Spring backend and Aurelia frontend integration steps

[TomasKulhanek]

• [x] create user if authenticated by West-Life SSO and not exists in Repository.
• [x] REST to return HTTP 401 unauthorized if no West-Life SSO or Spring authentication is not provided, currently subsequent exception thrown.
• [x] Aurelia frontend - based on HTTP 401 redirect to login
• [x] /repository/* - default FRONTEND UI, is protected by West-Life SSO, backend is able to access SSO attributes of logged user, Aurelia based frontend
• [x] /staff/* - FRONTEND UI, is protected by proprietar authentication of backend, Aurelia based frontend
• [x] /admin/* - BACKEND UI, is protected by proprietar authentication of backend, frontend is delivered by JSP pages
• [x] /restcon/* - REST API, is protected by West-Life SSO, backend is able to access SSO attributes of logged user
• [x] /restcon/user - returns info of currently logged in user, frontend shows logged user
• [x] login?next=[someurl] will redirect to someurl instead of default '/'
• [x] API for filelist http://internal-wiki.west-life.eu/w/index.php?title=D6.2:Virtual_Folder_and_Repository#REST_API
• [x] frontend show filelist of dataset (integrate filemanager of VF)

December review and tasks:

• [x] demo user - no login needed - at /repositorytest and /restcontest api available for limited purpose.
• [x] click on project/dataset puts to ULR query - this can be coppied/pasted to reference the project/dataset quickly project: repositorytest/index.html#/dashboard/project/1 dataset: repositorytest/index.html#/dashboard/dataset/1
• [x] right click - download file
• [x] icons next to file - click on icon will allow to download, process NMR, future provisioning, provenance,
• [x] add Logout button

January tasks:

• [x] projectapi to communicate UI and backend - retrieve project proposal from local DB and dataset/filelist.
• [x] WEBDAV client to view file list of selected dataset
• [x] ARIA api client code with client_id for repository instance - in ariademo/*
• [x] import proposals from ARIA DB - new ariaapi in frontend introduced

[andreagia]

I you want to manage this exception on spring security is quite simple in spring-wp6/src/main/java/org/cirmmp/spring/security/SecurityConfiguration.java add in configure method http // ... .and() .exceptionHandling().accessDeniedPage("/accessDenied.jsp");

On 24 Nov 2017, at 10:40, Tomas Kulhanek notifications@github.com wrote:

create user if authenticated by West-Life SSO and not exists in Repository. REST to return HTTP 403 unauthorized if no West-Life SSO or Spring authentication is not provided, currently subsequent exception thrown. — You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/h2020-westlife-eu/wp6-repository/issues/11, or mute the thread https://github.com/notifications/unsubscribe-auth/AMaWidsxQtBzlJhsRUh-yL6GnL-feuX_ks5s5o8XgaJpZM4QplDa.

[TomasKulhanek]

I thought that it may be addressed by AOP.

import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Before;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.oauth2.common.exceptions.UnauthorizedUserException;
@Aspect
public class CheckAuth {
    @Before("execution(* org.cirmmp.spring.controller.RestCon.*(xusername, xname))")
    public void checkAuthentication(String xusername,String xname){
        String ssoId = (xusername.length()>0)? xusername: SecurityContextHolder.getContext().getAuthentication().getName();
        if (ssoId=="") {
            throw new UnauthorizedUserException("authorization required");
            //new ResponseEntity("authorization required", HttpStatus.UNAUTHORIZED);
        } else {
            //LOG.info("checkAuthentication: OK");
        }
    }
}

Seems additional configuration needs to be done, for this purpose bit overkill.

[andreagia]

I think is better to leave the security exception managed by spring security if they are addressed

[TomasKulhanek]

Agree - added spring security to return 401 instead of redirect as proposed at https://stackoverflow.com/a/30935622/1374834

• might be changed in future to return 401 in case of specific exceptions

[TomasKulhanek]

Going to /login?next=http://localhost:9000 should redirect after succesful login to the url after next. How to achieve it in Spring? Modified appcontroller.java seems not to do that.

    @RequestMapping(value = "/login", method = RequestMethod.GET)
    public String loginPage(@RequestParam(name="next",defaultValue="") String redirecturl) {
        LOG.info("loginPage(), redirect next "+redirecturl);
        if (isCurrentAuthenticationAnonymous()) {
            return "login";
        } else {
            if (redirecturl.length()>0 )
                return "redirect:"+redirecturl;
            else
            return "redirect:/list";  
        }
    }

[andreagia]

try to add this

http. ///// .defaultSuccessUrl("/success.html", true)

after formLogin()

On 24 Nov 2017, at 13:15, Tomas Kulhanek notifications@github.com wrote:

Going to /login?next=http://localhost:9000 http://localhost:9000/ should redirect after succesful login to the url after next. How to achieve it in Spring? Modified appcontroller.java seems not to do that.

@RequestMapping(value = "/login", method = RequestMethod.GET) public String loginPage(@RequestParam(name="next",defaultValue="") String redirecturl) { LOG.info("loginPage(), redirect next "+redirecturl); if (isCurrentAuthenticationAnonymous()) { return "login"; } else { if (redirecturl.length()>0 ) return "redirect:"+redirecturl; else return "redirect:/list";
} } — You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/h2020-westlife-eu/wp6-repository/issues/11#issuecomment-346815923, or mute the thread https://github.com/notifications/unsubscribe-auth/AMaWicxFu_g5PbbhFGFY1VCHPVPJ-mhYks5s5rNjgaJpZM4QplDa.

[andreagia]

in SecurityConfiguration.java

On 24 Nov 2017, at 14:51, Andrea Giachetti andreagia71@gmail.com wrote:

try to add this

http. ///// .defaultSuccessUrl("/success.html", true)

after formLogin()

On 24 Nov 2017, at 13:15, Tomas Kulhanek <notifications@github.com mailto:notifications@github.com> wrote:

Going to /login?next=http://localhost:9000 http://localhost:9000/ should redirect after succesful login to the url after next. How to achieve it in Spring? Modified appcontroller.java seems not to do that.

@RequestMapping(value = "/login", method = RequestMethod.GET) public String loginPage(@RequestParam(name="next",defaultValue="") String redirecturl) { LOG.info("loginPage(), redirect next "+redirecturl); if (isCurrentAuthenticationAnonymous()) { return "login"; } else { if (redirecturl.length()>0 ) return "redirect:"+redirecturl; else return "redirect:/list";
} } — You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/h2020-westlife-eu/wp6-repository/issues/11#issuecomment-346815923, or mute the thread https://github.com/notifications/unsubscribe-auth/AMaWicxFu_g5PbbhFGFY1VCHPVPJ-mhYks5s5rNjgaJpZM4QplDa.