00007 Security implement different privilege

10 years ago · 4700da0be3
4 changed files with 13 additions and 0 deletions
--- a/others/oauth_test.txt
+++ b/others/oauth_test.txt
@ -1,7 +1,14 @@

 方式1:基于浏览器  (访问时后跳到登录页面,登录成功后跳转到redirect_uri指定的地址) [GET]
+说明:只能使用admin或unity 账号登录才能有权限访问,若使用mobile账号登录将返回Access is denied
 http://localhost:8080/oauth/authorize?client_id=unity-client&redirect_uri=http%3a%2f%2flocalhost%3a8080%2funity%2fdashboard.htm&response_type=code&scope=read

+说明: 由于mobile-client只支持password,refresh_token, 所以不管用哪个账号登录后都将返回Illegal action
+http://localhost:8080/oauth/authorize?client_id=mobile-client&redirect_uri=http%3a%2f%2flocalhost%3a8080%2fmobile%2fdashboard.htm&response_type=code&scope=read
+
+
+
+
 响应的URL如:
 http://localhost:8080/unity/dashboard.htm?code=zLl170

--- a/src/main/webapp/WEB-INF/jsp/mobile/dashboard.jsp
+++ b/src/main/webapp/WEB-INF/jsp/mobile/dashboard.jsp
@ -10,6 +10,8 @@
    <title>Mobile dashboard</title>
 </head>
 <body>
+<a href="../">Home</a>
+
 <h2>Hi Mobile.</h2>
 </body>
 </html>
--- a/src/main/webapp/WEB-INF/jsp/oauth_error.jsp
+++ b/src/main/webapp/WEB-INF/jsp/oauth_error.jsp
@ -10,6 +10,8 @@
    <title>Oauth Error</title>
 </head>
 <body>
+<a href="${contextPath}/">Home</a>
+
 <p>
    Illegal action.
 </p>
--- a/src/main/webapp/WEB-INF/jsp/unity/dashboard.jsp
+++ b/src/main/webapp/WEB-INF/jsp/unity/dashboard.jsp
@ -10,6 +10,8 @@
    <title>Unity dashboard</title>
 </head>
 <body>
+<a href="../">Home</a>
+
 <h2>Hi Unity.</h2>
 </body>
 </html>