unused spring configuration removed (regarding redirection and session expired behaviour)

b9560b5d · Piotr Gawron · b746ebaa · b746ebaa · b746ebaa · b9560b5d
Commit b9560b5d authored 7 years ago by Piotr Gawron
--- a/web/src/main/java/lcsb/mapviewer/security/MvInvalidSessionStrategy.java
+++ b/web/src/main/java/lcsb/mapviewer/security/MvInvalidSessionStrategy.java
-package lcsb.mapviewer.security;
-
-import java.io.IOException;
-
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.log4j.Logger;
-import org.springframework.security.web.session.InvalidSessionStrategy;
-import org.springframework.util.StringUtils;
-
-/**
- * Implementation of the Spring invalidation startegy. Class used when user
- * session was invalidated (expired).
- * 
- * @author Piotr Gawron
- * 
- */
-public class MvInvalidSessionStrategy implements InvalidSessionStrategy {
-
-  /**
-   * Default class logger.
-   */
-  private static Logger logger = Logger.getLogger(MvInvalidSessionStrategy.class);
-
-  /**
-   * String identifier of the faces request header.
-   */
-  private static final String FACES_REQUEST_HEADER = "faces-request";
-
-  /**
-   * Default constructor.
-   * 
-   * @param invalidSessionUrl
-   *          url that should be used when session was invalidated
-   */
-  public MvInvalidSessionStrategy(String invalidSessionUrl) {
-    logger.debug("Invalid session url (not used): " + invalidSessionUrl);
-  }
-
-  @Override
-  public void onInvalidSessionDetected(HttpServletRequest request, HttpServletResponse response)
-      throws IOException, ServletException {
-    // boolean ajaxRedirect =
-    // "partial/ajax".equals(request.getHeader(FACES_REQUEST_HEADER));
-    //
-    // if (!response.isCommitted()) {
-    // if (ajaxRedirect) {
-    // // with expired ajax queries we have a problem.. We must refresh webpage
-    // // and create a new session,
-    // // we cannot redirect directly to the original page, because browser
-    // // won't reload it,
-    // // so the trick is to send javascript code that will reload browser
-    // String reloadString = createAjaxReloadPageXml();
-    // logger.info("Session expired with Ajax request, reloadXml:" + reloadString);
-    //
-    // response.setContentType("text/xml");
-    // response.getWriter().write(reloadString);
-    //
-    // } else {
-    // String requestURI;
-    // if (!Configuration.LOGIN_PAGE.endsWith(request.getServletPath())) {
-    // // we don't want to redirect, let's keep the last url
-    // requestURI = getRequestUrl(request);
-    // logger.info("Session expired without Ajax request:" + requestURI);
-    // } else {
-    // requestURI = getRequestUrl(request);
-    // logger.info("User forced logout" + requestURI);
-    // }
-    //
-    // logger.info("Staring new session");
-    // request.getSession(true);
-    // response.sendRedirect(requestURI);
-    // }
-    // }
-    // return;
-  }
-
-  /**
-   * Returns request url.
-   * 
-   * @param request
-   *          request object
-   * @return request url
-   */
-  private String getRequestUrl(HttpServletRequest request) {
-    StringBuffer requestURL = request.getRequestURL();
-
-    String queryString = request.getQueryString();
-    if (StringUtils.hasText(queryString)) {
-      requestURL.append("?").append(queryString);
-    }
-
-    logger.info("Url: " + requestURL.toString());
-    return requestURL.toString();
-  }
-
-  /**
-   * Creates ajax string that reload site in the client browser.
-   * 
-   * @return ajax string that reload browser
-   */
-  private String createAjaxReloadPageXml() {
-    return "<partial-response><changes><eval><![CDATA[location.reload(true);]]></eval></changes></partial-response>";
-  }
-
-}
--- a/web/src/main/java/lcsb/mapviewer/security/MvJsfRedirectStrategy.java
+++ b/web/src/main/java/lcsb/mapviewer/security/MvJsfRedirectStrategy.java
-package lcsb.mapviewer.security;
-
-import java.io.IOException;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.log4j.Logger;
-import org.springframework.security.web.RedirectStrategy;
-import org.springframework.security.web.util.UrlUtils;
-
-/**
- * Spring redirect strategy (Not sure if it of any use).
- * 
- * @author Piotr Gawron
- * 
- */
-public class MvJsfRedirectStrategy implements RedirectStrategy {
-	/**
-	 * Default class logger.
-	 */
-	private static Logger	logger	= Logger.getLogger(MvJsfRedirectStrategy.class);
-
-	/**
-	 * Are we interested in relative or absolute urls.
-	 */
-	private boolean				contextRelative;
-
-	@Override
-	public void sendRedirect(HttpServletRequest request, HttpServletResponse response, String url) throws IOException {
-
-		if (!response.isCommitted()) {
-			String redirectUrl = calculateRedirectUrl(request.getContextPath(), url);
-			redirectUrl = response.encodeRedirectURL(redirectUrl);
-
-			logger.debug("Redirecting to '" + redirectUrl + "'");
-
-			// we should redirect using ajax response if the case warrants
-			boolean ajaxRedirect = request.getHeader("faces-request") != null && request.getHeader("faces-request").toLowerCase().indexOf("ajax") > -1;
-
-			if (ajaxRedirect) {
-
-				String ajaxRedirectXml = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>" + "<partial-response><redirect url=\"" + redirectUrl
-						+ "\"></redirect></partial-response>";
-				response.setContentType("text/xml");
-				response.getWriter().write(ajaxRedirectXml);
-			} else {
-				response.sendRedirect(redirectUrl);
-			}
-		}
-		return;
-	}
-
-	/**
-	 * Creates redirect url.
-	 * 
-	 * @param contextPath
-	 *          context in which the webpage operates
-	 * @param url
-	 *          url
-	 * @return context (in)dependent url
-	 */
-	private String calculateRedirectUrl(String contextPath, String url) {
-		if (!UrlUtils.isAbsoluteUrl(url)) {
-			if (contextRelative) {
-				return url;
-			} else {
-				return contextPath + url;
-			}
-		}
-
-		// Full URL, including http(s)://
-
-		if (!contextRelative) {
-			return url;
-		}
-
-		// Calculate the relative URL from the fully qualified URL, minus the scheme
-		// and base context.
-		// CHECKSTYLE:OFF
-		url = url.substring(url.indexOf("://") + 3); // strip off scheme
-		// CHECKSTYLE:ON
-		url = url.substring(url.indexOf(contextPath) + contextPath.length());
-
-		if (url.length() > 1 && url.charAt(0) == '/') {
-			url = url.substring(1);
-		}
-
-		return url;
-	}
-
-	/**
-	 * If <tt>true</tt>, causes any redirection URLs to be calculated minus the
-	 * protocol and context path (defaults to <tt>false</tt>).
-	 * 
-	 * @param useRelativeContext
-	 *          the contextRelative value
-	 */
-	public void setContextRelative(boolean useRelativeContext) {
-		this.contextRelative = useRelativeContext;
-	}
-
-}
\ No newline at end of file
--- a/web/src/main/java/lcsb/mapviewer/security/MvSecurityServiceImpl.java
+++ b/web/src/main/java/lcsb/mapviewer/security/MvSecurityServiceImpl.java
@@ -38,7 +38,6 @@ public class MvSecurityServiceImpl implements UserDetailsService {

  @Override
  public UserDetails loadUserByUsername(String login) {
-    logger.debug(login);
    if (login == null || login.trim().isEmpty() || login.equals(Configuration.ANONYMOUS_LOGIN)) {
      return new User(login, passwordEncoder.encode(""), AuthorityUtils.commaSeparatedStringToAuthorityList(""));
    }