登录界面
This commit is contained in:
Zzzz
@@ -33,7 +33,12 @@ rendering.
|
||||
### 2. Signatures
|
||||
|
||||
- Login form: `POST /login`.
|
||||
- Request fields: `username`, `password`, and optional `redirect`.
|
||||
- Request fields consumed by `LoginServlet`: `username`, `password`, and
|
||||
optional `redirect`.
|
||||
- Presentation-only login controls may submit auxiliary fields such as
|
||||
`loginRole` and `rememberUsername`; these must not participate in
|
||||
authentication or authorization unless the Servlet/service contract is
|
||||
deliberately changed.
|
||||
- Login JSP request attributes: `errorMessage`, `username`, and `redirect`.
|
||||
- Dashboard/role JSP session attributes: `authenticatedUser`, `userRole`, and
|
||||
`userPermissions`.
|
||||
@@ -47,6 +52,12 @@ rendering.
|
||||
attribute or session attribute.
|
||||
- `redirect` must be a same-application path beginning with one `/`; invalid
|
||||
values are ignored.
|
||||
- `loginRole` is only a login-intent hint in the JSP. The authenticated role is
|
||||
determined by the `users.role_code` row returned through `AuthService`, not by
|
||||
a client-side radio selection.
|
||||
- Remember-me behavior may persist only the username in browser storage. It must
|
||||
never persist passwords, password hashes, redirects, permission state, or
|
||||
extend the server session.
|
||||
- JSPs render data with JSP EL/JSTL, not scriptlet Java.
|
||||
- JSPs may read safe session snapshots, but they must not call DAOs or inspect
|
||||
password hashes.
|
||||
@@ -67,10 +78,12 @@ rendering.
|
||||
|
||||
- Good: failed login keeps the escaped username and never redisplays the
|
||||
password.
|
||||
- Good: selecting a role radio option or checking remember-me does not change
|
||||
the server-side authentication decision.
|
||||
- Base: dashboard reads `sessionScope.authenticatedUser.displayName` and
|
||||
`sessionScope.userRole` only for display/navigation.
|
||||
- Bad: JSP uses scriptlets, JDBC, or raw request parameters to decide
|
||||
authentication.
|
||||
- Bad: JSP, JavaScript, or Servlet code trusts `loginRole` to grant a role or
|
||||
stores the password in browser storage.
|
||||
|
||||
### 6. Tests Required
|
||||
|
||||
@@ -79,6 +92,8 @@ rendering.
|
||||
files.
|
||||
- Run service-level auth checks for required fields, invalid credentials,
|
||||
success, DAO fallback, and permission checks.
|
||||
- When login page scripts change, scan them to confirm only usernames can be
|
||||
stored client-side and `password` is never persisted.
|
||||
- When Maven/Tomcat is available, run a Servlet/JSP compile or package check.
|
||||
|
||||
### 7. Wrong vs Correct
|
||||
@@ -87,6 +102,7 @@ rendering.
|
||||
|
||||
```jsp
|
||||
<%-- JSP checks request.getParameter("password") or runs SQL directly. --%>
|
||||
<%-- JavaScript stores the password or LoginServlet trusts loginRole. --%>
|
||||
```
|
||||
|
||||
#### Correct
|
||||
|
||||
Reference in New Issue
Block a user