ATLAS-774 Better error handling from login.jsp (nixonrodrigues via shwethags)

release-log.txt

@@ -21,6 +21,7 @@ ATLAS-409 Atlas will not import avro tables with schema read from a file (dosset
 ATLAS-379 Create sqoop and falcon metadata addons (venkatnrangan,bvellanki,sowmyaramesh via shwethags)
 
 ALL CHANGES:
+ATLAS-774 Better error handling from login.jsp (nixonrodrigues via shwethags)
 ATLAS-683 Refactor local type-system cache with cache provider interface (vmadugun via shwethags)
 ATLAS-802 New look UI to show Business Catalog functionalities (kevalbhatt18 via yhemanth)
 ATLAS-658 Improve Lineage with Backbone porting (kevalbhatt18 via yhemanth)

webapp/src/main/java/org/apache/atlas/web/security/AtlasAuthenticationFailureHandler.java

+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.atlas.web.security;
+
+import org.apache.log4j.Logger;
+import org.codehaus.jackson.map.ObjectMapper;
+import org.json.simple.JSONObject;
+import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.web.authentication.AuthenticationFailureHandler;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+
+public class AtlasAuthenticationFailureHandler implements AuthenticationFailureHandler {
+
+    private static Logger LOG = Logger.getLogger(AtlasAuthenticationFailureHandler.class);
+
+    @Override
+    public void onAuthenticationFailure(HttpServletRequest httpServletRequest, HttpServletResponse response,
+                                        AuthenticationException e) throws IOException, ServletException {
+
+
+        LOG.debug("Login Failure ", e);
+
+        JSONObject json = new JSONObject();
+        ObjectMapper mapper = new ObjectMapper();
+        json.put("msgDesc", e.getMessage());
+
+        String jsonAsStr = mapper.writeValueAsString(json);
+        response.setContentType("application/json");
+        response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
+        response.setCharacterEncoding("UTF-8");
+        response.getWriter().write(jsonAsStr);
+
+    }
+}

webapp/src/main/java/org/apache/atlas/web/security/AtlasAuthenticationSuccessHandler.java

+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.atlas.web.security;
+
+import org.apache.log4j.Logger;
+import org.codehaus.jackson.map.ObjectMapper;
+import org.json.simple.JSONObject;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+
+public class AtlasAuthenticationSuccessHandler implements AuthenticationSuccessHandler {
+
+    private static Logger LOG = Logger.getLogger(AuthenticationSuccessHandler.class);
+    @Override
+    public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response,
+                                        Authentication authentication) throws IOException, ServletException {
+
+        LOG.debug("Login Success " + authentication.getPrincipal());
+
+        JSONObject json = new JSONObject();
+        ObjectMapper mapper = new ObjectMapper();
+        json.put("msgDesc", "Success");
+
+        String jsonAsStr = mapper.writeValueAsString(json);
+        response.setContentType("application/json");
+        response.setStatus(HttpServletResponse.SC_OK);
+        response.setCharacterEncoding("UTF-8");
+        response.getWriter().write(jsonAsStr);
+    }
+}

webapp/src/main/resources/spring-security.xml

@@ -30,7 +30,9 @@
 
     <security:http pattern="/login.jsp" security="none" />
     <security:http pattern="/css/**" security="none" />
-    <security:http pattern="/lib/**" security="none" />
+    <security:http pattern="/libs/**" security="none" />
+    <security:http pattern="/js/**" security="none" />
+    <security:http pattern="/api/atlas/admin/status" security="none" />
 
     <security:http disable-url-rewriting="true"
                    use-expressions="true" create-session="always"
@@ -41,8 +43,8 @@
 
         <form-login
                 login-page="/login.jsp"
-                default-target-url="/index.html"
-                authentication-failure-url="/login.jsp?error=true"
+                authentication-success-handler-ref="atlasAuthenticationSuccessHandler"
+                authentication-failure-handler-ref="atlasAuthenticationFailureHandler"
                 username-parameter="j_username"
                 password-parameter="j_password" />
 
@@ -52,6 +54,12 @@
         <security:custom-filter position="LAST" ref="atlasAuthorizationFilter"/>        
     </security:http>
 
+    <beans:bean id="atlasAuthenticationSuccessHandler"
+                class="org.apache.atlas.web.security.AtlasAuthenticationSuccessHandler" />
+
+    <beans:bean id="atlasAuthenticationFailureHandler"
+                class="org.apache.atlas.web.security.AtlasAuthenticationFailureHandler" />
+
     <beans:bean id="formAuthenticationEntryPoint"
                 class="org.apache.atlas.web.filters.AtlasAuthenticationEntryPoint">
         <beans:property name="loginFormUrl" value="/login.jsp" />

webapp/src/main/webapp/login.jsp

@@ -14,77 +14,49 @@
   See the License for the specific language governing permissions and
   limitations under the License.
 -->
-<%@ page import="org.apache.atlas.ApplicationProperties,org.apache.commons.configuration.Configuration" %>
 <!DOCTYPE html>
-<html lang="en">
-	<head>
-		<meta charset="utf-8">
-		<title>Atlas Login</title>
-		<meta name="description" content="description">
-		<meta name="keyword" content="keywords">
-		<meta name="viewport" content="width=device-width, initial-scale=1">
-		<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css">
-		<link href="http://netdna.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.css" rel="stylesheet">
-		<link href='http://fonts.googleapis.com/css?family=Righteous' rel='stylesheet' type='text/css'>
-		<link href="/css/login.css" rel="stylesheet">
-		<!-- HTML5 shim and Respond.js IE8 support of HTML5 elements and media queries -->
-		<!--[if lt IE 9]>
-				<script src="http://getbootstrap.com/docs-assets/js/html5shiv.js"></script>
-				<script src="http://getbootstrap.com/docs-assets/js/respond.min.js"></script>
-		<![endif]-->
-		
-		<script   src="https://code.jquery.com/jquery-2.2.1.min.js"   integrity="sha256-gvQgAFzTH6trSrAWoH1iPo9Xc96QxSZ3feW6kem+O00="   crossorigin="anonymous"></script>
-		
-	</head>
-<body>
-<div class="errorBox">
-	<a href="javascript:void(0)" class="close" title="close"><i class="fa fa-times"></i></a>
-	<div class="alert alert-danger">
-	  	<strong>Error!</strong> Invalid User credentials.<br> Please try again.
-	</div>
-</div>
+<!--[if lt IE 7]><html class="no-js lt-ie9 lt-ie8 lt-ie7"><![endif]-->
+<!--[if IE 7]><html class="no-js lt-ie9 lt-ie8"><![endif]-->
+<!--[if IE 8]><html class="no-js lt-ie9"><![endif]-->
+<!--[if gt IE 8]><!-->
+<html class="no-js">
+  <!--<![endif]-->
+  <head>
+    <meta charset="utf-8">
+    <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
+    <title>Atlas Login</title>
+    <meta name="description" content="">
+    <meta name="viewport" content="width=device-width">
+    <link href="js/libs/bootstrap/css/bootstrap.min.css" media="all" rel="stylesheet" type="text/css" id="bootstrap-css">
+    <link href="css/login.css" media="all" rel="stylesheet" type="text/css" >
+    <script src="js/libs/jquery/js/jquery.min.js" ></script>
+    <script src="js/modules/atlasLogin.js" ></script>
+  </head>
+  <body class="login" style="">
 
 <div id="wrapper">
-	<div class="container-fluid">
+  <div class="container-fluid">
         <div class="row">
             <div class="col-sm-4 col-sm-offset-4">
-            <form name='f' action='/j_spring_security_check' method='POST'>
+            <form  action="" method="post" accept-charset="utf-8">
                 <div class="login-pane">
                     <h2 align="center">Apache <strong>Atlas</strong></h2>
                     <div class="input-group">
                         <span class="input-group-addon"><i class="glyphicon glyphicon-user"></i></span>
-                        <input type='text' class="form-control" name='j_username' placeholder="Username" required >
+                        <input type="text" class="form-control" id="username" name="username" placeholder="Username" tabindex="1" required="" autofocus>
                     </div>
                     <div class="input-group">
                         <span class="input-group-addon"><i class="glyphicon glyphicon-lock"></i></span>
-                        <input type='password' name='j_password' class="form-control" placeholder="Password" required >
-                        
+                        <input type="password" class="form-control" name="password" placeholder="Password" id="password" tabindex="2" autocomplete="off" required>    
                     </div>
-                    <input class="btn-atlas btn-block" name="submit" type="submit" value="Login"/>
-                    
+                              <span id="errorBox" class="col-md-12 help-inline" style="color:#FF1A40;display:none;text-align:center;padding-bottom: 10px;"><span class="errorMsg"></span></span>
+                    <input class="btn-atlas btn-block" name="submit" id="signIn" type="submit" value="Login">
                 </div>
                 </form>
             </div>
         </div>
-    </div>
+  </div>
 </div>
 
-<script type="text/javascript">
-$('body').ready(function(){
-        var query = window.location.search.substring(1);
-        var statusArr = query.split('=');
-        var status = -1;
-        if(statusArr.length > 0){
-                status = statusArr[1];
-        }
-        if(status=="true"){
-        	$('.errorBox').show();
-        }
-});
-$('.close').click(function(){
-	$('.errorBox').hide();
-})
-</script>
-
-</body>
-</html>
+  </body>
+</html>
\ No newline at end of file