aboutsummaryrefslogtreecommitdiff
path: root/src/main
diff options
context:
space:
mode:
authorTrygve Laugstøl <trygvis@inamo.no>2012-12-23 23:55:05 +0100
committerTrygve Laugstøl <trygvis@inamo.no>2012-12-23 23:55:05 +0100
commit70595c41ce404ca68aaa6d1b531c6a858492553b (patch)
tree6644c653d49c344ca2d005b8fb82b1630a54bb95 /src/main
parent0cd76a4f295a9b1f833763bcaaf91141f704b5f5 (diff)
downloadesper-testing-70595c41ce404ca68aaa6d1b531c6a858492553b.tar.gz
esper-testing-70595c41ce404ca68aaa6d1b531c6a858492553b.tar.bz2
esper-testing-70595c41ce404ca68aaa6d1b531c6a858492553b.tar.xz
esper-testing-70595c41ce404ca68aaa6d1b531c6a858492553b.zip
o Adding Apache Shiro for security.
Diffstat (limited to 'src/main')
-rw-r--r--src/main/java/io/trygvis/esper/testing/Config.java10
-rw-r--r--src/main/java/io/trygvis/esper/testing/web/JerseyApplication.java3
-rw-r--r--src/main/java/io/trygvis/esper/testing/web/MissingShiroJdbcRealm.java9
-rw-r--r--src/main/java/io/trygvis/esper/testing/web/WebConfig.java17
-rw-r--r--src/main/resources/ddl-core.sql11
-rw-r--r--src/main/resources/ddl-file.sql14
-rw-r--r--src/main/resources/logback.xml2
-rw-r--r--src/main/webapp/WEB-INF/shiro.ini18
-rw-r--r--src/main/webapp/WEB-INF/web.xml15
-rw-r--r--src/main/webapp/index.jspx32
-rw-r--r--src/main/webapp/login.jspx51
11 files changed, 164 insertions, 18 deletions
diff --git a/src/main/java/io/trygvis/esper/testing/Config.java b/src/main/java/io/trygvis/esper/testing/Config.java
index 13ef1cd..5beb9bb 100644
--- a/src/main/java/io/trygvis/esper/testing/Config.java
+++ b/src/main/java/io/trygvis/esper/testing/Config.java
@@ -48,6 +48,8 @@ public class Config {
public final String databaseUsername;
public final String databasePassword;
+ private BoneCPDataSource dataSource;
+
public Config(GitoriousConfig gitorious, long nexusUpdateInterval, long jenkinsUpdateInterval, String databaseUrl,
String databaseUsername, String databasePassword) {
this.gitorious = gitorious;
@@ -89,12 +91,16 @@ public class Config {
}
public BoneCPDataSource createBoneCp() throws SQLException {
- return new BoneCPDataSource(new BoneCPConfig(){{
+ if (dataSource != null) {
+ return dataSource;
+ }
+
+ return dataSource = new BoneCPDataSource(new BoneCPConfig() {{
setJdbcUrl(databaseUrl);
setUsername(databaseUsername);
setPassword(databasePassword);
setDefaultAutoCommit(false);
- setCloseConnectionWatch(true);
+ setCloseConnectionWatch(false);
setMaxConnectionsPerPartition(10);
}});
}
diff --git a/src/main/java/io/trygvis/esper/testing/web/JerseyApplication.java b/src/main/java/io/trygvis/esper/testing/web/JerseyApplication.java
index 8d071a9..6937804 100644
--- a/src/main/java/io/trygvis/esper/testing/web/JerseyApplication.java
+++ b/src/main/java/io/trygvis/esper/testing/web/JerseyApplication.java
@@ -10,8 +10,7 @@ public class JerseyApplication extends Application {
private final DatabaseAccess da;
public JerseyApplication() throws Exception {
- Config config = Config.loadFromDisk();
- this.da = new DatabaseAccess(config.createBoneCp());
+ this.da = new DatabaseAccess(WebConfig.config.createBoneCp());
}
@Override
diff --git a/src/main/java/io/trygvis/esper/testing/web/MissingShiroJdbcRealm.java b/src/main/java/io/trygvis/esper/testing/web/MissingShiroJdbcRealm.java
new file mode 100644
index 0000000..0aacf7f
--- /dev/null
+++ b/src/main/java/io/trygvis/esper/testing/web/MissingShiroJdbcRealm.java
@@ -0,0 +1,9 @@
+package io.trygvis.esper.testing.web;
+
+import org.apache.shiro.realm.jdbc.*;
+
+public class MissingShiroJdbcRealm extends JdbcRealm {
+ public MissingShiroJdbcRealm() throws Exception {
+ setDataSource(WebConfig.config.createBoneCp());
+ }
+}
diff --git a/src/main/java/io/trygvis/esper/testing/web/WebConfig.java b/src/main/java/io/trygvis/esper/testing/web/WebConfig.java
new file mode 100644
index 0000000..02fb4ff
--- /dev/null
+++ b/src/main/java/io/trygvis/esper/testing/web/WebConfig.java
@@ -0,0 +1,17 @@
+package io.trygvis.esper.testing.web;
+
+import io.trygvis.esper.testing.*;
+
+import java.io.*;
+
+public class WebConfig {
+ public static final Config config;
+
+ static {
+ try {
+ config = Config.loadFromDisk();
+ } catch (IOException e) {
+ throw new RuntimeException(e);
+ }
+ }
+}
diff --git a/src/main/resources/ddl-core.sql b/src/main/resources/ddl-core.sql
index 376ca9f..b145438 100644
--- a/src/main/resources/ddl-core.sql
+++ b/src/main/resources/ddl-core.sql
@@ -8,16 +8,6 @@ DROP TABLE IF EXISTS person_badge;
DROP TABLE IF EXISTS person_jenkins_user;
DROP TABLE IF EXISTS person;
DROP TABLE IF EXISTS table_poller_status;
-DROP TABLE IF EXISTS file;
-
-CREATE TABLE file (
- uuid CHAR(36) NOT NULL,
- created_date TIMESTAMP NOT NULL,
- url VARCHAR(1000) NOT NULL,
- content_type VARCHAR(100) NOT NULL,
- data BYTEA,
- CONSTRAINT pk_file PRIMARY KEY (uuid)
-);
CREATE TABLE table_poller_status (
poller_name VARCHAR(100) NOT NULL,
@@ -32,6 +22,7 @@ CREATE TABLE person (
uuid CHAR(36) NOT NULL,
created_date TIMESTAMP NOT NULL,
name VARCHAR(100),
+ mail VARCHAR(100),
CONSTRAINT pk_person PRIMARY KEY (uuid)
);
diff --git a/src/main/resources/ddl-file.sql b/src/main/resources/ddl-file.sql
new file mode 100644
index 0000000..99e8bf6
--- /dev/null
+++ b/src/main/resources/ddl-file.sql
@@ -0,0 +1,14 @@
+BEGIN;
+
+DROP TABLE IF EXISTS file;
+
+CREATE TABLE file (
+ uuid CHAR(36) NOT NULL,
+ created_date TIMESTAMP NOT NULL,
+ url VARCHAR(1000) NOT NULL,
+ content_type VARCHAR(100) NOT NULL,
+ data BYTEA,
+ CONSTRAINT pk_file PRIMARY KEY (uuid)
+);
+
+COMMIT;
diff --git a/src/main/resources/logback.xml b/src/main/resources/logback.xml
index 1a63a5f..1f6becf 100644
--- a/src/main/resources/logback.xml
+++ b/src/main/resources/logback.xml
@@ -14,6 +14,8 @@
<logger name="io.trygvis.esper.testing.util.HttpClient" level="INFO"/>
+ <logger name="org.apache.shiro" level="DEBGU"/>
+
<root level="INFO">
<appender-ref ref="STDOUT"/>
</root>
diff --git a/src/main/webapp/WEB-INF/shiro.ini b/src/main/webapp/WEB-INF/shiro.ini
new file mode 100644
index 0000000..21015af
--- /dev/null
+++ b/src/main/webapp/WEB-INF/shiro.ini
@@ -0,0 +1,18 @@
+[main]
+
+authc.loginUrl=/login.jspx
+roles.unauthorizedUrl = /access-denied.jsp
+
+sha256Matcher = org.apache.shiro.authc.credential.Sha256CredentialsMatcher
+
+myCredentialsMatcher = org.apache.shiro.authc.credential.AllowAllCredentialsMatcher
+
+myRealm = io.trygvis.esper.testing.web.MissingShiroJdbcRealm
+myRealm.authenticationQuery = select 'wat' from person where mail = ?
+myRealm.credentialsMatcher = $myCredentialsMatcher
+
+[urls]
+
+/external/** = anon
+
+/login.jspx = authc
diff --git a/src/main/webapp/WEB-INF/web.xml b/src/main/webapp/WEB-INF/web.xml
index de37fae..0a48260 100644
--- a/src/main/webapp/WEB-INF/web.xml
+++ b/src/main/webapp/WEB-INF/web.xml
@@ -2,6 +2,20 @@
<web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
version="3.0">
+ <listener>
+ <listener-class>org.apache.shiro.web.env.EnvironmentLoaderListener</listener-class>
+ </listener>
+
+ <filter>
+ <filter-name>ShiroFilter</filter-name>
+ <filter-class>org.apache.shiro.web.servlet.ShiroFilter</filter-class>
+ </filter>
+
+ <filter-mapping>
+ <filter-name>ShiroFilter</filter-name>
+ <url-pattern>/*</url-pattern>
+ </filter-mapping>
+
<filter>
<filter-name>Jersey</filter-name>
<!--
@@ -29,6 +43,7 @@
<filter-name>Jersey</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
+
<welcome-file-list>
<welcome-file>index.jspx</welcome-file>
</welcome-file-list>
diff --git a/src/main/webapp/index.jspx b/src/main/webapp/index.jspx
index d18fbc0..113d10e 100644
--- a/src/main/webapp/index.jspx
+++ b/src/main/webapp/index.jspx
@@ -1,6 +1,6 @@
<html xmlns:common="urn:jsptagdir:/WEB-INF/tags/common"
xmlns:jsp="http://java.sun.com/JSP/Page"
- ng-app="arkivApp">
+ xmlns:shiro="http://shiro.apache.org/tags">
<jsp:output doctype-root-element="HTML" doctype-system="about:legacy-compat"/>
<jsp:directive.page contentType="text/html;charset=UTF-8"/>
@@ -9,6 +9,7 @@
<body>
<div id="content">
+ <!--
<div class="hero-unit">
<div class="container">
<h1>Fin header</h1>
@@ -18,12 +19,35 @@
</p>
</div>
</div>
+ -->
<div class="container">
- <ul>
- <li><a class="btn" href="/jenkins">Jenkins</a></li>
- </ul>
+ <div class="page-header">
+ <h1>Shiro Values</h1>
+ </div>
+
+ <p>
+ <table>
+ <tr>
+ <th>guest</th>
+ <td><shiro:guest>Yes</shiro:guest></td>
+ </tr>
+ <tr>
+ <th>authenticated</th>
+ <td><shiro:authenticated>Yes</shiro:authenticated></td>
+ </tr>
+ <tr>
+ <th>notAuthenticated</th>
+ <td><shiro:notAuthenticated>Yes</shiro:notAuthenticated></td>
+ </tr>
+ <tr>
+ <th>principal</th>
+ <td><shiro:principal>Yes</shiro:principal></td>
+ </tr>
+ </table>
+ </p>
</div>
+
</div>
<common:footer/>
diff --git a/src/main/webapp/login.jspx b/src/main/webapp/login.jspx
new file mode 100644
index 0000000..84e24fc
--- /dev/null
+++ b/src/main/webapp/login.jspx
@@ -0,0 +1,51 @@
+<html xmlns:common="urn:jsptagdir:/WEB-INF/tags/common"
+ xmlns:jsp="http://java.sun.com/JSP/Page"
+ xmlns:c="http://java.sun.com/jsp/jstl/core">
+<jsp:output doctype-root-element="HTML" doctype-system="about:legacy-compat"/>
+<jsp:directive.page contentType="text/html;charset=UTF-8"/>
+
+<common:head-element/>
+
+<body>
+
+<div id="content">
+
+ <div class="container">
+ <div class="page-header">
+ <h1>Log in</h1>
+ </div>
+
+ <form class="form-horizontal" action="/login.jspx" method="post">
+ <div class="control-group">
+ <label class="control-label" for="username">Email</label>
+ <div class="controls">
+ <input type="text" id="username" name="username" placeholder="Email" value="trygvis"/>
+ </div>
+ </div>
+ <div class="control-group">
+ <label class="control-label" for="password">Password</label>
+ <div class="controls">
+ <input type="password" id="password" name="password" placeholder="Password. Not used"/>
+ </div>
+ </div>
+ <div class="control-group">
+ <div class="controls">
+ <label class="checkbox">
+ <input type="checkbox" id="rememberMe"/> Remember me
+ </label>
+ <button type="submit" class="btn">Sign in</button>
+ </div>
+ </div>
+ </form>
+
+ FUCK-->
+ <c:out value="${requestScope.shiroLoginFailure}"/>
+ &lt;--YEAH!
+
+ </div>
+</div>
+
+<common:footer/>
+</body>
+
+</html>