Spring Boot : make login form work again.

libresonic-main/pom.xml

@@ -69,6 +69,10 @@
             <groupId>org.springframework.security</groupId>
             <artifactId>spring-security-ldap</artifactId>
         </dependency>
+        <dependency>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-taglibs</artifactId>
+        </dependency>
         <!-- END Spring -->
 
         <!-- taglibs -->

libresonic-main/src/main/java/org/libresonic/player/controller/ControllerUtils.java

@@ -0,0 +1,35 @@
+package org.libresonic.player.controller;
+
+import org.apache.commons.lang.ObjectUtils;
+import org.libresonic.player.service.SettingsService;
+
+import javax.servlet.http.HttpServletRequest;
+
+/**
+ * This class has been created to refactor code previously present
+ * in the MultiController.
+ */
+public class ControllerUtils {
+
+    public static void updatePortAndContextPath(HttpServletRequest request, SettingsService settingsService) {
+
+        int port = Integer.parseInt(System.getProperty("libresonic.port", String.valueOf(request.getLocalPort())));
+        int httpsPort = Integer.parseInt(System.getProperty("libresonic.httpsPort", "0"));
+
+        String contextPath = request.getContextPath().replace("/", "");
+
+        if (settingsService.getPort() != port) {
+            settingsService.setPort(port);
+            settingsService.save();
+        }
+        if (settingsService.getHttpsPort() != httpsPort) {
+            settingsService.setHttpsPort(httpsPort);
+            settingsService.save();
+        }
+        if (!ObjectUtils.equals(settingsService.getUrlRedirectContextPath(), contextPath)) {
+            settingsService.setUrlRedirectContextPath(contextPath);
+            settingsService.save();
+        }
+    }
+
+}

libresonic-main/src/main/java/org/libresonic/player/controller/IndexController.java

@@ -0,0 +1,50 @@
+package org.libresonic.player.controller;
+
+import org.libresonic.player.Logger;
+import org.libresonic.player.domain.User;
+import org.libresonic.player.domain.UserSettings;
+import org.libresonic.player.service.SecurityService;
+import org.libresonic.player.service.SettingsService;
+import org.libresonic.player.util.StringUtil;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+import org.springframework.web.servlet.ModelAndView;
+import org.springframework.web.servlet.view.RedirectView;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.util.HashMap;
+import java.util.Map;
+
+@Controller
+@RequestMapping("/index")
+public class IndexController {
+
+
+    private static final Logger LOG = Logger.getLogger(IndexController.class);
+
+    @Autowired
+    private SecurityService securityService;
+    @Autowired
+    private SettingsService settingsService;
+
+    @RequestMapping(method = { RequestMethod.GET})
+    public ModelAndView index(HttpServletRequest request) {
+        ControllerUtils.updatePortAndContextPath(request,settingsService);
+        UserSettings userSettings = settingsService.getUserSettings(securityService.getCurrentUsername(request));
+
+        Map<String, Object> map = new HashMap<String, Object>();
+        map.put("showRight", userSettings.isShowNowPlayingEnabled() || userSettings.isShowChatEnabled());
+        map.put("autoHidePlayQueue", userSettings.isAutoHidePlayQueue());
+        map.put("listReloadDelay", userSettings.getListReloadDelay());
+        map.put("keyboardShortcutsEnabled", userSettings.isKeyboardShortcutsEnabled());
+        map.put("showSideBar", userSettings.isShowSideBar());
+        map.put("brand", settingsService.getBrand());
+        return new ModelAndView("index", "model", map);
+    }
+
+
+}

libresonic-main/src/main/java/org/libresonic/player/controller/LoginController.java

@@ -43,7 +43,7 @@ public class LoginController {
         if (username != null && password != null) {
             username = StringUtil.urlEncode(username);
             password = StringUtil.urlEncode(password);
-            return new ModelAndView(new RedirectView("/j_spring_security_check?"+
+            return new ModelAndView(new RedirectView("/login?"+
                     UsernamePasswordAuthenticationFilter.SPRING_SECURITY_FORM_USERNAME_KEY+"=" + username +
                     "&"+UsernamePasswordAuthenticationFilter.SPRING_SECURITY_FORM_PASSWORD_KEY+"=" + password
             ));

libresonic-main/src/main/java/org/libresonic/player/controller/MultiController.java

@@ -189,7 +189,7 @@ public class MultiController extends MultiActionController {
     }
 
     public ModelAndView gettingStarted(HttpServletRequest request, HttpServletResponse response) {
-        updatePortAndContextPath(request);
+        ControllerUtils.updatePortAndContextPath(request,settingsService);
 
         if (request.getParameter("hide") != null) {
             settingsService.setGettingStartedEnabled(false);
@@ -202,19 +202,6 @@ public class MultiController extends MultiActionController {
         return new ModelAndView("gettingStarted", "model", map);
     }
 
-    public ModelAndView index(HttpServletRequest request, HttpServletResponse response) {
-        updatePortAndContextPath(request);
-        UserSettings userSettings = settingsService.getUserSettings(securityService.getCurrentUsername(request));
-
-        Map<String, Object> map = new HashMap<String, Object>();
-        map.put("showRight", userSettings.isShowNowPlayingEnabled() || userSettings.isShowChatEnabled());
-        map.put("autoHidePlayQueue", userSettings.isAutoHidePlayQueue());
-        map.put("listReloadDelay", userSettings.getListReloadDelay());
-        map.put("keyboardShortcutsEnabled", userSettings.isKeyboardShortcutsEnabled());
-        map.put("showSideBar", userSettings.isShowSideBar());
-        map.put("brand", settingsService.getBrand());
-        return new ModelAndView("index", "model", map);
-    }
 
     public ModelAndView exportPlaylist(HttpServletRequest request, HttpServletResponse response) throws Exception {
 
@@ -232,26 +219,6 @@ public class MultiController extends MultiActionController {
         return null;
     }
 
-    private void updatePortAndContextPath(HttpServletRequest request) {
-
-        int port = Integer.parseInt(System.getProperty("libresonic.port", String.valueOf(request.getLocalPort())));
-        int httpsPort = Integer.parseInt(System.getProperty("libresonic.httpsPort", "0"));
-
-        String contextPath = request.getContextPath().replace("/", "");
-
-        if (settingsService.getPort() != port) {
-            settingsService.setPort(port);
-            settingsService.save();
-        }
-        if (settingsService.getHttpsPort() != httpsPort) {
-            settingsService.setHttpsPort(httpsPort);
-            settingsService.save();
-        }
-        if (!ObjectUtils.equals(settingsService.getUrlRedirectContextPath(), contextPath)) {
-            settingsService.setUrlRedirectContextPath(contextPath);
-            settingsService.save();
-        }
-    }
 
     public ModelAndView test(HttpServletRequest request, HttpServletResponse response) {
         return new ModelAndView("test");

libresonic-main/src/main/resources/applicationContext-security.xml

@@ -5,7 +5,7 @@
        xsi:schemaLocation="http://www.springframework.org/schema/beans
           http://www.springframework.org/schema/beans/spring-beans.xsd
           http://www.springframework.org/schema/security
-          http://www.springframework.org/schema/security/spring-security.xsd">
+          http://www.springframework.org/schema/security/spring-security-4.1.xsd">
 
     <security:http auto-config='true'>
         <!-- permitAll -->
@@ -59,7 +59,9 @@
         <security:form-login login-page="/login.view"
                              default-target-url="/index.view"
                              authentication-failure-url="/login.view?error=1"
-                             always-use-default-target="true"/>
+                             always-use-default-target="true"
+                             username-parameter="j_username"
+                             password-parameter="j_password"/>
         <security:remember-me user-service-ref="securityService" key="libresonic"/>
     </security:http>
 

libresonic-main/src/main/webapp/WEB-INF/jsp/include.jsp

@@ -4,5 +4,6 @@
 <%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
 <%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %>
 <%@ taglib prefix="form" uri="http://www.springframework.org/tags/form" %>
+<%@ taglib prefix="sec" uri="http://www.springframework.org/security/tags" %>
 <%@ taglib prefix="sub" uri="http://libresonic.org/taglib/sub" %>
 <%@ taglib prefix="str" uri="http://jakarta.apache.org/taglibs/string-1.1" %>

libresonic-main/src/main/webapp/WEB-INF/jsp/login.jsp

@@ -12,7 +12,9 @@
 </head>
 <body class="mainframe bgcolor1" onload="document.getElementById('j_username').focus()">
 
-<form action="<c:url value="/j_spring_security_check"/>" method="POST">
+<form action="login" method="POST">
+
+    <sec:csrfInput />
     <div class="bgcolor2 shadow" align="center" style="padding:20px 50px 20px 50px; margin-top:100px;margin-left:50px;margin-right:50px">
 
         <div style="margin-bottom:1em;max-width:50em;text-align:left;"><sub:wiki text="${model.loginMessage}"/></div>

pom.xml

@@ -17,7 +17,6 @@
         <failOnDependencyWarning>true</failOnDependencyWarning>
         <project.build.sourceEncoding>iso-8859-1</project.build.sourceEncoding>
         <cxf.version>3.1.8</cxf.version>
-        <spring.security.version>3.2.9.RELEASE</spring.security.version>
     </properties>
 
     <repositories>