Made other types of auth inactive on login screen when LDAP is enabled. Externalized allowed role list into property file.
git-svn-id: https://svn.apache.org/repos/asf/esme/trunk/server@1103572 13f79535-47bb-0310-9956-ffa450edef68
diff --git a/src/main/resources/props/default.props b/src/main/resources/props/default.props
index e6d88c6..a2e840d 100644
--- a/src/main/resources/props/default.props
+++ b/src/main/resources/props/default.props
@@ -54,3 +54,7 @@
ldap.userBase=ou=Users,ou=esme,dc=lester,dc=org
;Group base DN to check whether user has specific role
ldap.groupBase=ou=Groups,ou=esme,dc=lester,dc=org
+
+
+;Allow access to application for following roles
+role_list=esme-users,monitoring-admin
\ No newline at end of file
diff --git a/src/main/scala/org/apache/esme/model/UserAuth.scala b/src/main/scala/org/apache/esme/model/UserAuth.scala
index a0328f2..84e69d7 100644
--- a/src/main/scala/org/apache/esme/model/UserAuth.scala
+++ b/src/main/scala/org/apache/esme/model/UserAuth.scala
@@ -20,6 +20,7 @@
package org.apache.esme.model
import net.liftweb._
+import common.Box._
import common.Logger._
import mapper._
import openid._
@@ -120,8 +121,13 @@
}
object UserPwdAuthModule extends AuthModule {
- def loginPresentation: Box[NodeSeq] =
- TemplateFinder.findAnyTemplate("templates-hidden" :: "upw_login_form" :: Nil)
+ def loginPresentation: Box[NodeSeq] = {
+ val ldapBind : CssBindFunc = "#ldapEnabled [value]" #> (Props.getBool("ldap.enabled") openOr false)
+ TemplateFinder.findAnyTemplate("templates-hidden" :: "upw_login_form" :: Nil) match {
+ case Full(tpl) => Full(ldapBind(tpl))
+ case _ => Empty
+ }
+ }
def moduleName: String = "upw"
@@ -281,6 +287,11 @@
object myLdapVendor extends LDAPVendor
+ val rolesToCheck = Props.get("role_list") match {
+ case Full(s) => s.split(',').toList
+ case _ => Nil
+ }
+
var currentRole : String = _
def myLdap : LDAPVendor = {
@@ -358,12 +369,6 @@
object ContainerManagedAuthModule extends AuthModule with LDAPBase {
- // It's possible to get roles list from some external source
- // for example from LDAP via Lift API
- val rolesToCheck = List(
- "esme-users"
- )
-
override def isDefault = false
def loginPresentation: Box[NodeSeq] = Empty
@@ -443,12 +448,6 @@
object LDAPAuthModule extends AuthModule with LDAPBase {
- // It's possible to get roles list from some external source
- // for example from LDAP via Lift API
- val rolesToCheck = List(
- "esme-users", "monitoring-admin"
- )
-
override def isDefault = false
def loginPresentation: Box[NodeSeq] = TemplateFinder.findAnyTemplate("templates-hidden" :: "ldap_login_form" :: Nil)
diff --git a/src/main/webapp/scripts/display_single_message.js b/src/main/webapp/scripts/display_single_message.js
index 3298c92..bd9b91a 100644
--- a/src/main/webapp/scripts/display_single_message.js
+++ b/src/main/webapp/scripts/display_single_message.js
@@ -24,10 +24,12 @@
if (document.forms[0].open_id.value != "")
document.forms[0].action = 'open_id/login';
- else
+ else if(jQuery('input#ldapEnabled').val() == 'true')
+ document.forms[0].action = 'ldap/login';
+ else
document.forms[0].action = 'authentication/login';
-
-
+
+
document.forms[0].submit();
}
// ]]>
\ No newline at end of file
diff --git a/src/main/webapp/templates-hidden/default.html b/src/main/webapp/templates-hidden/default.html
index 4409c53..6420c05 100644
--- a/src/main/webapp/templates-hidden/default.html
+++ b/src/main/webapp/templates-hidden/default.html
@@ -37,7 +37,7 @@
</div>
<div id="top-menu">
<lift:Menu.item name="sign_up">
- <img src="images/btn-signup.gif" alt="" />
+ <img id="btn_signup" src="images/btn-signup.gif" alt="" />
</lift:Menu.item>
</div>
</div>
diff --git a/src/main/webapp/templates-hidden/upw_login_form.html b/src/main/webapp/templates-hidden/upw_login_form.html
index 0e48afe..d64f834 100644
--- a/src/main/webapp/templates-hidden/upw_login_form.html
+++ b/src/main/webapp/templates-hidden/upw_login_form.html
@@ -25,6 +25,10 @@
jQuery('input[type=\'image\']').bind('click', function() {
jQuery('form[name=\'loginFrm\']').attr('action', 'javascript:login()').submit();
});
+ if(jQuery('input#ldapEnabled').val() == 'true') {
+ jQuery('div#openIdSection').hide();
+ jQuery('img#btn_signup').hide();
+ }
});
</script>
@@ -49,9 +53,11 @@
<input type="password" name="password" value="" class="inputBox2"/><!--narrow input field-->
</div>
+ <input id="ldapEnabled" type="hidden" value=""/>
+
<div class="line"></div>
- <div class="post-form-row">
+ <div id="openIdSection" class="post-form-row">
<label><lift:loc>ui_login_openid</lift:loc></label>
<input type="text" name="open_id" value="" class="inputBox2"/><!--narrow input field-->
</div>