API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Oct 9th, 2017
109
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.47 KB | None | 0 0
raw download clone embed print report
  1. <properties>
  2. <spring.version>3.2.8.RELEASE</spring.version>
  3. <spring.security.version>3.2.3.RELEASE</spring.security.version>
  4. <jstl.version>1.2</jstl.version>
  5. <mysql.connector.version>5.1.30</mysql.connector.version>
  6. </properties>
  7.  
  8. <security:http auto-config="true" use-expressions="true">
  9.  
  10. <security:intercept-url pattern="/login" access="permitAll"/>
  11. <security:intercept-url pattern="/**" access="isAuthenticated()"/>
  12.  
  13. <!-- access denied page -->
  14. <security:access-denied-handler error-page="/403"/>
  15.  
  16. <security:form-login
  17. login-page="/login" default-target-url="/loginSuccess" authentication-failure-url="/loginError?error"/>
  18.  
  19. <!-- enable csrf protection-->
  20. <security:csrf/>
  21. </security:http>
  22.  
  23. <!-- Select users and user_roles from database -->
  24. <security:authentication-manager>
  25. <security:authentication-provider>
  26. <!--<security:jdbc-user-service data-source-ref="dataSource"
  27. users-by-username-query="select username,password, enabled from registration where username=?"
  28. authorities-by-username-query="select username, role from registration where username=?"/> -->
  29. <security:user-service>
  30. <security:user name="test" password="test" authorities="ROLE_USER" />
  31. <security:user name="test1" password="test1" authorities="ROLE_ADMIN" />
  32. </security:user-service>
  33. </security:authentication-provider>
  34. </security:authentication-manager>
  35.  
  36. @Controller
  37. public class MainController {
  38.  
  39. @RequestMapping(value={"/login"})
  40. public ModelAndView loginPage(){
  41.  
  42. ModelAndView model = new ModelAndView("login");
  43. return model;
  44. }
  45.  
  46. @RequestMapping(value={"/loginSuccess"},method=RequestMethod.POST)
  47. public ModelAndView loginSuccess(Principal principal,HttpServletRequest request,HttpSession session){
  48.  
  49. ModelAndView model = new ModelAndView("success");
  50.  
  51. //Testing.......
  52. String name = principal.getName();
  53. model.addObject("username", name);
  54.  
  55. session = request.getSession();
  56. session.setAttribute("USER", "system");
  57.  
  58. return model;
  59. }
  60.  
  61. <%@taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
  62. <%@ page language="java" import="java.util.*" pageEncoding="ISO-8859-1"%>
  63. <%@page session="true"%>
  64. <%
  65. String path = request.getContextPath();
  66. String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
  67. %>
  68.  
  69. <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
  70. <html>
  71. <head>
  72. <base href="<%=basePath%>">
  73.  
  74. <title>login Page</title>
  75.  
  76. <!-- <meta http-equiv="pragma" content="no-cache">
  77. <meta http-equiv="cache-control" content="no-cache">
  78. <meta http-equiv="expires" content="0">
  79. <meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
  80. <meta http-equiv="description" content="This is my page">
  81.  
  82. <link rel="stylesheet" type="text/css" href="styles.css">
  83. -->
  84.  
  85. </head>
  86.  
  87. <body onload='document.loginForm.username.focus();'>
  88.  
  89. <h1>Spring Security Login Form (Database Authentication)</h1>
  90.  
  91. <div>
  92. <h3>Login with Username and Password</h3>
  93.  
  94. <c:if test="${not empty error}">
  95. <div>${error}</div>
  96. </c:if>
  97.  
  98. <form name="loginForm" action="j_spring_security_check" method="post">
  99.  
  100. <table>
  101. <tr>
  102. <td>Username</td>
  103. <td><input type="text" name=j_username></td>
  104. </tr>
  105. <tr>
  106. <td>Password</td>
  107. <td><input type="password" name=j_password></td>
  108. </tr>
  109. <tr>
  110. <td colspan='2'><input name="submit" type="submit"
  111. value="submit" /></td>
  112. </tr>
  113.  
  114. </table>
  115. <input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/>
  116. </form>
  117. </div>
  118. </body>
  119. </html>
  120.  
  121. <%@taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
  122. <html>
  123. <body>
  124. <h1>HTTP Status 403 - Access is denied</h1>
  125.  
  126. <c:choose>
  127. <c:when test="${empty username}">
  128. <h2>You do not have permission to access this page!</h2>
  129. </c:when>
  130. <c:otherwise>
  131. <h2>Username : ${username} <br/>You do not have permission to access this page!</h2>
  132. </c:otherwise>
  133. </c:choose>
  134.  
  135. </body>
  136. </html>
  137.  
  138. HTTP Status 403 - Access is denied
  139.  
  140. Username : ${username}
  141. You do not have permission to access this page!
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!