Details
diff --git a/examples/as7-eap-demo/server/src/main/webapp/saas/saas-register.jsp b/examples/as7-eap-demo/server/src/main/webapp/saas/saas-register.jsp
index b95d171..e649c42 100755
--- a/examples/as7-eap-demo/server/src/main/webapp/saas/saas-register.jsp
+++ b/examples/as7-eap-demo/server/src/main/webapp/saas/saas-register.jsp
@@ -73,7 +73,7 @@
</section>
<section class="info-area">
<h3>Info area</h3>
- <p>Already have an account? <a href="<%=application.getContextPath()%>/saas/saas-login.jsp">Log in</a>.</p>
+ <p>Already have an account? <a href="<%=application.getContextPath()%>/rest/saas/loginPage.html">Log in</a>.</p>
<ul>
<li><strong>Domain:</strong> 10.0.0.1</li>
<li><strong>Zone:</strong> Live</li>
diff --git a/sdk-html/src/main/java/org/keycloak/sdk/LoginBean.java b/sdk-html/src/main/java/org/keycloak/sdk/LoginBean.java
old mode 100644
new mode 100755
index c7fbbfa..61d5515
--- a/sdk-html/src/main/java/org/keycloak/sdk/LoginBean.java
+++ b/sdk-html/src/main/java/org/keycloak/sdk/LoginBean.java
@@ -30,6 +30,8 @@ public class LoginBean {
private String socialLoginUrl;
+ private String registrationUrl;
+
private String username;
private List<RequiredCredential> requiredCredentials;
@@ -61,6 +63,7 @@ public class LoginBean {
}
loginAction = ((URI) request.getAttribute("KEYCLOAK_LOGIN_ACTION")).toString();
+ registrationUrl = ((URI) request.getAttribute("KEYCLOAK_REGISTRATION_PAGE")).toString();
socialLoginUrl = ((URI) request.getAttribute("KEYCLOAK_SOCIAL_LOGIN")).toString();
username = (String) request.getAttribute("username");
@@ -119,6 +122,10 @@ public class LoginBean {
return themeUrl;
}
+ public String getRegistrationUrl() {
+ return registrationUrl;
+ }
+
public String getUsername() {
return username;
}
diff --git a/sdk-html/src/main/resources/META-INF/resources/sdk/theme/default/login.xhtml b/sdk-html/src/main/resources/META-INF/resources/sdk/theme/default/login.xhtml
index 3419f41..93c7346 100755
--- a/sdk-html/src/main/resources/META-INF/resources/sdk/theme/default/login.xhtml
+++ b/sdk-html/src/main/resources/META-INF/resources/sdk/theme/default/login.xhtml
@@ -31,7 +31,7 @@
<ui:define name="info">
<h:panelGroup rendered="#{login.registrationAllowed}">
- <p>No account? <a href="saas-register.html">Register</a>.</p>
+ <p>No account? <a href="#{login.registrationUrl}">Register</a>.</p>
</h:panelGroup>
</ui:define>
</ui:composition>
\ No newline at end of file
diff --git a/services/src/main/java/org/keycloak/services/resources/AbstractLoginService.java b/services/src/main/java/org/keycloak/services/resources/AbstractLoginService.java
index e6bc14a..6535acf 100755
--- a/services/src/main/java/org/keycloak/services/resources/AbstractLoginService.java
+++ b/services/src/main/java/org/keycloak/services/resources/AbstractLoginService.java
@@ -18,6 +18,8 @@ import org.keycloak.services.models.RealmModel;
import org.keycloak.services.models.RoleModel;
import org.keycloak.services.models.UserModel;
+import java.net.URI;
+
public abstract class AbstractLoginService {
@Context
@@ -86,6 +88,7 @@ public abstract class AbstractLoginService {
request.setAttribute(RealmModel.class.getName(), realm);
request.setAttribute("KEYCLOAK_LOGIN_ACTION", TokenService.processLoginUrl(uriInfo).build(realm.getId()));
request.setAttribute("KEYCLOAK_SOCIAL_LOGIN", SocialService.redirectToProviderAuthUrl(uriInfo).build(realm.getId()));
+ request.setAttribute("KEYCLOAK_REGISTRATION_PAGE", URI.create("not-implemented-yet"));
// RESTEASY eats the form data, so we send via an attribute
request.setAttribute("redirect_uri", redirect);
diff --git a/services/src/main/java/org/keycloak/services/resources/SaasService.java b/services/src/main/java/org/keycloak/services/resources/SaasService.java
index 9c4ceed..edbde02 100755
--- a/services/src/main/java/org/keycloak/services/resources/SaasService.java
+++ b/services/src/main/java/org/keycloak/services/resources/SaasService.java
@@ -93,8 +93,7 @@ public class SaasService {
public Response whoAmI(final @Context HttpHeaders headers) {
return new Transaction() {
@Override
- public Response callImpl()
- {
+ public Response callImpl() {
logger.info("WHOAMI start.");
RealmManager realmManager = new RealmManager(session);
RealmModel realm = realmManager.defaultRealm();
@@ -115,8 +114,7 @@ public class SaasService {
public String isLoggedIn(final @Context HttpHeaders headers) {
return new Transaction() {
@Override
- public String callImpl()
- {
+ public String callImpl() {
logger.info("WHOAMI Javascript start.");
RealmManager realmManager = new RealmManager(session);
RealmModel realm = realmManager.defaultRealm();
@@ -145,24 +143,38 @@ public class SaasService {
@Path("admin/realms")
public RealmsAdminResource getRealmsAdmin(@Context final HttpHeaders headers) {
- return new Transaction(false) {
- @Override
- protected RealmsAdminResource callImpl() {
- RealmManager realmManager = new RealmManager(session);
- RealmModel saasRealm = realmManager.defaultRealm();
- if (saasRealm == null) throw new NotFoundException();
- UserModel admin = authManager.authenticateSaasIdentity(saasRealm, uriInfo, headers);
- if (admin == null) {
- throw new NotAuthorizedException("Bearer");
- }
- RoleModel creatorRole = saasRealm.getRole(SaasService.REALM_CREATOR_ROLE);
- if (!saasRealm.hasRole(admin, creatorRole)) {
- logger.warn("not a Realm creator");
- throw new NotAuthorizedException("Bearer");
- }
- return new RealmsAdminResource(admin);
- }
- }.call();
+ return new Transaction(false) {
+ @Override
+ protected RealmsAdminResource callImpl() {
+ RealmManager realmManager = new RealmManager(session);
+ RealmModel saasRealm = realmManager.defaultRealm();
+ if (saasRealm == null) throw new NotFoundException();
+ UserModel admin = authManager.authenticateSaasIdentity(saasRealm, uriInfo, headers);
+ if (admin == null) {
+ throw new NotAuthorizedException("Bearer");
+ }
+ RoleModel creatorRole = saasRealm.getRole(SaasService.REALM_CREATOR_ROLE);
+ if (!saasRealm.hasRole(admin, creatorRole)) {
+ logger.warn("not a Realm creator");
+ throw new NotAuthorizedException("Bearer");
+ }
+ return new RealmsAdminResource(admin);
+ }
+ }.call();
+ }
+
+ @Path("loginPage.html")
+ @GET
+ public void loginPage() {
+ new Transaction() {
+ @Override
+ protected void runImpl() {
+ RealmManager realmManager = new RealmManager(session);
+ RealmModel realm = realmManager.defaultRealm();
+ authManager.expireSaasIdentityCookie(uriInfo);
+ forwardToLoginForm(realm);
+ }
+ }.run();
}
@Path("logout")
@@ -171,12 +183,15 @@ public class SaasService {
new Transaction() {
@Override
protected void runImpl() {
+ RealmManager realmManager = new RealmManager(session);
+ RealmModel realm = realmManager.defaultRealm();
authManager.expireSaasIdentityCookie(uriInfo);
- request.forward(saasLoginPath);
+ forwardToLoginForm(realm);
}
}.run();
}
+
@Path("logout-cookie")
@GET
public void logoutCookie() {
@@ -189,6 +204,18 @@ public class SaasService {
}.run();
}
+ public final static String loginFormPath = "/sdk/login.xhtml";
+ protected void forwardToLoginForm(RealmModel realm) {
+ request.setAttribute(RealmModel.class.getName(), realm);
+ URI action = uriInfo.getBaseUriBuilder().path(SaasService.class).path(SaasService.class, "processLogin").build();
+ URI register = contextRoot(uriInfo).path(saasRegisterPath).build();
+ request.setAttribute("KEYCLOAK_LOGIN_ACTION", action);
+ request.setAttribute("KEYCLOAK_REGISTRATION_PAGE", register);
+ request.setAttribute("KEYCLOAK_SOCIAL_LOGIN", SocialService.redirectToProviderAuthUrl(uriInfo).build(realm.getId()));
+ request.forward(loginFormPath);
+ }
+
+
@Path("login")
@POST
@@ -210,13 +237,13 @@ public class SaasService {
if (user == null) {
logger.info("Not Authenticated! Incorrect user name");
request.setAttribute("KEYCLOAK_LOGIN_ERROR_MESSAGE", "Incorrect user name.");
- request.forward(saasLoginPath);
+ forwardToLoginForm(realm);
return null;
}
if (!user.isEnabled()) {
logger.info("NAccount is disabled, contact admin.");
request.setAttribute("KEYCLOAK_LOGIN_ERROR_MESSAGE", "Account is disabled, contact admin.");
- request.forward(saasLoginPath);
+ forwardToLoginForm(realm);
return null;
}
@@ -224,14 +251,14 @@ public class SaasService {
if (!authenticated) {
logger.info("Not Authenticated! Invalid credentials");
request.setAttribute("KEYCLOAK_LOGIN_ERROR_MESSAGE", "Invalid credentials.");
- request.forward(saasLoginPath);
+ forwardToLoginForm(realm);
return null;
}
NewCookie cookie = authManager.createSaasIdentityCookie(realm, user, uriInfo);
return Response.status(302)
- .cookie(cookie)
- .location(contextRoot(uriInfo).path(adminPath).build()).build();
+ .cookie(cookie)
+ .location(contextRoot(uriInfo).path(adminPath).build()).build();
}
}.call();
}
