diff --git a/src/main/java/mx/gob/jumapacelaya/api/SecurityConfig.java b/src/main/java/mx/gob/jumapacelaya/api/SecurityConfig.java index b224983..fb692aa 100644 --- a/src/main/java/mx/gob/jumapacelaya/api/SecurityConfig.java +++ b/src/main/java/mx/gob/jumapacelaya/api/SecurityConfig.java @@ -3,6 +3,8 @@ package mx.gob.jumapacelaya.api; import com.vaadin.flow.spring.security.VaadinWebSecurity; import mx.gob.jumapacelaya.services.UserService; import mx.gob.jumapacelaya.views.login.LoginView; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; import org.springframework.context.annotation.Bean; @@ -11,6 +13,7 @@ import org.springframework.http.HttpMethod; import org.springframework.ldap.core.support.LdapContextSource; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.builders.WebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAuthenticationProvider; import org.springframework.security.web.util.matcher.AntPathRequestMatcher; @@ -18,14 +21,21 @@ import org.springframework.security.web.util.matcher.AntPathRequestMatcher; @EnableWebSecurity @Configuration public class SecurityConfig extends VaadinWebSecurity { + private static final Logger log = LoggerFactory.getLogger(SecurityConfig.class); private UserService userService; - public void setUserService(UserService userService) { this.userService = userService; } + + @Override + public void configure(WebSecurity web) throws Exception { + // Customize your WebSecurity configuration. + super.configure(web); + } + @Override protected void configure(HttpSecurity http) throws Exception { http.authorizeHttpRequests(auth -> auth @@ -39,14 +49,16 @@ public class SecurityConfig extends VaadinWebSecurity { ) .formLogin(formLogin -> formLogin .loginPage("/login") - .successHandler((request, response, authentication) -> { - String username = authentication.getName(); + /*.successHandler((request, response, authentication) -> { + //String username = authentication.getName(); + log.debug("Configure:loginSuccess: {}", authentication.getName()); if (userService.getAuthenticatedRedmineUser() == null) { + log.debug("Configure:getAuthenticatedRedmineUser Error: {}", authentication.getName()); response.sendRedirect("/login"); - } else { - response.sendRedirect(""); - } - }) + } //else { + //response.sendRedirect(""); + //} + })*/ .failureUrl("/login?error=true") // Corrigiendo la URL de fallo ); super.configure(http); diff --git a/src/main/java/mx/gob/jumapacelaya/api/SecurityService.java b/src/main/java/mx/gob/jumapacelaya/api/SecurityService.java index 1afc286..1dc157c 100644 --- a/src/main/java/mx/gob/jumapacelaya/api/SecurityService.java +++ b/src/main/java/mx/gob/jumapacelaya/api/SecurityService.java @@ -1,12 +1,16 @@ package mx.gob.jumapacelaya.api; import com.vaadin.flow.spring.security.AuthenticationContext; +import mx.gob.jumapacelaya.views.login.LoginView; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; import org.springframework.security.core.Authentication; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.stereotype.Component; @Component public class SecurityService { + private static final Logger log = LoggerFactory.getLogger(SecurityService.class); private final AuthenticationContext authenticationContext; @@ -16,6 +20,9 @@ public class SecurityService { public String getAuthenticatedUser() { Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); + + log.debug("Authentication: {}", authentication.getName()); + if (authentication != null) { return authentication.getName(); } diff --git a/src/main/java/mx/gob/jumapacelaya/services/UserService.java b/src/main/java/mx/gob/jumapacelaya/services/UserService.java index f78faa8..f8d12a1 100644 --- a/src/main/java/mx/gob/jumapacelaya/services/UserService.java +++ b/src/main/java/mx/gob/jumapacelaya/services/UserService.java @@ -32,7 +32,7 @@ public class UserService { public RedmineUser getAuthenticatedRedmineUser() { try { String username = securityService.getAuthenticatedUser(); - logger.info("Usuario autenticado: " + username); + logger.debug("Usuario autenticado: {}", username); if (username != null) { RedmineUser user = redmineClient.getUserByUsername(username); if (user == null) { @@ -88,6 +88,9 @@ public class UserService { VaadinService.getCurrentRequest().getWrappedSession().setAttribute("myaccount", myAccount); } } + }else{ + logger.error("No se pudo obtener al usuario autenticado en Redmine"); + securityService.logout(); } } return userclient; diff --git a/src/main/java/mx/gob/jumapacelaya/views/login/LoginView.java b/src/main/java/mx/gob/jumapacelaya/views/login/LoginView.java index e68ff77..0c89e01 100644 --- a/src/main/java/mx/gob/jumapacelaya/views/login/LoginView.java +++ b/src/main/java/mx/gob/jumapacelaya/views/login/LoginView.java @@ -25,7 +25,7 @@ public class LoginView extends VerticalLayout implements BeforeEnterObserver { private static final Logger log = LoggerFactory.getLogger(LoginView.class); private final LoginForm login = new LoginForm(); - public LoginView(UserService userService, RedmineClient redmineClient) { + public LoginView() { login.addClassName("special"); // ConfiguraciĆ³n de la vista diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties index 68c14c2..4e1161b 100644 --- a/src/main/resources/application.properties +++ b/src/main/resources/application.properties @@ -19,7 +19,7 @@ spring.ldap.password=Dr3na$134%4guA ########PRODUCTIVO################################# redmine.url=https://proyman.jumapacelaya.gob.mx/ -redmine.api_key=98158784609a110b3f9e837ac961d73b9ec58271 +redmine.api_key=69be2a5df9bacce02722f566fdf0731d728a1b86 ########LOCAL######################################