admin/MaxKey
1
0
Fork 0
mirror of https://gitee.com/dromara/MaxKey.git synced 2025-12-07 01:18:27 +08:00
Code Issues Packages Projects Releases Wiki Activity

Configuration

Browse Source
This commit is contained in:
shimingxy 2019-12-16 21:47:33 +08:00
parent eadf609810
commit 67478a7101
19 changed files with 235 additions and 408 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

49
maxkey-core/src/main/java/org/maxkey/config/ApplicationConfig.java
View File

@ -1,10 +1,11 @@
package org.maxkey.config; package org.maxkey.config;
import java.util.ArrayList;
import java.util.concurrent.ConcurrentHashMap;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.PropertySource;
import org.springframework.stereotype.Component;
/** /**
* 全局应用程序配置 * 全局应用程序配置
@ -21,38 +22,52 @@ import org.slf4j.LoggerFactory;
* @author Crystal.Sea * @author Crystal.Sea
* *
*/ */
@Component
@PropertySource("classpath:/config/applicationConfig.properties")
public class ApplicationConfig { public class ApplicationConfig {
private static final Logger _logger = LoggerFactory.getLogger(ApplicationConfig.class); private static final Logger _logger = LoggerFactory.getLogger(ApplicationConfig.class);
@Autowired
DataSoruceConfig dataSoruceConfig; DataSoruceConfig dataSoruceConfig;
@Autowired
EmailConfig emailConfig; EmailConfig emailConfig;
@Autowired
CharacterEncodingConfig characterEncodingConfig; CharacterEncodingConfig characterEncodingConfig;
@Autowired
LoginConfig loginConfig; LoginConfig loginConfig;
@Value("${config.server.domain}")
String domainName; String domainName;
@Value("${config.server.subdomain}")
String subDomainName; String subDomainName;
@Value("${config.server.name}")
String serverName; String serverName;
@Value("${config.server.prefix.uri}")
String serverPrefix; String serverPrefix;
@Value("${config.server.default.uri}")
String defaultUri;
@Value("${config.server.manage.uri}")
String manageUri;
/*
//is enable whiteList for ipAddress filter //is enable whiteList for ipAddress filter
boolean whiteList; boolean whiteList;
//All user have permission Access URL //All user have permission Access URL
public ConcurrentHashMap<String,String> anonymousAccessUrls; public ConcurrentHashMap<String,String> anonymousAccessUrls;
*/
String manageUri;
public ApplicationConfig() { public ApplicationConfig() {
super(); super();
anonymousAccessUrls=new ConcurrentHashMap<String,String>(); /*anonymousAccessUrls=new ConcurrentHashMap<String,String>();
anonymousAccessUrls.put("/index/", "/index/"); anonymousAccessUrls.put("/index/", "/index/");
anonymousAccessUrls.put("/index/top","/index/top/"); anonymousAccessUrls.put("/index/top","/index/top/");
anonymousAccessUrls.put("/index/left/","/index/left/"); anonymousAccessUrls.put("/index/left/","/index/left/");
@ -68,6 +83,7 @@ public class ApplicationConfig {
anonymousAccessUrls.put("/approles/appRolesGrid/","/approles/appRolesGrid/"); anonymousAccessUrls.put("/approles/appRolesGrid/","/approles/appRolesGrid/");
_logger.debug("Anonymous Access Urls : \n"+anonymousAccessUrls); _logger.debug("Anonymous Access Urls : \n"+anonymousAccessUrls);
*/
} }
@ -147,7 +163,7 @@ public class ApplicationConfig {
public void setSubDomainName(String subDomainName) { public void setSubDomainName(String subDomainName) {
this.subDomainName = subDomainName; this.subDomainName = subDomainName;
} }
/*
public ConcurrentHashMap<String, String> getAnonymousAccessUrls() { public ConcurrentHashMap<String, String> getAnonymousAccessUrls() {
return anonymousAccessUrls; return anonymousAccessUrls;
} }
@ -158,7 +174,7 @@ public class ApplicationConfig {
this.anonymousAccessUrls.put(anonymousAccessUrl,anonymousAccessUrl); this.anonymousAccessUrls.put(anonymousAccessUrl,anonymousAccessUrl);
} }
} }
*/
/** /**
* @return the emailConfig * @return the emailConfig
*/ */
@ -182,12 +198,21 @@ public class ApplicationConfig {
this.manageUri = manageUri; this.manageUri = manageUri;
} }
public String getDefaultUri() {
return defaultUri;
}
public void setDefaultUri(String defaultUri) {
this.defaultUri = defaultUri;
}
/*
public boolean isWhiteList() { public boolean isWhiteList() {
return whiteList; return whiteList;
} }
public void setWhiteList(boolean whiteList) { public void setWhiteList(boolean whiteList) {
this.whiteList = whiteList; this.whiteList = whiteList;
} }*/
} }

9
maxkey-core/src/main/java/org/maxkey/config/CharacterEncodingConfig.java
View File

@ -5,26 +5,35 @@ package org.maxkey.config;
import java.io.UnsupportedEncodingException; import java.io.UnsupportedEncodingException;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.PropertySource;
/** /**
* 字符集转换及转换配置 * 字符集转换及转换配置
* @author Crystal.Sea * @author Crystal.Sea
* *
*/ */
@Configuration
@PropertySource("classpath:/config/applicationConfig.properties")
public class CharacterEncodingConfig { public class CharacterEncodingConfig {
/** /**
* 源字符集 * 源字符集
*/ */
@Value("${config.characterencoding.charset.from}")
String fromCharSet; String fromCharSet;
/** /**
* 目标字符集 * 目标字符集
*/ */
@Value("${config.characterencoding.charset.to}")
String toCharSet; String toCharSet;
/** /**
* 转换标志 * 转换标志
*/ */
@Value("${config.characterencoding.encoding}")
boolean encoding = false; boolean encoding = false;

16
maxkey-core/src/main/java/org/maxkey/config/DataSoruceConfig.java
View File

@ -2,8 +2,10 @@ package org.maxkey.config;
import org.apache.commons.logging.LogFactory; import org.apache.commons.logging.LogFactory;
import org.apache.mybatis.jpa.dialect.Dialect; import org.apache.mybatis.jpa.dialect.Dialect;
import org.maxkey.crypto.Base64Utils;
import org.maxkey.crypto.password.PasswordReciprocal; import org.maxkey.crypto.password.PasswordReciprocal;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.PropertySource;
/** /**
* 数据源配置 * 数据源配置
@ -20,32 +22,40 @@ import org.maxkey.crypto.password.PasswordReciprocal;
* @author Crystal.Sea * @author Crystal.Sea
* *
*/ */
@Configuration
@PropertySource("classpath:/config/applicationConfig.properties")
public class DataSoruceConfig { public class DataSoruceConfig {
/** /**
* 数据库类型 * 数据库类型
*/ */
@Value("${config.datasource.database:mysql}")
String database; String database;
/** /**
* jdbc驱动类 * jdbc驱动类
*/ */
@Value("${config.datasource.driverclass:com.mysql.jdbc.Driver}")
String driverClass; String driverClass;
/** /**
* jdbc连接地址 * jdbc连接地址
*/ */
@Value("${config.datasource.url:jdbc:mysql://localhost/maxkey?autoReconnect=true&characterEncoding=UTF-8}")
String url; String url;
/** /**
* 数据库用户名 * 数据库用户名
*/ */
@Value("${config.datasource.username:root}")
String username; String username;
/** /**
* 数据库密码 * 数据库密码
*/ */
@Value("${config.datasource.password:maxkey}")
String password; String password;
/** /**
* 数据库密码是否加密 * 数据库密码是否加密
*/ */
@Value("${config.datasource.password.encrypt}")
boolean encrypt=false; boolean encrypt=false;
/** /**
@ -107,7 +117,6 @@ public class DataSoruceConfig {
* @param database the database to set * @param database the database to set
*/ */
public void setDatabase(String database) { public void setDatabase(String database) {
this.dialect=Dialect.getDialectMap().get(database);
this.database = database; this.database = database;
} }
@ -143,6 +152,9 @@ public class DataSoruceConfig {
* @return the dialect * @return the dialect
*/ */
public String getDialect() { public String getDialect() {
if(this.dialect==null) {
this.dialect=Dialect.getDialectMap().get(database);
}
return dialect; return dialect;
} }

16
maxkey-core/src/main/java/org/maxkey/config/EmailConfig.java
View File

@ -1,18 +1,24 @@
package org.maxkey.config; package org.maxkey.config;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.PropertySource;
@Configuration
@PropertySource("classpath:/config/applicationConfig.properties")
public class EmailConfig { public class EmailConfig {
@Value("${config.email.username}")
private String username; private String username;
@Value("${config.email.password}")
private String password; private String password;
@Value("${config.email.smtpHost}")
private String smtpHost; private String smtpHost;
@Value("${config.email.senderMail}")
private String senderMail; private String senderMail;
@Value("${config.email.port}")
private Integer port; private Integer port;
@Value("${config.email.ssl}")
private boolean ssl; private boolean ssl;

21
maxkey-core/src/main/java/org/maxkey/config/LoginConfig.java
View File

@ -1,20 +1,25 @@
package org.maxkey.config; package org.maxkey.config;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.PropertySource;
@Configuration
@PropertySource("classpath:/config/applicationLogin.properties")
public class LoginConfig { public class LoginConfig {
@Value("${config.login.captcha}")
boolean captcha; boolean captcha;
@Value("${config.login.onetimepwd}")
boolean oneTimePwd; boolean oneTimePwd;
@Value("${config.login.socialsignon}")
boolean socialSignOn; boolean socialSignOn;
@Value("${config.login.kerberos}")
boolean kerberos; boolean kerberos;
@Value("${config.login.remeberme}")
boolean remeberMe; boolean remeberMe;
@Value("${config.login.wsfederation}")
boolean wsFederation; boolean wsFederation;
@Value("${config.login.default.uri}")
String defaultUri; String defaultUri;

10
maxkey-web-manage/src/main/java/org/maxkey/T.java
View File

@ -1,10 +0,0 @@
package org.maxkey;
import org.springframework.boot.web.servlet.support.SpringBootServletInitializer;
public class T extends SpringBootServletInitializer {
public static void main(String[] args) {
System.out.println("MaxKeyMgtApplication");
}
}

69
maxkey-web-manage/src/main/java/org/maxkey/web/endpoint/CaptchaEndpoint.java
View File

@ -1,69 +0,0 @@
package org.maxkey.web.endpoint;
import java.awt.image.BufferedImage;
import javax.imageio.ImageIO;
import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.maxkey.web.WebConstants;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.servlet.ModelAndView;
import com.google.code.kaptcha.Producer;
/**
* @author Crystal.Sea
*
*/
@Controller
@RequestMapping(value = "/captcha")
public class CaptchaEndpoint {
private static final Logger _logger = LoggerFactory.getLogger(CaptchaEndpoint.class);
@Autowired
private Producer captchaProducer;
/**
* captcha image Producer
* @param request
* @param response
* @return
* @throws Exception
*/
@RequestMapping
public ModelAndView captchaHandleRequest(HttpServletRequest request,HttpServletResponse response) throws Exception {
// Set to expire far in the past.
response.setDateHeader("Expires", 0);
// Set standard HTTP/1.1 no-cache headers.
response.setHeader("Cache-Control", "no-store, no-cache, must-revalidate");
// Set IE extended HTTP/1.1 no-cache headers (use addHeader).
response.addHeader("Cache-Control", "post-check=0, pre-check=0");
// Set standard HTTP/1.0 no-cache header.
response.setHeader("Pragma", "no-cache");
// return a jpeg
response.setContentType("image/jpeg");
// create the text for the image
String capText = captchaProducer.createText();
_logger.debug("Captcha Text : "+capText);
// store the text in the session
request.getSession().setAttribute(WebConstants.KAPTCHA_SESSION_KEY, capText);
// create the image with the text
BufferedImage bi = captchaProducer.createImage(capText);
ServletOutputStream out = response.getOutputStream();
// write the data out
ImageIO.write(bi, "jpg", out);
try{
out.flush();
}finally{
out.close();
}
return null;
}
}

94
maxkey-web-manage/src/main/java/org/maxkey/web/endpoint/ImageEndpoint.java
View File

@ -2,6 +2,8 @@ package org.maxkey.web.endpoint;
import java.awt.image.BufferedImage; import java.awt.image.BufferedImage;
import java.io.ByteArrayInputStream; import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream; import java.io.InputStream;
import javax.imageio.ImageIO; import javax.imageio.ImageIO;
@ -9,30 +11,73 @@ import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
import org.maxkey.web.WebConstants;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller; import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.PathVariable; import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.servlet.ModelAndView;
import com.google.code.kaptcha.Producer;
/** /**
* @author Crystal.Sea * @author Crystal.Sea
* *
*/ */
@Controller @Controller
@RequestMapping(value = "/image")
public class ImageEndpoint { public class ImageEndpoint {
private static final Logger _logger = LoggerFactory.getLogger(ImageEndpoint.class);
@Autowired
private Producer captchaProducer;
/** /**
* captcha image Producer * captcha image Producer
* @param request * @param request
* @param response * @param response
*/
@RequestMapping(value = "/captcha")
public void captchaHandleRequest(HttpServletRequest request,HttpServletResponse response){
try{
// Set to expire far in the past.
response.setDateHeader("Expires", 0);
// Set standard HTTP/1.1 no-cache headers.
response.setHeader("Cache-Control", "no-store, no-cache, must-revalidate");
// Set IE extended HTTP/1.1 no-cache headers (use addHeader).
response.addHeader("Cache-Control", "post-check=0, pre-check=0");
// Set standard HTTP/1.0 no-cache header.
response.setHeader("Pragma", "no-cache");
// return a jpeg
response.setContentType("image/jpeg");
// create the text for the image
String capText = captchaProducer.createText();
_logger.debug("Sesssion id " + request.getSession().getId() + " , Captcha Text is " + capText);
// store the text in the session
request.getSession().setAttribute(WebConstants.KAPTCHA_SESSION_KEY, capText);
// create the image with the text
BufferedImage bi = captchaProducer.createImage(capText);
ServletOutputStream out = response.getOutputStream();
// write the data out
ImageIO.write(bi, "jpg", out);
out.flush();
out.close();
}catch(Exception e) {
_logger.error("captcha Producer Error " + e.getMessage());
}
}
/**
* image Producer
* @param request
* @param response
* @return * @return
* @throws Exception * @throws Exception
*/ */
@RequestMapping("/{id}") @RequestMapping("/image/{id}")
public ModelAndView imageHandleRequest(HttpServletRequest request,HttpServletResponse response,@PathVariable("id") String id) throws Exception { public void imageHandleRequest(HttpServletRequest request,HttpServletResponse response,@PathVariable("id") String id) throws Exception {
// Set to expire far in the past. // Set to expire far in the past.
response.setDateHeader("Expires", 0); response.setDateHeader("Expires", 0);
// Set standard HTTP/1.1 no-cache headers. // Set standard HTTP/1.1 no-cache headers.
@ -45,20 +90,49 @@ public class ImageEndpoint {
response.setContentType("image/gif"); response.setContentType("image/gif");
// create the text for the image // create the text for the image
byte[]image=(byte[]) request.getSession().getAttribute(id); byte[]image=(byte[]) request.getSession().getAttribute(id);
request.getSession().removeAttribute(id); //request.getSession().removeAttribute(id);
// create the image with the text // create the image with the text
if(image!=null){ if(image!=null){
InputStream in = new ByteArrayInputStream(image);
BufferedImage bi = ImageIO.read(in);
ServletOutputStream out = response.getOutputStream(); ServletOutputStream out = response.getOutputStream();
// write the data out // write the data out
ImageIO.write(bi, "gif", out); ImageIO.write(byte2BufferedImage(image), "gif", out);
try{ try{
out.flush(); out.flush();
}finally{ }finally{
out.close(); out.close();
} }
} }
return null;
} }
public static BufferedImage byte2BufferedImage(byte[]imageByte){
try {
InputStream in = new ByteArrayInputStream(imageByte);
BufferedImage bufferedImage = ImageIO.read(in);
return bufferedImage;
} catch (IOException e) {
e.printStackTrace();
}
return null;
}
public static byte[] bufferedImage2Byte(BufferedImage bufferedImage ){
try {
ByteArrayOutputStream byteArrayOutputStream=new ByteArrayOutputStream();
ImageIO.write(bufferedImage,"gif",byteArrayOutputStream);
return byteArrayOutputStream.toByteArray();
} catch (IOException e) {
e.printStackTrace();
}
return null;
}
public Producer getCaptchaProducer() {
return captchaProducer;
}
public void setCaptchaProducer(Producer captchaProducer) {
this.captchaProducer = captchaProducer;
}
} }

51
maxkey-web-manage/src/main/java/org/maxkey/web/interceptor/PermissionAdapter.java
View File

@ -1,6 +1,5 @@
package org.maxkey.web.interceptor; package org.maxkey.web.interceptor;
import java.util.List;
import java.util.concurrent.ConcurrentHashMap; import java.util.concurrent.ConcurrentHashMap;
import javax.servlet.RequestDispatcher; import javax.servlet.RequestDispatcher;
@ -8,8 +7,6 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
import org.maxkey.config.ApplicationConfig; import org.maxkey.config.ApplicationConfig;
import org.maxkey.domain.Navigations;
import org.maxkey.domain.UserInfo;
import org.maxkey.web.WebContext; import org.maxkey.web.WebContext;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
@ -40,55 +37,17 @@ public class PermissionAdapter extends HandlerInterceptorAdapter {
@Override @Override
public boolean preHandle(HttpServletRequest request,HttpServletResponse response, Object handler) throws Exception { public boolean preHandle(HttpServletRequest request,HttpServletResponse response, Object handler) throws Exception {
_logger.debug("PermissionAdapter preHandle"); _logger.debug("PermissionAdapter preHandle");
//加载定义的功能菜单地址
/*if(navigationsMap==null){
List<Navigations> navigationsList=((NavigationsService)WebContext.getBean("navigationsService")).query(null);
navigationsMap=new ConcurrentHashMap<String ,String >();
for(Navigations nav : navigationsList){
if(nav.getUrl()==null)continue;
if(nav.getUrl().endsWith("/")){
navigationsMap.put("/"+nav.getUrl(), nav.getId());
}else{
navigationsMap.put("/"+nav.getUrl()+"/", nav.getId());
}
}
_logger.debug("navigationsMap : "+navigationsMap);
}
UserInfo userInfo =WebContext.getUserInfo();//取得登录用户 //判断用户是否登录
if(WebContext.getAuthentication()==null||WebContext.getAuthentication().getAuthorities()==null){//判断用户和角色判断用户是否登录用户
if(userInfo==null||WebContext.getRoles()==null){//判断用户和角色判断用户是否登录用户
RequestDispatcher dispatcher = request.getRequestDispatcher("/login"); RequestDispatcher dispatcher = request.getRequestDispatcher("/login");
dispatcher.forward(request, response); dispatcher.forward(request, response);
return false; return false;
} }
//取得当前访问地址 Access URL
String accessURI=request.getRequestURI().substring(request.getContextPath().length());
if(!accessURI.endsWith("/")){
accessURI=accessURI+"/";
}
//定义匿名可以访问URL地址
if(applicationConfig.getAnonymousAccessUrls().containsKey(accessURI)){
_logger.debug("Access URI : "+accessURI+" , AnonymousAccessUrls .");
return true;
}
boolean hasNavAccess=true; boolean hasAccess=true;
//菜单权限匹配
if(navigationsMap.containsKey(accessURI)){//判断当前访问URL地址是否需要进行权限校验
hasNavAccess=false;
for(Navigations nav : WebContext.getNavigations()){//获取当前登录用户拥有URL访问列表
String haveURL=nav.getUrl();
if(haveURL==null)continue;
if(!haveURL.endsWith("/")){haveURL="/"+haveURL+"/";}
if(haveURL.endsWith(accessURI)){
hasNavAccess=true;
}
}
_logger.debug("Access URI : "+accessURI+" , hasNavAccess "+hasNavAccess);
if(hasNavAccess)return true;
}
/* /*
boolean preHandler = super.preHandle(request, response, handler); boolean preHandler = super.preHandle(request, response, handler);
@ -104,6 +63,6 @@ public class PermissionAdapter extends HandlerInterceptorAdapter {
return false; return false;
} }
}*/ }*/
return true; return hasAccess;
} }
} }

12
maxkey-web-manage/src/main/resources/config/applicationConfig.properties
View File

@ -25,11 +25,11 @@ config.datasource.driverclass=com.mysql.jdbc.Driver
# #
config.datasource.url=jdbc:mysql://localhost/maxkey?autoReconnect=true&characterEncoding=UTF-8 config.datasource.url=jdbc:mysql://localhost/maxkey?autoReconnect=true&characterEncoding=UTF-8
config.datasource.username=root config.datasource.username=root
#connsec/bb2002b9f55b05d3e0e6f34ec5321051 #root/maxkey
#root/4f8520865b3793b07b23e16bc1f117b8 config.datasource.password=maxkey
config.datasource.password=bb2002b9f55b05d3e0e6f34ec5321051 #db2,derby,mysql,oracle,postgresql,sqlserver at Dialect
#db2,derby,mysql,oracle,postgresql,sqlserver at com.connsec.db.mybatis.dialect.Dialect
config.datasource.database=mysql config.datasource.database=mysql
config.datasource.password.encrypt=false
# End DataBase configuration # End DataBase configuration
############################################################################ ############################################################################
# CharacterEncoding # CharacterEncoding
@ -57,11 +57,11 @@ config.server.prefix=${config.server.name}/manage
############################################################################ ############################################################################
# EMAIL configuration # EMAIL configuration
config.email.username=test@connsec.com config.email.username=test@maxkey.org
config.email.password=3&8Ujbnm5hkjhFD config.email.password=3&8Ujbnm5hkjhFD
config.email.smtpHost=smtp.exmail.qq.com config.email.smtpHost=smtp.exmail.qq.com
config.email.port=25 config.email.port=25
config.email.senderMail=test@connsec.com config.email.senderMail=test@maxkey.org
config.email.ssl=false config.email.ssl=false
############################################################################ ############################################################################

56
maxkey-web-manage/src/main/resources/spring/maxkey-mgt.xml
View File

@ -34,62 +34,8 @@
<property name="ignoreUnresolvablePlaceholders" value="true"/> <property name="ignoreUnresolvablePlaceholders" value="true"/>
</bean> </bean>
<!-- dataSoruce Config --> <context:component-scan base-package="org.maxkey.config" />
<bean id="dataSoruceConfig" class="org.maxkey.config.DataSoruceConfig">
<property name="driverClass" value="${config.datasource.driverclass}"/>
<property name="url" value="${config.datasource.url}"/>
<property name="username" value="${config.datasource.username}"/>
<property name="password" value="${config.datasource.password}"/>
<property name="database" value="${config.datasource.database}"/>
<property name="encrypt" value="true"/>
</bean>
<!-- Character Encoding Config -->
<bean id="characterEncodingConfig" class="org.maxkey.config.CharacterEncodingConfig">
<property name="encoding" value="${config.characterencoding.encoding}"/>
<property name="fromCharSet" value="${config.characterencoding.fromcharset}"/>
<property name="toCharSet" value="${config.characterencoding.tocharset}"/>
</bean>
<!-- email Config -->
<bean id="emailConfig" class="org.maxkey.config.EmailConfig">
<property name="username" value="${config.email.username}"/>
<property name="password" value="${config.email.password}"/>
<property name="smtpHost" value="${config.email.smtpHost}"/>
<property name="port" value="${config.email.port}"/>
<property name="senderMail" value="${config.email.senderMail}"/>
<property name="ssl" value="${config.email.ssl}"/>
</bean>
<!-- Login Config -->
<bean id="loginConfig" class="org.maxkey.config.LoginConfig">
<property name="captcha" value="${config.login.captcha}"/>
<property name="oneTimePwd" value="${config.login.onetimepwd}"/>
<property name="socialSignOn" value="${config.login.socialsignon}"/>
<property name="kerberos" value="${config.login.kerberos}"/>
<property name="wsFederation" value="${config.login.wsfederation}"/>
<property name="remeberMe" value="${config.login.remeberme}"/>
<property name="defaultUri" value="${config.login.default.uri}"/>
</bean>
<!-- Application Config -->
<bean id="applicationConfig" class="org.maxkey.config.ApplicationConfig">
<property name="dataSoruceConfig" ref="dataSoruceConfig"/>
<property name="characterEncodingConfig" ref="characterEncodingConfig"/>
<property name="emailConfig" ref="emailConfig"/>
<property name="loginConfig" ref="loginConfig"/>
<property name="domainName" value="${config.domain.name}"/>
<property name="serverPrefix" value="${config.server.maxkey.uri}"/>
<property name="manageUri" value="${config.manage.uri}"/>
<property name="whiteList" value="${config.ipaddress.whitelist}"/>
<property name="anonymousAccessUrls">
<list>
<value>null</value>
</list>
</property>
</bean>
<bean id="keyStoreLoader" class="org.maxkey.crypto.keystore.KeyStoreLoader"> <bean id="keyStoreLoader" class="org.maxkey.crypto.keystore.KeyStoreLoader">
<property name="entityName" value="${config.saml.v20.idp.issuing.entity.id}" /> <property name="entityName" value="${config.saml.v20.idp.issuing.entity.id}" />
<property name="keystorePassword" value="${config.saml.v20.idp.keystore.password}" /> <property name="keystorePassword" value="${config.saml.v20.idp.keystore.password}" />

8
maxkey-web-maxkey/src/main/java/org/maxkey/web/filter/IpAddressFilter.java
View File

@ -27,8 +27,10 @@ public class IpAddressFilter implements Filter {
private static final Logger _logger = LoggerFactory.getLogger(IpAddressFilter.class); private static final Logger _logger = LoggerFactory.getLogger(IpAddressFilter.class);
@Autowired @Autowired
@Qualifier("applicationConfig") @Qualifier("applicationConfig")
private ApplicationConfig applicationConfig; private ApplicationConfig applicationConfig;
boolean whiteList=false;
@Override @Override
public void init(FilterConfig filterConfig) throws ServletException { public void init(FilterConfig filterConfig) throws ServletException {
@ -59,7 +61,7 @@ public class IpAddressFilter implements Filter {
} }
//白名单地址 //白名单地址
if(applicationConfig.isWhiteList()&&!IpAddressCache.ipAddressWhiteListMap.containsKey(ipAddress)){ if(whiteList&&!IpAddressCache.ipAddressWhiteListMap.containsKey(ipAddress)){
_logger.info("You IpAddress not in White List "+ipAddress); _logger.info("You IpAddress not in White List "+ipAddress);
RequestDispatcher dispatcher = request.getRequestDispatcher("/accessdeny"); RequestDispatcher dispatcher = request.getRequestDispatcher("/accessdeny");
dispatcher.forward(request, response); dispatcher.forward(request, response);

88
maxkey-web-maxkey/src/main/java/org/maxkey/web/interceptor/PermissionAdapter.java
View File

@ -1,6 +1,5 @@
package org.maxkey.web.interceptor; package org.maxkey.web.interceptor;
import java.util.List;
import java.util.concurrent.ConcurrentHashMap; import java.util.concurrent.ConcurrentHashMap;
import javax.servlet.RequestDispatcher; import javax.servlet.RequestDispatcher;
@ -8,8 +7,6 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
import org.maxkey.config.ApplicationConfig; import org.maxkey.config.ApplicationConfig;
import org.maxkey.domain.Navigations;
import org.maxkey.domain.UserInfo;
import org.maxkey.web.WebContext; import org.maxkey.web.WebContext;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
@ -40,70 +37,31 @@ public class PermissionAdapter extends HandlerInterceptorAdapter {
@Override @Override
public boolean preHandle(HttpServletRequest request,HttpServletResponse response, Object handler) throws Exception { public boolean preHandle(HttpServletRequest request,HttpServletResponse response, Object handler) throws Exception {
_logger.debug("PermissionAdapter preHandle"); _logger.debug("PermissionAdapter preHandle");
//加载定义的功能菜单地址 //判断用户是否登录
/*if(navigationsMap==null){ if(WebContext.getAuthentication()==null||WebContext.getAuthentication().getAuthorities()==null){//判断用户和角色判断用户是否登录用户
List<Navigations> navigationsList=((NavigationsService)WebContext.getBean("navigationsService")).query(null); RequestDispatcher dispatcher = request.getRequestDispatcher("/login");
navigationsMap=new ConcurrentHashMap<String ,String >();
for(Navigations nav : navigationsList){
if(nav.getUrl()==null)continue;
if(nav.getUrl().endsWith("/")){
navigationsMap.put("/"+nav.getUrl(), nav.getId());
}else{
navigationsMap.put("/"+nav.getUrl()+"/", nav.getId());
}
}
_logger.debug("navigationsMap : "+navigationsMap);
}
UserInfo userInfo =WebContext.getUserInfo();//取得登录用户
if(userInfo==null||WebContext.getRoles()==null){//判断用户和角色判断用户是否登录用户
RequestDispatcher dispatcher = request.getRequestDispatcher("/login");
dispatcher.forward(request, response);
return false;
}
//取得当前访问地址 Access URL
String accessURI=request.getRequestURI().substring(request.getContextPath().length());
if(!accessURI.endsWith("/")){
accessURI=accessURI+"/";
}
//定义匿名可以访问URL地址
if(applicationConfig.getAnonymousAccessUrls().containsKey(accessURI)){
_logger.debug("Access URI : "+accessURI+" , AnonymousAccessUrls .");
return true;
}
boolean hasNavAccess=true;
//菜单权限匹配
if(navigationsMap.containsKey(accessURI)){//判断当前访问URL地址是否需要进行权限校验
hasNavAccess=false;
for(Navigations nav : WebContext.getNavigations()){//获取当前登录用户拥有URL访问列表
String haveURL=nav.getUrl();
if(haveURL==null)continue;
if(!haveURL.endsWith("/")){haveURL="/"+haveURL+"/";}
if(haveURL.endsWith(accessURI)){
hasNavAccess=true;
}
}
_logger.debug("Access URI : "+accessURI+" , hasNavAccess "+hasNavAccess);
if(hasNavAccess)return true;
}
/*
boolean preHandler = super.preHandle(request, response, handler);
if(preHandler) {
preHandler = false;
if(!preHandler){//无权限转向
log.debug("You do not have permission to access "+accessUrl);
RequestDispatcher dispatcher = request.getRequestDispatcher("/accessdeny");
dispatcher.forward(request, response); dispatcher.forward(request, response);
return false; return false;
} }
}*/
return true;
boolean hasAccess=true;
/*
boolean preHandler = super.preHandle(request, response, handler);
if(preHandler) {
preHandler = false;
if(!preHandler){//无权限转向
log.debug("You do not have permission to access "+accessUrl);
RequestDispatcher dispatcher = request.getRequestDispatcher("/accessdeny");
dispatcher.forward(request, response);
return false;
}
}*/
return hasAccess;
} }
} }

23
maxkey-web-maxkey/src/main/resources/config/applicationConfig.properties
View File

@ -1,6 +1,15 @@
############################################################################ ############################################################################
# MaxKey # MaxKey
############################################################################ ############################################################################
# domain name configuration
config.server.subdomain=maxkey.org
config.server.domain=sso.${config.server.subdomain}
config.server.name=http://${config.server.domain}
config.server.prefix.uri=${config.server.name}/maxkey
#default.uri
config.server.default.uri=${config.server.prefix.uri}/main
config.server.manage.uri=${config.server.name}:9521/maxkey-mgt/login
############################################################################
# DataBase configuration # DataBase configuration
############################################################################ ############################################################################
#db2,derby,mysql,oracle,postgresql,sqlserver at com.connsec.db.mybatis.dialect.Dialect #db2,derby,mysql,oracle,postgresql,sqlserver at com.connsec.db.mybatis.dialect.Dialect
@ -25,18 +34,16 @@ config.datasource.driverclass=com.mysql.jdbc.Driver
# #
config.datasource.url=jdbc:mysql://localhost/maxkey?autoReconnect=true&characterEncoding=UTF-8 config.datasource.url=jdbc:mysql://localhost/maxkey?autoReconnect=true&characterEncoding=UTF-8
config.datasource.username=root config.datasource.username=root
#connsec/bb2002b9f55b05d3e0e6f34ec5321051 config.datasource.password=maxkey
#root/4f8520865b3793b07b23e16bc1f117b8 config.datasource.password.encrypt=false
config.datasource.password=bb2002b9f55b05d3e0e6f34ec5321051
############################################################################ ############################################################################
# EMAIL configuration # EMAIL configuration
############################################################################ ############################################################################
config.email.username=test@connsec.com config.email.username=test@maxkey.org
config.email.password=3&8Ujbnm5hkjhFD config.email.password=3&8Ujbnm5hkjhFD
config.email.smtpHost=smtp.exmail.qq.com config.email.smtpHost=smtp.exmail.qq.com
config.email.port=25 config.email.port=25
config.email.senderMail=test@connsec.com config.email.senderMail=test@maxkey.org
config.email.ssl=false config.email.ssl=false
############################################################################ ############################################################################
@ -45,8 +52,8 @@ config.email.ssl=false
# CharacterEncoding true/false # CharacterEncoding true/false
config.characterencoding.encoding=true config.characterencoding.encoding=true
config.characterencoding.fromcharset=iso8859-1 config.characterencoding.charset.from=iso8859-1
config.characterencoding.tocharset=UTF-8 config.characterencoding.charset.to=UTF-8
config.app.issuer=CN=ConSec,CN=COM,CN=SH config.app.issuer=CN=ConSec,CN=COM,CN=SH

32
maxkey-web-maxkey/src/main/resources/config/applicationLogin.properties
View File

@ -1,12 +1,6 @@
############################################################################ ############################################################################
# MaxKey # MaxKey
############################################################################ ############################################################################
# domain name configuration
config.domain.name=sso.maxkey.org
config.server.name=http://${config.domain.name}
config.server.maxkey.uri=${config.server.name}/maxkey
############################################################################
# Login configuration # Login configuration
#enable captcha #enable captcha
config.login.captcha=true config.login.captcha=true
@ -22,13 +16,9 @@ config.login.wsfederation=false
config.login.remeberme=true config.login.remeberme=true
#validity #validity
config.login.remeberme.validity= config.login.remeberme.validity=
#default.uri
#to appList page
config.login.default.uri=appList
#to default application web site
#config.login.default.uri=http://www.connsec.com
config.manage.uri=http://login.connsec.com:9500/manage/login #to default application web site
config.login.default.uri=appList
config.ipaddress.whitelist=false config.ipaddress.whitelist=false
############################################################################ ############################################################################
@ -42,16 +32,6 @@ config.support.kerberos.default.fulluserdomain=CONNSEC.COM
config.support.kerberos.default.crypto=846KZSzYq56M6d5o config.support.kerberos.default.crypto=846KZSzYq56M6d5o
#Kerberos Authentication server RUL #Kerberos Authentication server RUL
config.support.kerberos.default.redirecturi=http://sso.maxkey.org/kerberos/authn/ config.support.kerberos.default.redirecturi=http://sso.maxkey.org/kerberos/authn/
############################################################################
# CAS Login configuration
############################################################################
config.support.cas.login.url=http://sso.maxkey.org/cas/login
#
config.support.cas.login.service=http://sso.maxkey.org/maxkey/cas
#
config.support.cas.login.validation.url=http://sso.maxkey.org/cas
############################################################################ ############################################################################
# HTTPHEADER Login configuration # HTTPHEADER Login configuration
############################################################################ ############################################################################
@ -91,8 +71,8 @@ config.support.wsfederation.logoutUrl=https://adfs.connsec.com/adfs/ls/?wa=wsign
############################################################################# #############################################################################
############################################################################# #############################################################################
config.oidc.metadata.issuer=${config.server.maxkey.uri} config.oidc.metadata.issuer=${config.server.prefix.uri}
config.oidc.metadata.authorizationEndpoint=${config.server.maxkey.uri}/oauth/v20/authorize config.oidc.metadata.authorizationEndpoint=${config.server.prefix.uri}/oauth/v20/authorize
config.oidc.metadata.tokenEndpoint=${config.server.maxkey.uri}/oauth/v20/token config.oidc.metadata.tokenEndpoint=${config.server.prefix.uri}/oauth/v20/token
config.oidc.metadata.userinfoEndpoint=${config.server.maxkey.uri}/api/connect/userinfo config.oidc.metadata.userinfoEndpoint=${config.server.prefix.uri}/api/connect/userinfo
############################################################################# #############################################################################

2
maxkey-web-maxkey/src/main/resources/spring/maxkey-persistence.xml
View File

@ -71,7 +71,7 @@
org.maxkey.domain.apps, org.maxkey.domain.apps,
" /> " />
<property name="timeout" value="30" /> <property name="timeout" value="30" />
<property name="mapperLocations" value="classpath*:org/maxkey/dao/persistence/xml/#{dataSoruceConfig.database}/*.xml" /> <property name="mapperLocations" value="classpath*:/org/maxkey/dao/persistence/xml/#{dataSoruceConfig.database}/*.xml" />
<property name="interceptors"> <property name="interceptors">
<list> <list>
<ref bean="StatementHandlerInterceptor"/> <ref bean="StatementHandlerInterceptor"/>

28
maxkey-web-maxkey/src/main/resources/spring/maxkey-security.xml
View File

@ -13,29 +13,7 @@
http://www.springframework.org/schema/util http://www.springframework.org/schema/util
http://www.springframework.org/schema/util/spring-util.xsd http://www.springframework.org/schema/util/spring-util.xsd
http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc
http://www.springframework.org/schema/mvc/spring-mvc.xsd"> http://www.springframework.org/schema/mvc/spring-mvc.xsd">
<!--
<sec:http pattern="/jquery/**" security="none" />
<sec:http pattern="/images/**" security="none" />
<sec:http pattern="/css/**" security="none" />
<sec:http pattern="/js/**" security="none" />
<sec:http pattern="/metadata/saml20/**" security="none" />
<sec:http pattern="/api/oauth/v20/me" security="none" />
<sec:http pattern="/api/connect/v10/userinfo" security="none" />
cas api
<sec:http pattern="/authz/cas/validate" security="none" />
<sec:http pattern="/authz/cas/serviceValidate" security="none" />
<sec:http pattern="/authz/cas/proxyValidate" security="none" />
<sec:http pattern="/authz/cas/proxy" security="none" />
<sec:http pattern="/authz/cas/p3/serviceValidate" security="none" />
<sec:http pattern="/authz/cas/p3/proxyValidate" security="none" />
-->
<!-- enable autowire --> <!-- enable autowire -->
<context:annotation-config /> <context:annotation-config />
@ -107,10 +85,10 @@
</mvc:interceptor> </mvc:interceptor>
<ref bean="localeChangeInterceptor" /> <ref bean="localeChangeInterceptor" />
</mvc:interceptors> </mvc:interceptors>
<bean id="remeberMeService" class="org.maxkey.authn.support.rememberme.JdbcRemeberMeService"> <bean id="remeberMeService" class="org.maxkey.authn.support.rememberme.JdbcRemeberMeService">
<constructor-arg ref="jdbcTemplate"/> <constructor-arg ref="jdbcTemplate"/>
<property name="validity" value="${config.login.remeberme.validity}"/> <property name="validity" value="${config.login.remeberme.validity}"/>
</bean> </bean>

2
maxkey-web-maxkey/src/main/resources/spring/maxkey-web.xml
View File

@ -21,7 +21,7 @@
<!-- LocaleResolver --> <!-- LocaleResolver -->
<bean id="localeResolver" class="org.springframework.web.servlet.i18n.CookieLocaleResolver"> <bean id="localeResolver" class="org.springframework.web.servlet.i18n.CookieLocaleResolver">
<property name="cookieDomain" value="#{applicationConfig.subDomainName}"/> <property name="cookieDomain" value="#{applicationConfig.subDomainName}"/>
<property name="cookieName" value="single_sign_on_lang"/> <property name="cookieName" value="maxkey_lang"/>
<property name="cookieMaxAge" value="604800" /> <property name="cookieMaxAge" value="604800" />
<!-- auto select language by brower remove --> <!-- auto select language by brower remove -->
<!--<property name="defaultLocale" value="en" /> --> <!--<property name="defaultLocale" value="en" /> -->

57
maxkey-web-maxkey/src/main/resources/spring/maxkey.xml
View File

@ -30,65 +30,10 @@
</property> </property>
<property name="ignoreUnresolvablePlaceholders" value="true"/> <property name="ignoreUnresolvablePlaceholders" value="true"/>
</bean> </bean>
<!-- dataSoruce Config -->
<bean id="dataSoruceConfig" class="org.maxkey.config.DataSoruceConfig">
<property name="driverClass" value="${config.datasource.driverclass}"/>
<property name="url" value="${config.datasource.url}"/>
<property name="username" value="${config.datasource.username}"/>
<property name="password" value="${config.datasource.password}"/>
<property name="database" value="${config.datasource.database}"/>
<property name="encrypt" value="true"/>
</bean>
<!-- Character Encoding Config -->
<bean id="characterEncodingConfig" class="org.maxkey.config.CharacterEncodingConfig">
<property name="encoding" value="${config.characterencoding.encoding}"/>
<property name="fromCharSet" value="${config.characterencoding.fromcharset}"/>
<property name="toCharSet" value="${config.characterencoding.tocharset}"/>
</bean>
<!-- email Config -->
<bean id="emailConfig" class="org.maxkey.config.EmailConfig">
<property name="username" value="${config.email.username}"/>
<property name="password" value="${config.email.password}"/>
<property name="smtpHost" value="${config.email.smtpHost}"/>
<property name="port" value="${config.email.port}"/>
<property name="senderMail" value="${config.email.senderMail}"/>
<property name="ssl" value="${config.email.ssl}"/>
</bean>
<!-- Login Config -->
<bean id="loginConfig" class="org.maxkey.config.LoginConfig">
<property name="captcha" value="${config.login.captcha}"/>
<property name="oneTimePwd" value="${config.login.onetimepwd}"/>
<property name="socialSignOn" value="${config.login.socialsignon}"/>
<property name="kerberos" value="${config.login.kerberos}"/>
<property name="wsFederation" value="${config.login.wsfederation}"/>
<property name="remeberMe" value="${config.login.remeberme}"/>
<property name="defaultUri" value="${config.login.default.uri}"/>
</bean>
<!-- Application Config -->
<bean id="applicationConfig" class="org.maxkey.config.ApplicationConfig">
<property name="dataSoruceConfig" ref="dataSoruceConfig"/>
<property name="characterEncodingConfig" ref="characterEncodingConfig"/>
<property name="emailConfig" ref="emailConfig"/>
<property name="loginConfig" ref="loginConfig"/>
<property name="domainName" value="${config.domain.name}"/>
<property name="serverPrefix" value="${config.server.maxkey.uri}"/>
<property name="manageUri" value="${config.manage.uri}"/>
<property name="whiteList" value="${config.ipaddress.whitelist}"/>
<property name="anonymousAccessUrls">
<list>
<value>null</value>
</list>
</property>
</bean>
<!-- Scans the classpath for annotated components that will be auto-registered as Spring beans. <!-- Scans the classpath for annotated components that will be auto-registered as Spring beans.
@Controller and @Service. Make sure to set the correct base-package--> @Controller and @Service. Make sure to set the correct base-package-->
<context:component-scan base-package="org.maxkey.config" />
<!-- domain bean --> <!-- domain bean -->
<context:component-scan base-package="org.maxkey.domain" /> <context:component-scan base-package="org.maxkey.domain" />
<context:component-scan base-package="org.maxkey.domain.apps" /> <context:component-scan base-package="org.maxkey.domain.apps" />