Google Git
Sign in
apache / esme / 3fda2966f5bea964df0f11a5a73636516d98ba42^! / .
commit3fda2966f5bea964df0f11a5a73636516d98ba42[log] [tgz]
authorIvanov Vladimir Viktorovich <lester@apache.org>Sun May 15 22:58:56 2011 +0000
committerIvanov Vladimir Viktorovich <lester@apache.org>Sun May 15 22:58:56 2011 +0000
tree9ef9a88618161d4e2444a19182ac3672ecb85182
parent6fff1f87fc6799ed1143b6e68a9aa7130e0f1476 [diff]
Made other types of auth inactive on login screen when LDAP is enabled. Externalized allowed role list into property file.

git-svn-id: https://svn.apache.org/repos/asf/esme/trunk/server@1103572 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/src/main/resources/props/default.props b/src/main/resources/props/default.props
index e6d88c6..a2e840d 100644
--- a/src/main/resources/props/default.props
+++ b/src/main/resources/props/default.props

@@ -54,3 +54,7 @@
 ldap.userBase=ou=Users,ou=esme,dc=lester,dc=org
 ;Group base DN to check whether user has specific role
 ldap.groupBase=ou=Groups,ou=esme,dc=lester,dc=org
+
+
+;Allow access to application for following roles
+role_list=esme-users,monitoring-admin
\ No newline at end of file

diff --git a/src/main/scala/org/apache/esme/model/UserAuth.scala b/src/main/scala/org/apache/esme/model/UserAuth.scala
index a0328f2..84e69d7 100644
--- a/src/main/scala/org/apache/esme/model/UserAuth.scala
+++ b/src/main/scala/org/apache/esme/model/UserAuth.scala

@@ -20,6 +20,7 @@
 package org.apache.esme.model
 
 import net.liftweb._
+import common.Box._
 import common.Logger._
 import mapper._
 import openid._
@@ -120,8 +121,13 @@
 }
 
 object UserPwdAuthModule extends AuthModule {
-  def loginPresentation: Box[NodeSeq] =
-  TemplateFinder.findAnyTemplate("templates-hidden" :: "upw_login_form" :: Nil)
+  def loginPresentation: Box[NodeSeq] = {
+    val ldapBind : CssBindFunc = "#ldapEnabled [value]" #> (Props.getBool("ldap.enabled") openOr false)
+    TemplateFinder.findAnyTemplate("templates-hidden" :: "upw_login_form" :: Nil) match {
+      case Full(tpl) => Full(ldapBind(tpl))
+      case _ => Empty
+    }
+  }
 
   def moduleName: String = "upw"
 
@@ -281,6 +287,11 @@
 
   object myLdapVendor extends LDAPVendor
 
+  val rolesToCheck = Props.get("role_list") match {
+    case Full(s) => s.split(',').toList
+    case _ => Nil
+  }
+
   var currentRole : String = _
 
   def myLdap : LDAPVendor = {
@@ -358,12 +369,6 @@
 
 object ContainerManagedAuthModule extends AuthModule with LDAPBase {
 
-  // It's possible to get roles list from some external source
-  // for example from LDAP via Lift API
-  val rolesToCheck = List(
-    "esme-users"
-  )
-
   override def isDefault = false
 
   def loginPresentation: Box[NodeSeq] = Empty
@@ -443,12 +448,6 @@
 
 object LDAPAuthModule extends AuthModule with LDAPBase {
 
-  // It's possible to get roles list from some external source
-  // for example from LDAP via Lift API
-  val rolesToCheck = List(
-    "esme-users", "monitoring-admin"
-  )
-
   override def isDefault = false
 
   def loginPresentation: Box[NodeSeq] = TemplateFinder.findAnyTemplate("templates-hidden" :: "ldap_login_form" :: Nil)

diff --git a/src/main/webapp/scripts/display_single_message.js b/src/main/webapp/scripts/display_single_message.js
index 3298c92..bd9b91a 100644
--- a/src/main/webapp/scripts/display_single_message.js
+++ b/src/main/webapp/scripts/display_single_message.js

@@ -24,10 +24,12 @@
   	
   if (document.forms[0].open_id.value != "")
      document.forms[0].action = 'open_id/login';
- else
+  else if(jQuery('input#ldapEnabled').val() == 'true')
+     document.forms[0].action = 'ldap/login';
+  else
      document.forms[0].action = 'authentication/login';
-    
-     
+
+
   document.forms[0].submit();	
 }                      
 // ]]>
\ No newline at end of file

diff --git a/src/main/webapp/templates-hidden/default.html b/src/main/webapp/templates-hidden/default.html
index 4409c53..6420c05 100644
--- a/src/main/webapp/templates-hidden/default.html
+++ b/src/main/webapp/templates-hidden/default.html

@@ -37,7 +37,7 @@
                     </div>
                     <div id="top-menu">
                         <lift:Menu.item name="sign_up">
-                       <img src="images/btn-signup.gif" alt="" />
+                       <img id="btn_signup" src="images/btn-signup.gif" alt="" />
                     </lift:Menu.item>
                     </div>
                 </div>

diff --git a/src/main/webapp/templates-hidden/upw_login_form.html b/src/main/webapp/templates-hidden/upw_login_form.html
index 0e48afe..d64f834 100644
--- a/src/main/webapp/templates-hidden/upw_login_form.html
+++ b/src/main/webapp/templates-hidden/upw_login_form.html

@@ -25,6 +25,10 @@
             jQuery('input[type=\'image\']').bind('click', function() {
                 jQuery('form[name=\'loginFrm\']').attr('action', 'javascript:login()').submit();
             });
+            if(jQuery('input#ldapEnabled').val() == 'true') {
+                jQuery('div#openIdSection').hide();
+                jQuery('img#btn_signup').hide();
+            }
         });
         </script>
  
@@ -49,9 +53,11 @@
 							<input type="password" name="password" value="" class="inputBox2"/><!--narrow input field-->
 						</div>	
 						
+                        <input id="ldapEnabled" type="hidden" value=""/>
+
 						<div class="line"></div>
 						
-						<div class="post-form-row"> 
+						<div id="openIdSection" class="post-form-row">
 							<label><lift:loc>ui_login_openid</lift:loc></label>
 							<input type="text" name="open_id" value="" class="inputBox2"/><!--narrow input field-->
 						</div>