00007 Security implement different privilege

2015-05-15 15:54:36 +08:00 · 2015-05-15 15:54:36 +08:00 · 9ca95af309
parent 13db3592a7
commit 9ca95af309
3 changed files with 35 additions and 5 deletions
--- a/others/database/initial_data.ddl
+++ b/others/database/initial_data.ddl
@ -23,7 +23,7 @@ insert into user_privilege(user_id,privilege) values (23,'MOBILE');


 -- initial oauth client details test data
-- 'unity-client'   support browser,mobile-device visit
+-- 'unity-client'   support browser, js(flash) visit
 -- 'mobile-client'  only support mobile-device visit
 truncate  oauth_client_details;
 insert into oauth_client_details
@ -31,7 +31,7 @@ insert into oauth_client_details
 web_server_redirect_uri,authorities, access_token_validity,
 refresh_token_validity, additional_information, create_time, archived, trusted)
 values
-('unity-client','unity-resource', 'unity', 'read,write','password,authorization_code,refresh_token,implicit',
+('unity-client','unity-resource', 'unity', 'read,write','authorization_code,refresh_token,implicit',
 null,'ROLE_CLIENT',null,
 null,null, now(), 0, 0),
 ('mobile-client','mobile-resource', 'mobile', 'read,write','password,refresh_token',
--- a/others/oauth_test.txt
+++ b/others/oauth_test.txt
@ -10,7 +10,7 @@ http://localhost:8080/oauth/token?client_id=unity-client&client_secret=unity&gra


 方式2:基于客户端  (注意参数中的username,password,对应用户的账号,密码) [GET]
-http://localhost:8080/oauth/token?client_id=mobile-client&client_secret=mobile&grant_type=password&scope=read,write&username=admin&password=admin
+http://localhost:8080/oauth/token?client_id=mobile-client&client_secret=mobile&grant_type=password&scope=read,write&username=mobile&password=mobile



--- a/src/main/webapp/login.jsp
+++ b/src/main/webapp/login.jsp
@ -15,13 +15,43 @@
 <form action="${contextPath}/login.do" method="post">

    <label for="username">Username:</label>
-    <input type="text" id="username" name="j_username" value="admin"/>
+    <input type="text" id="username" name="j_username" value="" required="required"/>
    <br/>
    <br/>
    <label for="password">Password:</label>
-    <input type="password" name="j_password" id="password" value="admin"/>
+    <input type="password" name="j_password" id="password" value="" required="required"/>
    <br/>
    <input type="submit" value="Login"/>
 </form>
+<div>
+    <p>You can use the users to login as follow:</p>
+    <table style="border: 1px solid #eee;">
+        <thead>
+        <tr>
+            <th>Username</th>
+            <th>Password</th>
+            <th>Privileges</th>
+        </tr>
+        </thead>
+        <tbody>
+        <tr>
+            <td>admin</td>
+            <td>admin</td>
+            <td>All privileges, allow visit [Mobile] and [Unity] resources</td>
+        </tr>
+        <tr>
+            <td>unity</td>
+            <td>unity</td>
+            <td>Only allow visit [Unity] resource, support grant_type:
+                <em>authorization_code,refresh_token,implicit</em></td>
+        </tr>
+        <tr>
+            <td>mobile</td>
+            <td>mobile</td>
+            <td>Only allow visit [Mobile] resource, support grant_type: <em>password,refresh_token</em></td>
+        </tr>
+        </tbody>
+    </table>
+</div>
 </body>
 </html>