diff options
3 files changed, 65 insertions, 1 deletions
diff --git a/src/main/java/org/onap/clamp/clds/config/spring/CldsSecurityConfigUsers.java b/src/main/java/org/onap/clamp/clds/config/spring/CldsSecurityConfigUsers.java index aabb6cf0b..961cc6b35 100644 --- a/src/main/java/org/onap/clamp/clds/config/spring/CldsSecurityConfigUsers.java +++ b/src/main/java/org/onap/clamp/clds/config/spring/CldsSecurityConfigUsers.java @@ -74,7 +74,11 @@ public class CldsSecurityConfigUsers extends WebSecurityConfigurerAdapter { protected void configure(HttpSecurity http) { try { http.csrf().disable().httpBasic().and().authorizeRequests().antMatchers("/restservices/clds/v1/user/**") - .authenticated().anyRequest().permitAll().and().logout(); + .authenticated().anyRequest().permitAll().and().logout() + .and().sessionManagement() + .maximumSessions(1) + .and().invalidSessionUrl("/designer/timeout.html"); + } catch (Exception e) { logger.error("Exception occurred during the setup of the Web users in memory", e); throw new CldsUsersException("Exception occurred during the setup of the Web users in memory", e); diff --git a/src/main/resources/META-INF/resources/designer/scripts/authcontroller.js b/src/main/resources/META-INF/resources/designer/scripts/authcontroller.js index ca9106184..ac8919801 100644 --- a/src/main/resources/META-INF/resources/designer/scripts/authcontroller.js +++ b/src/main/resources/META-INF/resources/designer/scripts/authcontroller.js @@ -71,5 +71,10 @@ function AuthenticateCtrl($scope, $rootScope, $window, $resource, $http, $locati callback && callback(); }); }; + + $scope.logout = function() { + window.localStorage.removeItem("isAuth"); + window.localStorage.removeItem("loginuser"); + }; } diff --git a/src/main/resources/META-INF/resources/designer/timeout.html b/src/main/resources/META-INF/resources/designer/timeout.html new file mode 100644 index 000000000..ce3002b22 --- /dev/null +++ b/src/main/resources/META-INF/resources/designer/timeout.html @@ -0,0 +1,55 @@ +<!-- + ============LICENSE_START======================================================= + ONAP CLAMP + ================================================================================ + Copyright (C) 2017 AT&T Intellectual Property. All rights + reserved. + ================================================================================ + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + ============LICENSE_END============================================ + =================================================================== + + --> +<style> +.divRow { + margin-left: 5px; + font-size: 13px; + font-weight: normal; + margin-top:10px; +} +</style> + +<head> + <title>CLDS</title> + <script language="javascript"> + function buttonVilibility() + { + if (window.opener && window.opener !== window) { + document.getElementById("boton1").style.visibility="visible"; + } else { + document.getElementById("boton1").style.visibility="hidden"; + } + } + </script> +</head> +<body onload='buttonVilibility()'> +<div ng-controller="AuthenticateCtrl" ng-init="logout()"> + <div id='main'> + <div class="divRow"><b>Your session is timeout.</b></div> + <div class="divRow">Please <a href="/designer/index.html"/>Login</a> again.</div> + </div> + <div> + <button id="boton1" ng-click="close(true)" class="btn btn-primary">Close</button> + </div> +</div> +</body> |