Replacing Spring Security framework with Apache Tomcat Valve for Web Security (UI... 22/122/1
authorVenkatraghavan Sankarasubbu <vensanka@sjc-ads-2495.(none)>
Sat, 6 Apr 2013 14:19:52 +0000 (07:19 -0700)
committerVenkatraghavan Sankarasubbu <vensanka@cisco.com>
Sat, 6 Apr 2013 14:27:15 +0000 (07:27 -0700)
Northbound will be handled as part of a different commit.
Updated Web UI modules :
1. Root
2. Flows
3. Devices
4. Topology
5. Troublehshooting

Change-Id: I09fa1968a184bf6ae0c6248e8eea3c05a40433d8
Signed-off-by: Venkatraghavan Sankarasubbu <vensanka@cisco.com>
51 files changed:
opendaylight/distribution/opendaylight/pom.xml
opendaylight/distribution/opendaylight/src/main/resources/configuration/context.xml
opendaylight/distribution/opendaylight/src/main/resources/configuration/tomcat-server.xml
opendaylight/security/pom.xml [new file with mode: 0644]
opendaylight/security/src/main/java/org/opendaylight/controller/security/ControllerCustomRealm.java [new file with mode: 0644]
opendaylight/usermanager/src/main/java/org/opendaylight/controller/usermanager/IUserManager.java
opendaylight/usermanager/src/main/java/org/opendaylight/controller/usermanager/internal/UserManagerImpl.java
opendaylight/usermanager/src/main/java/org/opendaylight/controller/usermanager/security/SessionManager.java
opendaylight/web/devices/pom.xml
opendaylight/web/devices/src/main/java/org/opendaylight/controller/devices/web/Devices.java
opendaylight/web/devices/src/main/resources/WEB-INF/jsp/error.jsp [new file with mode: 0644]
opendaylight/web/devices/src/main/resources/WEB-INF/jsp/login.jsp [new file with mode: 0644]
opendaylight/web/devices/src/main/resources/WEB-INF/spring/context.xml [deleted file]
opendaylight/web/devices/src/main/resources/WEB-INF/spring/servlet/security.xml [deleted file]
opendaylight/web/devices/src/main/resources/WEB-INF/web.xml
opendaylight/web/flows/pom.xml
opendaylight/web/flows/src/main/java/org/opendaylight/controller/flows/web/Flows.java
opendaylight/web/flows/src/main/java/org/opendaylight/controller/flows/web/Flows.java.rej [new file with mode: 0644]
opendaylight/web/flows/src/main/resources/WEB-INF/jsp/error.jsp [new file with mode: 0644]
opendaylight/web/flows/src/main/resources/WEB-INF/jsp/login.jsp [new file with mode: 0644]
opendaylight/web/flows/src/main/resources/WEB-INF/spring/context.xml [deleted file]
opendaylight/web/flows/src/main/resources/WEB-INF/spring/servlet/security.xml [deleted file]
opendaylight/web/flows/src/main/resources/WEB-INF/web.xml
opendaylight/web/root/pom.xml
opendaylight/web/root/src/main/java/org/opendaylight/controller/web/AuthenticationProviderWrapper.java [deleted file]
opendaylight/web/root/src/main/java/org/opendaylight/controller/web/ControllerAuthenticationSuccessHandler.java [deleted file]
opendaylight/web/root/src/main/java/org/opendaylight/controller/web/ControllerCustomFilter.java [deleted file]
opendaylight/web/root/src/main/java/org/opendaylight/controller/web/ControllerLoginUrlAuthEntryPoint.java [deleted file]
opendaylight/web/root/src/main/java/org/opendaylight/controller/web/ControllerLogoutHandler.java [deleted file]
opendaylight/web/root/src/main/java/org/opendaylight/controller/web/ControllerUserDetailsService.java [deleted file]
opendaylight/web/root/src/main/java/org/opendaylight/controller/web/ControllerWebSecurityContextRepository.java [deleted file]
opendaylight/web/root/src/main/java/org/opendaylight/controller/web/DaylightWeb.java
opendaylight/web/root/src/main/java/org/opendaylight/controller/web/DaylightWebAdmin.java
opendaylight/web/root/src/main/resources/WEB-INF/jsp/error.jsp [new file with mode: 0644]
opendaylight/web/root/src/main/resources/WEB-INF/jsp/login.jsp
opendaylight/web/root/src/main/resources/WEB-INF/spring/context.xml [deleted file]
opendaylight/web/root/src/main/resources/WEB-INF/web.xml
opendaylight/web/root/src/main/resources/js/one.js
opendaylight/web/topology/pom.xml
opendaylight/web/topology/src/main/java/org/opendaylight/controller/topology/web/Topology.java
opendaylight/web/topology/src/main/resources/WEB-INF/jsp/error.jsp [new file with mode: 0644]
opendaylight/web/topology/src/main/resources/WEB-INF/jsp/login.jsp [new file with mode: 0644]
opendaylight/web/topology/src/main/resources/WEB-INF/spring/context.xml [deleted file]
opendaylight/web/topology/src/main/resources/WEB-INF/spring/servlet/security.xml [deleted file]
opendaylight/web/topology/src/main/resources/WEB-INF/web.xml
opendaylight/web/troubleshoot/pom.xml
opendaylight/web/troubleshoot/src/main/resources/WEB-INF/jsp/error.jsp [new file with mode: 0644]
opendaylight/web/troubleshoot/src/main/resources/WEB-INF/jsp/login.jsp [new file with mode: 0644]
opendaylight/web/troubleshoot/src/main/resources/WEB-INF/spring/context.xml [deleted file]
opendaylight/web/troubleshoot/src/main/resources/WEB-INF/spring/servlet/security.xml [deleted file]
opendaylight/web/troubleshoot/src/main/resources/WEB-INF/web.xml

index 6984fd6..f6f9a01 100644 (file)
@@ -48,6 +48,9 @@
     <module>../../statisticsmanager</module>
     <module>../../topologymanager</module>
     <module>../../usermanager</module>
+    <module>../../security</module>
+    
+    
     <module>../../../third-party/openflowj</module>
     <module>../../../third-party/net.sf.jung2</module>
     <module>../../../third-party/jersey-servlet</module>
@@ -64,6 +67,8 @@
     <module>../../web/topology</module>
     
     <!-- Northbound bundles -->
+    
+     
     <module>../../northbound/commons</module>
     <module>../../northbound/topology</module>
     <module>../../northbound/staticrouting</module>
@@ -72,7 +77,7 @@
     <module>../../northbound/hosttracker</module>
     <module>../../northbound/subnets</module>
     <module>../../northbound/switchmanager</module>
-
+    
     <!-- Debug and logging -->
     <module>../../logging/bridge</module>
 
index 42199b7..4be0754 100644 (file)
@@ -48,7 +48,9 @@
       <Host name="localhost" appBase=""
             unpackWARs="false" autoDeploy="false"
             deployOnStartup="false" createDirs="false">
-
+        <Realm className="org.opendaylight.controller.security.ControllerCustomRealm" />
+           <Valve className="org.apache.catalina.authenticator.SingleSignOn" />
+     
         <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
                        prefix="web_access_log_" suffix=".txt" resolveHosts="false"
                        rotatable="true" fileDateFormat="yyyy-MM"
diff --git a/opendaylight/security/pom.xml b/opendaylight/security/pom.xml
new file mode 100644 (file)
index 0000000..8b0676b
--- /dev/null
@@ -0,0 +1,60 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project
+       xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"
+       xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+       <modelVersion>4.0.0</modelVersion>
+       <parent>
+               <groupId>org.opendaylight.controller</groupId>
+               <artifactId>commons.opendaylight</artifactId>
+               <version>1.4.0-SNAPSHOT</version>
+               <relativePath>../commons/opendaylight</relativePath>
+       </parent>
+
+       <groupId>org.opendaylight.controller</groupId>
+       <artifactId>security</artifactId>
+       <version>0.4.0-SNAPSHOT</version>
+       <packaging>bundle</packaging>
+       <build>
+               <plugins>
+                       <plugin>
+                               <groupId>org.apache.felix</groupId>
+                               <artifactId>maven-bundle-plugin</artifactId>
+                               <version>2.3.6</version>
+                               <extensions>true</extensions>
+                               <configuration>
+                                       <instructions>
+                                           <Fragment-Host>
+                                           org.apache.catalina
+                                           </Fragment-Host>                                
+                                               <Import-Package>
+                                               org.slf4j,
+                                               javax.servlet,
+                                               org.apache.catalina,
+                                               org.apache.catalina.connector,
+                                               org.apache.catalina.valves,
+                                               org.apache.catalina.realm,
+                                               org.opendaylight.controller.sal.utils,
+                                               org.opendaylight.controller.sal.authorization,
+                                               org.opendaylight.controller.usermanager
+                                               </Import-Package>
+                                               <Export-Package>
+                                               org.opendaylight.controller.security
+                                               </Export-Package>
+                                       </instructions>
+                               </configuration>
+                       </plugin>
+               </plugins>
+       </build>
+       <dependencies>
+               <dependency>
+                       <groupId>org.opendaylight.controller</groupId>
+                       <artifactId>usermanager</artifactId>
+                       <version>0.4.0-SNAPSHOT</version>
+               </dependency>
+               <dependency>
+            <groupId>org.opendaylight.controller</groupId>
+            <artifactId>sal</artifactId>
+            <version>0.4.0-SNAPSHOT</version>
+        </dependency>
+       </dependencies>
+</project>
diff --git a/opendaylight/security/src/main/java/org/opendaylight/controller/security/ControllerCustomRealm.java b/opendaylight/security/src/main/java/org/opendaylight/controller/security/ControllerCustomRealm.java
new file mode 100644 (file)
index 0000000..43a41da
--- /dev/null
@@ -0,0 +1,68 @@
+package org.opendaylight.controller.security;
+
+import java.security.Principal;
+import java.util.List;
+
+import org.apache.catalina.realm.GenericPrincipal;
+import org.apache.catalina.realm.RealmBase;
+import org.opendaylight.controller.sal.authorization.AuthResultEnum;
+import org.opendaylight.controller.sal.utils.ServiceHelper;
+import org.opendaylight.controller.usermanager.IUserManager;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class ControllerCustomRealm  extends RealmBase {
+
+    private static final String name = "ControllerCustomRealm";
+
+    private static final Logger logger = LoggerFactory
+            .getLogger(ControllerCustomRealm.class);
+
+    @Override
+    protected String getName() {
+        return name;
+    }
+
+    @Override
+    protected String getPassword(String username) {
+        IUserManager userManager = (IUserManager) ServiceHelper
+                .getGlobalInstance(IUserManager.class, this);
+        if (userManager != null) {
+            return userManager.getPassword(username);
+        } else
+            throw new RuntimeException("User Manager reference is null");
+    }
+
+    @Override
+    protected Principal getPrincipal(String username) {
+        IUserManager userManager = (IUserManager) ServiceHelper
+                .getGlobalInstance(IUserManager.class, this);
+        if (userManager != null) {
+            final List<String> roles = userManager.getUserRoles(username);
+            return new GenericPrincipal(username, getPassword(username), roles);
+        } else
+            throw new RuntimeException("User Manager reference is null");
+
+    }
+
+    @Override
+    public Principal authenticate(String username, String credentials) {
+
+        IUserManager userManager = (IUserManager) ServiceHelper
+                .getGlobalInstance(IUserManager.class, this);
+        if (userManager != null) {
+            AuthResultEnum result = userManager.authenticate(username,
+                    credentials);
+            if (result.equals(AuthResultEnum.AUTHOR_PASS)
+                    || result.equals(AuthResultEnum.AUTH_ACCEPT_LOC)
+                    || result.equals(AuthResultEnum.AUTH_ACCEPT)) {
+                return this.getPrincipal(username);
+            } else {
+                logger.error("Authentication failed for user " + username);
+                return null;
+            }
+        } else
+            throw new RuntimeException("User Manager reference is null");
+    }
+
+}
index aac5aba..a998ac3 100644 (file)
@@ -204,5 +204,8 @@ public interface IUserManager extends UserDetailsService {
 
     // Session manager to implement session mgmt across web-apps
     public ISessionManager getSessionManager();
+    
+    
+    public String getPassword(String username);
 
 }
index 0aad599..1bd323d 100644 (file)
@@ -985,4 +985,8 @@ public class UserManagerImpl implements IUserManager, IObjectReader,
     public void setSessionMgr(ISessionManager sessionMgr) {
         this.sessionMgr = sessionMgr;
     }
+    
+    public String getPassword(String username) {
+        return localUserConfigList.get(username).getPassword();
+    }
 }
index bbad9eb..7706fe2 100644 (file)
@@ -24,7 +24,6 @@ import javax.servlet.http.HttpSessionEvent;
 import org.opendaylight.controller.usermanager.ISessionManager;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
-import org.springframework.security.core.context.SecurityContext;
 
 public class SessionManager implements ISessionManager {
 
@@ -32,7 +31,6 @@ public class SessionManager implements ISessionManager {
             .getLogger(SessionManager.class);
 
     private Map<ServletContext, Set<HttpSession>> sessionMap = new HashMap<ServletContext, Set<HttpSession>>();
-    public static final String SPRING_SECURITY_CONTEXT_KEY = "SPRING_SECURITY_CONTEXT";
 
     @Override
     public void sessionCreated(HttpSessionEvent se) {
@@ -84,22 +82,8 @@ public class SessionManager implements ISessionManager {
                 while (sessIterator.hasNext()) {
                     HttpSession session = sessIterator.next();
                     if (session != null && sessionId != null && session.getId() != null && !session.getId().equals(sessionId)) {
-                        Object contextFromSession = session
-                                .getAttribute(SPRING_SECURITY_CONTEXT_KEY);
-                        if (contextFromSession != null
-                                && contextFromSession instanceof SecurityContext) {
-                            String storedUserName = ((SecurityContext) contextFromSession)
-                                    .getAuthentication().getName();
-                            if (storedUserName != null && storedUserName.equals(username)) {                                
-                                sessionsList.add(session);                                
-                                sessIterator.remove();
-                            }
-                            else {
-                                logger.debug("storedUserName is null or did not match username " + username);
-                            }
-                        } else {
-                            logger.debug("contextFromSession is null or not instance of SecurityContext");
-                        }
+                        sessionsList.add(session);                                
+                        sessIterator.remove();
                     }
                     else {
                         logger.debug(" session or sessionId is null ");
index 3500cd2..e8a67ac 100644 (file)
                                                        org.springframework.web.servlet,
                                                        org.springframework.web.servlet.config,
                                                        org.springframework.web.servlet.view,
-
                                                        org.springframework.web.filter,
-                                                       org.springframework.web.context,
-                                                       org.springframework.security.core,
-                                                       org.springframework.security.core.userdetails,
-                                                       org.springframework.security.core.authority,
-                                                       org.springframework.security.core.context,
-                                                       org.springframework.security.authentication,
-                                                       org.springframework.security.config,
-                                                       org.springframework.security.config.authentication,
-                                                       org.springframework.security.taglibs.authz,
-                                                       org.springframework.security.web,
-                                                       org.springframework.security.web.context,
-                                                       org.springframework.security.web.authentication,
-                                                       org.springframework.security.web.authentication.www,
-                                                       org.springframework.security.provisioning,
-                                                       org.springframework.security.web.util,
-                                                       org.springframework.security.web.authentication.rememberme,
-                                                       org.springframework.security.web.authentication.logout,
-                                                       org.springframework.dao
+                                                       org.springframework.web.context                                                 
                                                </Import-Package>
                                                <Web-ContextPath>/controller/web/devices</Web-ContextPath>
                                        </instructions>
index ece5959..5371f70 100644 (file)
@@ -16,11 +16,12 @@ import java.util.Map.Entry;
 import java.util.Set;
 import java.util.TreeMap;
 import java.util.concurrent.ConcurrentMap;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
 
 import org.codehaus.jackson.map.ObjectMapper;
 import org.opendaylight.controller.usermanager.IUserManager;
 import org.opendaylight.controller.web.IDaylightWeb;
-import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
@@ -116,10 +117,10 @@ public class Devices implements IDaylightWeb {
                 Map<Short, String> portList = new HashMap<Short, String>();
                 for (NodeConnector nodeConnector : nodeConnectorSet) {
                     nodeConnectorNumberToStr = nodeConnector.getID().toString();
-                    Name ncName = ((Name) switchManager
-                            .getNodeConnectorProp(nodeConnector,
-                                    Name.NamePropName));
-                    nodeConnectorName = (ncName != null) ? ncName.getValue() : "";
+                    Name ncName = ((Name) switchManager.getNodeConnectorProp(
+                            nodeConnector, Name.NamePropName));
+                    nodeConnectorName = (ncName != null) ? ncName.getValue()
+                            : "";
                     portList.put(Short.parseShort(nodeConnectorNumberToStr),
                             nodeConnectorName);
                 }
@@ -141,7 +142,7 @@ public class Devices implements IDaylightWeb {
         columnNames.add("Tier");
         columnNames.add("Mac Address");
         columnNames.add("Ports");
-        
+
         result.setColumnNames(columnNames);
         return result;
     }
@@ -151,19 +152,20 @@ public class Devices implements IDaylightWeb {
     public List<String> getTiers() {
         return TierHelper.getTiers();
     }
-    
+
     @RequestMapping(value = "/nodesLearnt/update", method = RequestMethod.GET)
     @ResponseBody
     public StatusJsonBean updateLearntNode(
             @RequestParam("nodeName") String nodeName,
             @RequestParam("nodeId") String nodeId,
             @RequestParam("tier") String tier,
-            @RequestParam("operationMode") String operationMode) {
-       if (!authorize(UserLevel.NETWORKADMIN)) {
-               return unauthorizedMessage();
-       }
-       
-       StatusJsonBean resultBean = new StatusJsonBean();
+            @RequestParam("operationMode") String operationMode,
+            HttpServletRequest request) {
+        if (!authorize(UserLevel.NETWORKADMIN, request)) {
+            return unauthorizedMessage();
+        }
+
+        StatusJsonBean resultBean = new StatusJsonBean();
         try {
             ISwitchManager switchManager = (ISwitchManager) ServiceHelper
                     .getInstance(ISwitchManager.class, containerName, this);
@@ -185,7 +187,8 @@ public class Devices implements IDaylightWeb {
     public DevicesJsonBean getStaticRoutes() {
         Gson gson = new Gson();
         IForwardingStaticRouting staticRouting = (IForwardingStaticRouting) ServiceHelper
-                .getInstance(IForwardingStaticRouting.class, containerName, this);
+                .getInstance(IForwardingStaticRouting.class, containerName,
+                        this);
         List<Map<String, String>> staticRoutes = new ArrayList<Map<String, String>>();
         ConcurrentMap<String, StaticRouteConfig> routeConfigs = staticRouting
                 .getStaticRouteConfigs();
@@ -212,11 +215,11 @@ public class Devices implements IDaylightWeb {
     public StatusJsonBean addStaticRoute(
             @RequestParam("routeName") String routeName,
             @RequestParam("staticRoute") String staticRoute,
-            @RequestParam("nextHop") String nextHop) {
-       if (!authorize(UserLevel.NETWORKADMIN)) {
-               return unauthorizedMessage();
-       }
-       
+            @RequestParam("nextHop") String nextHop, HttpServletRequest request) {
+        if (!authorize(UserLevel.NETWORKADMIN, request)) {
+            return unauthorizedMessage();
+        }
+
         StatusJsonBean result = new StatusJsonBean();
         try {
             IForwardingStaticRouting staticRouting = (IForwardingStaticRouting) ServiceHelper
@@ -244,11 +247,12 @@ public class Devices implements IDaylightWeb {
     @RequestMapping(value = "/staticRoute/delete", method = RequestMethod.GET)
     @ResponseBody
     public StatusJsonBean deleteStaticRoute(
-            @RequestParam("routesToDelete") String routesToDelete) {
-       if (!authorize(UserLevel.NETWORKADMIN)) {
-               return unauthorizedMessage();
-       }
-       
+            @RequestParam("routesToDelete") String routesToDelete,
+            HttpServletRequest request) {
+        if (!authorize(UserLevel.NETWORKADMIN, request)) {
+            return unauthorizedMessage();
+        }
+
         StatusJsonBean resultBean = new StatusJsonBean();
         try {
             IForwardingStaticRouting staticRouting = (IForwardingStaticRouting) ServiceHelper
@@ -295,15 +299,16 @@ public class Devices implements IDaylightWeb {
         result.setNodeData(subnets);
         return result;
     }
-    
+
     @RequestMapping(value = "/subnetGateway/add", method = RequestMethod.GET)
     @ResponseBody
     public StatusJsonBean addSubnetGateways(
             @RequestParam("gatewayName") String gatewayName,
-            @RequestParam("gatewayIPAddress") String gatewayIPAddress) {
-       if (!authorize(UserLevel.NETWORKADMIN)) {
-               return unauthorizedMessage();
-       }
+            @RequestParam("gatewayIPAddress") String gatewayIPAddress,
+            HttpServletRequest request) {
+        if (!authorize(UserLevel.NETWORKADMIN, request)) {
+            return unauthorizedMessage();
+        }
 
         StatusJsonBean resultBean = new StatusJsonBean();
         try {
@@ -329,11 +334,12 @@ public class Devices implements IDaylightWeb {
     @RequestMapping(value = "/subnetGateway/delete", method = RequestMethod.GET)
     @ResponseBody
     public StatusJsonBean deleteSubnetGateways(
-            @RequestParam("gatewaysToDelete") String gatewaysToDelete) {
-       if (!authorize(UserLevel.NETWORKADMIN)) {
-               return unauthorizedMessage();
-       }
-       
+            @RequestParam("gatewaysToDelete") String gatewaysToDelete,
+            HttpServletRequest request) {
+        if (!authorize(UserLevel.NETWORKADMIN, request)) {
+            return unauthorizedMessage();
+        }
+
         StatusJsonBean resultBean = new StatusJsonBean();
         try {
             ISwitchManager switchManager = (ISwitchManager) ServiceHelper
@@ -361,11 +367,11 @@ public class Devices implements IDaylightWeb {
     public StatusJsonBean addSubnetGatewayPort(
             @RequestParam("portsName") String portsName,
             @RequestParam("ports") String ports,
-            @RequestParam("nodeId") String nodeId) {
-       if (!authorize(UserLevel.NETWORKADMIN)) {
-               return unauthorizedMessage();
-       }
-       
+            @RequestParam("nodeId") String nodeId, HttpServletRequest request) {
+        if (!authorize(UserLevel.NETWORKADMIN, request)) {
+            return unauthorizedMessage();
+        }
+
         StatusJsonBean resultBean = new StatusJsonBean();
         try {
             ISwitchManager switchManager = (ISwitchManager) ServiceHelper
@@ -392,11 +398,12 @@ public class Devices implements IDaylightWeb {
     @ResponseBody
     public StatusJsonBean deleteSubnetGatewayPort(
             @RequestParam("gatewayName") String gatewayName,
-            @RequestParam("nodePort") String nodePort) {
-       if (!authorize(UserLevel.NETWORKADMIN)) {
-               return unauthorizedMessage();
-       }
-       
+            @RequestParam("nodePort") String nodePort,
+            HttpServletRequest request) {
+        if (!authorize(UserLevel.NETWORKADMIN, request)) {
+            return unauthorizedMessage();
+        }
+
         StatusJsonBean resultBean = new StatusJsonBean();
         try {
             ISwitchManager switchManager = (ISwitchManager) ServiceHelper
@@ -487,11 +494,13 @@ public class Devices implements IDaylightWeb {
 
     @RequestMapping(value = "/spanPorts/add", method = RequestMethod.GET)
     @ResponseBody
-    public StatusJsonBean addSpanPort(@RequestParam("jsonData") String jsonData) {
-       if (!authorize(UserLevel.NETWORKADMIN)) {
-               return unauthorizedMessage();
-       }
-       
+    public StatusJsonBean addSpanPort(
+            @RequestParam("jsonData") String jsonData,
+            HttpServletRequest request) {
+        if (!authorize(UserLevel.NETWORKADMIN, request)) {
+            return unauthorizedMessage();
+        }
+
         StatusJsonBean resultBean = new StatusJsonBean();
         try {
             Gson gson = new Gson();
@@ -517,11 +526,12 @@ public class Devices implements IDaylightWeb {
     @RequestMapping(value = "/spanPorts/delete", method = RequestMethod.GET)
     @ResponseBody
     public StatusJsonBean deleteSpanPorts(
-            @RequestParam("spanPortsToDelete") String spanPortsToDelete) {
-       if (!authorize(UserLevel.NETWORKADMIN)) {
-               return unauthorizedMessage();
-       }
-       
+            @RequestParam("spanPortsToDelete") String spanPortsToDelete,
+            HttpServletRequest request) {
+        if (!authorize(UserLevel.NETWORKADMIN, request)) {
+            return unauthorizedMessage();
+        }
+
         StatusJsonBean resultBean = new StatusJsonBean();
         try {
             Gson gson = new Gson();
@@ -555,39 +565,56 @@ public class Devices implements IDaylightWeb {
                 .getInstance(ISwitchManager.class, containerName, this);
         String description = "";
         if (switchManager != null) {
-               description = switchManager
-                               .getNodeDescription(Node.fromString(nodeId));
+            description = switchManager.getNodeDescription(Node
+                    .fromString(nodeId));
         }
-        return (description.isEmpty() || description.equalsIgnoreCase("none"))?
-                       nodeId : description;
+        return (description.isEmpty() || description.equalsIgnoreCase("none")) ? nodeId
+                : description;
     }
 
-    
     /**
      * Is the operation permitted for the given level
      * 
      * @param level
      */
-    private boolean authorize(UserLevel level) {
-       IUserManager userManager = (IUserManager) ServiceHelper
+    private boolean authorize(UserLevel level, HttpServletRequest request) {
+        IUserManager userManager = (IUserManager) ServiceHelper
                 .getGlobalInstance(IUserManager.class, this);
         if (userManager == null) {
-               return false;
+            return false;
         }
-        
-        String username = SecurityContextHolder.getContext().getAuthentication().getName();
+
+        String username = request.getUserPrincipal().getName();
         UserLevel userLevel = userManager.getUserLevel(username);
         if (userLevel.toNumber() <= level.toNumber()) {
-               return true;
+            return true;
         }
         return false;
     }
-    
+
     private StatusJsonBean unauthorizedMessage() {
-       StatusJsonBean message = new StatusJsonBean();
-       message.setStatus(false);
-       message.setMessage("Operation not authorized");
-       return message;
+        StatusJsonBean message = new StatusJsonBean();
+        message.setStatus(false);
+        message.setMessage("Operation not authorized");
+        return message;
+    }
+
+    @RequestMapping(value = "login")
+    public String login(final HttpServletRequest request,
+            final HttpServletResponse response) {
+        // response.setHeader("X-Page-Location", "/login");
+        /*
+         * IUserManager userManager = (IUserManager) ServiceHelper
+         * .getGlobalInstance(IUserManager.class, this); if (userManager ==
+         * null) { return "User Manager is not available"; }
+         * 
+         * String username = request.getUserPrincipal().getName();
+         * 
+         * 
+         * model.addAttribute("username", username); model.addAttribute("role",
+         * userManager.getUserLevel(username).toNumber());
+         */
+        return "forward:" + "/";
     }
 
 }
diff --git a/opendaylight/web/devices/src/main/resources/WEB-INF/jsp/error.jsp b/opendaylight/web/devices/src/main/resources/WEB-INF/jsp/error.jsp
new file mode 100644 (file)
index 0000000..270d793
--- /dev/null
@@ -0,0 +1,8 @@
+<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
+<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
+<%@taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
+<c:set var="req" value="${pageContext.request}" />
+<c:set var="uri" value="${req.requestURI}" />
+<c:set var="replaceWith" value="/" />
+<c:set var="redirectUrl" value="${fn:replace(req.requestURL, req.contextPath , replaceWith)}" />
+<c:import url="${redirectUrl}" />
\ No newline at end of file
diff --git a/opendaylight/web/devices/src/main/resources/WEB-INF/jsp/login.jsp b/opendaylight/web/devices/src/main/resources/WEB-INF/jsp/login.jsp
new file mode 100644 (file)
index 0000000..270d793
--- /dev/null
@@ -0,0 +1,8 @@
+<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
+<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
+<%@taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
+<c:set var="req" value="${pageContext.request}" />
+<c:set var="uri" value="${req.requestURI}" />
+<c:set var="replaceWith" value="/" />
+<c:set var="redirectUrl" value="${fn:replace(req.requestURL, req.contextPath , replaceWith)}" />
+<c:import url="${redirectUrl}" />
\ No newline at end of file
diff --git a/opendaylight/web/devices/src/main/resources/WEB-INF/spring/context.xml b/opendaylight/web/devices/src/main/resources/WEB-INF/spring/context.xml
deleted file mode 100644 (file)
index 8a4bda5..0000000
+++ /dev/null
@@ -1,10 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<beans xmlns="http://www.springframework.org/schema/beans"
-  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-  xmlns:context="http://www.springframework.org/schema/context"
-  xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
-  http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd">
-
-        <import resource="servlet/security.xml"/>
-
-</beans>
diff --git a/opendaylight/web/devices/src/main/resources/WEB-INF/spring/servlet/security.xml b/opendaylight/web/devices/src/main/resources/WEB-INF/spring/servlet/security.xml
deleted file mode 100644 (file)
index 18ac6e7..0000000
+++ /dev/null
@@ -1,120 +0,0 @@
-<beans:beans xmlns="http://www.springframework.org/schema/security"
-       xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-       xsi:schemaLocation="http://www.springframework.org/schema/beans
-           http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
-           http://www.springframework.org/schema/security
-           http://www.springframework.org/schema/security/spring-security-3.1.xsd">
-
-
-       <http pattern="/css/**" security="none" />
-       <http pattern="/js/**" security="none" />
-       <http pattern="/images/**" security="none" />
-       <http pattern="/favicon.ico" security="none" />
-       <http pattern="/controller/web/css/**" security="none" />
-       <http pattern="/controller/web/js/**" security="none" />
-       <http pattern="/controller/web/images/**" security="none" />
-
-
-       <http auto-config="false" authentication-manager-ref="authenticationManager"
-               security-context-repository-ref="securityContextRepo" entry-point-ref="loginUrlAuthenticationEntryPoint">
-               <intercept-url pattern="/login*" access="IS_AUTHENTICATED_ANONYMOUSLY" />
-               <intercept-url pattern="/logout*" access="IS_AUTHENTICATED_ANONYMOUSLY" />
-
-
-               <intercept-url pattern="/**"
-                       access="ROLE_SYSTEM-ADMIN, ROLE_NETWORK-ADMIN, ROLE_NETWORK-OPERATOR, ROLE_CONTAINER-USER" />
-               <custom-filter ref="authenticationFilter" position="FORM_LOGIN_FILTER" />
-               <custom-filter position="LOGOUT_FILTER" ref="logoutFilter" />
-               <custom-filter position="LAST" ref="controllerFilter" />
-               <remember-me services-ref="rememberMeServices" key="SDN" />
-       </http>
-       
-       <beans:bean id="controllerFilter"
-               class="org.opendaylight.controller.web.ControllerCustomFilter" />
-
-       <authentication-manager id="authenticationManager">
-               <authentication-provider ref="authenticationProviderWrapper" />
-       </authentication-manager>
-
-       <beans:bean id="authenticationFilter"
-               class="org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter">
-               <beans:property name="authenticationManager" ref="authenticationManager" />
-               <beans:property name="authenticationFailureHandler"
-                       ref="authenticationFailureHandler" />
-               <beans:property name="authenticationSuccessHandler">
-                       <beans:bean
-                               class="org.opendaylight.controller.web.ControllerAuthenticationSuccessHandler">
-                               <beans:property name="targetUrlParameter" value="x-page-url" />
-                               <beans:property name="defaultTargetUrl" value="/" />
-                       </beans:bean>
-               </beans:property>
-               <beans:property name="rememberMeServices" ref="rememberMeServices" />
-       </beans:bean>
-
-       <beans:bean id="securityContextRepo"
-               class="org.opendaylight.controller.web.ControllerWebSecurityContextRepository" />
-
-       <beans:bean id="authenticationFailureHandler"
-               class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler">
-               <beans:property name="useForward" value="false" />
-               <beans:property name="defaultFailureUrl" value="/login" />              
-       </beans:bean>
-
-       <beans:bean id="loginUrlAuthenticationEntryPoint"
-               class="org.opendaylight.controller.web.ControllerLoginUrlAuthEntryPoint">
-               <beans:property name="loginFormUrl" value="/login" />
-       </beans:bean>
-
-       <beans:bean id="authenticationProviderWrapper"
-               class="org.opendaylight.controller.web.AuthenticationProviderWrapper" />
-
-    <!-- logout related -->
-    
-    <beans:bean id="logoutHandler"
-        class="org.opendaylight.controller.web.ControllerLogoutHandler" />
-        
-    <beans:bean id="securityContextLogoutHandler"
-        class="org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler" />    
-        
-            
-    <beans:bean id="logoutFilter" class="org.springframework.security.web.authentication.logout.LogoutFilter">
-        <!-- if logout succeed then this is the URL -->
-        <beans:constructor-arg value="/login" />
-        <beans:constructor-arg>
-            <beans:list>
-                <beans:ref bean="logoutHandler"/>
-                <beans:ref bean="rememberMeServices"/>
-                <beans:ref bean="securityContextLogoutHandler"/>
-            </beans:list>
-        </beans:constructor-arg>
-        <beans:property name="filterProcessesUrl" value="/logout" />
-    </beans:bean>       
-        
-
-
-
-       <!-- remember me related -->
-       <beans:bean id="rememberMeFilter"
-               class="org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter">
-               <beans:property name="rememberMeServices" ref="rememberMeServices" />
-               <beans:property name="authenticationManager" ref="authenticationManager" />
-       </beans:bean>
-
-       <beans:bean id="rememberMeServices"
-               class="org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices">
-               <beans:property name="userDetailsService" ref="userDetailsServiceRef" />
-               <beans:property name="key" value="SDN" />
-               <beans:property name="alwaysRemember" value="true"></beans:property>
-               <beans:property name="tokenValiditySeconds" value="3600" />
-               <beans:property name="cookieName" value="SDN-Controller" />
-       </beans:bean>
-
-       <beans:bean id="userDetailsServiceRef" class="org.opendaylight.controller.web.ControllerUserDetailsService" />
-
-
-       <beans:bean id="rememberMeAuthenticationProvider"
-               class="org.springframework.security.authentication.RememberMeAuthenticationProvider">
-               <beans:property name="key" value="SDN" />
-       </beans:bean>
-       
-</beans:beans>
index de9d077..0ebb738 100644 (file)
@@ -1,17 +1,51 @@
 <?xml version="1.0" encoding="ISO-8859-1"?>
-<web-app xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-       xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee
-http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
-       version="2.4">
+<web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+       xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
+       version="3.0">
+       <security-constraint>
+               <web-resource-collection>
+                       <web-resource-name>free access</web-resource-name>
+                       <url-pattern>/js/*</url-pattern>
+                       <url-pattern>/images/*</url-pattern>
+                       <url-pattern>/css/*</url-pattern>
+                       <url-pattern>/favicon.ico</url-pattern>
+               </web-resource-collection>
+       </security-constraint>
 
-       <context-param>
-               <param-name>contextConfigLocation</param-name>
-               <param-value>/WEB-INF/spring/*.xml</param-value>
-       </context-param>
+       <security-constraint>
+               <display-name>DevicesApp</display-name>
+               <web-resource-collection>
+                       <web-resource-name>DevicesGUI</web-resource-name>
+                       <url-pattern>/*</url-pattern>
+               </web-resource-collection>
+               <auth-constraint>
+                       <role-name>System-Admin</role-name>
+                       <role-name>Network-Admin</role-name>
+                       <role-name>Network-Operator</role-name>
+                       <role-name>Container-User</role-name>
+               </auth-constraint>
+       </security-constraint>
 
-       <listener>
-               <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
-       </listener>
+       <security-role>
+               <role-name>System-Admin</role-name>
+       </security-role>
+       <security-role>
+               <role-name>Network-Admin</role-name>
+       </security-role>
+       <security-role>
+               <role-name>Network-Operator</role-name>
+       </security-role>
+       <security-role>
+               <role-name>Container-User</role-name>
+       </security-role>
+
+       <login-config>
+               <auth-method>FORM</auth-method>
+               <form-login-config>
+                       <form-login-page>/WEB-INF/jsp/login.jsp</form-login-page>
+                       <form-error-page>/WEB-INF/jsp/error.jsp</form-error-page>
+               </form-login-config>
+       </login-config>
 
        <servlet>
                <servlet-name>Devices</servlet-name>
@@ -24,17 +58,13 @@ http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
                <url-pattern>/</url-pattern>
        </servlet-mapping>
 
-       <filter>
-               <filter-name>springSecurityFilterChain</filter-name>
-               <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
-       </filter>
-
-       <filter-mapping>
-               <filter-name>springSecurityFilterChain</filter-name>
-               <url-pattern>/*</url-pattern>
-       </filter-mapping>
-
        <listener>
                <listener-class>org.opendaylight.controller.web.ControllerUISessionManager</listener-class>
        </listener>
+       <session-config>
+               <cookie-config>
+                       <path>/</path>
+               </cookie-config>
+       </session-config>
+
 </web-app>
index 891f951..4eaf227 100644 (file)
                                                        org.springframework.web.servlet,
                                                        org.springframework.web.servlet.config,
                                                        org.springframework.web.servlet.view,
-
                                                        org.springframework.web.filter,
-                                                       org.springframework.web.context,
-                                                       org.springframework.security.core,
-                                                       org.springframework.security.core.userdetails,
-                                                       org.springframework.security.core.authority,
-                                                       org.springframework.security.core.context,
-                                                       org.springframework.security.authentication,
-                                                       org.springframework.security.config,
-                                                       org.springframework.security.config.authentication,
-                                                       org.springframework.security.taglibs.authz,
-                                                       org.springframework.security.web,
-                                                       org.springframework.security.web.context,
-                                                       org.springframework.security.web.authentication,
-                                                       org.springframework.security.web.authentication.www,
-                                                       org.springframework.security.provisioning,
-                                                       org.springframework.security.web.util,
-                                                       org.springframework.security.web.authentication.rememberme,
-                                                       org.springframework.security.web.authentication.logout,
-                                                       org.springframework.dao\r
+                                                       org.springframework.web.context                                                 \r
                                                </Import-Package>
                                                <Web-ContextPath>/controller/web/flows</Web-ContextPath>
                                        </instructions>
index 4cc35e2..3523799 100644 (file)
@@ -1,4 +1,3 @@
-
 /*
  * Copyright (c) 2013 Cisco Systems, Inc. and others.  All rights reserved.
  *
@@ -15,6 +14,8 @@ import java.util.List;
 import java.util.Map;
 import java.util.Set;
 
+import javax.servlet.http.HttpServletRequest;
+
 import org.opendaylight.controller.forwardingrulesmanager.FlowConfig;
 import org.opendaylight.controller.forwardingrulesmanager.IForwardingRulesManager;
 import org.opendaylight.controller.sal.authorization.UserLevel;
@@ -30,7 +31,6 @@ import org.opendaylight.controller.switchmanager.Switch;
 import org.opendaylight.controller.switchmanager.SwitchConfig;
 import org.opendaylight.controller.usermanager.IUserManager;
 import org.opendaylight.controller.web.IDaylightWeb;
-import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.RequestMapping;
@@ -43,7 +43,7 @@ import com.google.gson.Gson;
 @Controller
 @RequestMapping("/")
 public class Flows implements IDaylightWeb {
-       private static final UserLevel AUTH_LEVEL = UserLevel.CONTAINERUSER;
+    private static final UserLevel AUTH_LEVEL = UserLevel.CONTAINERUSER;
     private static final String WEB_NAME = "Flows";
     private static final String WEB_ID = "flows";
     private static final short WEB_ORDER = 2;
@@ -68,41 +68,43 @@ public class Flows implements IDaylightWeb {
         return WEB_ORDER;
     }
 
-       @Override
-       public boolean isAuthorized(UserLevel userLevel) {
-               return userLevel.ordinal() <= AUTH_LEVEL.ordinal();
-       }
-       
+    @Override
+    public boolean isAuthorized(UserLevel userLevel) {
+        return userLevel.ordinal() <= AUTH_LEVEL.ordinal();
+    }
+
     @RequestMapping(value = "/main")
     @ResponseBody
     public Set<Map<String, Object>> getFlows() {
         // fetch frm
         IForwardingRulesManager frm = (IForwardingRulesManager) ServiceHelper
                 .getInstance(IForwardingRulesManager.class, containerName, this);
-        if (frm == null) { return null; }
+        if (frm == null) {
+            return null;
+        }
 
         // fetch sm
         ISwitchManager switchManager = (ISwitchManager) ServiceHelper
                 .getInstance(ISwitchManager.class, containerName, this);
-        if (switchManager == null) { return null; }
-        
+        if (switchManager == null) {
+            return null;
+        }
+
         // get static flow list
         List<FlowConfig> staticFlowList = frm.getStaticFlows();
         Set<Map<String, Object>> output = new HashSet<Map<String, Object>>();
         for (FlowConfig flowConfig : staticFlowList) {
-               Map<String, Object> entry = new HashMap<String, Object>();
-               entry.put("flow", flowConfig);
-               entry.put("name", flowConfig.getName());
-               Node node = flowConfig.getNode();
-               String description = switchManager.getNodeDescription(node);
-               entry.put("node", 
-                               (description.isEmpty() || 
-                                               description.equalsIgnoreCase("none"))? 
-                                                               node.toString() : description);
-               entry.put("nodeId", node.toString());
-               output.add(entry);
-        }
-        
+            Map<String, Object> entry = new HashMap<String, Object>();
+            entry.put("flow", flowConfig);
+            entry.put("name", flowConfig.getName());
+            Node node = flowConfig.getNode();
+            String description = switchManager.getNodeDescription(node);
+            entry.put("node", (description.isEmpty() || description
+                    .equalsIgnoreCase("none")) ? node.toString() : description);
+            entry.put("nodeId", node.toString());
+            output.add(entry);
+        }
+
         return output;
     }
 
@@ -111,7 +113,9 @@ public class Flows implements IDaylightWeb {
     public Map<String, Object> getNodePorts() {
         ISwitchManager switchManager = (ISwitchManager) ServiceHelper
                 .getInstance(ISwitchManager.class, containerName, this);
-        if (switchManager == null) { return null; }
+        if (switchManager == null) {
+            return null;
+        }
 
         Map<String, Object> nodes = new HashMap<String, Object>();
         Map<Short, String> port;
@@ -125,53 +129,58 @@ public class Flows implements IDaylightWeb {
                     String nodeConnectorName = ((Name) switchManager
                             .getNodeConnectorProp(nodeConnector,
                                     Name.NamePropName)).getValue();
-                    port.put((Short) nodeConnector.getID(),
-                             nodeConnectorName + "("
-                             + nodeConnector.getNodeConnectorIDString() + ")");
+                    port.put((Short) nodeConnector.getID(), nodeConnectorName
+                            + "(" + nodeConnector.getNodeConnectorIDString()
+                            + ")");
                 }
             }
-            
+
             // add ports
             Map<String, Object> entry = new HashMap<String, Object>();
             entry.put("ports", port);
-            
+
             // add name
-            String description = switchManager
-                       .getNodeDescription(node.getNode());
-            entry.put("name", (description.isEmpty() || 
-                       description.equalsIgnoreCase("none"))? 
-                       node.getNode().toString() : description);
-            
+            String description = switchManager.getNodeDescription(node
+                    .getNode());
+            entry.put("name", (description.isEmpty() || description
+                    .equalsIgnoreCase("none")) ? node.getNode().toString()
+                    : description);
+
             // add to the node
             nodes.put(node.getNode().toString(), entry);
         }
 
         return nodes;
     }
-    
+
     @RequestMapping(value = "/node-flows")
     @ResponseBody
     public Map<String, Object> getNodeFlows() {
         ISwitchManager switchManager = (ISwitchManager) ServiceHelper
                 .getInstance(ISwitchManager.class, containerName, this);
-        if (switchManager == null) { return null; }
+        if (switchManager == null) {
+            return null;
+        }
         IForwardingRulesManager frm = (IForwardingRulesManager) ServiceHelper
                 .getInstance(IForwardingRulesManager.class, "default", this);
-        if (frm == null) { return null; }
+        if (frm == null) {
+            return null;
+        }
 
         Map<String, Object> nodes = new HashMap<String, Object>();
 
         for (Switch sw : switchManager.getNetworkDevices()) {
             Node node = sw.getNode();
-            
+
             List<FlowConfig> flows = frm.getStaticFlows(node);
-            
+
             String nodeDesc = node.toString();
-            SwitchConfig config = switchManager.getSwitchConfig(node.getNodeIDString());
+            SwitchConfig config = switchManager.getSwitchConfig(node
+                    .getNodeIDString());
             if (config != null) {
-               nodeDesc = config.getNodeDescription();
+                nodeDesc = config.getNodeDescription();
             }
-            
+
             nodes.put(nodeDesc, flows.size());
         }
 
@@ -181,14 +190,18 @@ public class Flows implements IDaylightWeb {
     @RequestMapping(value = "/flow", method = RequestMethod.POST)
     @ResponseBody
     public String actionFlow(@RequestParam(required = true) String action,
-            @RequestParam(required = false) String body, @RequestParam(required = true) String nodeId) {
-       if (!isUserAuthorized(UserLevel.NETWORKADMIN)) {
-               return "Operation not authorized";
-       }
-       
+            @RequestParam(required = false) String body,
+            @RequestParam(required = true) String nodeId,
+            HttpServletRequest request) {
+        if (!isUserAuthorized(UserLevel.NETWORKADMIN, request)) {
+            return "Operation not authorized";
+        }
+
         IForwardingRulesManager frm = (IForwardingRulesManager) ServiceHelper
                 .getInstance(IForwardingRulesManager.class, containerName, this);
-        if (frm == null) { return null; }
+        if (frm == null) {
+            return null;
+        }
 
         Gson gson = new Gson();
         FlowConfig flow = gson.fromJson(body, FlowConfig.class);
@@ -199,45 +212,60 @@ public class Flows implements IDaylightWeb {
             result = frm.addStaticFlow(flow, false);
         }
 
-        return (result.isSuccess())? StatusCode.SUCCESS.toString(): result.getDescription();
+        return (result.isSuccess()) ? StatusCode.SUCCESS.toString() : result
+                .getDescription();
     }
-    
+
     @RequestMapping(value = "/flow/{nodeId}/{name}", method = RequestMethod.POST)
     @ResponseBody
-    public String removeFlow(@PathVariable("nodeId") String nodeId, @PathVariable("name") String name,
-               @RequestParam(required = true) String action) {
-       if (!isUserAuthorized(UserLevel.NETWORKADMIN)) { return "Operation not authorized"; }
-       
-       IForwardingRulesManager frm = (IForwardingRulesManager) ServiceHelper
+    public String removeFlow(@PathVariable("nodeId") String nodeId,
+            @PathVariable("name") String name,
+            @RequestParam(required = true) String action,
+            HttpServletRequest request) {
+        if (!isUserAuthorized(UserLevel.NETWORKADMIN, request)) {
+
+            return "Operation not authorized";
+        }
+
+        IForwardingRulesManager frm = (IForwardingRulesManager) ServiceHelper
                 .getInstance(IForwardingRulesManager.class, containerName, this);
-        if (frm == null) { return null; }
-        
+        if (frm == null) {
+            return null;
+        }
+
         Status result = null;
         Node node = Node.fromString(nodeId);
-        if (node == null) { return null; }
+        if (node == null) {
+            return null;
+        }
         if (action.equals("remove")) {
-               result = frm.removeStaticFlow(name, node);
+            result = frm.removeStaticFlow(name, node);
         } else if (action.equals("toggle")) {
-               result = frm.toggleStaticFlowStatus(name, node);
+            result = frm.toggleStaticFlowStatus(name, node);
         } else {
-               result = new Status(StatusCode.BADREQUEST, "Unknown action");
+            result = new Status(StatusCode.BADREQUEST, "Unknown action");
         }
-        
-        return (result.isSuccess())? StatusCode.SUCCESS.toString(): result.getDescription();
+
+        return (result.isSuccess()) ? StatusCode.SUCCESS.toString() : result
+                .getDescription();
     }
-    
+
     /**
-     * Returns whether the current user's level is same or above
-     * the required authorization level. 
+     * Returns whether the current user's level is same or above the required
+     * authorization level.
      * 
-     * @param requiredLevel the authorization level required
+     * @param requiredLevel
+     *            the authorization level required
      */
-    private boolean isUserAuthorized(UserLevel requiredLevel) {
-       IUserManager userManager = (IUserManager) ServiceHelper
+    private boolean isUserAuthorized(UserLevel requiredLevel,
+            HttpServletRequest request) {
+        IUserManager userManager = (IUserManager) ServiceHelper
                 .getGlobalInstance(IUserManager.class, this);
-        if (userManager == null) { return false; }
-        
-        String username = SecurityContextHolder.getContext().getAuthentication().getName();
+        if (userManager == null) {
+            return false;
+        }
+
+        String username = request.getUserPrincipal().getName();
         UserLevel userLevel = userManager.getUserLevel(username);
         return (userLevel.ordinal() <= requiredLevel.ordinal());
     }
diff --git a/opendaylight/web/flows/src/main/java/org/opendaylight/controller/flows/web/Flows.java.rej b/opendaylight/web/flows/src/main/java/org/opendaylight/controller/flows/web/Flows.java.rej
new file mode 100644 (file)
index 0000000..7b03d34
--- /dev/null
@@ -0,0 +1,85 @@
+***************
+*** 29,35 ****
+  import org.opendaylight.controller.switchmanager.SwitchConfig;
+  import org.opendaylight.controller.usermanager.IUserManager;
+  import org.opendaylight.controller.web.IOneWeb;
+- import org.springframework.security.core.context.SecurityContextHolder;
+  import org.springframework.stereotype.Controller;
+  import org.springframework.web.bind.annotation.PathVariable;
+  import org.springframework.web.bind.annotation.RequestMapping;
+--- 31,36 ----
+  import org.opendaylight.controller.switchmanager.SwitchConfig;
+  import org.opendaylight.controller.usermanager.IUserManager;
+  import org.opendaylight.controller.web.IOneWeb;
+  import org.springframework.stereotype.Controller;
+  import org.springframework.web.bind.annotation.PathVariable;
+  import org.springframework.web.bind.annotation.RequestMapping;
+***************
+*** 182,189 ****
+      @RequestMapping(value = "/flow", method = RequestMethod.POST)
+      @ResponseBody
+      public String actionFlow(@RequestParam(required = true) String action,
+-             @RequestParam(required = false) String body, @RequestParam(required = true) String nodeId) {
+-      if (!authorize(UserLevel.NETWORKADMIN)) {
+               return "Operation not authorized";
+       }
+       
+--- 183,190 ----
+      @RequestMapping(value = "/flow", method = RequestMethod.POST)
+      @ResponseBody
+      public String actionFlow(@RequestParam(required = true) String action,
++             @RequestParam(required = false) String body, @RequestParam(required = true) String nodeId, HttpServletRequest request) {
++      if (!authorize(UserLevel.NETWORKADMIN, request)) {
+               return "Operation not authorized";
+       }
+       
+***************
+*** 206,213 ****
+      @RequestMapping(value = "/flow/{nodeId}/{name}", method = RequestMethod.POST)
+      @ResponseBody
+      public String removeFlow(@PathVariable("nodeId") String nodeId, @PathVariable("name") String name,
+-              @RequestParam(required = true) String action) {
+-      if (!authorize(UserLevel.NETWORKADMIN)) { return "Operation not authorized"; }
+       
+       IForwardingRulesManager frm = (IForwardingRulesManager) ServiceHelper
+                  .getInstance(IForwardingRulesManager.class, "default", this);
+--- 207,214 ----
+      @RequestMapping(value = "/flow/{nodeId}/{name}", method = RequestMethod.POST)
+      @ResponseBody
+      public String removeFlow(@PathVariable("nodeId") String nodeId, @PathVariable("name") String name,
++              @RequestParam(required = true) String action, HttpServletRequest request) {
++      if (!authorize(UserLevel.NETWORKADMIN, request)) { return "Operation not authorized"; }
+       
+       IForwardingRulesManager frm = (IForwardingRulesManager) ServiceHelper
+                  .getInstance(IForwardingRulesManager.class, "default", this);
+***************
+*** 235,248 ****
+       * 
+       * @param level
+       */
+-     private boolean authorize(UserLevel level) {
+       IUserManager userManager = (IUserManager) ServiceHelper
+                  .getGlobalInstance(IUserManager.class, this);
+          if (userManager == null) {
+               return false;
+          }
+          
+-         String username = SecurityContextHolder.getContext().getAuthentication().getName();
+          UserLevel userLevel = userManager.getUserLevel(username);
+          if (userLevel.toNumber() <= level.toNumber()) {
+               return true;
+--- 236,249 ----
+       * 
+       * @param level
+       */
++     private boolean authorize(UserLevel level, HttpServletRequest request) {
+       IUserManager userManager = (IUserManager) ServiceHelper
+                  .getGlobalInstance(IUserManager.class, this);
+          if (userManager == null) {
+               return false;
+          }
+          
++         String username = request.getUserPrincipal().getName();
+          UserLevel userLevel = userManager.getUserLevel(username);
+          if (userLevel.toNumber() <= level.toNumber()) {
+               return true;
diff --git a/opendaylight/web/flows/src/main/resources/WEB-INF/jsp/error.jsp b/opendaylight/web/flows/src/main/resources/WEB-INF/jsp/error.jsp
new file mode 100644 (file)
index 0000000..270d793
--- /dev/null
@@ -0,0 +1,8 @@
+<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
+<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
+<%@taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
+<c:set var="req" value="${pageContext.request}" />
+<c:set var="uri" value="${req.requestURI}" />
+<c:set var="replaceWith" value="/" />
+<c:set var="redirectUrl" value="${fn:replace(req.requestURL, req.contextPath , replaceWith)}" />
+<c:import url="${redirectUrl}" />
\ No newline at end of file
diff --git a/opendaylight/web/flows/src/main/resources/WEB-INF/jsp/login.jsp b/opendaylight/web/flows/src/main/resources/WEB-INF/jsp/login.jsp
new file mode 100644 (file)
index 0000000..270d793
--- /dev/null
@@ -0,0 +1,8 @@
+<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
+<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
+<%@taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
+<c:set var="req" value="${pageContext.request}" />
+<c:set var="uri" value="${req.requestURI}" />
+<c:set var="replaceWith" value="/" />
+<c:set var="redirectUrl" value="${fn:replace(req.requestURL, req.contextPath , replaceWith)}" />
+<c:import url="${redirectUrl}" />
\ No newline at end of file
diff --git a/opendaylight/web/flows/src/main/resources/WEB-INF/spring/context.xml b/opendaylight/web/flows/src/main/resources/WEB-INF/spring/context.xml
deleted file mode 100644 (file)
index 8a4bda5..0000000
+++ /dev/null
@@ -1,10 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<beans xmlns="http://www.springframework.org/schema/beans"
-  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-  xmlns:context="http://www.springframework.org/schema/context"
-  xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
-  http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd">
-
-        <import resource="servlet/security.xml"/>
-
-</beans>
diff --git a/opendaylight/web/flows/src/main/resources/WEB-INF/spring/servlet/security.xml b/opendaylight/web/flows/src/main/resources/WEB-INF/spring/servlet/security.xml
deleted file mode 100644 (file)
index 18ac6e7..0000000
+++ /dev/null
@@ -1,120 +0,0 @@
-<beans:beans xmlns="http://www.springframework.org/schema/security"
-       xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-       xsi:schemaLocation="http://www.springframework.org/schema/beans
-           http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
-           http://www.springframework.org/schema/security
-           http://www.springframework.org/schema/security/spring-security-3.1.xsd">
-
-
-       <http pattern="/css/**" security="none" />
-       <http pattern="/js/**" security="none" />
-       <http pattern="/images/**" security="none" />
-       <http pattern="/favicon.ico" security="none" />
-       <http pattern="/controller/web/css/**" security="none" />
-       <http pattern="/controller/web/js/**" security="none" />
-       <http pattern="/controller/web/images/**" security="none" />
-
-
-       <http auto-config="false" authentication-manager-ref="authenticationManager"
-               security-context-repository-ref="securityContextRepo" entry-point-ref="loginUrlAuthenticationEntryPoint">
-               <intercept-url pattern="/login*" access="IS_AUTHENTICATED_ANONYMOUSLY" />
-               <intercept-url pattern="/logout*" access="IS_AUTHENTICATED_ANONYMOUSLY" />
-
-
-               <intercept-url pattern="/**"
-                       access="ROLE_SYSTEM-ADMIN, ROLE_NETWORK-ADMIN, ROLE_NETWORK-OPERATOR, ROLE_CONTAINER-USER" />
-               <custom-filter ref="authenticationFilter" position="FORM_LOGIN_FILTER" />
-               <custom-filter position="LOGOUT_FILTER" ref="logoutFilter" />
-               <custom-filter position="LAST" ref="controllerFilter" />
-               <remember-me services-ref="rememberMeServices" key="SDN" />
-       </http>
-       
-       <beans:bean id="controllerFilter"
-               class="org.opendaylight.controller.web.ControllerCustomFilter" />
-
-       <authentication-manager id="authenticationManager">
-               <authentication-provider ref="authenticationProviderWrapper" />
-       </authentication-manager>
-
-       <beans:bean id="authenticationFilter"
-               class="org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter">
-               <beans:property name="authenticationManager" ref="authenticationManager" />
-               <beans:property name="authenticationFailureHandler"
-                       ref="authenticationFailureHandler" />
-               <beans:property name="authenticationSuccessHandler">
-                       <beans:bean
-                               class="org.opendaylight.controller.web.ControllerAuthenticationSuccessHandler">
-                               <beans:property name="targetUrlParameter" value="x-page-url" />
-                               <beans:property name="defaultTargetUrl" value="/" />
-                       </beans:bean>
-               </beans:property>
-               <beans:property name="rememberMeServices" ref="rememberMeServices" />
-       </beans:bean>
-
-       <beans:bean id="securityContextRepo"
-               class="org.opendaylight.controller.web.ControllerWebSecurityContextRepository" />
-
-       <beans:bean id="authenticationFailureHandler"
-               class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler">
-               <beans:property name="useForward" value="false" />
-               <beans:property name="defaultFailureUrl" value="/login" />              
-       </beans:bean>
-
-       <beans:bean id="loginUrlAuthenticationEntryPoint"
-               class="org.opendaylight.controller.web.ControllerLoginUrlAuthEntryPoint">
-               <beans:property name="loginFormUrl" value="/login" />
-       </beans:bean>
-
-       <beans:bean id="authenticationProviderWrapper"
-               class="org.opendaylight.controller.web.AuthenticationProviderWrapper" />
-
-    <!-- logout related -->
-    
-    <beans:bean id="logoutHandler"
-        class="org.opendaylight.controller.web.ControllerLogoutHandler" />
-        
-    <beans:bean id="securityContextLogoutHandler"
-        class="org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler" />    
-        
-            
-    <beans:bean id="logoutFilter" class="org.springframework.security.web.authentication.logout.LogoutFilter">
-        <!-- if logout succeed then this is the URL -->
-        <beans:constructor-arg value="/login" />
-        <beans:constructor-arg>
-            <beans:list>
-                <beans:ref bean="logoutHandler"/>
-                <beans:ref bean="rememberMeServices"/>
-                <beans:ref bean="securityContextLogoutHandler"/>
-            </beans:list>
-        </beans:constructor-arg>
-        <beans:property name="filterProcessesUrl" value="/logout" />
-    </beans:bean>       
-        
-
-
-
-       <!-- remember me related -->
-       <beans:bean id="rememberMeFilter"
-               class="org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter">
-               <beans:property name="rememberMeServices" ref="rememberMeServices" />
-               <beans:property name="authenticationManager" ref="authenticationManager" />
-       </beans:bean>
-
-       <beans:bean id="rememberMeServices"
-               class="org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices">
-               <beans:property name="userDetailsService" ref="userDetailsServiceRef" />
-               <beans:property name="key" value="SDN" />
-               <beans:property name="alwaysRemember" value="true"></beans:property>
-               <beans:property name="tokenValiditySeconds" value="3600" />
-               <beans:property name="cookieName" value="SDN-Controller" />
-       </beans:bean>
-
-       <beans:bean id="userDetailsServiceRef" class="org.opendaylight.controller.web.ControllerUserDetailsService" />
-
-
-       <beans:bean id="rememberMeAuthenticationProvider"
-               class="org.springframework.security.authentication.RememberMeAuthenticationProvider">
-               <beans:property name="key" value="SDN" />
-       </beans:bean>
-       
-</beans:beans>
index 5841ed2..adbdf75 100644 (file)
@@ -1,17 +1,8 @@
 <?xml version="1.0" encoding="ISO-8859-1"?>
-<web-app xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-       xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee
-http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
-       version="2.4">
+<web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+       xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
+       version="3.0">
 
-       <context-param>
-               <param-name>contextConfigLocation</param-name>
-               <param-value>/WEB-INF/spring/*.xml</param-value>
-       </context-param>
-
-       <listener>
-               <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
-       </listener>
 
        <servlet>
                <servlet-name>Flows</servlet-name>
@@ -24,18 +15,62 @@ http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
                <url-pattern>/</url-pattern>
        </servlet-mapping>
 
-       <filter>
-               <filter-name>springSecurityFilterChain</filter-name>
-               <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
-       </filter>
 
-       <filter-mapping>
-               <filter-name>springSecurityFilterChain</filter-name>
-               <url-pattern>/*</url-pattern>
-       </filter-mapping>
+       <security-constraint>
+               <web-resource-collection>
+                       <web-resource-name>free access</web-resource-name>
+                       <url-pattern>/js/*</url-pattern>
+                       <url-pattern>/images/*</url-pattern>
+                       <url-pattern>/css/*</url-pattern>
+                       <url-pattern>/favicon.ico</url-pattern>
+               </web-resource-collection>
+       </security-constraint>
+
+       <security-constraint>
+               <display-name>FlowApp</display-name>
+               <web-resource-collection>
+                       <web-resource-name>FlowMgrGUI</web-resource-name>
+                       <url-pattern>/*</url-pattern>
+               </web-resource-collection>
+               <auth-constraint>
+                       <role-name>System-Admin</role-name>
+                       <role-name>Network-Admin</role-name>
+                       <role-name>Network-Operator</role-name>
+                       <role-name>Container-User</role-name>
+               </auth-constraint>
+       </security-constraint>
+       <security-role>
+               <role-name>System-Admin</role-name>
+       </security-role>
+       <security-role>
+               <role-name>Network-Admin</role-name>
+       </security-role>
+       <security-role>
+               <role-name>Network-Operator</role-name>
+       </security-role>
+       <security-role>
+               <role-name>Container-User</role-name>
+       </security-role>
+
+       <login-config>
+               <auth-method>FORM</auth-method>
+               <form-login-config>
+                       <form-login-page>/WEB-INF/jsp/login.jsp</form-login-page>
+                       <form-error-page>/WEB-INF/jsp/error.jsp</form-error-page>
+               </form-login-config>
+       </login-config>
+
 
        <listener>
                <listener-class>org.opendaylight.controller.web.ControllerUISessionManager</listener-class>
        </listener>
 
+       <session-config>
+               <cookie-config>
+                       <path>/</path>
+               </cookie-config>
+       </session-config>
+
+
+
 </web-app>
index 7c11554..7f5c453 100644 (file)
                                                        org.springframework.web.servlet.config,
                                                        org.springframework.web.servlet.view,
                                                        org.springframework.web.servlet.view.json,
-
                                                        org.springframework.web.filter,
                                                        org.springframework.web.context,
-                                                       org.springframework.security.core,
-                                                       org.springframework.security.core.userdetails,
-                                                       org.springframework.security.core.authority,
-                                                       org.springframework.security.core.context,
-                                                       org.springframework.security.authentication,
-                                                       org.springframework.security.config,
-                                                       org.springframework.security.config.authentication,
-                                                       org.springframework.security.taglibs.authz,
-                                                       org.springframework.security.web,
-                                                       org.springframework.security.web.context,
-                                                       org.springframework.security.web.authentication,
-                                                       org.springframework.security.web.authentication.www,
-                                                       org.springframework.security.provisioning,
-                                                       org.springframework.security.web.util,
-                                                       org.springframework.security.web.authentication.rememberme,
-                                                       org.springframework.security.web.authentication.logout,
-                                                       org.springframework.dao,
-                                                       org.springframework.security.web.savedrequest,
-                                                       org.springframework.security.access,
                                                        org.springframework.util
-
-
                                                </Import-Package>
                                                <Export-Package>
                                                        org.opendaylight.controller.web
diff --git a/opendaylight/web/root/src/main/java/org/opendaylight/controller/web/AuthenticationProviderWrapper.java b/opendaylight/web/root/src/main/java/org/opendaylight/controller/web/AuthenticationProviderWrapper.java
deleted file mode 100644 (file)
index 7877ff6..0000000
+++ /dev/null
@@ -1,52 +0,0 @@
-/*
- * Copyright (c) 2013 Cisco Systems, Inc. and others.  All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v1.0 which accompanies this distribution,
- * and is available at http://www.eclipse.org/legal/epl-v10.html
- */
-
-
-package org.opendaylight.controller.web;
-
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.security.authentication.AuthenticationProvider;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.AuthenticationException;
-
-import org.opendaylight.controller.sal.utils.ServiceHelper;
-import org.opendaylight.controller.usermanager.IUserManager;
-
-
-public class AuthenticationProviderWrapper implements
-        AuthenticationProvider {
-
-    private static final Logger logger = LoggerFactory
-            .getLogger(AuthenticationProviderWrapper.class);
-
-    @Override
-    public Authentication authenticate(Authentication authentication)
-            throws AuthenticationException {
-        return ((AuthenticationProvider) getUserManagerRef())
-                .authenticate(authentication);
-    }
-
-    @Override
-    public boolean supports(Class<?> authentication) {
-        return ((AuthenticationProvider) getUserManagerRef())
-                .supports(authentication);
-    }
-
-    private IUserManager getUserManagerRef() {
-        IUserManager userManager = (IUserManager) ServiceHelper
-                .getGlobalInstance(IUserManager.class, this);
-        if (userManager != null) {
-            return userManager;
-        } else {
-            logger.error("UserManager Ref is null. ");
-            throw new RuntimeException("UserManager Ref is null. ");
-        }
-    }
-
-}
diff --git a/opendaylight/web/root/src/main/java/org/opendaylight/controller/web/ControllerAuthenticationSuccessHandler.java b/opendaylight/web/root/src/main/java/org/opendaylight/controller/web/ControllerAuthenticationSuccessHandler.java
deleted file mode 100644 (file)
index 9514109..0000000
+++ /dev/null
@@ -1,70 +0,0 @@
-/*
- * Copyright (c) 2013 Cisco Systems, Inc. and others.  All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v1.0 which accompanies this distribution,
- * and is available at http://www.eclipse.org/legal/epl-v10.html
- */
-
-
-package org.opendaylight.controller.web;
-
-import java.io.IOException;
-import java.util.Map;
-
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.springframework.security.core.Authentication;
-import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
-import org.springframework.security.web.savedrequest.HttpSessionRequestCache;
-import org.springframework.security.web.savedrequest.RequestCache;
-import org.springframework.security.web.savedrequest.SavedRequest;
-import org.springframework.util.StringUtils;
-
-public class ControllerAuthenticationSuccessHandler extends SavedRequestAwareAuthenticationSuccessHandler {
-    private RequestCache requestCache = new HttpSessionRequestCache();
-
-    @Override
-    public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response,
-            Authentication authentication) throws ServletException, IOException {
-        SavedRequest savedRequest = requestCache.getRequest(request, response);
-
-        if (savedRequest == null) {
-            super.onAuthenticationSuccess(request, response, authentication);
-
-            return;
-        }
-        String targetUrlParameter = getTargetUrlParameter();
-        if (isAlwaysUseDefaultTargetUrl() || (targetUrlParameter != null && StringUtils.hasText(request.getParameter(targetUrlParameter)))) {
-            requestCache.removeRequest(request, response);
-            super.onAuthenticationSuccess(request, response, authentication);
-
-            return;
-        }
-
-        clearAuthenticationAttributes(request);
-
-        // Use the DefaultSavedRequest URL
-        
-        String targetUrl = savedRequest.getRedirectUrl();
-        //workaround to avoid being redirected to ajax calls
-        Map<String, String[]> m = savedRequest.getParameterMap();
-        if(m!= null)
-        {
-            String[] value = m.get("x-page-url");
-            if(value != null && value.length > 0)
-                targetUrl = request.getContextPath() + "#" + value[0];
-        }
-        logger.debug("Redirecting to DefaultSavedRequest Url: " + targetUrl);
-        
-        
-        
-        getRedirectStrategy().sendRedirect(request, response, targetUrl);
-    }
-
-    public void setRequestCache(RequestCache requestCache) {
-        this.requestCache = requestCache;
-    }
-}
diff --git a/opendaylight/web/root/src/main/java/org/opendaylight/controller/web/ControllerCustomFilter.java b/opendaylight/web/root/src/main/java/org/opendaylight/controller/web/ControllerCustomFilter.java
deleted file mode 100644 (file)
index a14df94..0000000
+++ /dev/null
@@ -1,87 +0,0 @@
-/*
- * Copyright (c) 2013 Cisco Systems, Inc. and others.  All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v1.0 which accompanies this distribution,
- * and is available at http://www.eclipse.org/legal/epl-v10.html
- */
-
-package org.opendaylight.controller.web;
-
-import java.io.IOException;
-import java.util.List;
-import java.util.Map;
-
-import javax.servlet.FilterChain;
-import javax.servlet.ServletException;
-import javax.servlet.ServletRequest;
-import javax.servlet.ServletResponse;
-import javax.servlet.http.Cookie;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.opendaylight.controller.sal.utils.ServiceHelper;
-import org.opendaylight.controller.usermanager.IUserManager;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.security.access.AccessDeniedException;
-import org.springframework.security.core.context.SecurityContextHolder;
-import org.springframework.web.filter.GenericFilterBean;
-
-public class ControllerCustomFilter extends GenericFilterBean {
-
-    private static final Logger logger = LoggerFactory
-            .getLogger(ControllerCustomFilter.class);
-
-    @Override
-    public void doFilter(ServletRequest req, ServletResponse resp,
-            FilterChain chain) throws IOException, ServletException {
-        //custom filter to handle logged out users
-        HttpServletRequest request = (HttpServletRequest) req;
-        HttpServletResponse response = (HttpServletResponse) resp;
-
-        String url = request.getRequestURL().toString();
-
-        //skip anonymous auth
-        if (!(url.indexOf("login") > -1) && !(url.indexOf("logout") > -1)) {
-            if (SecurityContextHolder.getContext().getAuthentication() != null
-                    && SecurityContextHolder.getContext().getAuthentication()
-                            .isAuthenticated()) {
-
-                IUserManager userManager = (IUserManager) ServiceHelper
-                        .getGlobalInstance(IUserManager.class, this);
-                if (userManager != null) {
-                    Map<String, List<String>> activeUsers = userManager
-                            .getUserLoggedIn();
-                    if (activeUsers != null && activeUsers.size() > 0) {
-
-                        String username = SecurityContextHolder.getContext()
-                                .getAuthentication().getName();
-                        if (!activeUsers.containsKey(username)) {
-                            throw new AccessDeniedException(
-                                    "UserManager activeUserList does not contain user "
-                                            + username);
-                        }
-                    } else {
-                        logger.error("UserManager return empty activeusers");
-                        throw new AccessDeniedException(
-                                "UserManager activeUserList is empty. ");
-                    }
-                } else {
-                    logger.error("UserManager Ref is null. ");
-                    throw new RuntimeException("UserManager Ref is null. ");
-                }
-
-            } else {
-                logger.error("SecurityContextHolder getAuthentication is null");
-                throw new AccessDeniedException(
-                        "SecurityContextHolder is not populated");
-            }
-        }
-
-        chain.doFilter(request, response);
-    }
-
-
-}
diff --git a/opendaylight/web/root/src/main/java/org/opendaylight/controller/web/ControllerLoginUrlAuthEntryPoint.java b/opendaylight/web/root/src/main/java/org/opendaylight/controller/web/ControllerLoginUrlAuthEntryPoint.java
deleted file mode 100644 (file)
index 36a192e..0000000
+++ /dev/null
@@ -1,50 +0,0 @@
-/*
- * Copyright (c) 2013 Cisco Systems, Inc. and others.  All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v1.0 which accompanies this distribution,
- * and is available at http://www.eclipse.org/legal/epl-v10.html
- */
-
-
-package org.opendaylight.controller.web;
-
-import java.io.IOException;
-
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.springframework.security.core.AuthenticationException;
-import org.springframework.security.web.DefaultRedirectStrategy;
-import org.springframework.security.web.RedirectStrategy;
-import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint;
-import org.springframework.security.web.util.RedirectUrlBuilder;
-
-@SuppressWarnings("deprecation")
-public class ControllerLoginUrlAuthEntryPoint extends
-        LoginUrlAuthenticationEntryPoint {
-
-    private String loginFormUrl = "/login";
-    private final RedirectStrategy redirectStrategy = new DefaultRedirectStrategy();
-
-    //This entry point always re-directs to root login page.
-
-   @Override
-   public void commence(HttpServletRequest request,
-            HttpServletResponse response, AuthenticationException authException)
-            throws IOException, ServletException {
-
-        String redirectUrl = request.getRequestURL().toString();
-            RedirectUrlBuilder urlBuilder = new RedirectUrlBuilder();
-            urlBuilder.setScheme(request.getScheme());
-            urlBuilder.setServerName(request.getServerName());
-            urlBuilder.setPort(getPortResolver().getServerPort(request));
-            // urlBuilder.setContextPath(request.getContextPath());
-            urlBuilder.setPathInfo(loginFormUrl);
-            redirectUrl = urlBuilder.getUrl();
-            redirectStrategy.sendRedirect(request, response, redirectUrl);  
-
-    }
-
-}
diff --git a/opendaylight/web/root/src/main/java/org/opendaylight/controller/web/ControllerLogoutHandler.java b/opendaylight/web/root/src/main/java/org/opendaylight/controller/web/ControllerLogoutHandler.java
deleted file mode 100644 (file)
index ee06a13..0000000
+++ /dev/null
@@ -1,53 +0,0 @@
-/*
- * Copyright (c) 2013 Cisco Systems, Inc. and others.  All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v1.0 which accompanies this distribution,
- * and is available at http://www.eclipse.org/legal/epl-v10.html
- */
-
-
-package org.opendaylight.controller.web;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import javax.servlet.http.HttpSession;
-
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.web.authentication.logout.LogoutHandler;
-
-import org.opendaylight.controller.sal.utils.ServiceHelper;
-import org.opendaylight.controller.usermanager.IUserManager;
-
-public class ControllerLogoutHandler implements LogoutHandler {
-
-    private static final Logger logger = LoggerFactory
-            .getLogger(ControllerLogoutHandler.class);
-
-    @Override
-    public void logout(HttpServletRequest request,
-            HttpServletResponse response, Authentication authentication) {
-        if (authentication != null) {
-            String userName = authentication.getName();
-            if (userName != null) {
-                IUserManager userManager = (IUserManager) ServiceHelper
-                        .getGlobalInstance(IUserManager.class, this);
-                if (userManager != null) {
-                    userManager.userLogout(userName);
-                    HttpSession session = request.getSession();
-                    userManager.getSessionManager().invalidateSessions(userName, session.getId());
-                    
-                } else
-                    logger
-                            .error("UserMgr ref is null. Logout is not done cleanly");
-
-            } else
-                logger
-                        .error("User name is null in authentication. Logout is not done cleanly");
-        }
-
-    }
-
-}
diff --git a/opendaylight/web/root/src/main/java/org/opendaylight/controller/web/ControllerUserDetailsService.java b/opendaylight/web/root/src/main/java/org/opendaylight/controller/web/ControllerUserDetailsService.java
deleted file mode 100644 (file)
index 2aac0b0..0000000
+++ /dev/null
@@ -1,47 +0,0 @@
-/*
- * Copyright (c) 2013 Cisco Systems, Inc. and others.  All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v1.0 which accompanies this distribution,
- * and is available at http://www.eclipse.org/legal/epl-v10.html
- */
-
-
-package org.opendaylight.controller.web;
-
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.security.core.userdetails.UserDetails;
-import org.springframework.security.core.userdetails.UserDetailsService;
-import org.springframework.security.core.userdetails.UsernameNotFoundException;
-
-import org.opendaylight.controller.sal.utils.ServiceHelper;
-import org.opendaylight.controller.usermanager.IUserManager;
-
-
-public class ControllerUserDetailsService implements UserDetailsService {
-
-    private static final Logger logger = LoggerFactory
-            .getLogger(ControllerUserDetailsService.class);
-
-    ControllerUserDetailsService() {
-    }
-
-    @Override
-    public UserDetails loadUserByUsername(String username)
-            throws UsernameNotFoundException {
-        return getUserManagerRef().loadUserByUsername(username);
-    }
-
-    private IUserManager getUserManagerRef() {
-        IUserManager userManager = (IUserManager) ServiceHelper
-                .getGlobalInstance(IUserManager.class, this);
-        if (userManager != null) {
-            return userManager;
-        } else {
-            logger.error("UserManager Ref is null. ");
-            throw new RuntimeException("UserManager Ref is null. ");
-        }
-    }
-
-}
diff --git a/opendaylight/web/root/src/main/java/org/opendaylight/controller/web/ControllerWebSecurityContextRepository.java b/opendaylight/web/root/src/main/java/org/opendaylight/controller/web/ControllerWebSecurityContextRepository.java
deleted file mode 100644 (file)
index 38007f4..0000000
+++ /dev/null
@@ -1,69 +0,0 @@
-/*
- * Copyright (c) 2013 Cisco Systems, Inc. and others.  All rights reserved.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License v1.0 which accompanies this distribution,
- * and is available at http://www.eclipse.org/legal/epl-v10.html
- */
-
-
-package org.opendaylight.controller.web;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.security.core.context.SecurityContext;
-import org.springframework.security.web.context.HttpRequestResponseHolder;
-import org.springframework.security.web.context.SecurityContextRepository;
-
-import org.opendaylight.controller.sal.utils.ServiceHelper;
-import org.opendaylight.controller.usermanager.IUserManager;
-
-
-public class ControllerWebSecurityContextRepository implements
-        SecurityContextRepository {
-
-    private static final Logger logger = LoggerFactory
-            .getLogger(ControllerWebSecurityContextRepository.class);
-
-    ControllerWebSecurityContextRepository() {
-    }
-
-    @Override
-    public SecurityContext loadContext(
-            HttpRequestResponseHolder requestResponseHolder) {
-
-        SecurityContextRepository contextRepo = (SecurityContextRepository) getUserManagerRef()
-                .getSecurityContextRepo();
-        return contextRepo.loadContext(requestResponseHolder);
-    }
-
-    @Override
-    public void saveContext(SecurityContext context,
-            HttpServletRequest request, HttpServletResponse response) {
-        SecurityContextRepository contextRepo = (SecurityContextRepository) getUserManagerRef()
-                .getSecurityContextRepo();
-        contextRepo.saveContext(context, request, response);
-    }
-
-    private IUserManager getUserManagerRef() {
-        IUserManager userManager = (IUserManager) ServiceHelper
-                .getGlobalInstance(IUserManager.class, this);
-        if (userManager != null) {
-            return userManager;
-        } else {
-            logger.error("UserManager Ref is null. ");
-            throw new RuntimeException("UserManager Ref is null. ");
-        }
-    }
-
-    @Override
-    public boolean containsContext(HttpServletRequest request) {
-        SecurityContextRepository contextRepo = (SecurityContextRepository) getUserManagerRef()
-                .getSecurityContextRepo();
-        return contextRepo.containsContext(request);
-    }
-
-}
index 296a8fb..24f0b4d 100644 (file)
@@ -1,4 +1,3 @@
-
 /*
  * Copyright (c) 2013 Cisco Systems, Inc. and others.  All rights reserved.
  *
@@ -12,7 +11,9 @@ package org.opendaylight.controller.web;
 import java.util.HashMap;
 import java.util.Map;
 
+import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
 
 import org.opendaylight.controller.configuration.IConfigurationService;
 import org.opendaylight.controller.sal.authorization.UserLevel;
@@ -20,7 +21,6 @@ import org.opendaylight.controller.sal.utils.ServiceHelper;
 import org.opendaylight.controller.sal.utils.Status;
 import org.opendaylight.controller.sal.utils.StatusCode;
 import org.opendaylight.controller.usermanager.IUserManager;
-import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.stereotype.Controller;
 import org.springframework.ui.Model;
 import org.springframework.web.bind.annotation.RequestMapping;
@@ -31,73 +31,111 @@ import org.springframework.web.bind.annotation.ResponseBody;
 @RequestMapping("/")
 public class DaylightWeb {
     @RequestMapping(value = "")
-    public String index(Model model) {
-       IUserManager userManager = (IUserManager) ServiceHelper
+    public String index(Model model, HttpServletRequest request) {
+        IUserManager userManager = (IUserManager) ServiceHelper
                 .getGlobalInstance(IUserManager.class, this);
         if (userManager == null) {
-               return "User Manager is not available";
+            return "User Manager is not available";
         }
-       
-        String username = SecurityContextHolder.getContext().getAuthentication().getName();
+
+        String username = request.getUserPrincipal().getName();
+
         model.addAttribute("username", username);
-        model.addAttribute("role", userManager.getUserLevel(username).toNumber());
-        
+        model.addAttribute("role", userManager.getUserLevel(username)
+                .toNumber());
+
         return "main";
     }
 
     @RequestMapping(value = "web.json")
     @ResponseBody
-    public Map<String, Map<String, Object>> bundles() {
-        Object[] instances = ServiceHelper.getGlobalInstances(IDaylightWeb.class,
-                this, null);
+    public Map<String, Map<String, Object>> bundles(HttpServletRequest request) {
+        Object[] instances = ServiceHelper.getGlobalInstances(
+                IDaylightWeb.class, this, null);
         Map<String, Map<String, Object>> bundles = new HashMap<String, Map<String, Object>>();
         Map<String, Object> entry;
         IDaylightWeb bundle;
-        String userName = SecurityContextHolder.getContext().getAuthentication().getName();
-        IUserManager userManger = (IUserManager) ServiceHelper.getGlobalInstance(IUserManager.class, this);
+        String username = request.getUserPrincipal().getName();
+        IUserManager userManger = (IUserManager) ServiceHelper
+                .getGlobalInstance(IUserManager.class, this);
         for (Object instance : instances) {
             bundle = (IDaylightWeb) instance;
-            if (userManger != null &&
-                       bundle.isAuthorized(userManger.getUserLevel(userName))) {
-                   entry = new HashMap<String, Object>();
-                   entry.put("name", bundle.getWebName());
-                   entry.put("order", bundle.getWebOrder());
-                   bundles.put(bundle.getWebId(), entry);
+            if (userManger != null
+                    && bundle.isAuthorized(userManger.getUserLevel(username))) {
+                entry = new HashMap<String, Object>();
+                entry.put("name", bundle.getWebName());
+                entry.put("order", bundle.getWebOrder());
+                bundles.put(bundle.getWebId(), entry);
             }
         }
         return bundles;
     }
-    
+
     @RequestMapping(value = "save", method = RequestMethod.POST)
     @ResponseBody
-    public String save() {
-       String username = SecurityContextHolder.getContext().getAuthentication().getName();
-       IUserManager userManager = (IUserManager) ServiceHelper
+    public String save(HttpServletRequest request) {
+        String username = request.getUserPrincipal().getName();
+        IUserManager userManager = (IUserManager) ServiceHelper
                 .getGlobalInstance(IUserManager.class, this);
-        if (userManager == null) return "User Manager is not available";
-        
+        if (userManager == null) {
+            return "User Manager is not available";
+        }
+
         UserLevel level = userManager.getUserLevel(username);
         if (level == UserLevel.NETWORKOPERATOR) {
-               return "Save not permitted for Operator";
+            return "Save not permitted for Operator";
+        }
+
+        Status status = new Status(StatusCode.UNAUTHORIZED,
+                "Operation not allowed for current user");
+        if (level == UserLevel.NETWORKADMIN || level == UserLevel.SYSTEMADMIN) {
+            IConfigurationService configService = (IConfigurationService) ServiceHelper
+                    .getGlobalInstance(IConfigurationService.class, this);
+            if (configService != null) {
+                status = configService.saveConfigurations();
+            }
         }
-        
-        Status status = new Status(StatusCode.UNAUTHORIZED, 
-                       "Operation not allowed for current user");
-           if (level == UserLevel.NETWORKADMIN || level == UserLevel.SYSTEMADMIN) {
-               IConfigurationService configService = (IConfigurationService) ServiceHelper
-                       .getGlobalInstance(IConfigurationService.class, this);
-               if (configService != null) {
-                       status = configService.saveConfigurations();
-               }
-           }
-        
+
         return status.getDescription();
     }
-    
+
+    @RequestMapping(value = "logout")
+    public String login(Map<String, Object> model,
+            final HttpServletRequest request) {
+
+        IUserManager userManager = (IUserManager) ServiceHelper
+                .getGlobalInstance(IUserManager.class, this);
+        if (userManager == null) {
+            return "User Manager is not available";
+        }
+        String username = request.getUserPrincipal().getName();
+        HttpSession session = request.getSession(false);
+        if (session != null) {
+            if (username != null) {
+                userManager.userLogout(username);
+            }
+            session.invalidate();
+
+        }
+        return "redirect:" + "/";
+    }
+
     @RequestMapping(value = "login")
-       public String login(Map<String, Object> model, final HttpServletResponse response) {
-                response.setHeader("X-Page-Location", "/login");
-               return "login";
-       }
+    public String login(Model model, final HttpServletRequest request,
+            final HttpServletResponse response) {
+        // response.setHeader("X-Page-Location", "/login");
+        IUserManager userManager = (IUserManager) ServiceHelper
+                .getGlobalInstance(IUserManager.class, this);
+        if (userManager == null) {
+            return "User Manager is not available";
+        }
+
+        String username = request.getUserPrincipal().getName();
+
+        model.addAttribute("username", username);
+        model.addAttribute("role", userManager.getUserLevel(username)
+                .toNumber());
+        return "forward:" + "/";
+    }
 
-}
\ No newline at end of file
+}
index bc3d39a..1ab8dff 100644 (file)
@@ -1,4 +1,3 @@
-
 /*
  * Copyright (c) 2013 Cisco Systems, Inc. and others.  All rights reserved.
  *
@@ -11,12 +10,13 @@ package org.opendaylight.controller.web;
 
 import java.util.List;
 
+import javax.servlet.http.HttpServletRequest;
+
 import org.opendaylight.controller.sal.authorization.UserLevel;
 import org.opendaylight.controller.sal.utils.ServiceHelper;
 import org.opendaylight.controller.sal.utils.Status;
 import org.opendaylight.controller.usermanager.IUserManager;
 import org.opendaylight.controller.usermanager.internal.UserConfig;
-import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.RequestMapping;
@@ -50,56 +50,59 @@ public class DaylightWebAdmin {
     @ResponseBody
     public String saveLocalUserConfig(
             @RequestParam(required = true) String json,
-            @RequestParam(required = true) String action) {
+            @RequestParam(required = true) String action,
+            HttpServletRequest request) {
 
-       IUserManager userManager = (IUserManager) ServiceHelper
+        IUserManager userManager = (IUserManager) ServiceHelper
                 .getGlobalInstance(IUserManager.class, this);
         if (userManager == null) {
-               return "Internal Error";
+            return "Internal Error";
         }
-        
-        if (!authorize(userManager, UserLevel.NETWORKADMIN)) {
-                       return "Operation not permitted";
+
+        if (!authorize(userManager, UserLevel.NETWORKADMIN, request)) {
+            return "Operation not permitted";
         }
-       
+
         Gson gson = new Gson();
         UserConfig config = gson.fromJson(json, UserConfig.class);
-        
-        Status result = (action.equals("add")) ? 
-                       userManager.addLocalUser(config)
-                   : userManager.removeLocalUser(config);
+
+        Status result = (action.equals("add")) ? userManager
+                .addLocalUser(config) : userManager.removeLocalUser(config);
 
         return result.getDescription();
     }
-    
+
     @RequestMapping(value = "/users/{username}", method = RequestMethod.POST)
     @ResponseBody
-    public String removeLocalUser(@PathVariable("username") String userName) {
-       if(SecurityContextHolder.getContext().getAuthentication()
-                       .getName().equals(userName)) {
-               return "Invalid Request: User cannot delete itself";
-       }
-       
-       IUserManager userManager = (IUserManager) ServiceHelper
+    public String removeLocalUser(@PathVariable("username") String userName,
+            HttpServletRequest request) {
+
+        String username = request.getUserPrincipal().getName();
+        if (username.equals(userName)) {
+            return "Invalid Request: User cannot delete itself";
+        }
+
+        IUserManager userManager = (IUserManager) ServiceHelper
                 .getGlobalInstance(IUserManager.class, this);
         if (userManager == null) {
-               return "Internal Error";
+            return "Internal Error";
         }
-        
-        if (!authorize(userManager, UserLevel.NETWORKADMIN)) {
-                       return "Operation not permitted";
+
+        if (!authorize(userManager, UserLevel.NETWORKADMIN, request)) {
+            return "Operation not permitted";
         }
-        
+
         return userManager.removeLocalUser(userName).getDescription();
     }
-    
+
     /**
      * Is the operation permitted for the given level
      * 
      * @param level
      */
-    private boolean authorize(IUserManager userManager, UserLevel level) {
-        String username = SecurityContextHolder.getContext().getAuthentication().getName();
+    private boolean authorize(IUserManager userManager, UserLevel level,
+            HttpServletRequest request) {
+        String username = request.getUserPrincipal().getName();
         UserLevel userLevel = userManager.getUserLevel(username);
         return userLevel.toNumber() <= level.toNumber();
     }
diff --git a/opendaylight/web/root/src/main/resources/WEB-INF/jsp/error.jsp b/opendaylight/web/root/src/main/resources/WEB-INF/jsp/error.jsp
new file mode 100644 (file)
index 0000000..8662585
--- /dev/null
@@ -0,0 +1,45 @@
+<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
+<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
+
+<!DOCTYPE html>
+<html>
+  <head>
+    <meta charset="utf-8">
+    <title>OpenDaylight - Error</title>
+
+    <!-- Bootstrap CSS - 1 -->
+    <link href="/css/bootstrap.min.css" rel="stylesheet" media="screen">
+    
+    <!-- Login CSS - 2 -->
+    <link rel="stylesheet/less" type="text/css" href="/css/login.less">
+    
+    <!-- Bootstrap JS - 1 -->
+    <script src="/js/bootstrap.min.js"></script>
+    
+    <!-- LESS - 2 -->
+    <script type="text/javascript">
+        less = {
+            env: "production"
+        };
+    </script>
+    <script src="/js/less-1.3.3.min.js"></script>
+</head>
+<body>
+        <form action="<c:url value='/' />" id="form" method="post">
+
+  <div class="container">
+    <div class="content">
+       <div class="login-form">
+         <div id="logo"></div>
+           <fieldset>
+            <p>Your session has timed out or there was an error.<p>
+            <p>Please go back to the login page and try again.</p>
+            <br/>
+             <button class="btn btn-primary" type="submit" value="Log In" >Go To Login Page</button>
+           </fieldset>
+       </div>
+    </div>
+  </div> 
+  </form>
+</body>
+</html>
\ No newline at end of file
index 431f23a..b9d32b1 100644 (file)
@@ -34,7 +34,7 @@
        <script src="/js/less-1.3.3.min.js"></script>
 </head>
 <body>
-  <form action="<c:url value='j_spring_security_check' />" id="form" method="post">
+  <form action="<c:url value='j_security_check' />" id="form" method="post">
 
   <div class="container">
     <div class="content">
@@ -54,4 +54,4 @@
   </div> 
   </form>
 </body>
-</html>
\ No newline at end of file
+</html>
diff --git a/opendaylight/web/root/src/main/resources/WEB-INF/spring/context.xml b/opendaylight/web/root/src/main/resources/WEB-INF/spring/context.xml
deleted file mode 100644 (file)
index 8a4bda5..0000000
+++ /dev/null
@@ -1,10 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<beans xmlns="http://www.springframework.org/schema/beans"
-  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-  xmlns:context="http://www.springframework.org/schema/context"
-  xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
-  http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd">
-
-        <import resource="servlet/security.xml"/>
-
-</beans>
index c763531..a14d1c5 100644 (file)
@@ -1,17 +1,56 @@
 <?xml version="1.0" encoding="ISO-8859-1"?>
-<web-app xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-       xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee
-http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
-       version="2.4">
+<!-- <web-app xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
+       xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd" 
+       version="2.4"> -->
+<web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+       xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
+       version="3.0">
 
-       <context-param>
-               <param-name>contextConfigLocation</param-name>
-               <param-value>/WEB-INF/spring/*.xml</param-value>
-       </context-param>
+       <security-constraint>
+               <web-resource-collection>
+                       <web-resource-name>free access</web-resource-name>
+                       <url-pattern>/js/*</url-pattern>
+                       <url-pattern>/images/*</url-pattern>
+                       <url-pattern>/css/*</url-pattern>
+                       <url-pattern>/favicon.ico</url-pattern>
+               </web-resource-collection>
+       </security-constraint>
+
+       <security-constraint>
+               <display-name>RootApp</display-name>
+               <web-resource-collection>
+                       <web-resource-name>RootGUI</web-resource-name>
+                       <url-pattern>/*</url-pattern>
+               </web-resource-collection>
+               <auth-constraint>
+                       <role-name>System-Admin</role-name>
+                       <role-name>Network-Admin</role-name>
+                       <role-name>Network-Operator</role-name>
+                       <role-name>Container-User</role-name>
+               </auth-constraint>
+       </security-constraint>
+
+       <security-role>
+               <role-name>System-Admin</role-name>
+       </security-role>
+       <security-role>
+               <role-name>Network-Admin</role-name>
+       </security-role>
+       <security-role>
+               <role-name>Network-Operator</role-name>
+       </security-role>
+       <security-role>
+               <role-name>Container-User</role-name>
+       </security-role>
 
-       <listener>
-               <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
-       </listener>
+
+       <login-config>
+               <auth-method>FORM</auth-method>
+               <form-login-config>
+                       <form-login-page>/WEB-INF/jsp/login.jsp</form-login-page>
+                       <form-error-page>/WEB-INF/jsp/error.jsp</form-error-page>
+               </form-login-config>
+       </login-config>
 
        <servlet>
                <servlet-name>RootGUI</servlet-name>
@@ -24,16 +63,6 @@ http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
                <url-pattern>/</url-pattern>
        </servlet-mapping>
 
-       <filter>
-               <filter-name>springSecurityFilterChain</filter-name>
-               <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
-       </filter>
-
-       <filter-mapping>
-               <filter-name>springSecurityFilterChain</filter-name>
-               <url-pattern>/*</url-pattern>
-       </filter-mapping>
-
        <display-name>OpenDaylight Controller</display-name>
        <description>OpenDaylight Controller</description>
 
@@ -41,4 +70,10 @@ http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
                <listener-class>org.opendaylight.controller.web.ControllerUISessionManager</listener-class>
        </listener>
 
+       <session-config>
+               <cookie-config>
+                       <path>/</path>
+               </cookie-config>
+       </session-config>
+
 </web-app>
index 4cb633e..51e8ea9 100644 (file)
@@ -706,9 +706,9 @@ $("#logout").click(function() {
 
 $.ajaxSetup({
     complete : function(xhr,textStatus) {
-        var page = xhr.getResponseHeader('X-Page-Location');
-        if(page == '/login') {
-            location.href = '/login';
+       var mime = xhr.getResponseHeader('Content-Type');
+        if (mime.substring(0, 9) == 'text/html') {
+            location.href = '/';
         }
     }
 });
index daef22c..3899925 100644 (file)
                                                        org.springframework.web.servlet,
                                                        org.springframework.web.servlet.config,
                                                        org.springframework.web.servlet.view,
-
                                                        org.springframework.web.filter,
                                                        org.springframework.web.context,
-                                                       org.springframework.security.core,
-                                                       org.springframework.security.core.userdetails,
-                                                       org.springframework.security.core.authority,
-                                                       org.springframework.security.core.context,
-                                                       org.springframework.security.authentication,
-                                                       org.springframework.security.config,
-                                                       org.springframework.security.config.authentication,
-                                                       org.springframework.security.taglibs.authz,
-                                                       org.springframework.security.web,
-                                                       org.springframework.security.web.context,
-                                                       org.springframework.security.web.authentication,
-                                                       org.springframework.security.web.authentication.www,
-                                                       org.springframework.security.provisioning,
-                                                       org.springframework.security.web.util,
-                                                       org.springframework.security.web.authentication.rememberme,
-                                                       org.springframework.security.web.authentication.logout,
-                                                       org.springframework.dao
                                                </Import-Package>
                                                <Web-ContextPath>/controller/web/topology</Web-ContextPath>
                                        </instructions>
index 3366912..791358c 100644 (file)
@@ -19,6 +19,8 @@ import java.util.List;
 import java.util.Map;
 import java.util.Set;
 
+import javax.servlet.http.HttpServletRequest;
+
 import org.opendaylight.controller.sal.authorization.UserLevel;
 import org.opendaylight.controller.sal.core.Bandwidth;
 import org.opendaylight.controller.sal.core.Edge;
@@ -33,7 +35,6 @@ import org.opendaylight.controller.switchmanager.Switch;
 import org.opendaylight.controller.switchmanager.SwitchConfig;
 import org.opendaylight.controller.topologymanager.ITopologyManager;
 import org.opendaylight.controller.usermanager.IUserManager;
-import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.RequestMapping;
@@ -274,8 +275,8 @@ public class Topology {
     @RequestMapping(value = "/node/{nodeId}", method = RequestMethod.POST)
     @ResponseBody
     public Map<String, Object> post(@PathVariable String nodeId, @RequestParam(required = true) String x,
-               @RequestParam(required = true) String y) {
-       if (!authorize(UserLevel.NETWORKADMIN)) {
+               @RequestParam(required = true) String y, HttpServletRequest request) {
+       if (!authorize(UserLevel.NETWORKADMIN, request)) {
                return new HashMap<String, Object>(); // silently disregard new node position
        }
        
@@ -427,14 +428,14 @@ public class Topology {
        public static final String HOST = "host";
     }
     
-    private boolean authorize(UserLevel level) {
+    private boolean authorize(UserLevel level, HttpServletRequest request) {
        IUserManager userManager = (IUserManager) ServiceHelper
                 .getGlobalInstance(IUserManager.class, this);
         if (userManager == null) {
                return false;
         }
         
-        String username = SecurityContextHolder.getContext().getAuthentication().getName();
+        String username = request.getUserPrincipal().getName();
         UserLevel userLevel = userManager.getUserLevel(username);
         if (userLevel.toNumber() <= level.toNumber()) {
                return true;
diff --git a/opendaylight/web/topology/src/main/resources/WEB-INF/jsp/error.jsp b/opendaylight/web/topology/src/main/resources/WEB-INF/jsp/error.jsp
new file mode 100644 (file)
index 0000000..270d793
--- /dev/null
@@ -0,0 +1,8 @@
+<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
+<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
+<%@taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
+<c:set var="req" value="${pageContext.request}" />
+<c:set var="uri" value="${req.requestURI}" />
+<c:set var="replaceWith" value="/" />
+<c:set var="redirectUrl" value="${fn:replace(req.requestURL, req.contextPath , replaceWith)}" />
+<c:import url="${redirectUrl}" />
\ No newline at end of file
diff --git a/opendaylight/web/topology/src/main/resources/WEB-INF/jsp/login.jsp b/opendaylight/web/topology/src/main/resources/WEB-INF/jsp/login.jsp
new file mode 100644 (file)
index 0000000..270d793
--- /dev/null
@@ -0,0 +1,8 @@
+<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
+<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
+<%@taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
+<c:set var="req" value="${pageContext.request}" />
+<c:set var="uri" value="${req.requestURI}" />
+<c:set var="replaceWith" value="/" />
+<c:set var="redirectUrl" value="${fn:replace(req.requestURL, req.contextPath , replaceWith)}" />
+<c:import url="${redirectUrl}" />
\ No newline at end of file
diff --git a/opendaylight/web/topology/src/main/resources/WEB-INF/spring/context.xml b/opendaylight/web/topology/src/main/resources/WEB-INF/spring/context.xml
deleted file mode 100644 (file)
index 8a4bda5..0000000
+++ /dev/null
@@ -1,10 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<beans xmlns="http://www.springframework.org/schema/beans"
-  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-  xmlns:context="http://www.springframework.org/schema/context"
-  xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
-  http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd">
-
-        <import resource="servlet/security.xml"/>
-
-</beans>
diff --git a/opendaylight/web/topology/src/main/resources/WEB-INF/spring/servlet/security.xml b/opendaylight/web/topology/src/main/resources/WEB-INF/spring/servlet/security.xml
deleted file mode 100644 (file)
index 6ddae01..0000000
+++ /dev/null
@@ -1,120 +0,0 @@
-<beans:beans xmlns="http://www.springframework.org/schema/security"
-       xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-       xsi:schemaLocation="http://www.springframework.org/schema/beans
-           http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
-           http://www.springframework.org/schema/security
-           http://www.springframework.org/schema/security/spring-security-3.1.xsd">
-
-
-       <http pattern="/css/**" security="none" />
-       <http pattern="/js/**" security="none" />
-       <http pattern="/images/**" security="none" />
-       <http pattern="/favicon.ico" security="none" />
-       <http pattern="/controller/web/css/**" security="none" />
-       <http pattern="/controller/web/js/**" security="none" />
-       <http pattern="/controller/web/images/**" security="none" />
-
-
-       <http auto-config="false" authentication-manager-ref="authenticationManager"
-               security-context-repository-ref="securityContextRepo" entry-point-ref="loginUrlAuthenticationEntryPoint">
-               <intercept-url pattern="/login*" access="IS_AUTHENTICATED_ANONYMOUSLY" />
-               <intercept-url pattern="/logout*" access="IS_AUTHENTICATED_ANONYMOUSLY" />
-
-
-               <intercept-url pattern="/**"
-                       access="ROLE_SYSTEM-ADMIN, ROLE_NETWORK-ADMIN, ROLE_NETWORK-OPERATOR, ROLE_CONTAINER-USER, ROLE_APP-USER" />
-               <custom-filter ref="authenticationFilter" position="FORM_LOGIN_FILTER" />
-               <custom-filter position="LOGOUT_FILTER" ref="logoutFilter" />
-               <custom-filter position="LAST" ref="controllerFilter" />
-               <remember-me services-ref="rememberMeServices" key="SDN" />
-       </http>
-       
-       <beans:bean id="controllerFilter"
-               class="org.opendaylight.controller.web.ControllerCustomFilter" />
-
-       <authentication-manager id="authenticationManager">
-               <authentication-provider ref="authenticationProviderWrapper" />
-       </authentication-manager>
-
-       <beans:bean id="authenticationFilter"
-               class="org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter">
-               <beans:property name="authenticationManager" ref="authenticationManager" />
-               <beans:property name="authenticationFailureHandler"
-                       ref="authenticationFailureHandler" />
-               <beans:property name="authenticationSuccessHandler">
-                       <beans:bean
-                               class="org.opendaylight.controller.web.ControllerAuthenticationSuccessHandler">
-                               <beans:property name="targetUrlParameter" value="x-page-url" />
-                               <beans:property name="defaultTargetUrl" value="/" />
-                       </beans:bean>
-               </beans:property>
-               <beans:property name="rememberMeServices" ref="rememberMeServices" />
-       </beans:bean>
-
-       <beans:bean id="securityContextRepo"
-               class="org.opendaylight.controller.web.ControllerWebSecurityContextRepository" />
-
-       <beans:bean id="authenticationFailureHandler"
-               class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler">
-               <beans:property name="useForward" value="false" />
-               <beans:property name="defaultFailureUrl" value="/login" />              
-       </beans:bean>
-
-       <beans:bean id="loginUrlAuthenticationEntryPoint"
-               class="org.opendaylight.controller.web.ControllerLoginUrlAuthEntryPoint">
-               <beans:property name="loginFormUrl" value="/login" />
-       </beans:bean>
-
-       <beans:bean id="authenticationProviderWrapper"
-               class="org.opendaylight.controller.web.AuthenticationProviderWrapper" />
-
-    <!-- logout related -->
-    
-    <beans:bean id="logoutHandler"
-        class="org.opendaylight.controller.web.ControllerLogoutHandler" />
-        
-    <beans:bean id="securityContextLogoutHandler"
-        class="org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler" />    
-        
-            
-    <beans:bean id="logoutFilter" class="org.springframework.security.web.authentication.logout.LogoutFilter">
-        <!-- if logout succeed then this is the URL -->
-        <beans:constructor-arg value="/login" />
-        <beans:constructor-arg>
-            <beans:list>
-                <beans:ref bean="logoutHandler"/>
-                <beans:ref bean="rememberMeServices"/>
-                <beans:ref bean="securityContextLogoutHandler"/>
-            </beans:list>
-        </beans:constructor-arg>
-        <beans:property name="filterProcessesUrl" value="/logout" />
-    </beans:bean>       
-        
-
-
-
-       <!-- remember me related -->
-       <beans:bean id="rememberMeFilter"
-               class="org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter">
-               <beans:property name="rememberMeServices" ref="rememberMeServices" />
-               <beans:property name="authenticationManager" ref="authenticationManager" />
-       </beans:bean>
-
-       <beans:bean id="rememberMeServices"
-               class="org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices">
-               <beans:property name="userDetailsService" ref="userDetailsServiceRef" />
-               <beans:property name="key" value="SDN" />
-               <beans:property name="alwaysRemember" value="true"></beans:property>
-               <beans:property name="tokenValiditySeconds" value="3600" />
-               <beans:property name="cookieName" value="SDN-Controller" />
-       </beans:bean>
-
-       <beans:bean id="userDetailsServiceRef" class="org.opendaylight.controller.web.ControllerUserDetailsService" />
-
-
-       <beans:bean id="rememberMeAuthenticationProvider"
-               class="org.springframework.security.authentication.RememberMeAuthenticationProvider">
-               <beans:property name="key" value="SDN" />
-       </beans:bean>
-       
-</beans:beans>
index bbf9a34..0d14373 100644 (file)
@@ -1,18 +1,50 @@
 <?xml version="1.0" encoding="ISO-8859-1"?>
-<web-app xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-       xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee
-http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
-       version="2.4">
+<web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+       xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
+       version="3.0">
+       <security-constraint>
+               <web-resource-collection>
+                       <web-resource-name>free access</web-resource-name>
+                       <url-pattern>/js/*</url-pattern>
+                       <url-pattern>/images/*</url-pattern>
+                       <url-pattern>/css/*</url-pattern>
+                       <url-pattern>/favicon.ico</url-pattern>
+               </web-resource-collection>
+       </security-constraint>
 
-       <context-param>
-               <param-name>contextConfigLocation</param-name>
-               <param-value>/WEB-INF/spring/*.xml</param-value>
-       </context-param>
-
-       <listener>
-               <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
-       </listener>
+       <security-constraint>
+               <display-name>TopologyApp</display-name>
+               <web-resource-collection>
+                       <web-resource-name>TopoGUI</web-resource-name>
+                       <url-pattern>/*</url-pattern>
+               </web-resource-collection>
+               <auth-constraint>
+                       <role-name>System-Admin</role-name>
+                       <role-name>Network-Admin</role-name>
+                       <role-name>Network-Operator</role-name>
+                       <role-name>Container-User</role-name>
+               </auth-constraint>
+       </security-constraint>
+       <security-role>
+               <role-name>System-Admin</role-name>
+       </security-role>
+       <security-role>
+               <role-name>Network-Admin</role-name>
+       </security-role>
+       <security-role>
+               <role-name>Network-Operator</role-name>
+       </security-role>
+       <security-role>
+               <role-name>Container-User</role-name>
+       </security-role>
 
+       <login-config>
+               <auth-method>FORM</auth-method>
+               <form-login-config>
+                       <form-login-page>/WEB-INF/jsp/login.jsp</form-login-page>
+                       <form-error-page>/WEB-INF/jsp/error.jsp</form-error-page>
+               </form-login-config>
+       </login-config>
 
        <servlet>
                <servlet-name>Topology</servlet-name>
@@ -20,23 +52,22 @@ http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
                <load-on-startup>1</load-on-startup>
        </servlet>
 
+
+
        <servlet-mapping>
                <servlet-name>Topology</servlet-name>
                <url-pattern>/</url-pattern>
        </servlet-mapping>
 
-       <filter>
-               <filter-name>springSecurityFilterChain</filter-name>
-               <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
-       </filter>
-
-       <filter-mapping>
-               <filter-name>springSecurityFilterChain</filter-name>
-               <url-pattern>/*</url-pattern>
-       </filter-mapping>
-
        <listener>
                <listener-class>org.opendaylight.controller.web.ControllerUISessionManager</listener-class>
        </listener>
 
+       <session-config>
+               <cookie-config>
+                       <path>/</path>
+               </cookie-config>
+       </session-config>
+
+
 </web-app>
index 8aab6d5..2419169 100644 (file)
                                                        org.springframework.web.servlet,
                                                        org.springframework.web.servlet.config,
                                                        org.springframework.web.servlet.view,
-
                                                        org.springframework.web.filter,
-                                                       org.springframework.web.context,
-                                                       org.springframework.security.core,
-                                                       org.springframework.security.core.userdetails,
-                                                       org.springframework.security.core.authority,
-                                                       org.springframework.security.core.context,
-                                                       org.springframework.security.authentication,
-                                                       org.springframework.security.config,
-                                                       org.springframework.security.config.authentication,
-                                                       org.springframework.security.taglibs.authz,
-                                                       org.springframework.security.web,
-                                                       org.springframework.security.web.context,
-                                                       org.springframework.security.web.authentication,
-                                                       org.springframework.security.web.authentication.www,
-                                                       org.springframework.security.provisioning,
-                                                       org.springframework.security.web.util,
-                                                       org.springframework.security.web.authentication.rememberme,
-                                                       org.springframework.security.web.authentication.logout,
-                                                       org.springframework.dao
+                                                       org.springframework.web.context                                                 
                                                </Import-Package>
                                                <Web-ContextPath>/controller/web/troubleshoot</Web-ContextPath>
                                        </instructions>
diff --git a/opendaylight/web/troubleshoot/src/main/resources/WEB-INF/jsp/error.jsp b/opendaylight/web/troubleshoot/src/main/resources/WEB-INF/jsp/error.jsp
new file mode 100644 (file)
index 0000000..270d793
--- /dev/null
@@ -0,0 +1,8 @@
+<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
+<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
+<%@taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
+<c:set var="req" value="${pageContext.request}" />
+<c:set var="uri" value="${req.requestURI}" />
+<c:set var="replaceWith" value="/" />
+<c:set var="redirectUrl" value="${fn:replace(req.requestURL, req.contextPath , replaceWith)}" />
+<c:import url="${redirectUrl}" />
\ No newline at end of file
diff --git a/opendaylight/web/troubleshoot/src/main/resources/WEB-INF/jsp/login.jsp b/opendaylight/web/troubleshoot/src/main/resources/WEB-INF/jsp/login.jsp
new file mode 100644 (file)
index 0000000..270d793
--- /dev/null
@@ -0,0 +1,8 @@
+<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
+<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
+<%@taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
+<c:set var="req" value="${pageContext.request}" />
+<c:set var="uri" value="${req.requestURI}" />
+<c:set var="replaceWith" value="/" />
+<c:set var="redirectUrl" value="${fn:replace(req.requestURL, req.contextPath , replaceWith)}" />
+<c:import url="${redirectUrl}" />
\ No newline at end of file
diff --git a/opendaylight/web/troubleshoot/src/main/resources/WEB-INF/spring/context.xml b/opendaylight/web/troubleshoot/src/main/resources/WEB-INF/spring/context.xml
deleted file mode 100644 (file)
index 8a4bda5..0000000
+++ /dev/null
@@ -1,10 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<beans xmlns="http://www.springframework.org/schema/beans"
-  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-  xmlns:context="http://www.springframework.org/schema/context"
-  xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
-  http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd">
-
-        <import resource="servlet/security.xml"/>
-
-</beans>
diff --git a/opendaylight/web/troubleshoot/src/main/resources/WEB-INF/spring/servlet/security.xml b/opendaylight/web/troubleshoot/src/main/resources/WEB-INF/spring/servlet/security.xml
deleted file mode 100644 (file)
index 18ac6e7..0000000
+++ /dev/null
@@ -1,120 +0,0 @@
-<beans:beans xmlns="http://www.springframework.org/schema/security"
-       xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-       xsi:schemaLocation="http://www.springframework.org/schema/beans
-           http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
-           http://www.springframework.org/schema/security
-           http://www.springframework.org/schema/security/spring-security-3.1.xsd">
-
-
-       <http pattern="/css/**" security="none" />
-       <http pattern="/js/**" security="none" />
-       <http pattern="/images/**" security="none" />
-       <http pattern="/favicon.ico" security="none" />
-       <http pattern="/controller/web/css/**" security="none" />
-       <http pattern="/controller/web/js/**" security="none" />
-       <http pattern="/controller/web/images/**" security="none" />
-
-
-       <http auto-config="false" authentication-manager-ref="authenticationManager"
-               security-context-repository-ref="securityContextRepo" entry-point-ref="loginUrlAuthenticationEntryPoint">
-               <intercept-url pattern="/login*" access="IS_AUTHENTICATED_ANONYMOUSLY" />
-               <intercept-url pattern="/logout*" access="IS_AUTHENTICATED_ANONYMOUSLY" />
-
-
-               <intercept-url pattern="/**"
-                       access="ROLE_SYSTEM-ADMIN, ROLE_NETWORK-ADMIN, ROLE_NETWORK-OPERATOR, ROLE_CONTAINER-USER" />
-               <custom-filter ref="authenticationFilter" position="FORM_LOGIN_FILTER" />
-               <custom-filter position="LOGOUT_FILTER" ref="logoutFilter" />
-               <custom-filter position="LAST" ref="controllerFilter" />
-               <remember-me services-ref="rememberMeServices" key="SDN" />
-       </http>
-       
-       <beans:bean id="controllerFilter"
-               class="org.opendaylight.controller.web.ControllerCustomFilter" />
-
-       <authentication-manager id="authenticationManager">
-               <authentication-provider ref="authenticationProviderWrapper" />
-       </authentication-manager>
-
-       <beans:bean id="authenticationFilter"
-               class="org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter">
-               <beans:property name="authenticationManager" ref="authenticationManager" />
-               <beans:property name="authenticationFailureHandler"
-                       ref="authenticationFailureHandler" />
-               <beans:property name="authenticationSuccessHandler">
-                       <beans:bean
-                               class="org.opendaylight.controller.web.ControllerAuthenticationSuccessHandler">
-                               <beans:property name="targetUrlParameter" value="x-page-url" />
-                               <beans:property name="defaultTargetUrl" value="/" />
-                       </beans:bean>
-               </beans:property>
-               <beans:property name="rememberMeServices" ref="rememberMeServices" />
-       </beans:bean>
-
-       <beans:bean id="securityContextRepo"
-               class="org.opendaylight.controller.web.ControllerWebSecurityContextRepository" />
-
-       <beans:bean id="authenticationFailureHandler"
-               class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler">
-               <beans:property name="useForward" value="false" />
-               <beans:property name="defaultFailureUrl" value="/login" />              
-       </beans:bean>
-
-       <beans:bean id="loginUrlAuthenticationEntryPoint"
-               class="org.opendaylight.controller.web.ControllerLoginUrlAuthEntryPoint">
-               <beans:property name="loginFormUrl" value="/login" />
-       </beans:bean>
-
-       <beans:bean id="authenticationProviderWrapper"
-               class="org.opendaylight.controller.web.AuthenticationProviderWrapper" />
-
-    <!-- logout related -->
-    
-    <beans:bean id="logoutHandler"
-        class="org.opendaylight.controller.web.ControllerLogoutHandler" />
-        
-    <beans:bean id="securityContextLogoutHandler"
-        class="org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler" />    
-        
-            
-    <beans:bean id="logoutFilter" class="org.springframework.security.web.authentication.logout.LogoutFilter">
-        <!-- if logout succeed then this is the URL -->
-        <beans:constructor-arg value="/login" />
-        <beans:constructor-arg>
-            <beans:list>
-                <beans:ref bean="logoutHandler"/>
-                <beans:ref bean="rememberMeServices"/>
-                <beans:ref bean="securityContextLogoutHandler"/>
-            </beans:list>
-        </beans:constructor-arg>
-        <beans:property name="filterProcessesUrl" value="/logout" />
-    </beans:bean>       
-        
-
-
-
-       <!-- remember me related -->
-       <beans:bean id="rememberMeFilter"
-               class="org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter">
-               <beans:property name="rememberMeServices" ref="rememberMeServices" />
-               <beans:property name="authenticationManager" ref="authenticationManager" />
-       </beans:bean>
-
-       <beans:bean id="rememberMeServices"
-               class="org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices">
-               <beans:property name="userDetailsService" ref="userDetailsServiceRef" />
-               <beans:property name="key" value="SDN" />
-               <beans:property name="alwaysRemember" value="true"></beans:property>
-               <beans:property name="tokenValiditySeconds" value="3600" />
-               <beans:property name="cookieName" value="SDN-Controller" />
-       </beans:bean>
-
-       <beans:bean id="userDetailsServiceRef" class="org.opendaylight.controller.web.ControllerUserDetailsService" />
-
-
-       <beans:bean id="rememberMeAuthenticationProvider"
-               class="org.springframework.security.authentication.RememberMeAuthenticationProvider">
-               <beans:property name="key" value="SDN" />
-       </beans:bean>
-       
-</beans:beans>
index 80d0041..b83df23 100644 (file)
@@ -1,18 +1,7 @@
 <?xml version="1.0" encoding="ISO-8859-1"?>
-<web-app xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-       xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee
-http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
-       version="2.4">
-
-       <context-param>
-               <param-name>contextConfigLocation</param-name>
-               <param-value>/WEB-INF/spring/*.xml</param-value>
-       </context-param>
-
-       <listener>
-               <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
-       </listener>
-
+<web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+       xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
+       version="3.0">
 
        <servlet>
                <servlet-name>Troubleshoot</servlet-name>
@@ -26,17 +15,65 @@ http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
        </servlet-mapping>
 
 
-       <filter>
-               <filter-name>springSecurityFilterChain</filter-name>
-               <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
-       </filter>
 
-       <filter-mapping>
-               <filter-name>springSecurityFilterChain</filter-name>
-               <url-pattern>/*</url-pattern>
-       </filter-mapping>
+       <security-constraint>
+               <web-resource-collection>
+                       <web-resource-name>free access</web-resource-name>
+                       <url-pattern>/js/*</url-pattern>
+                       <url-pattern>/images/*</url-pattern>
+                       <url-pattern>/css/*</url-pattern>
+                       <url-pattern>/favicon.ico</url-pattern>
+               </web-resource-collection>
+       </security-constraint>
+
+       <security-constraint>
+               <display-name>TroubleShootApp</display-name>
+               <web-resource-collection>
+                       <web-resource-name>TroubleShootGUI</web-resource-name>
+                       <url-pattern>/*</url-pattern>
+               </web-resource-collection>
+               <auth-constraint>
+                       <role-name>System-Admin</role-name>
+                       <role-name>Network-Admin</role-name>
+                       <role-name>Network-Operator</role-name>
+                       <role-name>Container-User</role-name>
+               </auth-constraint>
+       </security-constraint>
+
+       <security-role>
+               <role-name>System-Admin</role-name>
+       </security-role>
+       <security-role>
+               <role-name>Network-Admin</role-name>
+       </security-role>
+       <security-role>
+               <role-name>Network-Operator</role-name>
+       </security-role>
+       <security-role>
+               <role-name>Container-User</role-name>
+       </security-role>
+
+
+       <login-config>
+               <auth-method>FORM</auth-method>
+               <form-login-config>
+                       <form-login-page>/WEB-INF/jsp/login.jsp</form-login-page>
+                       <form-error-page>/WEB-INF/jsp/error.jsp</form-error-page>
+               </form-login-config>
+       </login-config>
+
+
 
        <listener>
                <listener-class>org.opendaylight.controller.web.ControllerUISessionManager</listener-class>
        </listener>
+
+       <session-config>
+               <cookie-config>
+                       <path>/</path>
+               </cookie-config>
+       </session-config>
+
+
+
 </web-app>