Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <a href="login">LogIn</a>
- <h2>Digita il tuo username e la tua password per accedere al sistema </h2>
- <form th:action="@{/login}" method="post" th:object="${responsabile}">
- <div class="field half first">
- <label for="name"><span class="icon fa-user"></span>Username:</label>
- <input name="name" id="username" type="text" placeholder="Username" th:field="*{nomeUtente}"/>
- </div>
- <div class="field half">
- <label for="email"><span class="icon fa-code"></span> Password:</label>
- <input name="email" id="email" type="password" placeholder="Password" th:field="*{chiaveAccesso}"/>
- </div>
- <ul class="actions">
- <li><input value="Login" class="button" type="submit"/></li>
- </ul>
- </form>
- package it.uniroma3.controller;
- import it.uniroma3.model.Centro;
- import it.uniroma3.model.Responsabile;
- import it.uniroma3.service.CentroService;
- import it.uniroma3.service.ResponsabileService;
- import org.springframework.beans.factory.annotation.Autowired;
- import org.springframework.security.core.Authentication;
- import org.springframework.security.core.context.SecurityContextHolder;
- import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
- import org.springframework.stereotype.Controller;
- import org.springframework.ui.Model;
- import org.springframework.web.bind.annotation.ModelAttribute;
- import org.springframework.web.bind.annotation.RequestMapping;
- import org.springframework.web.bind.annotation.RequestMethod;
- import org.springframework.web.bind.annotation.RequestParam;
- import javax.servlet.http.HttpSession;
- import javax.validation.Valid;
- @Controller
- public class LoginController {
- @Autowired
- private ResponsabileService responsabileService;
- @Autowired
- private CentroService centroService;
- @RequestMapping("/login")
- public String login(Model model) {
- model.addAttribute("responsabile", new Responsabile());
- return "login";
- }
- @RequestMapping("/role")
- public String loginRole(HttpSession session, Model model) {
- Authentication auth = SecurityContextHolder.getContext().getAuthentication();
- String role = auth.getAuthorities().toString();
- Responsabile responsabile = this.responsabileService.findByNomeUtente(auth.getName());
- String targetUrl = "";
- if(role.contains("RESPONSABILE")) {
- session.setAttribute("responsabile", responsabile);
- Centro centro=this.centroService.findById(responsabile.getCentro().getId());
- session.setAttribute("centro", centro);
- model.addAttribute("username",responsabile.getNomeUtente());
- targetUrl = "/responsabile/respPanel";
- } else if(role.contains("DIRETTORE")) {
- session.setAttribute("responsabile", responsabile);
- model.addAttribute("username", responsabile.getNomeUtente());
- targetUrl = "/direttore/direttorePanel";
- }
- return targetUrl;
- }
- }
- @Entity
- @Id
- @GeneratedValue(strategy=GenerationType.AUTO)
- private Long id;
- @Column(nullable=false)
- private String nome;
- @Column(nullable=false)
- private String cognome;
- @Column(nullable=false, unique=true)
- private String nomeUtente;
- @Column(nullable=false)
- private String chiaveAccesso;
- @ManyToOne //ok
- private Azienda azienda;
- @OneToOne //ok
- private Azienda aziendadiretta;
- @OneToOne(cascade=CascadeType.ALL)
- private Centro centro;
- @Column(nullable=false)
- private String role;
- package it.uniroma3.error;
- import org.slf4j.Logger;
- import org.slf4j.LoggerFactory;
- import org.springframework.security.access.AccessDeniedException;
- import org.springframework.security.core.Authentication;
- import org.springframework.security.core.context.SecurityContextHolder;
- import org.springframework.security.web.access.AccessDeniedHandler;
- import org.springframework.stereotype.Component;
- import javax.servlet.ServletException;
- import javax.servlet.http.HttpServletRequest;
- import javax.servlet.http.HttpServletResponse;
- import java.io.IOException;
- // handle 403 page
- @Component
- public class MyAccessDeniedHandler implements AccessDeniedHandler {
- private static Logger logger = LoggerFactory.getLogger(MyAccessDeniedHandler.class);
- @Override
- public void handle(HttpServletRequest httpServletRequest,
- HttpServletResponse httpServletResponse,
- AccessDeniedException e) throws IOException, ServletException {
- Authentication auth
- = SecurityContextHolder.getContext().getAuthentication();
- if (auth != null) {
- logger.info("User '" + auth.getName()
- + "' attempted to access the protected URL: "
- + httpServletRequest.getRequestURI());
- }
- httpServletResponse.sendRedirect(httpServletRequest.getContextPath() + "/403");
- }
- }
Add Comment
Please, Sign In to add comment