summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorxg353y <xg353y@intl.att.com>2018-05-23 18:02:49 +0200
committerxg353y <xg353y@intl.att.com>2018-05-23 18:02:49 +0200
commit0c2ab13d9082643188690e31d82cdf7a32449a2e (patch)
tree1ae1618d2e4035277476390041642ea71941b0b3
parent2206cf470405b527b5d666cf657f011eac6e0b80 (diff)
Add session timeout page
Page timeout.html will be loaded at the session timeout, so that client can re-login. Issue-ID: CLAMP-166 Change-Id: Ie6af79e993480162b1becf9a01b99c70ec831354 Signed-off-by: xg353y <xg353y@intl.att.com>
-rw-r--r--src/main/java/org/onap/clamp/clds/config/spring/CldsSecurityConfigUsers.java6
-rw-r--r--src/main/resources/META-INF/resources/designer/scripts/authcontroller.js5
-rw-r--r--src/main/resources/META-INF/resources/designer/timeout.html55
3 files changed, 65 insertions, 1 deletions
diff --git a/src/main/java/org/onap/clamp/clds/config/spring/CldsSecurityConfigUsers.java b/src/main/java/org/onap/clamp/clds/config/spring/CldsSecurityConfigUsers.java
index aabb6cf0b..961cc6b35 100644
--- a/src/main/java/org/onap/clamp/clds/config/spring/CldsSecurityConfigUsers.java
+++ b/src/main/java/org/onap/clamp/clds/config/spring/CldsSecurityConfigUsers.java
@@ -74,7 +74,11 @@ public class CldsSecurityConfigUsers extends WebSecurityConfigurerAdapter {
protected void configure(HttpSecurity http) {
try {
http.csrf().disable().httpBasic().and().authorizeRequests().antMatchers("/restservices/clds/v1/user/**")
- .authenticated().anyRequest().permitAll().and().logout();
+ .authenticated().anyRequest().permitAll().and().logout()
+ .and().sessionManagement()
+ .maximumSessions(1)
+ .and().invalidSessionUrl("/designer/timeout.html");
+
} catch (Exception e) {
logger.error("Exception occurred during the setup of the Web users in memory", e);
throw new CldsUsersException("Exception occurred during the setup of the Web users in memory", e);
diff --git a/src/main/resources/META-INF/resources/designer/scripts/authcontroller.js b/src/main/resources/META-INF/resources/designer/scripts/authcontroller.js
index ca9106184..ac8919801 100644
--- a/src/main/resources/META-INF/resources/designer/scripts/authcontroller.js
+++ b/src/main/resources/META-INF/resources/designer/scripts/authcontroller.js
@@ -71,5 +71,10 @@ function AuthenticateCtrl($scope, $rootScope, $window, $resource, $http, $locati
callback && callback();
});
};
+
+ $scope.logout = function() {
+ window.localStorage.removeItem("isAuth");
+ window.localStorage.removeItem("loginuser");
+ };
}
diff --git a/src/main/resources/META-INF/resources/designer/timeout.html b/src/main/resources/META-INF/resources/designer/timeout.html
new file mode 100644
index 000000000..ce3002b22
--- /dev/null
+++ b/src/main/resources/META-INF/resources/designer/timeout.html
@@ -0,0 +1,55 @@
+<!--
+ ============LICENSE_START=======================================================
+ ONAP CLAMP
+ ================================================================================
+ Copyright (C) 2017 AT&T Intellectual Property. All rights
+ reserved.
+ ================================================================================
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ ============LICENSE_END============================================
+ ===================================================================
+
+ -->
+<style>
+.divRow {
+ margin-left: 5px;
+ font-size: 13px;
+ font-weight: normal;
+ margin-top:10px;
+}
+</style>
+
+<head>
+ <title>CLDS</title>
+ <script language="javascript">
+ function buttonVilibility()
+ {
+ if (window.opener && window.opener !== window) {
+ document.getElementById("boton1").style.visibility="visible";
+ } else {
+ document.getElementById("boton1").style.visibility="hidden";
+ }
+ }
+ </script>
+</head>
+<body onload='buttonVilibility()'>
+<div ng-controller="AuthenticateCtrl" ng-init="logout()">
+ <div id='main'>
+ <div class="divRow"><b>Your session is timeout.</b></div>
+ <div class="divRow">Please <a href="/designer/index.html"/>Login</a> again.</div>
+ </div>
+ <div>
+ <button id="boton1" ng-click="close(true)" class="btn btn-primary">Close</button>
+ </div>
+</div>
+</body>