From: Madhu Venugopal <vmadhu@cisco.com>
Date: Mon, 6 May 2013 18:15:51 +0000 (-0700)
Subject: Authorization failures return 403 with cookie populated. This forces the user to... 
X-Git-Tag: releasepom-0.1.0~487
X-Git-Url: https://git.opendaylight.org/gerrit/gitweb?p=controller.git;a=commitdiff_plain;h=0cb7e3604b8a33f6b1aa01c561137e6c6aad85b0;hp=f9348fbdc543a48ac7575b6f9498bdeb23691561

Authorization failures return 403 with cookie populated. This forces the user to clear the cache
before reauthenticating. Added a custom 403 page with session invalidated.

Change-Id: I68d724a9ac9c6920f9d3eda5a54bba7d731542fc
Signed-off-by: Madhu Venugopal <vmadhu@cisco.com>
---

diff --git a/opendaylight/web/devices/src/main/resources/WEB-INF/jsp/autherror.jsp b/opendaylight/web/devices/src/main/resources/WEB-INF/jsp/autherror.jsp
new file mode 100644
index 0000000000..ef42d286eb
--- /dev/null
+++ b/opendaylight/web/devices/src/main/resources/WEB-INF/jsp/autherror.jsp
@@ -0,0 +1,55 @@
+<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
+<%@ page import="java.net.URL" %>
+<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
+
+<!DOCTYPE html>
+<html>
+  <head>
+    <meta charset="utf-8">
+
+    <!-- Bootstrap CSS - 1 -->
+    <link href="/css/bootstrap.min.css" rel="stylesheet" media="screen">
+    
+    <!-- Login CSS - 2 -->
+    <link rel="stylesheet/less" type="text/css" href="/css/login.less">
+
+<c:set var="title" value="OpenDaylight login error" scope="application"/>
+<%
+	if (session != null) session.invalidate();
+    String filePath = "/WEB-INF/jsp/customerror.jsp"; 
+	URL fileURL = pageContext.getServletContext().getResource(filePath);
+	if(fileURL!=null) {
+%>
+	  <jsp:include page="<%=filePath%>" flush="true"/>
+<% } %>
+	<title>${title}</title>
+    <!-- Bootstrap JS - 1 -->
+    <script src="/js/bootstrap.min.js"></script>
+    
+    <!-- LESS - 2 -->
+    <script type="text/javascript">
+        less = {
+            env: "production"
+        };
+    </script>
+    <script src="/js/less-1.3.3.min.js"></script>
+</head>
+<body>
+        <form action="<c:url value='/' />" id="form" method="post">
+
+  <div class="container">
+    <div class="content">
+       <div class="login-form">
+         <div id="logo"></div>
+           <fieldset>
+            <p>You are not authorized to access this resource.<p>
+            <p>Please contact your administrator to resolve your Role privileges.</p>
+            <br/>
+             <button class="btn btn-primary" type="submit" value="Log In" >Go To Login Page</button>
+           </fieldset>
+       </div>
+    </div>
+  </div> 
+  </form>
+</body>
+</html>
diff --git a/opendaylight/web/devices/src/main/resources/WEB-INF/web.xml b/opendaylight/web/devices/src/main/resources/WEB-INF/web.xml
index 0ebb738473..0c7edce249 100644
--- a/opendaylight/web/devices/src/main/resources/WEB-INF/web.xml
+++ b/opendaylight/web/devices/src/main/resources/WEB-INF/web.xml
@@ -47,6 +47,11 @@
 		</form-login-config>
 	</login-config>
 
+    <error-page>
+            <error-code>403</error-code>
+            <location>/WEB-INF/jsp/autherror.jsp</location>
+    </error-page>
+
 	<servlet>
 		<servlet-name>Devices</servlet-name>
 		<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
diff --git a/opendaylight/web/flows/src/main/resources/WEB-INF/jsp/autherror.jsp b/opendaylight/web/flows/src/main/resources/WEB-INF/jsp/autherror.jsp
new file mode 100644
index 0000000000..ef42d286eb
--- /dev/null
+++ b/opendaylight/web/flows/src/main/resources/WEB-INF/jsp/autherror.jsp
@@ -0,0 +1,55 @@
+<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
+<%@ page import="java.net.URL" %>
+<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
+
+<!DOCTYPE html>
+<html>
+  <head>
+    <meta charset="utf-8">
+
+    <!-- Bootstrap CSS - 1 -->
+    <link href="/css/bootstrap.min.css" rel="stylesheet" media="screen">
+    
+    <!-- Login CSS - 2 -->
+    <link rel="stylesheet/less" type="text/css" href="/css/login.less">
+
+<c:set var="title" value="OpenDaylight login error" scope="application"/>
+<%
+	if (session != null) session.invalidate();
+    String filePath = "/WEB-INF/jsp/customerror.jsp"; 
+	URL fileURL = pageContext.getServletContext().getResource(filePath);
+	if(fileURL!=null) {
+%>
+	  <jsp:include page="<%=filePath%>" flush="true"/>
+<% } %>
+	<title>${title}</title>
+    <!-- Bootstrap JS - 1 -->
+    <script src="/js/bootstrap.min.js"></script>
+    
+    <!-- LESS - 2 -->
+    <script type="text/javascript">
+        less = {
+            env: "production"
+        };
+    </script>
+    <script src="/js/less-1.3.3.min.js"></script>
+</head>
+<body>
+        <form action="<c:url value='/' />" id="form" method="post">
+
+  <div class="container">
+    <div class="content">
+       <div class="login-form">
+         <div id="logo"></div>
+           <fieldset>
+            <p>You are not authorized to access this resource.<p>
+            <p>Please contact your administrator to resolve your Role privileges.</p>
+            <br/>
+             <button class="btn btn-primary" type="submit" value="Log In" >Go To Login Page</button>
+           </fieldset>
+       </div>
+    </div>
+  </div> 
+  </form>
+</body>
+</html>
diff --git a/opendaylight/web/flows/src/main/resources/WEB-INF/web.xml b/opendaylight/web/flows/src/main/resources/WEB-INF/web.xml
index adbdf75b7c..5660a37a14 100644
--- a/opendaylight/web/flows/src/main/resources/WEB-INF/web.xml
+++ b/opendaylight/web/flows/src/main/resources/WEB-INF/web.xml
@@ -60,6 +60,10 @@
 		</form-login-config>
 	</login-config>
 
+    <error-page>
+            <error-code>403</error-code>
+            <location>/WEB-INF/jsp/autherror.jsp</location>
+    </error-page>
 
 	<listener>
 		<listener-class>org.opendaylight.controller.web.ControllerUISessionManager</listener-class>
diff --git a/opendaylight/web/root/src/main/resources/WEB-INF/jsp/autherror.jsp b/opendaylight/web/root/src/main/resources/WEB-INF/jsp/autherror.jsp
new file mode 100644
index 0000000000..ef42d286eb
--- /dev/null
+++ b/opendaylight/web/root/src/main/resources/WEB-INF/jsp/autherror.jsp
@@ -0,0 +1,55 @@
+<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
+<%@ page import="java.net.URL" %>
+<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
+
+<!DOCTYPE html>
+<html>
+  <head>
+    <meta charset="utf-8">
+
+    <!-- Bootstrap CSS - 1 -->
+    <link href="/css/bootstrap.min.css" rel="stylesheet" media="screen">
+    
+    <!-- Login CSS - 2 -->
+    <link rel="stylesheet/less" type="text/css" href="/css/login.less">
+
+<c:set var="title" value="OpenDaylight login error" scope="application"/>
+<%
+	if (session != null) session.invalidate();
+    String filePath = "/WEB-INF/jsp/customerror.jsp"; 
+	URL fileURL = pageContext.getServletContext().getResource(filePath);
+	if(fileURL!=null) {
+%>
+	  <jsp:include page="<%=filePath%>" flush="true"/>
+<% } %>
+	<title>${title}</title>
+    <!-- Bootstrap JS - 1 -->
+    <script src="/js/bootstrap.min.js"></script>
+    
+    <!-- LESS - 2 -->
+    <script type="text/javascript">
+        less = {
+            env: "production"
+        };
+    </script>
+    <script src="/js/less-1.3.3.min.js"></script>
+</head>
+<body>
+        <form action="<c:url value='/' />" id="form" method="post">
+
+  <div class="container">
+    <div class="content">
+       <div class="login-form">
+         <div id="logo"></div>
+           <fieldset>
+            <p>You are not authorized to access this resource.<p>
+            <p>Please contact your administrator to resolve your Role privileges.</p>
+            <br/>
+             <button class="btn btn-primary" type="submit" value="Log In" >Go To Login Page</button>
+           </fieldset>
+       </div>
+    </div>
+  </div> 
+  </form>
+</body>
+</html>
diff --git a/opendaylight/web/root/src/main/resources/WEB-INF/web.xml b/opendaylight/web/root/src/main/resources/WEB-INF/web.xml
index a14d1c505b..d96fb6eba2 100644
--- a/opendaylight/web/root/src/main/resources/WEB-INF/web.xml
+++ b/opendaylight/web/root/src/main/resources/WEB-INF/web.xml
@@ -52,6 +52,11 @@
 		</form-login-config>
 	</login-config>
 
+    <error-page>
+            <error-code>403</error-code>
+            <location>/WEB-INF/jsp/autherror.jsp</location>
+    </error-page>
+
 	<servlet>
 		<servlet-name>RootGUI</servlet-name>
 		<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
diff --git a/opendaylight/web/topology/src/main/resources/WEB-INF/jsp/autherror.jsp b/opendaylight/web/topology/src/main/resources/WEB-INF/jsp/autherror.jsp
new file mode 100644
index 0000000000..ef42d286eb
--- /dev/null
+++ b/opendaylight/web/topology/src/main/resources/WEB-INF/jsp/autherror.jsp
@@ -0,0 +1,55 @@
+<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
+<%@ page import="java.net.URL" %>
+<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
+
+<!DOCTYPE html>
+<html>
+  <head>
+    <meta charset="utf-8">
+
+    <!-- Bootstrap CSS - 1 -->
+    <link href="/css/bootstrap.min.css" rel="stylesheet" media="screen">
+    
+    <!-- Login CSS - 2 -->
+    <link rel="stylesheet/less" type="text/css" href="/css/login.less">
+
+<c:set var="title" value="OpenDaylight login error" scope="application"/>
+<%
+	if (session != null) session.invalidate();
+    String filePath = "/WEB-INF/jsp/customerror.jsp"; 
+	URL fileURL = pageContext.getServletContext().getResource(filePath);
+	if(fileURL!=null) {
+%>
+	  <jsp:include page="<%=filePath%>" flush="true"/>
+<% } %>
+	<title>${title}</title>
+    <!-- Bootstrap JS - 1 -->
+    <script src="/js/bootstrap.min.js"></script>
+    
+    <!-- LESS - 2 -->
+    <script type="text/javascript">
+        less = {
+            env: "production"
+        };
+    </script>
+    <script src="/js/less-1.3.3.min.js"></script>
+</head>
+<body>
+        <form action="<c:url value='/' />" id="form" method="post">
+
+  <div class="container">
+    <div class="content">
+       <div class="login-form">
+         <div id="logo"></div>
+           <fieldset>
+            <p>You are not authorized to access this resource.<p>
+            <p>Please contact your administrator to resolve your Role privileges.</p>
+            <br/>
+             <button class="btn btn-primary" type="submit" value="Log In" >Go To Login Page</button>
+           </fieldset>
+       </div>
+    </div>
+  </div> 
+  </form>
+</body>
+</html>
diff --git a/opendaylight/web/topology/src/main/resources/WEB-INF/web.xml b/opendaylight/web/topology/src/main/resources/WEB-INF/web.xml
index 0d143739c3..274908caec 100644
--- a/opendaylight/web/topology/src/main/resources/WEB-INF/web.xml
+++ b/opendaylight/web/topology/src/main/resources/WEB-INF/web.xml
@@ -46,6 +46,11 @@
 		</form-login-config>
 	</login-config>
 
+    <error-page>
+            <error-code>403</error-code>
+            <location>/WEB-INF/jsp/autherror.jsp</location>
+    </error-page>
+
 	<servlet>
 		<servlet-name>Topology</servlet-name>
 		<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
diff --git a/opendaylight/web/troubleshoot/src/main/resources/WEB-INF/jsp/autherror.jsp b/opendaylight/web/troubleshoot/src/main/resources/WEB-INF/jsp/autherror.jsp
new file mode 100644
index 0000000000..ef42d286eb
--- /dev/null
+++ b/opendaylight/web/troubleshoot/src/main/resources/WEB-INF/jsp/autherror.jsp
@@ -0,0 +1,55 @@
+<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
+<%@ page import="java.net.URL" %>
+<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
+
+<!DOCTYPE html>
+<html>
+  <head>
+    <meta charset="utf-8">
+
+    <!-- Bootstrap CSS - 1 -->
+    <link href="/css/bootstrap.min.css" rel="stylesheet" media="screen">
+    
+    <!-- Login CSS - 2 -->
+    <link rel="stylesheet/less" type="text/css" href="/css/login.less">
+
+<c:set var="title" value="OpenDaylight login error" scope="application"/>
+<%
+	if (session != null) session.invalidate();
+    String filePath = "/WEB-INF/jsp/customerror.jsp"; 
+	URL fileURL = pageContext.getServletContext().getResource(filePath);
+	if(fileURL!=null) {
+%>
+	  <jsp:include page="<%=filePath%>" flush="true"/>
+<% } %>
+	<title>${title}</title>
+    <!-- Bootstrap JS - 1 -->
+    <script src="/js/bootstrap.min.js"></script>
+    
+    <!-- LESS - 2 -->
+    <script type="text/javascript">
+        less = {
+            env: "production"
+        };
+    </script>
+    <script src="/js/less-1.3.3.min.js"></script>
+</head>
+<body>
+        <form action="<c:url value='/' />" id="form" method="post">
+
+  <div class="container">
+    <div class="content">
+       <div class="login-form">
+         <div id="logo"></div>
+           <fieldset>
+            <p>You are not authorized to access this resource.<p>
+            <p>Please contact your administrator to resolve your Role privileges.</p>
+            <br/>
+             <button class="btn btn-primary" type="submit" value="Log In" >Go To Login Page</button>
+           </fieldset>
+       </div>
+    </div>
+  </div> 
+  </form>
+</body>
+</html>
diff --git a/opendaylight/web/troubleshoot/src/main/resources/WEB-INF/web.xml b/opendaylight/web/troubleshoot/src/main/resources/WEB-INF/web.xml
index b83df23cb0..47d38f9a53 100644
--- a/opendaylight/web/troubleshoot/src/main/resources/WEB-INF/web.xml
+++ b/opendaylight/web/troubleshoot/src/main/resources/WEB-INF/web.xml
@@ -62,7 +62,10 @@
 		</form-login-config>
 	</login-config>
 
-
+    <error-page>
+            <error-code>403</error-code>
+            <location>/WEB-INF/jsp/autherror.jsp</location>
+    </error-page>
 
 	<listener>
 		<listener-class>org.opendaylight.controller.web.ControllerUISessionManager</listener-class>