diff --git a/src/main/java/com/mousetech/gourmetj/AdminMainBean.java b/src/main/java/com/mousetech/gourmetj/AdminMainBean.java
index 8af78ab..24ddd91 100644
--- a/src/main/java/com/mousetech/gourmetj/AdminMainBean.java
+++ b/src/main/java/com/mousetech/gourmetj/AdminMainBean.java
@@ -12,27 +12,22 @@ import com.mousetech.gourmetj.persistence.model.Recipe;
import com.mousetech.gourmetj.persistence.service.RecipeService;
import jakarta.annotation.PostConstruct;
-import jakarta.enterprise.context.RequestScoped;
import jakarta.faces.event.AjaxBehaviorEvent;
import jakarta.faces.model.DataModel;
import jakarta.faces.model.ListDataModel;
+import jakarta.faces.view.ViewScoped;
import jakarta.inject.Inject;
import jakarta.inject.Named;
/**
* Main control panel backing bean.
*
- * The rare and fabled RequestScope, which is otherwise
- * useless 90% of the time. Here we maintain no session
- * state. so we can better support the session timeout
- * for editing functions.
- *
* @author timh
* @since Jun 28, 2012
*/
@Named
-@RequestScoped
+@ViewScoped
public class AdminMainBean implements Serializable {
/**
@@ -49,9 +44,6 @@ public class AdminMainBean implements Serializable {
private static final Logger log =
LoggerFactory.getLogger(AdminMainBean.class);
- /** Cookie delimiter */
- private static final String CKDLM = ",";
-
/**
* Persistency service for Recipes.
*/
@@ -289,4 +281,9 @@ public class AdminMainBean implements Serializable {
// items.
return "recipeDetails?faces-redirect=true";
}
+
+ public String doLogout() {
+ JSFUtils.logout();
+ return null;
+ }
}
diff --git a/src/main/java/com/mousetech/gourmetj/JSFUtils.java b/src/main/java/com/mousetech/gourmetj/JSFUtils.java
index de3d819..d94e6dc 100644
--- a/src/main/java/com/mousetech/gourmetj/JSFUtils.java
+++ b/src/main/java/com/mousetech/gourmetj/JSFUtils.java
@@ -164,5 +164,9 @@ public class JSFUtils {
log.warn("Session did not exist.");
}
+ }
+
+ public static HttpSession getSession(boolean create) {
+ return (HttpSession) getExternalContext().getSession(create);
}
}
diff --git a/src/main/java/com/mousetech/gourmetj/RecipeDetailBean.java b/src/main/java/com/mousetech/gourmetj/RecipeDetailBean.java
index 847c56c..cb97e78 100644
--- a/src/main/java/com/mousetech/gourmetj/RecipeDetailBean.java
+++ b/src/main/java/com/mousetech/gourmetj/RecipeDetailBean.java
@@ -14,12 +14,10 @@ import jakarta.faces.model.ListDataModel;
import jakarta.faces.view.ViewScoped;
import jakarta.inject.Inject;
import jakarta.inject.Named;
-import jakarta.servlet.http.Part;
import jakarta.faces.event.AjaxBehaviorEvent;
import org.apache.commons.lang3.StringUtils;
import org.primefaces.event.FileUploadEvent;
-import org.primefaces.model.file.UploadedFile;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -980,7 +978,7 @@ public class RecipeDetailBean implements Serializable {
public String editDescription() {
this.setDetailTab(0);
- return "detailEdit?faces-redirect=true";
+ return "detailEdit.xhtml?faces-redirect=true";
}
public String editIngredients() {
diff --git a/src/main/java/com/mousetech/gourmetj/SpringPrimeFacesApplication.java b/src/main/java/com/mousetech/gourmetj/SpringPrimeFacesApplication.java
index 5db90e5..cef2455 100644
--- a/src/main/java/com/mousetech/gourmetj/SpringPrimeFacesApplication.java
+++ b/src/main/java/com/mousetech/gourmetj/SpringPrimeFacesApplication.java
@@ -21,10 +21,11 @@ import org.springframework.http.HttpStatus;
"com.mousetech.gourmetj.persistence.model" })
public class SpringPrimeFacesApplication {
+ final String homePage = "/main.jsf?viewExpired=true";
final String errorPage = "/error/error.html";
- final String error404Page = "/error/error404.html";
+ final String error404Page = "/error/error404.jsp";
final String error400Page = "/error/error400.jsp";
- final String expiredPage = "/main.xhtml";
+ final String expiredPage = "/error/viewExpired.xhtml";
public static void main(String[] args) {
SpringApplication.run(SpringPrimeFacesApplication.class,
diff --git a/src/main/java/com/mousetech/gourmetj/SpringSecurityConfig.java b/src/main/java/com/mousetech/gourmetj/SpringSecurityConfig.java
index 0962e36..b9c5467 100644
--- a/src/main/java/com/mousetech/gourmetj/SpringSecurityConfig.java
+++ b/src/main/java/com/mousetech/gourmetj/SpringSecurityConfig.java
@@ -20,6 +20,7 @@ import org.springframework.security.config.annotation.web.configuration.EnableWe
import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer;
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint;
import jakarta.servlet.DispatcherType;
@@ -99,24 +100,24 @@ public class SpringSecurityConfig {
return ocreds;
}
- @Bean
- SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
-
- http
- .csrf(AbstractHttpConfigurer::disable)
- .cors(AbstractHttpConfigurer::disable)
- .formLogin(formLogin ->
- formLogin
- .loginPage("/login.xhtml")
- .permitAll())
- .authorizeHttpRequests((authorize)-> authorize
- .dispatcherTypeMatchers(DispatcherType.FORWARD, DispatcherType.ERROR).permitAll()
- .anyRequest().authenticated()
- );
-
- return http.build();
- }
-
+ @Bean
+ SecurityFilterChain securityFilterChain(HttpSecurity http)
+ throws Exception {
+
+ http.csrf(AbstractHttpConfigurer::disable)
+ .cors(AbstractHttpConfigurer::disable)
+ .formLogin(login -> login.loginPage("/login.jsf")
+ .permitAll()
+ .failureUrl("/login.jsf?error=true"))
+ .logout(logout -> logout
+ .logoutSuccessUrl("/login.jsf"))
+ .httpBasic(Customizer.withDefaults())
+ .authorizeHttpRequests((authorize) -> authorize
+ .anyRequest().authenticated());
+
+ return http.build();
+ }
+
/**
* Replaces old antMatchers for determining secured URLs.
* @return customizer
@@ -124,14 +125,19 @@ public class SpringSecurityConfig {
@Bean
public WebSecurityCustomizer webSecurityCustomizer() {
return (web) -> web.ignoring().requestMatchers(
- "/jakarta.faces.resource/**",
- "/index.xhtml",
+ "/jakarta.faces.resource/**",
"/",
- "/index.jsf",
- "/login",
+ "/index.html",
+// "/login",
+// "/login.jsf", // Leave them for the authenticator!
+// "/login.xhtml",
"/main.jsf",
+ "/main.xhtml",
"/img/**",
+ "/error/**",
+ "/RES_NOT_FOUND",
"/recipeDetails.jsf",
+ "/recipeDetails.xhtml",
"/shoppingList.jsf",
"/recipePrint.jsf");
}
diff --git a/src/main/java/com/mousetech/gourmetj/UserSession.java b/src/main/java/com/mousetech/gourmetj/UserSession.java
index 3a3fd45..c100fcd 100644
--- a/src/main/java/com/mousetech/gourmetj/UserSession.java
+++ b/src/main/java/com/mousetech/gourmetj/UserSession.java
@@ -5,10 +5,8 @@ import java.util.ArrayList;
import java.util.List;
import jakarta.enterprise.context.SessionScoped;
-import jakarta.faces.model.SelectItem;
import jakarta.inject.Named;
-import org.primefaces.PrimeFaces;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
diff --git a/src/main/resources/META-INF/resources/WEB-INF/faces-config.xml b/src/main/resources/META-INF/resources/WEB-INF/faces-config.xml
index 72e6a43..853a7e7 100644
--- a/src/main/resources/META-INF/resources/WEB-INF/faces-config.xml
+++ b/src/main/resources/META-INF/resources/WEB-INF/faces-config.xml
@@ -25,7 +25,7 @@
This URL is invalid.
- - - diff --git a/src/main/resources/META-INF/resources/error/error404.jsp b/src/main/resources/META-INF/resources/error/error404.jsp new file mode 100644 index 0000000..c92563a --- /dev/null +++ b/src/main/resources/META-INF/resources/error/error404.jsp @@ -0,0 +1,12 @@ +<%@ page language="java" contentType="text/html; charset=US-ASCII" + pageEncoding="US-ASCII" isErrorPage="true"%> + + + +The page state could not be restored because it was - left idle too long.
- - - \ No newline at end of file diff --git a/src/main/resources/META-INF/resources/index.html b/src/main/resources/META-INF/resources/index.html index daa0588..83073ea 100644 --- a/src/main/resources/META-INF/resources/index.html +++ b/src/main/resources/META-INF/resources/index.html @@ -1,13 +1,8 @@ - -This is an implementation of Thomas Hinkle's Gourmet Recipe Manager, originally a desktop @@ -20,5 +15,5 @@
This is an open-source application under the Common Development and Distribution License (CDDL).
-