webui.servlet.SAMLLogoutServlet</servlet-class>
<servlet-name>ldap-login</servlet-name>
<servlet-class>org.dspace.app.webui.servlet.LDAPServlet</servlet-class>
</servlet>

<!--<servlet>-->
<!--<servlet-name>saml-login</servlet-name>-->
<!--<servlet-class>org.dspace.app.webui.servlet.SAMLServlet</servlet-class>-->
<!--</servlet>-->

<!--<servlet>-->
<!--<servlet-name>saml-logout</servlet-name>-->
<!--<servlet-class>org.dspace.app.webui.servlet.SAMLLogoutServlet</servlet-class>-->
<!--</servlet>-->

<servlet>
<servlet-name>profile</servlet-name>
<servlet-class>org.dspace.app.webui.servlet.EditProfileServlet</servlet-class>
Expand Down Expand Up @@ -606,6 +621,11 @@
<url-pattern>/internal-error</url-pattern>
</servlet-mapping>

<servlet-mapping>
<servlet-name>logout</servlet-name>
<url-pattern>/logout</url-pattern>
</servlet-mapping>

<servlet-mapping>
<servlet-name>metadataexport</servlet-name>
<url-pattern>/dspace-admin/metadataexport</url-pattern>
Expand Down Expand Up @@ -647,14 +667,24 @@
</servlet-mapping>

<servlet-mapping>
<servlet-name>saml-login</servlet-name>
<url-pattern>/saml-login</url-pattern>
<servlet-name>password-login</servlet-name>
<url-pattern>/password-login</url-pattern>
</servlet-mapping>

<servlet-mapping>
<servlet-name>saml-logout</servlet-name>
<url-pattern>/saml-logout</url-pattern>
<servlet-name>ldap-login</servlet-name>
<url-pattern>/ldap-login</url-pattern>
</servlet-mapping>

<!--<servlet-mapping>-->
<!--<servlet-name>saml-login</servlet-name>-->
<!--<url-pattern>/saml-login</url-pattern>-->
<!--</servlet-mapping>-->

<!--<servlet-mapping>-->
<!--<servlet-name>saml-logout</servlet-name>-->
<!--<url-pattern>/saml-logout</url-pattern>-->
<!--</servlet-mapping>-->

<servlet-mapping>
<servlet-name>profile</servlet-name>
Expand Down
2 changes: 1 addition & 1 deletion dspace-jspui/src/main/webapp/layout/header-default.jsp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -109,7 +109,7 @@
<%-- HACK: marginwidth, marginheight: for non-CSS compliant Netscape browser --%>
<body class="undernavigation">
<a class="sr-only" href="#content">Skip navigation</a>
<dspace:include page="/layout/header-nyc.jsp" />
<%--<dspace:include page="/layout/header-nyc.jsp" />--%>
<header class="navbar navbar-inverse">
<%
if (!navbar.equals("off"))
Expand Down
71 changes: 68 additions & 3 deletions dspace-jspui/src/main/webapp/layout/header-nyc.jsp
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,3 @@
<%--
--%>
<%@ page contentType="text/html;charset=UTF-8"%>

<%@ page import="org.dspace.core.ConfigurationManager" %>
Expand All @@ -21,6 +18,10 @@
if (user != null)
{
userType = user.getUserType();
} else if (request.getSession().getAttribute("userType") != null) {
// TODO: temporary fix for public user login
// Implement storing public user as (EPerson) request attribute via SAMLAuthentication at a later date
userType = (String) request.getSession().getAttribute("userType");
}
String logoutURL = ConfigurationManager.getProperty("logout.url");
Expand Down Expand Up @@ -62,6 +63,11 @@
<% } %>
</div>
</div>
<div id="dialog" title="Session Timeout Info" style="display:none">
<p>
Your session will expire in approximately 5 minutes.
</p>
</div>
</div>

<script type="text/javascript">
Expand Down Expand Up @@ -95,6 +101,65 @@
});
});
let timeoutID;
<% if (samlLoggedIn) { %>
function resetTimeout() {
// Only clear session timeout if timeout is set and if dialog is hidden
if (timeoutID && !$("#dialog").is(":visible")) {
clearTimeout(timeoutID);
loadDialog();
}
}
function loadDialog() {
var sessionAlive = ${pageContext.session.maxInactiveInterval};
var notifyBefore = 300;
timeoutID = setTimeout(function() {
$(function() {
$("#dialog").dialog({
autoOpen: true,
dialogClass: "no-close",
position: 'center',
maxWidth:400,
maxHeight: 200,
width: 400,
height: 200,
modal: true,
closeOnEscape: false,
open: function() {
setTimeout(function() {
$('#dialog').dialog("close");
}, notifyBefore * 1000);
},
buttons: [
{
text: "Log Out",
click: function() {
$('#dialog').dialog("close");
window.location.href = "<%= request.getContextPath() %>/saml-logout";
}
},
{
text: "Stay Logged In",
click: function() {
window.location.href = "<%= request.getContextPath() %>";
},
},
],
close: function() {
window.location.href = "<%= request.getContextPath() %>/saml-logout";
}
});
});
}, (sessionAlive - notifyBefore) * 1000);
}
loadDialog();
document.onclick = resetTimeout;
<% } %>
// TODO: SAMLProfile Servlet (NYC.ID web service)
<% if (userType.equals(SAMLServlet.PUBLIC_USER_TYPE)) { %>
jQuery("#profile-link").attr(
Expand Down
2 changes: 1 addition & 1 deletion dspace-jspui/src/main/webapp/layout/header-submission.jsp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -107,7 +107,7 @@
<%-- HACK: marginwidth, marginheight: for non-CSS compliant Netscape browser --%>
<body class="undernavigation">
<a class="sr-only" href="#content">Skip navigation</a>
<dspace:include page="/layout/header-nyc.jsp" />
<%--<dspace:include page="/layout/header-nyc.jsp" />--%>
<header class="navbar navbar-inverse">
<%
if (!navbar.equals("off"))
Expand Down
38 changes: 38 additions & 0 deletions dspace-jspui/src/main/webapp/login/ldap-incorrect.jsp
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,38 @@
<%--
The contents of this file are subject to the license and copyright
detailed in the LICENSE and NOTICE files at the root of the source
tree and available online at
http://www.dspace.org/license/
--%>
<%--
- Display message indicating password is incorrect, and allow a retry
--%>

<%@ page contentType="text/html;charset=UTF-8" %>

<%@ taglib uri="http://www.dspace.org/dspace-tags.tld" prefix="dspace" %>
<%@ taglib uri="http://java.sun.com/jsp/jstl/fmt" prefix="fmt" %>

<%@ page import="javax.servlet.jsp.jstl.fmt.LocaleSupport" %>

<dspace:layout navbar="off"
locbar="nolink"
titlekey="jsp.login.ldap-incorrect.title">
<table border="0" width="90%">
<tr>
<td align="left">
<h1><fmt:message key="jsp.login.ldap-incorrect.heading"/></h1>
</td>
<td align="right" class="standard">
<dspace:popup page="<%= LocaleSupport.getLocalizedMessage(pageContext, \"help.index\") + \"#login\" %>"><fmt:message key="jsp.help"/></dspace:popup>
</td>
</tr>
</table>
<p align="center"><strong><fmt:message key="jsp.login.ldap-incorrect.errormsg"/></strong></p>
<dspace:include page="/components/ldap-form.jsp" />
</dspace:layout>
37 changes: 37 additions & 0 deletions dspace-jspui/src/main/webapp/login/ldap.jsp
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
<%--
The contents of this file are subject to the license and copyright
detailed in the LICENSE and NOTICE files at the root of the source
tree and available online at
http://www.dspace.org/license/
--%>
<%--
- Page that displays the netid/password login form
--%>

<%@ page contentType="text/html;charset=UTF-8" %>

<%@ taglib uri="http://www.dspace.org/dspace-tags.tld" prefix="dspace" %>
<%@ taglib uri="http://java.sun.com/jsp/jstl/fmt" prefix="fmt" %>

<%@ page import="javax.servlet.jsp.jstl.fmt.LocaleSupport" %>

<dspace:layout navbar="off"
locbar="off"
titlekey="jsp.login.ldap.title">

<table border="0" width="90%">
<tr>
<td align="left">
<h1><fmt:message key="jsp.login.ldap.heading"/></h1>
</td>
<td align="right" class="standard">
<dspace:popup page="<%= LocaleSupport.getLocalizedMessage(pageContext, \"help.index\") + \"#login\"%>"><fmt:message key="jsp.help"/></dspace:popup>
</td>
</tr>
</table>
<dspace:include page="/components/ldap-form.jsp" />
</dspace:layout>
30 changes: 30 additions & 0 deletions dspace-jspui/src/main/webapp/login/logged-out.jsp
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
<%--
The contents of this file are subject to the license and copyright
detailed in the LICENSE and NOTICE files at the root of the source
tree and available online at
http://www.dspace.org/license/
--%>
<%--
- Displays a message indicating the user has logged out
--%>

<%@ page contentType="text/html;charset=UTF-8" %>

<%@ taglib uri="http://java.sun.com/jsp/jstl/fmt"
prefix="fmt" %>

<%@ taglib uri="http://www.dspace.org/dspace-tags.tld" prefix="dspace" %>

<dspace:layout locbar="nolink" titlekey="jsp.login.logged-out.title">
<%-- <h1>Logged Out</h1> --%>
<h1><fmt:message key="jsp.login.logged-out.title"/></h1>

<%-- <p>Thank you for remembering to log out!</p> --%>
<p><fmt:message key="jsp.login.logged-out.thank"/></p>
<%-- <p><a href="<%= request.getContextPath() %>/">Go to DSpace Home</a></p> --%>
<p><a href="<%= request.getContextPath() %>/"><fmt:message key="jsp.general.gohome"/></a></p>

</dspace:layout>
Loading

0 comments on commit 0c899c0

Please sign in to comment.