mirror of
https://gitee.com/dromara/MaxKey.git
synced 2025-12-06 17:08:29 +08:00
v2.9.0 GA & optimize
v2.9.0 GA & optimize
This commit is contained in:
MaxKey
parent
225b32e36b
commit
1fc03fc3b2
@ -181,8 +181,9 @@ public class RealmAuthenticationProvider extends AbstractAuthenticationProvider
|
||||
}
|
||||
|
||||
public UsernamePasswordAuthenticationToken setOnline(LoginCredential credential,UserInfo userInfo) {
|
||||
String currentUserSessionId = WebContext.genId();
|
||||
//Online Tickit Id
|
||||
String onlineTickitId = WebConstants.ONLINE_TICKET_PREFIX + "-" +WebContext.genId();
|
||||
String onlineTickitId = WebConstants.ONLINE_TICKET_PREFIX + "-" + currentUserSessionId;
|
||||
_logger.debug("set online Tickit Cookie " + onlineTickitId + " on domain "+ this.applicationConfig.getBaseDomainName());
|
||||
|
||||
OnlineTicket onlineTicket = new OnlineTicket(onlineTickitId);
|
||||
@ -226,10 +227,11 @@ public class RealmAuthenticationProvider extends AbstractAuthenticationProvider
|
||||
/*
|
||||
* put userInfo to current session context
|
||||
*/
|
||||
WebContext.setAuthentication(authenticationToken);
|
||||
|
||||
WebContext.setUserInfo(userInfo);
|
||||
|
||||
WebContext.setAuthentication(authenticationToken);
|
||||
|
||||
WebContext.setAttribute(WebConstants.CURRENT_USER_SESSION_ID, currentUserSessionId);
|
||||
return authenticationToken;
|
||||
}
|
||||
|
||||
|
||||
@ -22,8 +22,6 @@ import java.util.Date;
|
||||
import java.util.List;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.maxkey.authn.SigninPrincipal;
|
||||
import org.maxkey.authn.online.OnlineTicket;
|
||||
import org.maxkey.authn.support.rememberme.AbstractRemeberMeService;
|
||||
import org.maxkey.entity.Groups;
|
||||
import org.maxkey.entity.UserInfo;
|
||||
@ -37,7 +35,6 @@ import org.maxkey.web.WebContext;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.jdbc.core.JdbcTemplate;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
|
||||
/**
|
||||
@ -138,18 +135,13 @@ public abstract class AbstractAuthenticationRealm {
|
||||
*/
|
||||
public boolean insertLoginHistory(UserInfo userInfo, String type, String provider, String code, String message) {
|
||||
String sessionId = WebContext.genId();
|
||||
OnlineTicket onlineTicket = null ;
|
||||
int sessionStatus = 7;
|
||||
Authentication authentication = WebContext.getAuthentication();
|
||||
if(authentication !=null && authentication.getPrincipal() instanceof SigninPrincipal) {
|
||||
if(WebContext.getAttribute(WebConstants.CURRENT_USER_SESSION_ID) !=null) {
|
||||
sessionStatus = 1;
|
||||
SigninPrincipal signinPrincipal = (SigninPrincipal)authentication.getPrincipal();
|
||||
onlineTicket = signinPrincipal.getOnlineTicket();
|
||||
sessionId = onlineTicket.getTicketId().substring(3);
|
||||
WebContext.setAttribute(WebConstants.CURRENT_USER_SESSION_ID, sessionId);
|
||||
sessionId = WebContext.getAttribute(WebConstants.CURRENT_USER_SESSION_ID).toString();
|
||||
}
|
||||
|
||||
_logger.debug("user session id is {} , online ticket {} ",sessionId,(onlineTicket == null ? "" : onlineTicket.getTicketId()));
|
||||
_logger.debug("user session id is {} . ",sessionId);
|
||||
|
||||
userInfo.setLastLoginTime(DateUtils.formatDateTime(new Date()));
|
||||
userInfo.setLastLoginIp(WebContext.getRequestIpAddress());
|
||||
|
||||
@ -291,16 +291,16 @@ public class PasswordPolicyValidator {
|
||||
DateTime currentdateTime = new DateTime();
|
||||
//initial password need change
|
||||
if(userInfo.getLoginCount()<=0) {
|
||||
WebContext.getSession().setAttribute(WebConstants.CURRENT_LOGIN_USER_PASSWORD_SET_TYPE,
|
||||
WebContext.getSession().setAttribute(WebConstants.CURRENT_USER_PASSWORD_SET_TYPE,
|
||||
ConstantsPasswordSetType.INITIAL_PASSWORD);
|
||||
}
|
||||
|
||||
if (userInfo.getPasswordSetType() != ConstantsPasswordSetType.PASSWORD_NORMAL) {
|
||||
WebContext.getSession().setAttribute(WebConstants.CURRENT_LOGIN_USER_PASSWORD_SET_TYPE,
|
||||
WebContext.getSession().setAttribute(WebConstants.CURRENT_USER_PASSWORD_SET_TYPE,
|
||||
userInfo.getPasswordSetType());
|
||||
return;
|
||||
} else {
|
||||
WebContext.getSession().setAttribute(WebConstants.CURRENT_LOGIN_USER_PASSWORD_SET_TYPE,
|
||||
WebContext.getSession().setAttribute(WebConstants.CURRENT_USER_PASSWORD_SET_TYPE,
|
||||
ConstantsPasswordSetType.PASSWORD_NORMAL);
|
||||
}
|
||||
|
||||
@ -320,7 +320,7 @@ public class PasswordPolicyValidator {
|
||||
+ " , password policy Expiration " +passwordPolicy.getExpiration()
|
||||
+" , validate result " + (intDuration <= passwordPolicy.getExpiration()));
|
||||
if (intDuration > passwordPolicy.getExpiration()) {
|
||||
WebContext.getSession().setAttribute(WebConstants.CURRENT_LOGIN_USER_PASSWORD_SET_TYPE,
|
||||
WebContext.getSession().setAttribute(WebConstants.CURRENT_USER_PASSWORD_SET_TYPE,
|
||||
ConstantsPasswordSetType.PASSWORD_EXPIRED);
|
||||
}
|
||||
}
|
||||
|
||||
@ -25,9 +25,9 @@ package org.maxkey.web;
|
||||
*/
|
||||
public class WebConstants {
|
||||
|
||||
public static final String USERNAME = "username";
|
||||
public static final String USERNAME = "username";
|
||||
|
||||
public static final String REMOTE_USERNAME = "remote_username";
|
||||
public static final String REMOTE_USERNAME = "remote_username";
|
||||
|
||||
public static final String CURRENT_USER = "current_user";
|
||||
|
||||
@ -43,44 +43,47 @@ public class WebConstants {
|
||||
|
||||
public static final String CURRENT_USER_SYSTEM_ROLES = "current_user_system_roles";
|
||||
|
||||
public static final String CURRENT_LOGIN_USER_PASSWORD_SET_TYPE
|
||||
= "current_login_user_password_set_type";
|
||||
public static final String CURRENT_USER_PASSWORD_SET_TYPE
|
||||
= "current_user_password_set_type";
|
||||
|
||||
public static final String CURRENT_MESSAGE = "current_message";
|
||||
|
||||
// SPRING_SECURITY_SAVED_REQUEST
|
||||
public static final String FIRST_SAVED_REQUEST_PARAMETER = "SPRING_SECURITY_SAVED_REQUEST";
|
||||
public static final String FIRST_SAVED_REQUEST_PARAMETER
|
||||
= "SPRING_SECURITY_SAVED_REQUEST";
|
||||
|
||||
public static final String KAPTCHA_SESSION_KEY = "kaptcha_session_key";
|
||||
|
||||
public static final String SINGLE_SIGN_ON_APP_ID = "single_sign_on_app_id";
|
||||
public static final String SINGLE_SIGN_ON_APP_ID = "single_sign_on_app_id";
|
||||
|
||||
public static final String AUTHORIZE_SIGN_ON_APP = "authorize_sign_on_app";
|
||||
public static final String AUTHORIZE_SIGN_ON_APP = "authorize_sign_on_app";
|
||||
|
||||
public static final String AUTHORIZE_SIGN_ON_APP_SAMLV20_ADAPTER = "authorize_sign_on_app_samlv20_adapter";
|
||||
public static final String AUTHORIZE_SIGN_ON_APP_SAMLV20_ADAPTER
|
||||
= "authorize_sign_on_app_samlv20_adapter";
|
||||
|
||||
public static final String REMEBER_ME_SESSION = "remeber_me_session";
|
||||
public static final String REMEBER_ME_SESSION = "remeber_me_session";
|
||||
|
||||
public static final String KERBEROS_TOKEN_PARAMETER = "kerberosToken";
|
||||
public static final String KERBEROS_TOKEN_PARAMETER = "kerberosToken";
|
||||
|
||||
public static final String CAS_SERVICE_PARAMETER = "service";
|
||||
public static final String CAS_SERVICE_PARAMETER = "service";
|
||||
|
||||
public static final String KERBEROS_USERDOMAIN_PARAMETER = "kerberosUserDomain";
|
||||
public static final String KERBEROS_USERDOMAIN_PARAMETER = "kerberosUserDomain";
|
||||
|
||||
public static final String REMEBER_ME_COOKIE = "sign_in_remeber_me";
|
||||
public static final String REMEBER_ME_COOKIE = "sign_in_remeber_me";
|
||||
|
||||
public static final String JWT_TOKEN_PARAMETER = "jwt";
|
||||
public static final String JWT_TOKEN_PARAMETER = "jwt";
|
||||
|
||||
public static final String CURRENT_SINGLESIGNON_URI = "current_singlesignon_uri";
|
||||
public static final String CURRENT_SINGLESIGNON_URI = "current_singlesignon_uri";
|
||||
|
||||
public static final String AUTHENTICATION = "current_authentication";
|
||||
public static final String AUTHENTICATION = "current_authentication";
|
||||
|
||||
public static final String THEME_COOKIE_NAME = "theme_value";
|
||||
public static final String THEME_COOKIE_NAME = "theme_value";
|
||||
|
||||
public static final String LOGIN_ERROR_SESSION_MESSAGE = "login_error_session_message_key";
|
||||
public static final String LOGIN_ERROR_SESSION_MESSAGE
|
||||
= "login_error_session_message_key";
|
||||
|
||||
public static final String ONLINE_TICKET_NAME = "online_ticket";
|
||||
public static final String ONLINE_TICKET_NAME = "online_ticket";
|
||||
|
||||
public static final String ONLINE_TICKET_PREFIX = "OT";
|
||||
public static final String ONLINE_TICKET_PREFIX = "OT";
|
||||
|
||||
}
|
||||
|
||||
@ -66,12 +66,16 @@ public final class WebContext {
|
||||
public static IdGenerator idGenerator;
|
||||
|
||||
static {
|
||||
sessionAttributeNameList.add(WebConstants.CURRENT_LOGIN_USER_PASSWORD_SET_TYPE);
|
||||
sessionAttributeNameList.add(WebConstants.FIRST_SAVED_REQUEST_PARAMETER);
|
||||
sessionAttributeNameList.add(WebConstants.AUTHENTICATION);
|
||||
sessionAttributeNameList.add(WebConstants.CURRENT_USER);
|
||||
sessionAttributeNameList.add(WebConstants.AUTHORIZE_SIGN_ON_APP_SAMLV20_ADAPTER);
|
||||
|
||||
sessionAttributeNameList.add(WebConstants.AUTHORIZE_SIGN_ON_APP);
|
||||
sessionAttributeNameList.add(WebConstants.AUTHORIZE_SIGN_ON_APP_SAMLV20_ADAPTER);
|
||||
|
||||
sessionAttributeNameList.add(WebConstants.CURRENT_USER);
|
||||
sessionAttributeNameList.add(WebConstants.CURRENT_USER_PASSWORD_SET_TYPE);
|
||||
sessionAttributeNameList.add(WebConstants.CURRENT_USER_SESSION_ID);
|
||||
|
||||
sessionAttributeNameList.add(WebConstants.FIRST_SAVED_REQUEST_PARAMETER);
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@ -150,8 +150,8 @@ public class MaxKeyMvcConfig implements WebMvcConfigurer {
|
||||
.addPathPatterns("/profile/**")
|
||||
.addPathPatterns("/safe/**")
|
||||
.addPathPatterns("/historys/**")
|
||||
.addPathPatterns("/loginsession/**")
|
||||
.addPathPatterns("loginsession/loginSessionList/grid")
|
||||
.addPathPatterns("/session/**")
|
||||
.addPathPatterns("/session/**/**")
|
||||
.addPathPatterns("/appList")
|
||||
.addPathPatterns("/appList/**")
|
||||
.addPathPatterns("/socialsignon/**")
|
||||
|
||||
@ -83,7 +83,7 @@ public class SafeController {
|
||||
if(newPassword ==null ||newPassword.equals("")) {
|
||||
|
||||
}else if(userInfoService.changePassword(oldPassword,newPassword,confirmPassword,ConstantsPasswordSetType.PASSWORD_NORMAL)){
|
||||
WebContext.getSession().setAttribute(WebConstants.CURRENT_LOGIN_USER_PASSWORD_SET_TYPE,ConstantsPasswordSetType.PASSWORD_NORMAL);
|
||||
WebContext.getSession().setAttribute(WebConstants.CURRENT_USER_PASSWORD_SET_TYPE,ConstantsPasswordSetType.PASSWORD_NORMAL);
|
||||
return WebContext.redirect("/index");
|
||||
}
|
||||
|
||||
@ -104,7 +104,7 @@ public class SafeController {
|
||||
if(newPassword ==null ||newPassword.equals("")) {
|
||||
|
||||
}else if(userInfoService.changePassword(oldPassword,newPassword,confirmPassword,ConstantsPasswordSetType.PASSWORD_NORMAL)){
|
||||
WebContext.getSession().setAttribute(WebConstants.CURRENT_LOGIN_USER_PASSWORD_SET_TYPE,ConstantsPasswordSetType.PASSWORD_NORMAL);
|
||||
WebContext.getSession().setAttribute(WebConstants.CURRENT_USER_PASSWORD_SET_TYPE,ConstantsPasswordSetType.PASSWORD_NORMAL);
|
||||
return WebContext.redirect("/index");
|
||||
}
|
||||
|
||||
|
||||
@ -20,21 +20,16 @@ package org.maxkey.web.historys.contorller;
|
||||
import java.text.SimpleDateFormat;
|
||||
import java.util.Date;
|
||||
import org.apache.mybatis.jpa.persistence.JpaPageResults;
|
||||
import org.maxkey.authn.SigninPrincipal;
|
||||
import org.maxkey.authn.online.OnlineTicket;
|
||||
import org.maxkey.authn.online.OnlineTicketServices;
|
||||
import org.maxkey.constants.ConstantsOperateMessage;
|
||||
import org.maxkey.entity.HistoryLogin;
|
||||
import org.maxkey.entity.HistoryLoginApps;
|
||||
import org.maxkey.entity.HistoryLogs;
|
||||
import org.maxkey.entity.UserInfo;
|
||||
import org.maxkey.persistence.db.LoginHistoryService;
|
||||
import org.maxkey.persistence.db.LoginService;
|
||||
import org.maxkey.persistence.service.HistoryLoginAppsService;
|
||||
import org.maxkey.persistence.service.HistoryLoginService;
|
||||
import org.maxkey.persistence.service.HistorySystemLogsService;
|
||||
import org.maxkey.util.DateUtils;
|
||||
import org.maxkey.util.StringUtils;
|
||||
import org.maxkey.web.WebConstants;
|
||||
import org.maxkey.web.WebContext;
|
||||
import org.maxkey.web.message.Message;
|
||||
import org.maxkey.web.message.MessageType;
|
||||
@ -42,7 +37,6 @@ import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.beans.propertyeditors.CustomDateEditor;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.stereotype.Controller;
|
||||
import org.springframework.web.bind.WebDataBinder;
|
||||
import org.springframework.web.bind.annotation.InitBinder;
|
||||
@ -59,7 +53,7 @@ import org.springframework.web.bind.annotation.ResponseBody;
|
||||
*/
|
||||
|
||||
@Controller
|
||||
@RequestMapping(value = { "/loginsession" })
|
||||
@RequestMapping(value = { "/session" })
|
||||
public class LoginSessionController {
|
||||
static final Logger _logger = LoggerFactory.getLogger(LoginSessionController.class);
|
||||
|
||||
@ -74,9 +68,9 @@ public class LoginSessionController {
|
||||
@Autowired
|
||||
OnlineTicketServices onlineTicketServices;
|
||||
|
||||
@RequestMapping(value = { "/loginSessionList" })
|
||||
@RequestMapping(value = { "/sessionList" })
|
||||
public String authList() {
|
||||
return "historys/loginSessionList";
|
||||
return "historys/sessionList";
|
||||
}
|
||||
|
||||
/**
|
||||
@ -85,10 +79,10 @@ public class LoginSessionController {
|
||||
* @param logsAuth
|
||||
* @return
|
||||
*/
|
||||
@RequestMapping(value = { "/loginSessionList/grid" })
|
||||
@RequestMapping(value = { "/sessionList/grid" })
|
||||
@ResponseBody
|
||||
public JpaPageResults<HistoryLogin> loginSessionListGrid(@ModelAttribute("historyLogin") HistoryLogin historyLogin) {
|
||||
_logger.debug("history/loginsession/ loginSessionListGrid() " + historyLogin);
|
||||
_logger.debug("history/session/ sessionListGrid() " + historyLogin);
|
||||
historyLogin.setUserId(WebContext.getUserInfo().getId());
|
||||
return historyLoginService.queryOnlineSession(historyLogin);
|
||||
}
|
||||
@ -101,17 +95,13 @@ public class LoginSessionController {
|
||||
_logger.debug(ids);
|
||||
boolean isTerminated = false;
|
||||
try {
|
||||
OnlineTicket onlineTicket = null;
|
||||
Authentication authentication = WebContext.getAuthentication();
|
||||
if(authentication.getPrincipal() instanceof SigninPrincipal) {
|
||||
SigninPrincipal signinPrincipal = (SigninPrincipal)authentication.getPrincipal();
|
||||
//onlineTicket
|
||||
onlineTicket = signinPrincipal.getOnlineTicket();
|
||||
|
||||
String currentUserSessionId = "";
|
||||
if(WebContext.getAttribute(WebConstants.CURRENT_USER_SESSION_ID) != null) {
|
||||
currentUserSessionId = WebContext.getAttribute(WebConstants.CURRENT_USER_SESSION_ID).toString();
|
||||
}
|
||||
for(String sessionId : StringUtils.string2List(ids, ",")) {
|
||||
_logger.trace("terminate session Id {} ",sessionId);
|
||||
if(onlineTicket.getTicketId().contains(sessionId)) {
|
||||
if(currentUserSessionId.contains(sessionId)) {
|
||||
//skip current session
|
||||
continue;
|
||||
}
|
||||
|
||||
@ -80,7 +80,7 @@ public class PermissionAdapter implements AsyncHandlerInterceptor {
|
||||
throws Exception {
|
||||
_logger.trace("PermissionAdapter preHandle");
|
||||
_logger.trace("PermissionAdapter " + request.getSession().getId());
|
||||
Object passwordSetTypeAttribute=WebContext.getSession().getAttribute(WebConstants.CURRENT_LOGIN_USER_PASSWORD_SET_TYPE);
|
||||
Object passwordSetTypeAttribute=WebContext.getSession().getAttribute(WebConstants.CURRENT_USER_PASSWORD_SET_TYPE);
|
||||
|
||||
if(passwordSetTypeAttribute != null) {
|
||||
Integer passwordSetType=(Integer)passwordSetTypeAttribute;
|
||||
|
||||
@ -25,7 +25,7 @@
|
||||
<div id="tool_box_right">
|
||||
<input id="deleteBtn" type="button" class="button btn btn-danger mr-3 "
|
||||
value="<@locale code="button.text.terminate"/>"
|
||||
wurl="<@base/>/loginsession/terminate" />
|
||||
wurl="<@base/>/session/terminate" />
|
||||
</div>
|
||||
</td>
|
||||
</tr>
|
||||
@ -53,7 +53,7 @@
|
||||
|
||||
<div class="mainwrap" id="main">
|
||||
|
||||
<table data-url="<@base />/loginsession/loginSessionList/grid"
|
||||
<table data-url="<@base />/session/sessionList/grid"
|
||||
id="datagrid"
|
||||
data-toggle="table"
|
||||
data-classes="table table-bordered table-hover table-striped"
|
||||
@ -55,24 +55,24 @@
|
||||
<ul>
|
||||
<!--登录日志-->
|
||||
<li id="nav_second_1501" class="nav_second_level">
|
||||
<a href="<@base/>/loginsession/loginSessionList"><@locale code="navs.audit.loginsession"/></a>
|
||||
<a href="<@base/>/session/sessionList"><@locale code="navs.audit.loginsession"/></a>
|
||||
</li>
|
||||
</ul>
|
||||
<ul>
|
||||
<!--登录日志-->
|
||||
<li id="nav_second_1501" class="nav_second_level">
|
||||
<li id="nav_second_1502" class="nav_second_level">
|
||||
<a href="<@base/>/historys/loginList"><@locale code="navs.audit.login"/></a>
|
||||
</li>
|
||||
</ul>
|
||||
<ul>
|
||||
<!--访问日志-->
|
||||
<li id="nav_second_1502" class="nav_second_level">
|
||||
<li id="nav_second_1503" class="nav_second_level">
|
||||
<a href="<@base/>/historys/loginAppsList"><@locale code="navs.audit.signon"/></a>
|
||||
</li>
|
||||
</ul>
|
||||
<ul>
|
||||
<!--操作日志-->
|
||||
<li id="nav_second_1503" class="nav_second_level">
|
||||
<li id="nav_second_1504" class="nav_second_level">
|
||||
<a href="<@base/>/historys/systemLogsList"><@locale code="navs.audit.operation"/></a>
|
||||
</li>
|
||||
</ul>
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user