Login working and commented.

Logout working and commented but not linked.
Authentication working and commented.
This commit is contained in:
edgar 2019-05-23 18:46:34 +02:00
parent ba1ee2d06c
commit 398909615e
6 changed files with 103 additions and 35 deletions

View File

@ -0,0 +1,66 @@
package de.hsel.spm.baudas.web;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
/**
* Filter implementation class AuthenticationFilter.
*
* @author Edgar Schkrob
*/
@WebFilter(urlPatterns = {"/*"})
public class AuthenticationFilter implements Filter{
private ServletContext context;
/**
* Called by the web container to indicate to a filter that it is being placed into service.
* @param fConfig This parameter provides access to everything the code needs to work.
* @throws ServletException Defines a general exception a servlet can throw when it encounters difficulty.
*/
public void init(FilterConfig fConfig) throws ServletException {
this.context = fConfig.getServletContext();
this.context.log("AuthenticationFilter initialized");
}
/**
* The doFilter method of the Filter is called by the container each time a request/response pair is passed through the chain due to a client request for a resource at the end of the chain.
* @param request This parameter provides access to everything the code needs to work.
* @param response This parameter provides access to everything the code needs to issue a response.
* @param chain This parameter allows passing request along the chain of potential handlers until one of them handles the request.
* @throws ServletException Defines a general exception a servlet can throw when it encounters difficulty.
* @throws IOException Signals that an I/O exception of some sort has occurred. This class is the general class of exceptions produced by failed or interrupted I/O operations.
*/
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
HttpServletRequest req = (HttpServletRequest) request;
HttpServletResponse res = (HttpServletResponse) response;
HttpSession session = req.getSession(false);
String url = req.getRequestURI();
if(url.contains("login") || url.contains("logo") || url.contains("js/")){
chain.doFilter(request, response);
} else if (session == null || !((boolean) session.getAttribute("authentication"))) { //checking whether the session exists and if authentication succeded
this.context.log("Unauthorized access request");
res.sendRedirect(req.getContextPath() + "/login.html");
} else {
chain.doFilter(request, response);
}
}
public void destroy() {
//close any resources here
}
}

View File

@ -6,41 +6,36 @@ import java.io.PrintWriter;
import javax.servlet.RequestDispatcher; import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException; import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet; import javax.servlet.annotation.WebServlet;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession; import javax.servlet.http.HttpSession;
@WebServlet("/LoginServlet") /**
* Servlet implementation class LoginServlet.
*
* @author Edgar Schkrob
*/
@WebServlet("/login")
public class LoginServlet extends HttpServlet { public class LoginServlet extends HttpServlet {
//private final String username = "admin"; private final String password = "SPM2019SS";
private final String password = "password";
/**
* This is a Servlet that manages the Login and creates Sessions.
* @param request This parameter provides access to everything the code needs to work.
* @param response This parameter provides access to everything the code needs to issue a response.
* @throws ServletException Defines a general exception a servlet can throw when it encounters difficulty.
* @throws IOException Signals that an I/O exception of some sort has occurred. This class is the general class of exceptions produced by failed or interrupted I/O operations.
*/
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
// get request parameters for username and password
//String username = request.getParameter("username");
String password = request.getParameter("pwd");
//if (this.username.equals(username) && this.password.equals(password)) {
if (this.password.equals(password)) { if (this.password.equals(password)) {
//get the old session and invalidate
HttpSession oldSession = request.getSession(false);
if (oldSession != null) {
oldSession.invalidate();
}
//generate a new session
HttpSession newSession = request.getSession(true); HttpSession newSession = request.getSession(true);
newSession.setAttribute("authentication", true);
//setting session to expiry in 5 mins newSession.setMaxInactiveInterval(5*60*60); //setting session to expiry in 5 hours
newSession.setMaxInactiveInterval(5*60); response.sendRedirect("index.jsp");
Cookie message = new Cookie("message", "Welcome");
response.addCookie(message);
response.sendRedirect("/index.jsp");
} else { } else {
RequestDispatcher rd = getServletContext().getRequestDispatcher("/login.html"); RequestDispatcher rd = getServletContext().getRequestDispatcher("/login.html");
PrintWriter out = response.getWriter(); PrintWriter out = response.getWriter();

View File

@ -2,7 +2,6 @@ package de.hsel.spm.baudas.web;
import java.io.IOException; import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet; import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
@ -10,18 +9,26 @@ import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession; import javax.servlet.http.HttpSession;
/** /**
* Servlet implementation class LogoutServlet * Servlet implementation class LogoutServlet.
*
* @author Edgar Schkrob
*/ */
@WebServlet("/web/LogoutServlet")
@WebServlet("/logout")
public class LogoutServlet extends HttpServlet { public class LogoutServlet extends HttpServlet {
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { /**
* This is a Servlet that manages the Logout and deletes Sessions.
* @param request This parameter provides access to everything the code needs to work.
* @param response This parameter provides access to everything the code needs to issue a response.
* @throws IOException Signals that an I/O exception of some sort has occurred. This class is the general class of exceptions produced by failed or interrupted I/O operations.
*/
//invalidate the session if exists protected void doGet(HttpServletRequest request, HttpServletResponse response) throws IOException {
HttpSession session = request.getSession(false); HttpSession session = request.getSession(false);
if(session != null){ if(session != null){
session.invalidate(); session.invalidate();
} }
response.sendRedirect(request.getContextPath() + "/loginPage.html"); response.sendRedirect(request.getContextPath() + "/");
} }
} }

View File

@ -18,14 +18,14 @@
<div class="card white col s6 push-s3"> <div class="card white col s6 push-s3">
<div class="card-content"> <div class="card-content">
<div class="center"> <div class="center">
<img style="width: 50%" src="../logoOrginal.gif"> <img style="width: 50%" src="logoOrginal.gif">
</div> </div>
<div class="divider"></div> <div class="divider"></div>
<div class="row"> <div class="row">
<div class="col s8 push-s2"> <div class="col s8 push-s2">
<form action="LoginServlet" method="post"> <form action="login" method="post">
<input id="password" type="password" class="validate" placeholder="Passwort"> <input id="password" type="password" class="validate" placeholder="Passwort" name="password">
<input class="white-text btn blue-grey lighten-2" type="submit" value="Login"> <input class="white-text btn blue-grey lighten-2" type="submit" value="Login">
</form> </form>
</div> </div>

View File

@ -29,11 +29,11 @@
<div class="nav-wrapper col 2 right"> <div class="nav-wrapper col 2 right">
<ul class="right hide-on-med-and-down"> <ul class="right hide-on-med-and-down">
<li><a data-target="slide-out" class="sidenav-trigger show-on-large"><i class="material-icons left">menu</i>Menü</a></li><!--Sidenav--> <li><a data-target="slide-out" class="sidenav-trigger show-on-large"><i class="material-icons left">menu</i>Menü</a></li><!--Sidenav-->
<li><a href="login.html"><i class="material-icons left">person_outline</i>Logout</a></li><!--Logout--> <li><a href="../login.html"><i class="material-icons left">person_outline</i>Logout</a></li><!--Logout-->
</ul> </ul>
<ul class="right"> <ul class="right">
<li><a href="#" data-target="slide-out" class="sidenav-trigger"><i class="material-icons">menu</i></a></li><!--Sidenav--> <li><a href="#" data-target="slide-out" class="sidenav-trigger"><i class="material-icons">menu</i></a></li><!--Sidenav-->
<li><a href="login.html" class="sidenav-trigger"><i class="material-icons">person_outline</i></a></li><!--Logout--> <li><a href="../login.html" class="sidenav-trigger"><i class="material-icons">person_outline</i></a></li><!--Logout-->
</ul> </ul>
</div> </div>
</nav> </nav>

View File

@ -37,7 +37,7 @@
</div> </div>
<div class="card-action right"> <div class="card-action right">
<a href="#">Bestätigen</a> <a href="#">Bestätigen</a>
<a href="login.html">Zurück</a> <a href="../login.html">Zurück</a>
</div> </div>
</div> </div>
</div> </div>