<body> <div> <div> <h2>Login</h2> </div> </

1. <body>
2.  
3. <div>
4. <div>
5. <h2>Login</h2>
6. </div>
7. </div>
8.  
9. <form action="/admin/login" method="post">
10. Login:<br>
11. <input type="text" name="username">
12. <br>
13. Password:<br>
14. <input type="text" name="password">
15. <br><br>
16. <input type="submit" value="Submit">
17. </form>
18.  
19. </body>
20.  
21. <beans
22. xmlns="http://www.springframework.org/schema/beans"
23. xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
24. xmlns:security="http://www.springframework.org/schema/security"
25. xmlns:util="http://www.springframework.org/schema/util"
26. xsi:schemaLocation="
27. http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
28. http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd
29. http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-4.2.xsd">
30.  
31. <import resource="classpath:my-admin-context.xml" />
32.  
33. <bean id="adminUserService" class="....AdminUserService">
34. <property name="userMapper" ref="userMapper" />
35. <property name="userRoleMapper" ref="userRoleMapper" />
36. </bean>
37.  
38. <bean id="adminAuthenticationSuccessHandler" class="org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler">
39. <property name="defaultTargetUrl" value="/index.html" />
40. <property name="alwaysUseDefaultTargetUrl" value="true" />
41. <property name="useReferer" value="true" />
42. </bean>
43.  
44. <security:http>
45.  
46. <security:intercept-url pattern="/login.html*" access="IS_AUTHENTICATED_ANONYMOUSLY" requires-channel="any" />
47.  
48. <security:intercept-url pattern="/**" access="ROLE_ADMIN" requires-channel="any" />
49.  
50. <security:form-login login-page="/login.html" authentication-success-handler-ref="adminAuthenticationSuccessHandler" />
51. <security:logout logout-url="/logout" invalidate-session="true" delete-cookies="JSESSIONID" logout-success-url="/login.html" />
52.  
53. </security:http>
54.  
55. <security:authentication-manager>
56. <security:authentication-provider user-service-ref="adminUserService">
57. <security:password-encoder hash="sha" />
58. </security:authentication-provider>
59. </security:authentication-manager>
60.  
61. public class AdminUserService implements UserDetailsService {
62.  
63. private final Logger logger = LoggerFactory.getLogger(getClass());
64.  
65. private UserMapper userMapper;
66.  
67. private UserRoleMapper userRoleMapper;
68.  
69. public UserMapper getUserMapper() {
70.  
71. return userMapper;
72. }
73.  
74. @Required
75. public void setUserMapper(final UserMapper userMapper) {
76.  
77. this.userMapper = userMapper;
78. }
79.  
80. public UserRoleMapper getUserRoleMapper() {
81.  
82. return userRoleMapper;
83. }
84.  
85. @Required
86. public void setUserRoleMapper(final UserRoleMapper userRoleMapper) {
87.  
88. this.userRoleMapper = userRoleMapper;
89. }
90.  
91. @Override
92. public UserDetails loadUserByUsername(final String username) throws UsernameNotFoundException {
93.  
94. logger.debug("Looking up User: {}", username);
95.  
96. final UserDo userDo = userMapper.findUserByLogin(username);
97. User user = null;
98.  
99. if (userDo == null) {
100. logger.warn("User does not exist: {}", username);
101.  
102. user = new User(username, null, false, false, false, false, new ArrayList<GrantedAuthority>());
103. } else if (StringUtils.equals(userDo.getStatus(), EtpAdminConstants.INACTIVE)) {
104. logger.warn("User is Inactive: {}", username);
105. logger.info("User DO: {}", userDo);
106.  
107. user = new User(username, null, false, false, false, false, new ArrayList<GrantedAuthority>());
108. } else {
109. final List<GrantedAuthority> authorities = getAuthorities(userDo);
110.  
111. logger.debug("Granted Authorities: {}", authorities);
112.  
113. user = new User(username, userDo.getPassword(), authorities);
114. }
115.  
116. return user;
117. }
118.  
119. List<GrantedAuthority> getAuthorities(final UserDo userDo) {
120.  
121. final List<UserRole> userRoleList = userRoleMapper.findRoleMapping(userDo.getId());
122.  
123. logger.debug("Found Roles: {}", userRoleList);
124.  
125. final List<GrantedAuthority> authorities = new ArrayList<>();
126.  
127. userRoleList.forEach(userRole -> authorities.add(new SimpleGrantedAuthority(userRole.getRoleName())));
128.  
129. return authorities;
130. }