logout + changePassword fix

client/pom.xml

@@ -14,13 +14,14 @@
 	<properties>
 		<ohadr.spring.version>3.1.0.RELEASE</ohadr.spring.version>
 		<ohadr.spring.security.version>3.1.0.RELEASE</ohadr.spring.security.version>
+		<!--ohadr.flows.version>1.6.1-SNAPSHOT</ohadr.flows.version-->
 		<ohadr.flows.version>1.6.2-SNAPSHOT</ohadr.flows.version>
 	</properties>
 
 
 
-	<!-- repositories>
-		<repository>
+	<repositories>
+		<!--repository>
 			<id>spring-milestone</id>
 			<name>Spring Framework Milestone Repository</name>
 			<url>http://maven.springframework.pivotal.org/milestone</url>
@@ -29,8 +30,12 @@
 			<id>spring-release</id>
 			<name>Spring Framework Release Repository</name>
 			<url>http://maven.springframework.pivotal.org/release</url>
+		</repository-->
+		<repository>
+			<id>central</id>
+			<url>http://repo1.maven.org/maven2/</url>
 		</repository>
-	</repositories-->
+	</repositories>
 
 
 	<dependencies>
@@ -139,6 +144,12 @@
 			<version>1.2</version>
 		</dependency>
 
+		<dependency>
+			<groupId>javax.servlet.jsp</groupId>
+			<artifactId>jsp-api</artifactId>
+			<version>2.1</version>
+			<scope>provided</scope>
+		</dependency>
 
 		<dependency>
 			<groupId>log4j</groupId>
@@ -189,7 +200,31 @@
 		</dependency>
 
 
+		<dependency>
+			<groupId>org.apache.velocity</groupId>
+			<artifactId>velocity</artifactId>
+			<version>1.7</version>
+		</dependency>
+
+		<dependency>
+			<groupId>com.ohadr</groupId>
+			<artifactId>common-crypto</artifactId>
+			<version>1.6.0-RELEASE</version>
+		</dependency>
+
 
+		<dependency>
+			<groupId>com.jamonapi</groupId>
+			<artifactId>jamon</artifactId>
+			<version>2.81</version>
+		</dependency>
+
+		<dependency>
+			<groupId>com.ohadr</groupId>
+			<artifactId>auth-parent</artifactId>
+			<version>1.6.1-RELEASE</version>
+			<type>pom</type>
+		</dependency>
 
 	</dependencies>
 

client/src/main/java/com/ohadr/security/oauth/examples/impl/DemoServiceImpl.java

@@ -8,7 +8,7 @@ public class DemoServiceImpl implements DemoService
 
     public String getTrustedMessage()
     {
-        String demo = "say hi bitch";
+        String demo = "It works!";
         return demo;
     }
 }

client/src/main/resources/client.properties

@@ -6,16 +6,16 @@ com.ohadr.oauth2.db.host=ohadr.com
 com.ohadr.oauth2.db.port=3306
 com.ohadr.oauth2.db.schema=auth-flows
 
-
-
+com.ohadr.auth-flows.endpoints.accountActivatedEndpointUrl=login/AccountActivated.jsp
+com.ohadr.auth-flows.endpoints.loginSuccessEndpointUrl=secure/hello
 com.ohadr.auth-flows.linksExpirationMinutes=60
 [email protected]
 com.ohadr.auth-flows.mail.password=*****
 com.ohadr.auth-flows.isREST=false
 com.ohadr.auth-flows.email.fromField=ohadr.com Admin
 
 # Crypto settings
-com.ohadr.crypto.keystore=C:/Ohad/Dev/Tools/ohad.ks
+com.ohadr.crypto.keystore=/path/to/ohad.ks
 com.ohadr.crypto.password=kspass
 com.ohadr.crypto.keyAlias=ohadr
 com.ohadr.crypto.createKeystoreFileIfNotExist=false

client/src/main/webapp/WEB-INF/pages/hello.jsp

@@ -1,5 +1,20 @@
+<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
 <html>
 <body>
 <h1>Message : ${message}</h1>
+
+<c:choose>
+  <c:when test="${not empty pageContext.request.userPrincipal}">    
+    User: <c:out value="${pageContext.request.userPrincipal.name}" />
+    <a href="<c:url value='/logout' />" > Logout</a> | <a href="changePassword.jsp"> Change Password</a><br>
+  </c:when>
+  <c:otherwise>
+    <div>
+    <a href="../login/login.htm">Sign In</a> | <a href="../login/createAccount.jsp">Sign Up</a>
+    </div>
+  </c:otherwise>
+</c:choose>
+
+
 </body>
 </html>

client/src/main/webapp/WEB-INF/spring-servlet.xml

@@ -21,7 +21,7 @@
     <context:annotation-config />
 
     <mvc:default-servlet-handler />
-
+	<mvc:view-controller path="/" view-name="hello.jsp"/>
     <mvc:annotation-driven/>
 
 
@@ -38,18 +38,26 @@
     <sec:http pattern="/forgotPasswordPage" security="none" />
     <sec:http pattern="/createAccountPage" security="none" />
     <sec:http pattern="/createAccount" security="none" />
-
+	<sec:http pattern="/aa" security="none" />
+    <sec:http pattern="/rp" security="none" />
+    <sec:http pattern="/cp" security="none" />
+
 
 	<sec:http authentication-manager-ref="authenticationManager">
+		<!-- sec:intercept-url pattern="/secure/**" access="ROLE_USER" /-->
 		<sec:intercept-url pattern="/secure/**" access="ROLE_USER" />
+		<!--sec:intercept-url pattern="/**" access="ROLE_USER"/-->
+
+		<sec:logout logout-success-url="/login/login.htm" logout-url="/logout" />
 		<sec:anonymous/>
 
         <!-- sec:form-login/-->
 
 		<sec:form-login 
-			login-page="/login/login.htm" 
+			login-page="/login/login.htm"
 			authentication-success-handler-ref="authenticationSuccessHandler"
 			authentication-failure-handler-ref="authenticationFailureHandler" />
+			<!-- default-target-url="/secure/hello" -->
 
         <sec:remember-me 
 			data-source-ref="dataSource"
@@ -62,7 +70,10 @@
 		<constructor-arg value="/login/login.htm?login_error=1"/>
 		<property name="accountLockedUrl" value="/login/accountLocked.htm" />
 	</bean>
-
+
+	<!-- bean id="authenticationSuccessHandler" class="com.ohadr.auth_flows.core.AuthenticationSuccessHandlerr">
+    	<property name="defaultTargetUrl" value="/secure/hello"/>
+	</bean -->
 
 	<!-- bean name="loginUrlAuthenticationEntryPoint" class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint">
 		<property name="loginFormUrl" value="/oauth/commence" />

client/src/main/webapp/WEB-INF/web.xml

@@ -29,5 +29,9 @@
         <url-pattern>/</url-pattern>
     </servlet-mapping>
 
+    <error-page>
+        <error-code>404</error-code>
+    	<location>/secure/hello</location>
+    </error-page>
 
 </web-app>

client/src/main/webapp/login/passwordRestoreEmailSent.jsp

@@ -6,8 +6,8 @@
 <body>
 	<h3>Restore Message was sent</h3>
 			<div style="margin-top:  25px ;position: relative; font:15px">
-					A restore message was sent to <span style="font-weight:bold"><%= request.getParameter("email") %></span><br>
-					Please follow the instructions in the message in order to set a new password. 
+					A restore message was sent to <span style="font-weight:bold">${param.email}</span><br>
+					Please follow the instructions in the message in order to set a new password.
 			</div>
 
 </body>

client/src/main/webapp/login/passwordSetSuccess.jsp

@@ -6,8 +6,8 @@
 <body>
 	<h3>Password Set Successfully</h3>
 			<div style="margin-top:  25px ;position: relative; font:15px">
-					Password was set successfully to user <span style="font-weight:bold"><%= request.getParameter("email") %></span><br>
-					Try to login again with the new password. 
+					Password was set successfully to user <span style="font-weight:bold">${param.email}</span><br>
+					Click <a href="../${param.loginSuccessEndpointUrl}">here</a> to proceed. 
 			</div>
 
 </body>

client/src/main/webapp/login/changePassword.jsp → client/src/main/webapp/secure/changePassword.jsp

@@ -5,8 +5,9 @@
 	<title>Set New Password Page</title>
 </head>
 
-<body onload='document.f.password.focus();InitCreateAccount();setEnc()'>
-	<h3>Set New Password</h3>
+<!-- onload='document.f.password.focus();InitCreateAccount();setEnc()'  -->
+<body >
+	<h3>Change Password</h3>
 
 	<%   
 	    if ( null != request.getParameter("err_msg") ) {
@@ -17,15 +18,19 @@
 	<%   } %>
 
 	<form name='f' id='f' 
-		action='../setNewPassword'
+		action='../changePassword'
 		method='POST'>
 		<table>
 			<tr>
 				<td><input type='hidden' name='enc' /></td>
 			</tr>
 			<tr>
-				<td>Password:</td>
-				<td><input type='password' name='password' /></td>
+				<td>Current password:</td>
+				<td><input type='password' name='currentPassword' /></td>
+			</tr>
+			<tr>
+				<td>New Password:</td>
+				<td><input type='password' name='newPassword' /></td>
 			</tr>
 			<tr>
 				<td>Confirm Password:</td>

fastbuild.sh

@@ -0,0 +1,6 @@
+echo "Running Maven Build WITHOUT tests... For development purposes only !"
+export MAVEN_OPTS="-Xmx2048m -XX:MaxPermSize=512M"
+
+# mvn clean install eclipse:clean eclipse:eclipse -DskipTests -DdownloadSources=true
+
+mvn clean install -U -DskipTests -DdownloadSources=true