Merge pull request #33 from egmp777/master

Login and Registration Error Handling pom changes

spring-security-login-error-handling/bin/.springBeans

@@ -0,0 +1,15 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beansProjectDescription>
+	<version>1</version>
+	<pluginVersion><![CDATA[3.5.1.201404300732-RELEASE]]></pluginVersion>
+	<configSuffixes>
+		<configSuffix><![CDATA[xml]]></configSuffix>
+	</configSuffixes>
+	<enableImports><![CDATA[true]]></enableImports>
+	<configs>
+	</configs>
+	<autoconfigs>
+	</autoconfigs>
+	<configSets>
+	</configSets>
+</beansProjectDescription>

spring-security-login-error-handling/bin/src/main/resources/logback.xml

@@ -0,0 +1,20 @@
+<configuration>
+
+	<appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+		<encoder>
+			<pattern>web - %date [%thread] %-5level %logger{36} - %message%n
+			</pattern>
+		</encoder>
+	</appender>
+
+	<logger name="org.springframework" level="WARN" />
+	<logger name="org.springframework.transaction" level="WARN" />
+
+	<!-- in order to debug some marshalling issues, this needs to be TRACE -->
+	<logger name="org.springframework.web.servlet.mvc" level="WARN" />
+
+	<root level="INFO">
+		<appender-ref ref="STDOUT" />
+	</root>
+
+</configuration>

spring-security-login-error-handling/bin/src/main/resources/messages_en.properties

@@ -0,0 +1,9 @@
+message.username=Username required
+message.password=Password required
+message.unauth=Unauthorized Access !!
+message.badCredentials=Invalid Username or Password
+message.sessionExpired=Session Timed Out
+message.logoutError=Sorry, error logging out
+message.logoutSucc=You logged out successfully
+message.regSucc=You registrated correctly, please log in
+message.regError=There was a registration error please go back to registration

spring-security-login-error-handling/bin/src/main/resources/messages_es_ES.properties

@@ -0,0 +1,9 @@
+message.username=Por favor ingrese el nombre de usuario
+message.password=Por favor ingrese una clave
+message.unauth=Acceso denegado !!
+message.badCredentials=Usuario o clave invalida
+message.sessionExpired=La sesion expiro
+message.logoutError=Lo sentimos, hubo problemas en logout
+message.logoutSucc=Logout con exito
+message.regSucc=Se registro correctamente, por favor ingrese
+message.regError=Hubo un error, por favor vuelva a registrarse

spring-security-login-error-handling/bin/src/main/resources/webSecurityConfig.xml

@@ -0,0 +1,36 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans:beans xmlns="http://www.springframework.org/schema/security"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:beans="http://www.springframework.org/schema/beans"
+	xmlns:mvc="http://www.springframework.org/schema/mvc"
+	xsi:schemaLocation="
+		http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.2.xsd
+		http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.0.xsd">
+
+
+	<http use-expressions="true">
+		<intercept-url pattern="/login*" access="permitAll" />
+		<intercept-url pattern="/logout*" access="permitAll" />
+		<intercept-url pattern="/registration*" access="permitAll" />
+		<intercept-url pattern="/resources/**" access="permitAll" />
+		<intercept-url pattern="/invalidSession*" access="isAnonymous()" />
+		<intercept-url pattern="/**" access="isAuthenticated()" />
+		<form-login login-page='/login.html'
+			authentication-failure-url="/login.html?error=true"
+			authentication-success-handler-ref="myAuthenticationSuccessHandler"
+			default-target-url="/homepage.html" />
+		<session-management invalid-session-url="/invalidSession.html"
+			session-fixation-protection="none" />
+		<logout invalidate-session="false" logout-success-url="/logout.html?logSucc=1"
+			logout-url="/j_spring_security_logout" delete-cookies="JSESSIONID" />
+	</http>
+	<beans:bean id="myAuthenticationSuccessHandler"
+		class="org.baeldung.security.MySimpleUrlAuthenticationSuccessHandler" />
+	<authentication-manager>
+		<authentication-provider>
+			<user-service>
+				<user name="user1" password="user1Pass" authorities="ROLE_USER" />
+				<user name="admin1" password="admin1Pass" authorities="ROLE_ADMIN" />
+			</user-service>
+		</authentication-provider>
+	</authentication-manager>
+</beans:beans>

spring-security-login-error-handling/bin/src/main/webapp/WEB-INF/mvc-servlet.xml

@@ -0,0 +1,10 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
+    xmlns:p="http://www.springframework.org/schema/p" 
+     xmlns:mvc="http://www.springframework.org/schema/mvc"
+    xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.0.xsd">
+
+
+
+
+</beans>

spring-security-login-error-handling/bin/src/main/webapp/WEB-INF/view/admin.jsp

@@ -0,0 +1,23 @@
+<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
+<%@ taglib prefix="sec" uri="http://www.springframework.org/security/tags" %>
+<%@taglib uri="http://www.springframework.org/tags" prefix="spring"%>
+<html>
+<sec:authorize ifAnyGranted="ROLE_USER">
+<spring:message code="message.unauth" ></spring:message>
+</sec:authorize>
+<head></head>
+
+
+<body>
+	
+<head></head>
+	<sec:authorize ifAnyGranted="ROLE_ADMIN">
+<H1> Hello Admin</H1>
+</sec:authorize>
+   
+	<a href="<c:url value="/j_spring_security_logout" />">Logout</a>
+	<a href="<c:url value="/home.html" />">Home</a>
+</body>
+
+
+</html>

spring-security-login-error-handling/bin/src/main/webapp/WEB-INF/view/console.jsp

@@ -0,0 +1,23 @@
+<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
+<%@ taglib prefix="security" uri="http://www.springframework.org/security/tags" %>
+<html>
+<head></head>
+
+<body>
+	<h1>This is the landing page for the admin</h1>
+
+	<security:authorize access="hasRole('ROLE_USER')">
+		This text is only visible to a user
+		<br/>
+	</security:authorize>
+
+	<security:authorize access="hasRole('ROLE_ADMIN')">
+		This text is only visible to an admin
+		<br/>
+	</security:authorize>
+
+	<a href="<c:url value="/j_spring_security_logout" />">Logout</a>
+	<a href="<c:url value="/admin.html" />">Administrator Page</a>
+
+</body>
+</html>

spring-security-login-error-handling/bin/src/main/webapp/WEB-INF/view/home.jsp

@@ -0,0 +1,13 @@
+<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
+<%@ page session="true" %>
+<html>
+<head>
+	<title>Home</title>
+</head>
+<body>
+<h1>
+  Welcome back home!  
+</h1>
+
+</body>
+</html>

spring-security-login-error-handling/bin/src/main/webapp/WEB-INF/view/homepage.jsp

@@ -0,0 +1,28 @@
+<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
+<%@ taglib prefix="sec" uri="http://www.springframework.org/security/tags" %>
+<%@ page session="true" %>
+<html>
+<head></head>
+
+<body>
+	<body>
+	<h1>This is the homepage for the user</h1>
+
+	<sec:authorize access="hasRole('ROLE_USER')">
+		This text is only visible to a user
+		<br />
+	</sec:authorize>
+
+	<sec:authorize access="hasRole('ROLE_ADMIN')">
+		This text is only visible to an admin
+		<br />
+	</sec:authorize>
+
+	<a href="<c:url value="/j_spring_security_logout" />">Logout</a>
+	<a href="<c:url value="/home.html" />">Home</a>
+	<a href="<c:url value="/admin.html" />">Administrator Page</a>
+
+</body>
+
+</body>
+</html>

spring-security-login-error-handling/bin/src/main/webapp/WEB-INF/view/invalidSession.jsp

@@ -0,0 +1,12 @@
+<%@taglib uri="http://www.springframework.org/tags" prefix="spring"%>
+<html>
+<head>
+	<title>Home</title>
+</head>
+<body>
+<h1>
+<spring:message code="message.sessionExpired" ></spring:message>
+</h1>
+
+</body>
+</html>

spring-security-login-error-handling/bin/src/main/webapp/WEB-INF/view/login.jsp

@@ -0,0 +1,77 @@
+<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
+<%@ taglib prefix="sec"
+	uri="http://www.springframework.org/security/tags"%>
+<%@taglib uri="http://www.springframework.org/tags" prefix="spring"%>
+<%@ taglib uri="http://java.sun.com/jsp/jstl/fmt" prefix="fmt"%>
+<fmt:setBundle basename="messages" />
+<%@ page session="false"%>
+<c:if test="${param.error != null}">
+	<div id="error">
+		<spring:message code="message.badCredentials"></spring:message>
+	</div>
+</c:if>
+<c:if test="${param.regSucc == 1}">
+		<div id="error">
+			<spring:message code="message.regSucc"></spring:message>
+		</div>
+</c:if>
+<c:if test="${param.regError == 1}">
+
+	<div id="error">
+		<spring:message code="message.regError"></spring:message>
+	</div>
+	<a href="registration.html">Register</a>
+</c:if>
+<fmt:message key="message.password" var="noPass" />
+<fmt:message key="message.username" var="noUser" />
+<html>
+<head>
+
+<script type="text/javascript">
+	function validate() {
+		if (document.f.j_username.value == ""
+				&& document.f.j_password.value == "") {
+			alert("${noUser} & ${noPass}");
+			document.f.j_username.focus();
+			return false;
+		}
+		if (document.f.j_username.value == "") {
+			alert("${noUser}");
+			document.f.j_username.focus();
+			return false;
+		}
+
+		if (document.f.j_password.value == "") {
+			alert("${noPass}");
+			document.f.j_password.focus();
+			return false;
+		}
+	}
+</script>
+</head>
+
+<body>
+	<h1>Login</h1>
+	<a href="?lang=en">English</a> |
+	<a href="?lang=es_ES">Spanish</a>
+		<form name='f' action="j_spring_security_check" method='POST'
+			onsubmit="return validate();">
+
+			<table>
+				<tr>
+					<td>User:</td>
+					<td><input type='text' name='j_username' value=''></td>
+				</tr>
+				<tr>
+					<td>Password:</td>
+					<td><input type='password' name='j_password' /></td>
+				</tr>
+				<tr>
+					<td><input name="submit" type="submit" value="submit" /></td>
+				</tr>
+			</table>
+
+		</form>
+	<br> Current Locale : ${pageContext.response.locale}
+</body>
+</html>

spring-security-login-error-handling/bin/src/main/webapp/WEB-INF/view/logout.jsp

@@ -0,0 +1,24 @@
+<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
+<%@ taglib prefix="sec"
+	uri="http://www.springframework.org/security/tags"%>
+<%@taglib uri="http://www.springframework.org/tags" prefix="spring"%>
+<c:if test="${not empty SPRING_SECURITY_LAST_EXCEPTION}">
+	<div id="error">
+		<spring:message code="message.logoutError"></spring:message>
+	</div>
+</c:if>
+<c:if test="${param.logSucc == 1}">
+	<div id="success">
+		<spring:message code="message.logoutSucc"></spring:message>
+	</div>
+</c:if>
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=US-ASCII">
+<title>Logged Out</title>
+</head>
+<body>
+		
+	<a href="login.html">Login</a>
+</body>
+</html>

spring-security-login-error-handling/bin/src/main/webapp/WEB-INF/view/registration.jsp

@@ -0,0 +1,12 @@
+<%@ page language="java" contentType="text/html; charset=US-ASCII"
+    pageEncoding="US-ASCII"%>
+<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=US-ASCII">
+<title>Registration</title>
+</head>
+<body>
+<H1> This is the registration page</H1>
+</body>
+</html>

spring-security-login-error-handling/bin/src/main/webapp/WEB-INF/web.xml

@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" version="2.5">
+  <context-param>
+    <param-name>contextClass</param-name>
+    <param-value>
+         org.springframework.web.context.support.AnnotationConfigWebApplicationContext
+      </param-value>
+  </context-param>
+  <context-param>
+    <param-name>contextConfigLocation</param-name>
+    <param-value>org.baeldung.spring</param-value>
+  </context-param>
+  <listener>
+    <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
+  </listener>
+  <servlet>
+    <servlet-name>mvc</servlet-name>
+    <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
+    <load-on-startup>1</load-on-startup>
+  </servlet>
+  <servlet-mapping>
+    <servlet-name>mvc</servlet-name>
+    <url-pattern>/</url-pattern>
+  </servlet-mapping>
+  <filter>
+    <filter-name>springSecurityFilterChain</filter-name>
+    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
+  </filter>
+  <filter-mapping>
+    <filter-name>springSecurityFilterChain</filter-name>
+    <url-pattern>/*</url-pattern>
+  </filter-mapping>
+  <filter>
+    <filter-name>localizationFilter</filter-name>
+    <filter-class>org.springframework.web.filter.RequestContextFilter</filter-class>
+  </filter>
+  <filter-mapping>
+    <filter-name>localizationFilter</filter-name>
+    <url-pattern>/*</url-pattern>
+  </filter-mapping>
+</web-app>