admin/MaxKey
1
0
Fork 0
mirror of https://gitee.com/dromara/MaxKey.git synced 2025-12-06 17:08:29 +08:00
Code Issues Packages Projects Releases Wiki Activity

Configuration

Browse Source
This commit is contained in:
shimingxy 2019-12-16 21:47:33 +08:00
parent eadf609810
commit 67478a7101
19 changed files with 235 additions and 408 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

49
maxkey-core/src/main/java/org/maxkey/config/ApplicationConfig.java
View File

@ -1,10 +1,11 @@
package org.maxkey.config;
import java.util.ArrayList;
import java.util.concurrent.ConcurrentHashMap;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.PropertySource;
import org.springframework.stereotype.Component;
/**
* 全局应用程序配置
@ -21,38 +22,52 @@ import org.slf4j.LoggerFactory;
* @author Crystal.Sea
*
*/
@Component
@PropertySource("classpath:/config/applicationConfig.properties")
public class ApplicationConfig {
private static final Logger _logger = LoggerFactory.getLogger(ApplicationConfig.class);
@Autowired
DataSoruceConfig dataSoruceConfig;
@Autowired
EmailConfig emailConfig;
@Autowired
CharacterEncodingConfig characterEncodingConfig;
@Autowired
LoginConfig loginConfig;
@Value("${config.server.domain}")
String domainName;
@Value("${config.server.subdomain}")
String subDomainName;
@Value("${config.server.name}")
String serverName;
@Value("${config.server.prefix.uri}")
String serverPrefix;
@Value("${config.server.default.uri}")
String defaultUri;
@Value("${config.server.manage.uri}")
String manageUri;
/*
//is enable whiteList for ipAddress filter
boolean whiteList;
//All user have permission Access URL
public ConcurrentHashMap<String,String> anonymousAccessUrls;
*/
String manageUri;
public ApplicationConfig() {
super();
anonymousAccessUrls=new ConcurrentHashMap<String,String>();
/*anonymousAccessUrls=new ConcurrentHashMap<String,String>();
anonymousAccessUrls.put("/index/", "/index/");
anonymousAccessUrls.put("/index/top","/index/top/");
anonymousAccessUrls.put("/index/left/","/index/left/");
@ -68,6 +83,7 @@ public class ApplicationConfig {
anonymousAccessUrls.put("/approles/appRolesGrid/","/approles/appRolesGrid/");
_logger.debug("Anonymous Access Urls : \n"+anonymousAccessUrls);
*/
}
@ -147,7 +163,7 @@ public class ApplicationConfig {
public void setSubDomainName(String subDomainName) {
this.subDomainName = subDomainName;
}
/*
public ConcurrentHashMap<String, String> getAnonymousAccessUrls() {
return anonymousAccessUrls;
}
@ -158,7 +174,7 @@ public class ApplicationConfig {
this.anonymousAccessUrls.put(anonymousAccessUrl,anonymousAccessUrl);
}
}
*/
/**
* @return the emailConfig
*/
@ -182,12 +198,21 @@ public class ApplicationConfig {
this.manageUri = manageUri;
}
public String getDefaultUri() {
return defaultUri;
}
public void setDefaultUri(String defaultUri) {
this.defaultUri = defaultUri;
}
/*
public boolean isWhiteList() {
return whiteList;
}
public void setWhiteList(boolean whiteList) {
this.whiteList = whiteList;
}
}*/
}

9
maxkey-core/src/main/java/org/maxkey/config/CharacterEncodingConfig.java
View File

@ -5,26 +5,35 @@ package org.maxkey.config;
import java.io.UnsupportedEncodingException;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.PropertySource;
/**
* 字符集转换及转换配置
* @author Crystal.Sea
*
*/
@Configuration
@PropertySource("classpath:/config/applicationConfig.properties")
public class CharacterEncodingConfig {
/**
* 源字符集
*/
@Value("${config.characterencoding.charset.from}")
String fromCharSet;
/**
* 目标字符集
*/
@Value("${config.characterencoding.charset.to}")
String toCharSet;
/**
* 转换标志
*/
@Value("${config.characterencoding.encoding}")
boolean encoding = false;

16
maxkey-core/src/main/java/org/maxkey/config/DataSoruceConfig.java
View File

@ -2,8 +2,10 @@ package org.maxkey.config;
import org.apache.commons.logging.LogFactory;
import org.apache.mybatis.jpa.dialect.Dialect;
import org.maxkey.crypto.Base64Utils;
import org.maxkey.crypto.password.PasswordReciprocal;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.PropertySource;
/**
* 数据源配置
@ -20,32 +22,40 @@ import org.maxkey.crypto.password.PasswordReciprocal;
* @author Crystal.Sea
*
*/
@Configuration
@PropertySource("classpath:/config/applicationConfig.properties")
public class DataSoruceConfig {
/**
* 数据库类型
*/
@Value("${config.datasource.database:mysql}")
String database;
/**
* jdbc驱动类
*/
@Value("${config.datasource.driverclass:com.mysql.jdbc.Driver}")
String driverClass;
/**
* jdbc连接地址
*/
@Value("${config.datasource.url:jdbc:mysql://localhost/maxkey?autoReconnect=true&characterEncoding=UTF-8}")
String url;
/**
* 数据库用户名
*/
@Value("${config.datasource.username:root}")
String username;
/**
* 数据库密码
*/
@Value("${config.datasource.password:maxkey}")
String password;
/**
* 数据库密码是否加密
*/
@Value("${config.datasource.password.encrypt}")
boolean encrypt=false;
/**
@ -107,7 +117,6 @@ public class DataSoruceConfig {
* @param database the database to set
*/
public void setDatabase(String database) {
this.dialect=Dialect.getDialectMap().get(database);
this.database = database;
}
@ -143,6 +152,9 @@ public class DataSoruceConfig {
* @return the dialect
*/
public String getDialect() {
if(this.dialect==null) {
this.dialect=Dialect.getDialectMap().get(database);
}
return dialect;
}

16
maxkey-core/src/main/java/org/maxkey/config/EmailConfig.java
View File

@ -1,18 +1,24 @@
package org.maxkey.config;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.PropertySource;
@Configuration
@PropertySource("classpath:/config/applicationConfig.properties")
public class EmailConfig {
@Value("${config.email.username}")
private String username;
@Value("${config.email.password}")
private String password;
@Value("${config.email.smtpHost}")
private String smtpHost;
@Value("${config.email.senderMail}")
private String senderMail;
@Value("${config.email.port}")
private Integer port;
@Value("${config.email.ssl}")
private boolean ssl;

21
maxkey-core/src/main/java/org/maxkey/config/LoginConfig.java
View File

@ -1,20 +1,25 @@
package org.maxkey.config;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.PropertySource;
@Configuration
@PropertySource("classpath:/config/applicationLogin.properties")
public class LoginConfig {
@Value("${config.login.captcha}")
boolean captcha;
@Value("${config.login.onetimepwd}")
boolean oneTimePwd;
@Value("${config.login.socialsignon}")
boolean socialSignOn;
@Value("${config.login.kerberos}")
boolean kerberos;
@Value("${config.login.remeberme}")
boolean remeberMe;
@Value("${config.login.wsfederation}")
boolean wsFederation;
@Value("${config.login.default.uri}")
String defaultUri;

10
maxkey-web-manage/src/main/java/org/maxkey/T.java
View File

@ -1,10 +0,0 @@
package org.maxkey;
import org.springframework.boot.web.servlet.support.SpringBootServletInitializer;
public class T extends SpringBootServletInitializer {
public static void main(String[] args) {
System.out.println("MaxKeyMgtApplication");
}
}

69
maxkey-web-manage/src/main/java/org/maxkey/web/endpoint/CaptchaEndpoint.java
View File

@ -1,69 +0,0 @@
package org.maxkey.web.endpoint;
import java.awt.image.BufferedImage;
import javax.imageio.ImageIO;
import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.maxkey.web.WebConstants;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.servlet.ModelAndView;
import com.google.code.kaptcha.Producer;
/**
* @author Crystal.Sea
*
*/
@Controller
@RequestMapping(value = "/captcha")
public class CaptchaEndpoint {
private static final Logger _logger = LoggerFactory.getLogger(CaptchaEndpoint.class);
@Autowired
private Producer captchaProducer;
/**
* captcha image Producer
* @param request
* @param response
* @return
* @throws Exception
*/
@RequestMapping
public ModelAndView captchaHandleRequest(HttpServletRequest request,HttpServletResponse response) throws Exception {
// Set to expire far in the past.
response.setDateHeader("Expires", 0);
// Set standard HTTP/1.1 no-cache headers.
response.setHeader("Cache-Control", "no-store, no-cache, must-revalidate");
// Set IE extended HTTP/1.1 no-cache headers (use addHeader).
response.addHeader("Cache-Control", "post-check=0, pre-check=0");
// Set standard HTTP/1.0 no-cache header.
response.setHeader("Pragma", "no-cache");
// return a jpeg
response.setContentType("image/jpeg");
// create the text for the image
String capText = captchaProducer.createText();
_logger.debug("Captcha Text : "+capText);
// store the text in the session
request.getSession().setAttribute(WebConstants.KAPTCHA_SESSION_KEY, capText);
// create the image with the text
BufferedImage bi = captchaProducer.createImage(capText);
ServletOutputStream out = response.getOutputStream();
// write the data out
ImageIO.write(bi, "jpg", out);
try{
out.flush();
}finally{
out.close();
}
return null;
}
}

94
maxkey-web-manage/src/main/java/org/maxkey/web/endpoint/ImageEndpoint.java
View File

@ -2,6 +2,8 @@ package org.maxkey.web.endpoint;
import java.awt.image.BufferedImage;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import javax.imageio.ImageIO;
@ -9,30 +11,73 @@ import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.maxkey.web.WebConstants;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.servlet.ModelAndView;
import com.google.code.kaptcha.Producer;
/**
* @author Crystal.Sea
*
*/
@Controller
@RequestMapping(value = "/image")
public class ImageEndpoint {
private static final Logger _logger = LoggerFactory.getLogger(ImageEndpoint.class);
@Autowired
private Producer captchaProducer;
/**
* captcha image Producer
* @param request
* @param response
*/
@RequestMapping(value = "/captcha")
public void captchaHandleRequest(HttpServletRequest request,HttpServletResponse response){
try{
// Set to expire far in the past.
response.setDateHeader("Expires", 0);
// Set standard HTTP/1.1 no-cache headers.
response.setHeader("Cache-Control", "no-store, no-cache, must-revalidate");
// Set IE extended HTTP/1.1 no-cache headers (use addHeader).
response.addHeader("Cache-Control", "post-check=0, pre-check=0");
// Set standard HTTP/1.0 no-cache header.
response.setHeader("Pragma", "no-cache");
// return a jpeg
response.setContentType("image/jpeg");
// create the text for the image
String capText = captchaProducer.createText();
_logger.debug("Sesssion id " + request.getSession().getId() + " , Captcha Text is " + capText);
// store the text in the session
request.getSession().setAttribute(WebConstants.KAPTCHA_SESSION_KEY, capText);
// create the image with the text
BufferedImage bi = captchaProducer.createImage(capText);
ServletOutputStream out = response.getOutputStream();
// write the data out
ImageIO.write(bi, "jpg", out);
out.flush();
out.close();
}catch(Exception e) {
_logger.error("captcha Producer Error " + e.getMessage());
}
}
/**
* image Producer
* @param request
* @param response
* @return
* @throws Exception
*/
@RequestMapping("/{id}")
public ModelAndView imageHandleRequest(HttpServletRequest request,HttpServletResponse response,@PathVariable("id") String id) throws Exception {
@RequestMapping("/image/{id}")
public void imageHandleRequest(HttpServletRequest request,HttpServletResponse response,@PathVariable("id") String id) throws Exception {
// Set to expire far in the past.
response.setDateHeader("Expires", 0);
// Set standard HTTP/1.1 no-cache headers.
@ -45,20 +90,49 @@ public class ImageEndpoint {
response.setContentType("image/gif");
// create the text for the image
byte[]image=(byte[]) request.getSession().getAttribute(id);
request.getSession().removeAttribute(id);
//request.getSession().removeAttribute(id);
// create the image with the text
if(image!=null){
InputStream in = new ByteArrayInputStream(image);
BufferedImage bi = ImageIO.read(in);
ServletOutputStream out = response.getOutputStream();
// write the data out
ImageIO.write(bi, "gif", out);
ImageIO.write(byte2BufferedImage(image), "gif", out);
try{
out.flush();
}finally{
out.close();
}
}
return null;
}
public static BufferedImage byte2BufferedImage(byte[]imageByte){
try {
InputStream in = new ByteArrayInputStream(imageByte);
BufferedImage bufferedImage = ImageIO.read(in);
return bufferedImage;
} catch (IOException e) {
e.printStackTrace();
}
return null;
}
public static byte[] bufferedImage2Byte(BufferedImage bufferedImage ){
try {
ByteArrayOutputStream byteArrayOutputStream=new ByteArrayOutputStream();
ImageIO.write(bufferedImage,"gif",byteArrayOutputStream);
return byteArrayOutputStream.toByteArray();
} catch (IOException e) {
e.printStackTrace();
}
return null;
}
public Producer getCaptchaProducer() {
return captchaProducer;
}
public void setCaptchaProducer(Producer captchaProducer) {
this.captchaProducer = captchaProducer;
}
}

51
maxkey-web-manage/src/main/java/org/maxkey/web/interceptor/PermissionAdapter.java
View File

@ -1,6 +1,5 @@
package org.maxkey.web.interceptor;
import java.util.List;
import java.util.concurrent.ConcurrentHashMap;
import javax.servlet.RequestDispatcher;
@ -8,8 +7,6 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.maxkey.config.ApplicationConfig;
import org.maxkey.domain.Navigations;
import org.maxkey.domain.UserInfo;
import org.maxkey.web.WebContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@ -40,55 +37,17 @@ public class PermissionAdapter extends HandlerInterceptorAdapter {
@Override
public boolean preHandle(HttpServletRequest request,HttpServletResponse response, Object handler) throws Exception {
_logger.debug("PermissionAdapter preHandle");
//加载定义的功能菜单地址
/*if(navigationsMap==null){
List<Navigations> navigationsList=((NavigationsService)WebContext.getBean("navigationsService")).query(null);
navigationsMap=new ConcurrentHashMap<String ,String >();
for(Navigations nav : navigationsList){
if(nav.getUrl()==null)continue;
if(nav.getUrl().endsWith("/")){
navigationsMap.put("/"+nav.getUrl(), nav.getId());
}else{
navigationsMap.put("/"+nav.getUrl()+"/", nav.getId());
}
}
_logger.debug("navigationsMap : "+navigationsMap);
}
UserInfo userInfo =WebContext.getUserInfo();//取得登录用户
if(userInfo==null||WebContext.getRoles()==null){//判断用户和角色判断用户是否登录用户
//判断用户是否登录
if(WebContext.getAuthentication()==null||WebContext.getAuthentication().getAuthorities()==null){//判断用户和角色判断用户是否登录用户
RequestDispatcher dispatcher = request.getRequestDispatcher("/login");
dispatcher.forward(request, response);
return false;
}
//取得当前访问地址 Access URL
String accessURI=request.getRequestURI().substring(request.getContextPath().length());
if(!accessURI.endsWith("/")){
accessURI=accessURI+"/";
}
//定义匿名可以访问URL地址
if(applicationConfig.getAnonymousAccessUrls().containsKey(accessURI)){
_logger.debug("Access URI : "+accessURI+" , AnonymousAccessUrls .");
return true;
}
boolean hasNavAccess=true;
//菜单权限匹配
if(navigationsMap.containsKey(accessURI)){//判断当前访问URL地址是否需要进行权限校验
hasNavAccess=false;
for(Navigations nav : WebContext.getNavigations()){//获取当前登录用户拥有URL访问列表
String haveURL=nav.getUrl();
if(haveURL==null)continue;
if(!haveURL.endsWith("/")){haveURL="/"+haveURL+"/";}
if(haveURL.endsWith(accessURI)){
hasNavAccess=true;
}
}
_logger.debug("Access URI : "+accessURI+" , hasNavAccess "+hasNavAccess);
if(hasNavAccess)return true;
}
boolean hasAccess=true;
/*
boolean preHandler = super.preHandle(request, response, handler);
@ -104,6 +63,6 @@ public class PermissionAdapter extends HandlerInterceptorAdapter {
return false;
}
}*/
return true;
return hasAccess;
}
}

12
maxkey-web-manage/src/main/resources/config/applicationConfig.properties
View File

@ -25,11 +25,11 @@ config.datasource.driverclass=com.mysql.jdbc.Driver
#
config.datasource.url=jdbc:mysql://localhost/maxkey?autoReconnect=true&characterEncoding=UTF-8
config.datasource.username=root
#connsec/bb2002b9f55b05d3e0e6f34ec5321051
#root/4f8520865b3793b07b23e16bc1f117b8
config.datasource.password=bb2002b9f55b05d3e0e6f34ec5321051
#db2,derby,mysql,oracle,postgresql,sqlserver at com.connsec.db.mybatis.dialect.Dialect
#root/maxkey
config.datasource.password=maxkey
#db2,derby,mysql,oracle,postgresql,sqlserver at Dialect
config.datasource.database=mysql
config.datasource.password.encrypt=false
# End DataBase configuration
############################################################################
# CharacterEncoding
@ -57,11 +57,11 @@ config.server.prefix=${config.server.name}/manage
############################################################################
# EMAIL configuration
config.email.username=test@connsec.com
config.email.username=test@maxkey.org
config.email.password=3&8Ujbnm5hkjhFD
config.email.smtpHost=smtp.exmail.qq.com
config.email.port=25
config.email.senderMail=test@connsec.com
config.email.senderMail=test@maxkey.org
config.email.ssl=false
############################################################################

56
maxkey-web-manage/src/main/resources/spring/maxkey-mgt.xml
View File

@ -34,62 +34,8 @@
<property name="ignoreUnresolvablePlaceholders" value="true"/>
</bean>
<!-- dataSoruce Config -->
<bean id="dataSoruceConfig" class="org.maxkey.config.DataSoruceConfig">
<property name="driverClass" value="${config.datasource.driverclass}"/>
<property name="url" value="${config.datasource.url}"/>
<property name="username" value="${config.datasource.username}"/>
<property name="password" value="${config.datasource.password}"/>
<property name="database" value="${config.datasource.database}"/>
<property name="encrypt" value="true"/>
</bean>
<context:component-scan base-package="org.maxkey.config" />
<!-- Character Encoding Config -->
<bean id="characterEncodingConfig" class="org.maxkey.config.CharacterEncodingConfig">
<property name="encoding" value="${config.characterencoding.encoding}"/>
<property name="fromCharSet" value="${config.characterencoding.fromcharset}"/>
<property name="toCharSet" value="${config.characterencoding.tocharset}"/>
</bean>
<!-- email Config -->
<bean id="emailConfig" class="org.maxkey.config.EmailConfig">
<property name="username" value="${config.email.username}"/>
<property name="password" value="${config.email.password}"/>
<property name="smtpHost" value="${config.email.smtpHost}"/>
<property name="port" value="${config.email.port}"/>
<property name="senderMail" value="${config.email.senderMail}"/>
<property name="ssl" value="${config.email.ssl}"/>
</bean>
<!-- Login Config -->
<bean id="loginConfig" class="org.maxkey.config.LoginConfig">
<property name="captcha" value="${config.login.captcha}"/>
<property name="oneTimePwd" value="${config.login.onetimepwd}"/>
<property name="socialSignOn" value="${config.login.socialsignon}"/>
<property name="kerberos" value="${config.login.kerberos}"/>
<property name="wsFederation" value="${config.login.wsfederation}"/>
<property name="remeberMe" value="${config.login.remeberme}"/>
<property name="defaultUri" value="${config.login.default.uri}"/>
</bean>
<!-- Application Config -->
<bean id="applicationConfig" class="org.maxkey.config.ApplicationConfig">
<property name="dataSoruceConfig" ref="dataSoruceConfig"/>
<property name="characterEncodingConfig" ref="characterEncodingConfig"/>
<property name="emailConfig" ref="emailConfig"/>
<property name="loginConfig" ref="loginConfig"/>
<property name="domainName" value="${config.domain.name}"/>
<property name="serverPrefix" value="${config.server.maxkey.uri}"/>
<property name="manageUri" value="${config.manage.uri}"/>
<property name="whiteList" value="${config.ipaddress.whitelist}"/>
<property name="anonymousAccessUrls">
<list>
<value>null</value>
</list>
</property>
</bean>
<bean id="keyStoreLoader" class="org.maxkey.crypto.keystore.KeyStoreLoader">
<property name="entityName" value="${config.saml.v20.idp.issuing.entity.id}" />
<property name="keystorePassword" value="${config.saml.v20.idp.keystore.password}" />

8
maxkey-web-maxkey/src/main/java/org/maxkey/web/filter/IpAddressFilter.java
View File

@ -27,8 +27,10 @@ public class IpAddressFilter implements Filter {
private static final Logger _logger = LoggerFactory.getLogger(IpAddressFilter.class);
@Autowired
@Qualifier("applicationConfig")
private ApplicationConfig applicationConfig;
@Qualifier("applicationConfig")
private ApplicationConfig applicationConfig;
boolean whiteList=false;
@Override
public void init(FilterConfig filterConfig) throws ServletException {
@ -59,7 +61,7 @@ public class IpAddressFilter implements Filter {
}
//白名单地址
if(applicationConfig.isWhiteList()&&!IpAddressCache.ipAddressWhiteListMap.containsKey(ipAddress)){
if(whiteList&&!IpAddressCache.ipAddressWhiteListMap.containsKey(ipAddress)){
_logger.info("You IpAddress not in White List "+ipAddress);
RequestDispatcher dispatcher = request.getRequestDispatcher("/accessdeny");
dispatcher.forward(request, response);

88
maxkey-web-maxkey/src/main/java/org/maxkey/web/interceptor/PermissionAdapter.java
View File

@ -1,6 +1,5 @@
package org.maxkey.web.interceptor;
import java.util.List;
import java.util.concurrent.ConcurrentHashMap;
import javax.servlet.RequestDispatcher;
@ -8,8 +7,6 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.maxkey.config.ApplicationConfig;
import org.maxkey.domain.Navigations;
import org.maxkey.domain.UserInfo;
import org.maxkey.web.WebContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@ -40,70 +37,31 @@ public class PermissionAdapter extends HandlerInterceptorAdapter {
@Override
public boolean preHandle(HttpServletRequest request,HttpServletResponse response, Object handler) throws Exception {
_logger.debug("PermissionAdapter preHandle");
//加载定义的功能菜单地址
/*if(navigationsMap==null){
List<Navigations> navigationsList=((NavigationsService)WebContext.getBean("navigationsService")).query(null);
navigationsMap=new ConcurrentHashMap<String ,String >();
for(Navigations nav : navigationsList){
if(nav.getUrl()==null)continue;
if(nav.getUrl().endsWith("/")){
navigationsMap.put("/"+nav.getUrl(), nav.getId());
}else{
navigationsMap.put("/"+nav.getUrl()+"/", nav.getId());
}
}
_logger.debug("navigationsMap : "+navigationsMap);
}
UserInfo userInfo =WebContext.getUserInfo();//取得登录用户
if(userInfo==null||WebContext.getRoles()==null){//判断用户和角色判断用户是否登录用户
RequestDispatcher dispatcher = request.getRequestDispatcher("/login");
dispatcher.forward(request, response);
return false;
}
//取得当前访问地址 Access URL
String accessURI=request.getRequestURI().substring(request.getContextPath().length());
if(!accessURI.endsWith("/")){
accessURI=accessURI+"/";
}
//定义匿名可以访问URL地址
if(applicationConfig.getAnonymousAccessUrls().containsKey(accessURI)){
_logger.debug("Access URI : "+accessURI+" , AnonymousAccessUrls .");
return true;
}
boolean hasNavAccess=true;
//菜单权限匹配
if(navigationsMap.containsKey(accessURI)){//判断当前访问URL地址是否需要进行权限校验
hasNavAccess=false;
for(Navigations nav : WebContext.getNavigations()){//获取当前登录用户拥有URL访问列表
String haveURL=nav.getUrl();
if(haveURL==null)continue;
if(!haveURL.endsWith("/")){haveURL="/"+haveURL+"/";}
if(haveURL.endsWith(accessURI)){
hasNavAccess=true;
}
}
_logger.debug("Access URI : "+accessURI+" , hasNavAccess "+hasNavAccess);
if(hasNavAccess)return true;
}
/*
boolean preHandler = super.preHandle(request, response, handler);
if(preHandler) {
preHandler = false;
if(!preHandler){//无权限转向
log.debug("You do not have permission to access "+accessUrl);
RequestDispatcher dispatcher = request.getRequestDispatcher("/accessdeny");
//判断用户是否登录
if(WebContext.getAuthentication()==null||WebContext.getAuthentication().getAuthorities()==null){//判断用户和角色判断用户是否登录用户
RequestDispatcher dispatcher = request.getRequestDispatcher("/login");
dispatcher.forward(request, response);
return false;
}
}*/
return true;
boolean hasAccess=true;
/*
boolean preHandler = super.preHandle(request, response, handler);
if(preHandler) {
preHandler = false;
if(!preHandler){//无权限转向
log.debug("You do not have permission to access "+accessUrl);
RequestDispatcher dispatcher = request.getRequestDispatcher("/accessdeny");
dispatcher.forward(request, response);
return false;
}
}*/
return hasAccess;
}
}

23
maxkey-web-maxkey/src/main/resources/config/applicationConfig.properties
View File

@ -1,6 +1,15 @@
############################################################################
# MaxKey
############################################################################
# domain name configuration
config.server.subdomain=maxkey.org
config.server.domain=sso.${config.server.subdomain}
config.server.name=http://${config.server.domain}
config.server.prefix.uri=${config.server.name}/maxkey
#default.uri
config.server.default.uri=${config.server.prefix.uri}/main
config.server.manage.uri=${config.server.name}:9521/maxkey-mgt/login
############################################################################
# DataBase configuration
############################################################################
#db2,derby,mysql,oracle,postgresql,sqlserver at com.connsec.db.mybatis.dialect.Dialect
@ -25,18 +34,16 @@ config.datasource.driverclass=com.mysql.jdbc.Driver
#
config.datasource.url=jdbc:mysql://localhost/maxkey?autoReconnect=true&characterEncoding=UTF-8
config.datasource.username=root
#connsec/bb2002b9f55b05d3e0e6f34ec5321051
#root/4f8520865b3793b07b23e16bc1f117b8
config.datasource.password=bb2002b9f55b05d3e0e6f34ec5321051
config.datasource.password=maxkey
config.datasource.password.encrypt=false
############################################################################
# EMAIL configuration
############################################################################
config.email.username=test@connsec.com
config.email.username=test@maxkey.org
config.email.password=3&8Ujbnm5hkjhFD
config.email.smtpHost=smtp.exmail.qq.com
config.email.port=25
config.email.senderMail=test@connsec.com
config.email.senderMail=test@maxkey.org
config.email.ssl=false
############################################################################
@ -45,8 +52,8 @@ config.email.ssl=false
# CharacterEncoding true/false
config.characterencoding.encoding=true
config.characterencoding.fromcharset=iso8859-1
config.characterencoding.tocharset=UTF-8
config.characterencoding.charset.from=iso8859-1
config.characterencoding.charset.to=UTF-8
config.app.issuer=CN=ConSec,CN=COM,CN=SH

32
maxkey-web-maxkey/src/main/resources/config/applicationLogin.properties
View File

@ -1,12 +1,6 @@
############################################################################
# MaxKey
############################################################################
# domain name configuration
config.domain.name=sso.maxkey.org
config.server.name=http://${config.domain.name}
config.server.maxkey.uri=${config.server.name}/maxkey
############################################################################
# Login configuration
#enable captcha
config.login.captcha=true
@ -22,13 +16,9 @@ config.login.wsfederation=false
config.login.remeberme=true
#validity
config.login.remeberme.validity=
#default.uri
#to appList page
config.login.default.uri=appList
#to default application web site
#config.login.default.uri=http://www.connsec.com
config.manage.uri=http://login.connsec.com:9500/manage/login
#to default application web site
config.login.default.uri=appList
config.ipaddress.whitelist=false
############################################################################
@ -42,16 +32,6 @@ config.support.kerberos.default.fulluserdomain=CONNSEC.COM
config.support.kerberos.default.crypto=846KZSzYq56M6d5o
#Kerberos Authentication server RUL
config.support.kerberos.default.redirecturi=http://sso.maxkey.org/kerberos/authn/
############################################################################
# CAS Login configuration
############################################################################
config.support.cas.login.url=http://sso.maxkey.org/cas/login
#
config.support.cas.login.service=http://sso.maxkey.org/maxkey/cas
#
config.support.cas.login.validation.url=http://sso.maxkey.org/cas
############################################################################
# HTTPHEADER Login configuration
############################################################################
@ -91,8 +71,8 @@ config.support.wsfederation.logoutUrl=https://adfs.connsec.com/adfs/ls/?wa=wsign
#############################################################################
#############################################################################
config.oidc.metadata.issuer=${config.server.maxkey.uri}
config.oidc.metadata.authorizationEndpoint=${config.server.maxkey.uri}/oauth/v20/authorize
config.oidc.metadata.tokenEndpoint=${config.server.maxkey.uri}/oauth/v20/token
config.oidc.metadata.userinfoEndpoint=${config.server.maxkey.uri}/api/connect/userinfo
config.oidc.metadata.issuer=${config.server.prefix.uri}
config.oidc.metadata.authorizationEndpoint=${config.server.prefix.uri}/oauth/v20/authorize
config.oidc.metadata.tokenEndpoint=${config.server.prefix.uri}/oauth/v20/token
config.oidc.metadata.userinfoEndpoint=${config.server.prefix.uri}/api/connect/userinfo
#############################################################################

2
maxkey-web-maxkey/src/main/resources/spring/maxkey-persistence.xml
View File

@ -71,7 +71,7 @@
org.maxkey.domain.apps,
" />
<property name="timeout" value="30" />
<property name="mapperLocations" value="classpath*:org/maxkey/dao/persistence/xml/#{dataSoruceConfig.database}/*.xml" />
<property name="mapperLocations" value="classpath*:/org/maxkey/dao/persistence/xml/#{dataSoruceConfig.database}/*.xml" />
<property name="interceptors">
<list>
<ref bean="StatementHandlerInterceptor"/>

28
maxkey-web-maxkey/src/main/resources/spring/maxkey-security.xml
View File

@ -13,29 +13,7 @@
http://www.springframework.org/schema/util
http://www.springframework.org/schema/util/spring-util.xsd
http://www.springframework.org/schema/mvc
http://www.springframework.org/schema/mvc/spring-mvc.xsd">
<!--
<sec:http pattern="/jquery/**" security="none" />
<sec:http pattern="/images/**" security="none" />
<sec:http pattern="/css/**" security="none" />
<sec:http pattern="/js/**" security="none" />
<sec:http pattern="/metadata/saml20/**" security="none" />
<sec:http pattern="/api/oauth/v20/me" security="none" />
<sec:http pattern="/api/connect/v10/userinfo" security="none" />
cas api
<sec:http pattern="/authz/cas/validate" security="none" />
<sec:http pattern="/authz/cas/serviceValidate" security="none" />
<sec:http pattern="/authz/cas/proxyValidate" security="none" />
<sec:http pattern="/authz/cas/proxy" security="none" />
<sec:http pattern="/authz/cas/p3/serviceValidate" security="none" />
<sec:http pattern="/authz/cas/p3/proxyValidate" security="none" />
-->
http://www.springframework.org/schema/mvc/spring-mvc.xsd">
<!-- enable autowire -->
<context:annotation-config />
@ -107,10 +85,10 @@
</mvc:interceptor>
<ref bean="localeChangeInterceptor" />
<ref bean="localeChangeInterceptor" />
</mvc:interceptors>
<bean id="remeberMeService" class="org.maxkey.authn.support.rememberme.JdbcRemeberMeService">
<bean id="remeberMeService" class="org.maxkey.authn.support.rememberme.JdbcRemeberMeService">
<constructor-arg ref="jdbcTemplate"/>
<property name="validity" value="${config.login.remeberme.validity}"/>
</bean>

2
maxkey-web-maxkey/src/main/resources/spring/maxkey-web.xml
View File

@ -21,7 +21,7 @@
<!-- LocaleResolver -->
<bean id="localeResolver" class="org.springframework.web.servlet.i18n.CookieLocaleResolver">
<property name="cookieDomain" value="#{applicationConfig.subDomainName}"/>
<property name="cookieName" value="single_sign_on_lang"/>
<property name="cookieName" value="maxkey_lang"/>
<property name="cookieMaxAge" value="604800" />
<!-- auto select language by brower remove -->
<!--<property name="defaultLocale" value="en" /> -->

57
maxkey-web-maxkey/src/main/resources/spring/maxkey.xml
View File

@ -30,65 +30,10 @@
</property>
<property name="ignoreUnresolvablePlaceholders" value="true"/>
</bean>
<!-- dataSoruce Config -->
<bean id="dataSoruceConfig" class="org.maxkey.config.DataSoruceConfig">
<property name="driverClass" value="${config.datasource.driverclass}"/>
<property name="url" value="${config.datasource.url}"/>
<property name="username" value="${config.datasource.username}"/>
<property name="password" value="${config.datasource.password}"/>
<property name="database" value="${config.datasource.database}"/>
<property name="encrypt" value="true"/>
</bean>
<!-- Character Encoding Config -->
<bean id="characterEncodingConfig" class="org.maxkey.config.CharacterEncodingConfig">
<property name="encoding" value="${config.characterencoding.encoding}"/>
<property name="fromCharSet" value="${config.characterencoding.fromcharset}"/>
<property name="toCharSet" value="${config.characterencoding.tocharset}"/>
</bean>
<!-- email Config -->
<bean id="emailConfig" class="org.maxkey.config.EmailConfig">
<property name="username" value="${config.email.username}"/>
<property name="password" value="${config.email.password}"/>
<property name="smtpHost" value="${config.email.smtpHost}"/>
<property name="port" value="${config.email.port}"/>
<property name="senderMail" value="${config.email.senderMail}"/>
<property name="ssl" value="${config.email.ssl}"/>
</bean>
<!-- Login Config -->
<bean id="loginConfig" class="org.maxkey.config.LoginConfig">
<property name="captcha" value="${config.login.captcha}"/>
<property name="oneTimePwd" value="${config.login.onetimepwd}"/>
<property name="socialSignOn" value="${config.login.socialsignon}"/>
<property name="kerberos" value="${config.login.kerberos}"/>
<property name="wsFederation" value="${config.login.wsfederation}"/>
<property name="remeberMe" value="${config.login.remeberme}"/>
<property name="defaultUri" value="${config.login.default.uri}"/>
</bean>
<!-- Application Config -->
<bean id="applicationConfig" class="org.maxkey.config.ApplicationConfig">
<property name="dataSoruceConfig" ref="dataSoruceConfig"/>
<property name="characterEncodingConfig" ref="characterEncodingConfig"/>
<property name="emailConfig" ref="emailConfig"/>
<property name="loginConfig" ref="loginConfig"/>
<property name="domainName" value="${config.domain.name}"/>
<property name="serverPrefix" value="${config.server.maxkey.uri}"/>
<property name="manageUri" value="${config.manage.uri}"/>
<property name="whiteList" value="${config.ipaddress.whitelist}"/>
<property name="anonymousAccessUrls">
<list>
<value>null</value>
</list>
</property>
</bean>
<!-- Scans the classpath for annotated components that will be auto-registered as Spring beans.
@Controller and @Service. Make sure to set the correct base-package-->
<context:component-scan base-package="org.maxkey.config" />
<!-- domain bean -->
<context:component-scan base-package="org.maxkey.domain" />
<context:component-scan base-package="org.maxkey.domain.apps" />