Login working and commented.
Logout working and commented but not linked. Authentication working and commented.
This commit is contained in:
parent
ba1ee2d06c
commit
398909615e
|
@ -0,0 +1,66 @@
|
|||
package de.hsel.spm.baudas.web;
|
||||
|
||||
import java.io.IOException;
|
||||
|
||||
import javax.servlet.Filter;
|
||||
import javax.servlet.FilterChain;
|
||||
import javax.servlet.FilterConfig;
|
||||
import javax.servlet.ServletContext;
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.ServletResponse;
|
||||
import javax.servlet.annotation.WebFilter;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import javax.servlet.http.HttpSession;
|
||||
|
||||
/**
|
||||
* Filter implementation class AuthenticationFilter.
|
||||
*
|
||||
* @author Edgar Schkrob
|
||||
*/
|
||||
|
||||
@WebFilter(urlPatterns = {"/*"})
|
||||
public class AuthenticationFilter implements Filter{
|
||||
private ServletContext context;
|
||||
|
||||
/**
|
||||
* Called by the web container to indicate to a filter that it is being placed into service.
|
||||
* @param fConfig This parameter provides access to everything the code needs to work.
|
||||
* @throws ServletException Defines a general exception a servlet can throw when it encounters difficulty.
|
||||
*/
|
||||
|
||||
public void init(FilterConfig fConfig) throws ServletException {
|
||||
this.context = fConfig.getServletContext();
|
||||
this.context.log("AuthenticationFilter initialized");
|
||||
}
|
||||
|
||||
/**
|
||||
* The doFilter method of the Filter is called by the container each time a request/response pair is passed through the chain due to a client request for a resource at the end of the chain.
|
||||
* @param request This parameter provides access to everything the code needs to work.
|
||||
* @param response This parameter provides access to everything the code needs to issue a response.
|
||||
* @param chain This parameter allows passing request along the chain of potential handlers until one of them handles the request.
|
||||
* @throws ServletException Defines a general exception a servlet can throw when it encounters difficulty.
|
||||
* @throws IOException Signals that an I/O exception of some sort has occurred. This class is the general class of exceptions produced by failed or interrupted I/O operations.
|
||||
*/
|
||||
|
||||
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
|
||||
HttpServletRequest req = (HttpServletRequest) request;
|
||||
HttpServletResponse res = (HttpServletResponse) response;
|
||||
HttpSession session = req.getSession(false);
|
||||
String url = req.getRequestURI();
|
||||
if(url.contains("login") || url.contains("logo") || url.contains("js/")){
|
||||
chain.doFilter(request, response);
|
||||
} else if (session == null || !((boolean) session.getAttribute("authentication"))) { //checking whether the session exists and if authentication succeded
|
||||
this.context.log("Unauthorized access request");
|
||||
res.sendRedirect(req.getContextPath() + "/login.html");
|
||||
} else {
|
||||
chain.doFilter(request, response);
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
public void destroy() {
|
||||
//close any resources here
|
||||
}
|
||||
}
|
|
@ -6,41 +6,36 @@ import java.io.PrintWriter;
|
|||
import javax.servlet.RequestDispatcher;
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.annotation.WebServlet;
|
||||
import javax.servlet.http.Cookie;
|
||||
import javax.servlet.http.HttpServlet;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import javax.servlet.http.HttpSession;
|
||||
|
||||
@WebServlet("/LoginServlet")
|
||||
/**
|
||||
* Servlet implementation class LoginServlet.
|
||||
*
|
||||
* @author Edgar Schkrob
|
||||
*/
|
||||
|
||||
@WebServlet("/login")
|
||||
public class LoginServlet extends HttpServlet {
|
||||
|
||||
//private final String username = "admin";
|
||||
private final String password = "password";
|
||||
private final String password = "SPM2019SS";
|
||||
|
||||
/**
|
||||
* This is a Servlet that manages the Login and creates Sessions.
|
||||
* @param request This parameter provides access to everything the code needs to work.
|
||||
* @param response This parameter provides access to everything the code needs to issue a response.
|
||||
* @throws ServletException Defines a general exception a servlet can throw when it encounters difficulty.
|
||||
* @throws IOException Signals that an I/O exception of some sort has occurred. This class is the general class of exceptions produced by failed or interrupted I/O operations.
|
||||
*/
|
||||
|
||||
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
|
||||
|
||||
// get request parameters for username and password
|
||||
//String username = request.getParameter("username");
|
||||
String password = request.getParameter("pwd");
|
||||
|
||||
//if (this.username.equals(username) && this.password.equals(password)) {
|
||||
if (this.password.equals(password)) {
|
||||
//get the old session and invalidate
|
||||
HttpSession oldSession = request.getSession(false);
|
||||
if (oldSession != null) {
|
||||
oldSession.invalidate();
|
||||
}
|
||||
//generate a new session
|
||||
HttpSession newSession = request.getSession(true);
|
||||
|
||||
//setting session to expiry in 5 mins
|
||||
newSession.setMaxInactiveInterval(5*60);
|
||||
|
||||
Cookie message = new Cookie("message", "Welcome");
|
||||
response.addCookie(message);
|
||||
response.sendRedirect("/index.jsp");
|
||||
newSession.setAttribute("authentication", true);
|
||||
newSession.setMaxInactiveInterval(5*60*60); //setting session to expiry in 5 hours
|
||||
response.sendRedirect("index.jsp");
|
||||
} else {
|
||||
RequestDispatcher rd = getServletContext().getRequestDispatcher("/login.html");
|
||||
PrintWriter out = response.getWriter();
|
||||
|
|
|
@ -2,7 +2,6 @@ package de.hsel.spm.baudas.web;
|
|||
|
||||
import java.io.IOException;
|
||||
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.annotation.WebServlet;
|
||||
import javax.servlet.http.HttpServlet;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
|
@ -10,18 +9,26 @@ import javax.servlet.http.HttpServletResponse;
|
|||
import javax.servlet.http.HttpSession;
|
||||
|
||||
/**
|
||||
* Servlet implementation class LogoutServlet
|
||||
* Servlet implementation class LogoutServlet.
|
||||
*
|
||||
* @author Edgar Schkrob
|
||||
*/
|
||||
@WebServlet("/web/LogoutServlet")
|
||||
|
||||
@WebServlet("/logout")
|
||||
public class LogoutServlet extends HttpServlet {
|
||||
|
||||
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
|
||||
/**
|
||||
* This is a Servlet that manages the Logout and deletes Sessions.
|
||||
* @param request This parameter provides access to everything the code needs to work.
|
||||
* @param response This parameter provides access to everything the code needs to issue a response.
|
||||
* @throws IOException Signals that an I/O exception of some sort has occurred. This class is the general class of exceptions produced by failed or interrupted I/O operations.
|
||||
*/
|
||||
|
||||
//invalidate the session if exists
|
||||
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws IOException {
|
||||
HttpSession session = request.getSession(false);
|
||||
if(session != null){
|
||||
session.invalidate();
|
||||
}
|
||||
response.sendRedirect(request.getContextPath() + "/loginPage.html");
|
||||
response.sendRedirect(request.getContextPath() + "/");
|
||||
}
|
||||
}
|
||||
|
|
|
@ -18,14 +18,14 @@
|
|||
<div class="card white col s6 push-s3">
|
||||
<div class="card-content">
|
||||
<div class="center">
|
||||
<img style="width: 50%" src="../logoOrginal.gif">
|
||||
<img style="width: 50%" src="logoOrginal.gif">
|
||||
</div>
|
||||
<div class="divider"></div>
|
||||
<div class="row">
|
||||
<div class="col s8 push-s2">
|
||||
|
||||
<form action="LoginServlet" method="post">
|
||||
<input id="password" type="password" class="validate" placeholder="Passwort">
|
||||
<form action="login" method="post">
|
||||
<input id="password" type="password" class="validate" placeholder="Passwort" name="password">
|
||||
<input class="white-text btn blue-grey lighten-2" type="submit" value="Login">
|
||||
</form>
|
||||
</div>
|
|
@ -29,11 +29,11 @@
|
|||
<div class="nav-wrapper col 2 right">
|
||||
<ul class="right hide-on-med-and-down">
|
||||
<li><a data-target="slide-out" class="sidenav-trigger show-on-large"><i class="material-icons left">menu</i>Menü</a></li><!--Sidenav-->
|
||||
<li><a href="login.html"><i class="material-icons left">person_outline</i>Logout</a></li><!--Logout-->
|
||||
<li><a href="../login.html"><i class="material-icons left">person_outline</i>Logout</a></li><!--Logout-->
|
||||
</ul>
|
||||
<ul class="right">
|
||||
<li><a href="#" data-target="slide-out" class="sidenav-trigger"><i class="material-icons">menu</i></a></li><!--Sidenav-->
|
||||
<li><a href="login.html" class="sidenav-trigger"><i class="material-icons">person_outline</i></a></li><!--Logout-->
|
||||
<li><a href="../login.html" class="sidenav-trigger"><i class="material-icons">person_outline</i></a></li><!--Logout-->
|
||||
</ul>
|
||||
</div>
|
||||
</nav>
|
||||
|
|
|
@ -37,7 +37,7 @@
|
|||
</div>
|
||||
<div class="card-action right">
|
||||
<a href="#">Bestätigen</a>
|
||||
<a href="login.html">Zurück</a>
|
||||
<a href="../login.html">Zurück</a>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
|
Loading…
Reference in New Issue