Skip to content

bearddan2000/scala-web-bloop-sbt-spring-jsp-remeber-me-insecure-3des-encrypt-scrypt-encoded

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
 
 
 
 
 
 
 
 

Repository files navigation

scala-web-bloop-sbt-spring-jsp-remeber-me-insecure-3des-encrypt-scrypt-encoded

Description

A springboot secure web app with jsp support. Three roles are defined; USER, ADMIN, and SUPER. All roles can access pages /home, /login, and /about. Only USER can access /user and ADMIN only /admin whereas SUPER can navigate to either and have its own /super. Each role has an action USER=VIEW ONLY, ADMIN=READ/WRITE, SUPER=CREATE. All password are encrypted with 3DES and encoded with scrypt.

Uses the rememberMe cookie for a 2 min window this as well as other setting can be found in config/Security.scala. One way to test is the following:

  • Set rememberMe checkbox
  • login
  • set a bookmark to the secured page
  • open a new window
  • use the bookmark

rememberMe cookie does not redirect it only authenticates.

Compiled and ran from build server bloop.

Build note

Dependencies must be compatable with jdk8 or less.

Tech stack

  • bloop
  • scala
  • gradle
    • springboot
    • jsp
    • bootstrap
    • jquery
    • datatable

Docker stack

  • hseeberger/scala-bloop-sbt:11.0.2-oraclelinux7_1.3.5_2.12.10

To run

sudo ./install.sh -u Available at http://localhost

  • Login with id: user and password: pass
  • Login with id: admin and password: pass
  • Login with id: super and password: pass

To stop (optional)

sudo ./install.sh -d

For help

sudo ./install.sh -h