From 4a9e3f90a79985aa6a0b45e061fdcf2fea1ba318 Mon Sep 17 00:00:00 2001 From: Olivier Lamy Date: Fri, 4 Jan 2013 15:16:22 +0000 Subject: [PATCH] reduce security informations returned by this public service git-svn-id: https://svn.apache.org/repos/asf/archiva/trunk@1428920 13f79535-47bb-0310-9956-ffa450edef68 --- .../web/api/DefaultRuntimeInfoService.java | 24 ++++++++++++++++-- .../web/model/ApplicationRuntimeInfo.java | 14 ++++++----- .../src/main/webapp/js/archiva/archiva.js | 4 +-- .../main/webapp/js/archiva/general-admin.js | 25 ++++++++++++++++++- .../src/main/webapp/js/archiva/main.js | 8 +++--- .../src/main/webapp/js/redback/user.js | 4 +-- 6 files changed, 61 insertions(+), 18 deletions(-) diff --git a/archiva-modules/archiva-web/archiva-web-common/src/main/java/org/apache/archiva/web/api/DefaultRuntimeInfoService.java b/archiva-modules/archiva-web/archiva-web-common/src/main/java/org/apache/archiva/web/api/DefaultRuntimeInfoService.java index a40e698d2..764241165 100644 --- a/archiva-modules/archiva-web/archiva-web-common/src/main/java/org/apache/archiva/web/api/DefaultRuntimeInfoService.java +++ b/archiva-modules/archiva-web/archiva-web-common/src/main/java/org/apache/archiva/web/api/DefaultRuntimeInfoService.java @@ -18,10 +18,14 @@ package org.apache.archiva.web.api; * under the License. */ +import org.apache.archiva.admin.model.beans.RedbackRuntimeConfiguration; +import org.apache.archiva.redback.configuration.UserConfigurationKeys; import org.apache.archiva.rest.api.services.ArchivaRestServiceException; import org.apache.archiva.rest.api.services.RedbackRuntimeConfigurationService; +import org.apache.archiva.web.model.CookieInformation; import org.apache.archiva.web.runtime.ArchivaRuntimeInfo; import org.apache.archiva.web.model.ApplicationRuntimeInfo; +import org.apache.commons.lang.BooleanUtils; import org.apache.commons.lang.StringUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -71,8 +75,24 @@ public class DefaultRuntimeInfoService new Locale( StringUtils.isEmpty( locale ) ? "en" : locale ) ); applicationRuntimeInfo.setTimestampStr( sfd.format( new Date( archivaRuntimeInfo.getTimestamp() ) ) ); - applicationRuntimeInfo.setRedbackRuntimeConfiguration( - redbackRuntimeConfigurationService.getRedbackRuntimeConfiguration() ); + CookieInformation cookieInformation = new CookieInformation(); + + RedbackRuntimeConfiguration redbackRuntimeConfiguration = + redbackRuntimeConfigurationService.getRedbackRuntimeConfiguration(); + + cookieInformation.setDomain( + redbackRuntimeConfiguration.getConfigurationProperties().get( UserConfigurationKeys.REMEMBER_ME_DOMAIN ) ); + cookieInformation.setPath( + redbackRuntimeConfiguration.getConfigurationProperties().get( UserConfigurationKeys.REMEMBER_ME_PATH ) ); + cookieInformation.setSecure( + redbackRuntimeConfiguration.getConfigurationProperties().get( UserConfigurationKeys.REMEMBER_ME_SECURE ) ); + cookieInformation.setTimeout( + redbackRuntimeConfiguration.getConfigurationProperties().get( UserConfigurationKeys.REMEMBER_ME_TIMEOUT ) ); + cookieInformation.setRememberMeEnabled( BooleanUtils.toBoolean( + redbackRuntimeConfiguration.getConfigurationProperties().get( + UserConfigurationKeys.REMEMBER_ME_ENABLED ) ) ); + + applicationRuntimeInfo.setCookieInformation( cookieInformation ); return applicationRuntimeInfo; } diff --git a/archiva-modules/archiva-web/archiva-web-common/src/main/java/org/apache/archiva/web/model/ApplicationRuntimeInfo.java b/archiva-modules/archiva-web/archiva-web-common/src/main/java/org/apache/archiva/web/model/ApplicationRuntimeInfo.java index 85fdef76b..ef0f53552 100644 --- a/archiva-modules/archiva-web/archiva-web-common/src/main/java/org/apache/archiva/web/model/ApplicationRuntimeInfo.java +++ b/archiva-modules/archiva-web/archiva-web-common/src/main/java/org/apache/archiva/web/model/ApplicationRuntimeInfo.java @@ -21,6 +21,7 @@ package org.apache.archiva.web.model; import org.apache.archiva.admin.model.beans.RedbackRuntimeConfiguration; import javax.xml.bind.annotation.XmlRootElement; +import java.io.Serializable; import java.util.Calendar; /** @@ -29,6 +30,7 @@ import java.util.Calendar; */ @XmlRootElement(name = "applicationRuntimeInfo") public class ApplicationRuntimeInfo + implements Serializable { private boolean devMode = false; @@ -48,7 +50,7 @@ public class ApplicationRuntimeInfo private String timestampStr; - private RedbackRuntimeConfiguration redbackRuntimeConfiguration; + private CookieInformation cookieInformation; public ApplicationRuntimeInfo() { @@ -151,14 +153,14 @@ public class ApplicationRuntimeInfo this.timestampStr = timestampStr; } - public RedbackRuntimeConfiguration getRedbackRuntimeConfiguration() + public CookieInformation getCookieInformation() { - return redbackRuntimeConfiguration; + return cookieInformation; } - public void setRedbackRuntimeConfiguration( RedbackRuntimeConfiguration redbackRuntimeConfiguration ) + public void setCookieInformation( CookieInformation cookieInformation ) { - this.redbackRuntimeConfiguration = redbackRuntimeConfiguration; + this.cookieInformation = cookieInformation; } @Override @@ -175,7 +177,7 @@ public class ApplicationRuntimeInfo sb.append( ", logMissingI18n=" ).append( logMissingI18n ); sb.append( ", baseUrl='" ).append( baseUrl ).append( '\'' ); sb.append( ", timestampStr='" ).append( timestampStr ).append( '\'' ); - sb.append( ", redbackRuntimeConfiguration=" ).append( redbackRuntimeConfiguration ); + sb.append( ", cookieInformation=" ).append( cookieInformation ); sb.append( '}' ); return sb.toString(); } diff --git a/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/js/archiva/archiva.js b/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/js/archiva/archiva.js index 4bfb95e5c..d9226f585 100644 --- a/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/js/archiva/archiva.js +++ b/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/js/archiva/archiva.js @@ -110,9 +110,7 @@ $.ajax({ window.archivaJavascriptLog=data.javascriptLog; window.archivaRuntimeInfo=data; - window.redbackRuntimeConfiguration=mapRedbackRuntimeConfiguration(data.redbackRuntimeConfiguration); - - $.log("security.rememberme.enabled key value:"+ window.redbackRuntimeConfiguration.findPropertyValue('security.rememberme.enabled')); + window.cookieInformation=mapCookieInformation(data.cookieInformation); require(['sammy','jquery','i18n','jquery.tmpl','archiva.main','utils','domReady!'],function () { startArchivaApplication(); diff --git a/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/js/archiva/general-admin.js b/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/js/archiva/general-admin.js index c2e2247fa..8d4c2b997 100644 --- a/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/js/archiva/general-admin.js +++ b/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/js/archiva/general-admin.js @@ -1612,7 +1612,6 @@ define("archiva.general-admin",["jquery","i18n","utils","jquery.tmpl","knockout" type: "GET", dataType: 'json', success: function(data) { - // TODO use window.redbackRuntimeConfiguration ? var redbackRuntimeConfiguration = mapRedbackRuntimeConfiguration(data); var redbackRuntimeConfigurationViewModel = new RedbackRuntimeConfigurationViewModel(redbackRuntimeConfiguration,userManagerImplementationInformations); @@ -1653,4 +1652,28 @@ define("archiva.general-admin",["jquery","i18n","utils","jquery.tmpl","knockout" return new CacheConfiguration(data.timeToIdleSeconds,data.timeToLiveSeconds,data.maxElementsInMemory,data.maxElementsOnDisk); } + CookieInformation=function(path,domain,secure,timeout,rememberMeEnabled){ + //private String path; + this.path=path; + + //private String domain; + this.domain=domain; + + //private String secure; + this.secure=secure; + + //private String timeout; + this.timeout=timeout; + + //private boolean rememberMeEnabled; + this.rememberMeEnabled=rememberMeEnabled; + } + + mapCookieInformation=function(data){ + if(!data){ + return new CookieInformation(); + } + return new CookieInformation(data.path,data.domain,data.secure,data.timeout,data.rememberMeEnabled); + } + }); \ No newline at end of file diff --git a/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/js/archiva/main.js b/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/js/archiva/main.js index 26699ae14..9c26fca72 100644 --- a/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/js/archiva/main.js +++ b/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/js/archiva/main.js @@ -29,13 +29,13 @@ function(jquery,ui,sammy,tmpl,i18n,jqueryCookie,bootstrap,archivaSearch,jqueryVa */ reccordLoginCookie=function(user) { - var path = window.redbackRuntimeConfiguration.findPropertyValue("security.rememberme.path"); + var path = window.cookieInformation.path; path = path ? path : "/"; - var domain = window.redbackRuntimeConfiguration.findPropertyValue("security.rememberme.domain"); - var secure = window.redbackRuntimeConfiguration.findPropertyValue("security.rememberme.secure"); + var domain = window.cookieInformation.domain; + var secure = window.cookieInformation.secure; - var expires= Number(window.redbackRuntimeConfiguration.findPropertyValue("security.rememberme.timeout")); + var expires= Number(window.cookieInformation.timeout); var userJson=ko.toJSON(user); diff --git a/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/js/redback/user.js b/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/js/redback/user.js index 630d9e9f0..6c6a5438b 100644 --- a/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/js/redback/user.js +++ b/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/js/redback/user.js @@ -366,9 +366,9 @@ function(jquery,utils,i18n,jqueryValidate,ko,koSimpleGrid,purl) { $.log("user not in cookie"); } - var rememberMe=window.redbackRuntimeConfiguration.findPropertyValue('security.rememberme.enabled'); + var rememberMe=window.cookieInformation.rememberMeEnabled; $.log("rememberMe:"+rememberMe); - if (rememberMe=='false'){ + if (rememberMe=='true'){ $("#user-login-form-rememberme-label" ).hide(); $("#user-login-form-rememberme" ).attr("disabled","true"); if($("#user-login-form-rememberme" ).get(0 ).checked){ -- 2.39.5