mirror of
https://gitee.com/dromara/MaxKey.git
synced 2025-12-06 17:08:29 +08:00
v 1.5.0 RC2
v 1.5.0 RC2
This commit is contained in:
shimingxy
parent
2f0f0ed8eb
commit
caa656191a
@ -41,6 +41,11 @@ public class RedisRemeberMeService extends AbstractRemeberMeService {
|
||||
conn.close();
|
||||
}
|
||||
|
||||
public RedisRemeberMeService(RedisConnectionFactory connectionFactory) {
|
||||
super();
|
||||
this.connectionFactory = connectionFactory;
|
||||
}
|
||||
|
||||
public void setConnectionFactory(RedisConnectionFactory connectionFactory) {
|
||||
this.connectionFactory = connectionFactory;
|
||||
}
|
||||
|
||||
@ -5,10 +5,17 @@ import java.io.IOException;
|
||||
import javax.sql.DataSource;
|
||||
import org.maxkey.authn.RealmAuthenticationProvider;
|
||||
import org.maxkey.authn.SavedRequestAwareAuthenticationSuccessHandler;
|
||||
import org.maxkey.authn.support.rememberme.AbstractRemeberMeService;
|
||||
import org.maxkey.authn.support.rememberme.InMemoryRemeberMeService;
|
||||
import org.maxkey.authn.support.rememberme.JdbcRemeberMeService;
|
||||
import org.maxkey.authn.support.rememberme.RedisRemeberMeService;
|
||||
import org.maxkey.crypto.keystore.KeyStoreLoader;
|
||||
import org.maxkey.crypto.password.PasswordReciprocal;
|
||||
import org.maxkey.persistence.redis.RedisConnectionFactory;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.beans.factory.InitializingBean;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.boot.context.properties.ConfigurationProperties;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
@ -16,11 +23,16 @@ import org.springframework.context.annotation.Primary;
|
||||
import org.springframework.context.annotation.PropertySource;
|
||||
import org.springframework.context.support.PropertySourcesPlaceholderConfigurer;
|
||||
import org.springframework.core.io.ClassPathResource;
|
||||
import org.springframework.core.io.Resource;
|
||||
import org.springframework.jdbc.core.JdbcTemplate;
|
||||
import org.springframework.jdbc.datasource.DataSourceTransactionManager;
|
||||
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
||||
import org.springframework.security.crypto.password.PasswordEncoder;
|
||||
|
||||
|
||||
@Configuration
|
||||
@PropertySource("classpath:/application.properties")
|
||||
@PropertySource("classpath:/config/applicationConfig.properties")
|
||||
public class ApplicationAutoConfiguration implements InitializingBean {
|
||||
private static final Logger _logger =
|
||||
LoggerFactory.getLogger(ApplicationAutoConfiguration.class);
|
||||
@ -77,9 +89,85 @@ public class ApplicationAutoConfiguration implements InitializingBean {
|
||||
}
|
||||
|
||||
@Bean(name = "transactionManager")
|
||||
DataSourceTransactionManager transactionManager(DataSource dataSource) {
|
||||
public DataSourceTransactionManager transactionManager(DataSource dataSource) {
|
||||
return new DataSourceTransactionManager(dataSource);
|
||||
}
|
||||
|
||||
/**
|
||||
* Authentication Password Encoder .
|
||||
* @return
|
||||
*/
|
||||
@Bean(name = "passwordEncoder")
|
||||
public PasswordEncoder passwordEncoder() {
|
||||
return new BCryptPasswordEncoder();
|
||||
}
|
||||
|
||||
/**
|
||||
* remeberMeService .
|
||||
* @return
|
||||
*/
|
||||
@Bean(name = "remeberMeService")
|
||||
public AbstractRemeberMeService remeberMeService(
|
||||
@Value("${config.server.persistence}") int persistence,
|
||||
@Value("${config.login.remeberme.validity}") int validity,
|
||||
JdbcTemplate jdbcTemplate,
|
||||
RedisConnectionFactory jedisConnectionFactory) {
|
||||
AbstractRemeberMeService remeberMeService = null;
|
||||
if (persistence == 0) {
|
||||
remeberMeService = new InMemoryRemeberMeService();
|
||||
_logger.debug("InMemoryRemeberMeService");
|
||||
} else if (persistence == 1) {
|
||||
remeberMeService = new JdbcRemeberMeService(jdbcTemplate);
|
||||
_logger.debug("JdbcRemeberMeService");
|
||||
} else if (persistence == 2) {
|
||||
remeberMeService = new RedisRemeberMeService(jedisConnectionFactory);
|
||||
_logger.debug("RedisRemeberMeService");
|
||||
}
|
||||
return remeberMeService;
|
||||
}
|
||||
|
||||
/**
|
||||
* keyStoreLoader .
|
||||
* @return
|
||||
*/
|
||||
@Bean(name = "keyStoreLoader")
|
||||
public KeyStoreLoader keyStoreLoader(
|
||||
@Value("${config.saml.v20.idp.issuing.entity.id}") String entityName,
|
||||
@Value("${config.saml.v20.idp.keystore.password}") String keystorePassword,
|
||||
@Value("${config.saml.v20.idp.keystore}") Resource keystoreFile) {
|
||||
KeyStoreLoader keyStoreLoader = new KeyStoreLoader();
|
||||
keyStoreLoader.setEntityName(entityName);
|
||||
keyStoreLoader.setKeystorePassword(keystorePassword);
|
||||
keyStoreLoader.setKeystoreFile(keystoreFile);
|
||||
return keyStoreLoader;
|
||||
}
|
||||
|
||||
/**
|
||||
* spKeyStoreLoader .
|
||||
* @return
|
||||
*/
|
||||
@Bean(name = "spKeyStoreLoader")
|
||||
public KeyStoreLoader spKeyStoreLoader(
|
||||
@Value("${config.saml.v20.sp.issuing.entity.id}") String entityName,
|
||||
@Value("${config.saml.v20.sp.keystore.password}") String keystorePassword,
|
||||
@Value("${config.saml.v20.sp.keystore}") Resource keystoreFile) {
|
||||
KeyStoreLoader keyStoreLoader = new KeyStoreLoader();
|
||||
keyStoreLoader.setEntityName(entityName);
|
||||
keyStoreLoader.setKeystorePassword(keystorePassword);
|
||||
keyStoreLoader.setKeystoreFile(keystoreFile);
|
||||
return keyStoreLoader;
|
||||
}
|
||||
|
||||
/**
|
||||
* spKeyStoreLoader .
|
||||
* @return
|
||||
*/
|
||||
@Bean(name = "spIssuingEntityName")
|
||||
public String spIssuingEntityName(
|
||||
@Value("${config.saml.v20.sp.issuing.entity.id}") String spIssuingEntityName) {
|
||||
return spIssuingEntityName;
|
||||
}
|
||||
|
||||
|
||||
@Override
|
||||
public void afterPropertiesSet() throws Exception {
|
||||
|
||||
@ -0,0 +1,122 @@
|
||||
package org.maxkey.autoconfigure;
|
||||
|
||||
import com.nimbusds.jose.JOSEException;
|
||||
import com.nimbusds.jose.JWEAlgorithm;
|
||||
import java.net.URI;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.security.spec.InvalidKeySpecException;
|
||||
import org.maxkey.authn.support.jwt.JwtLoginService;
|
||||
import org.maxkey.config.oidc.OIDCProviderMetadataDetails;
|
||||
import org.maxkey.crypto.jose.keystore.JWKSetKeyStore;
|
||||
import org.maxkey.crypto.jwt.encryption.service.impl.DefaultJwtEncryptionAndDecryptionService;
|
||||
import org.maxkey.crypto.jwt.signer.service.impl.DefaultJwtSigningAndValidationService;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.beans.factory.InitializingBean;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.context.annotation.PropertySource;
|
||||
import org.springframework.core.io.ClassPathResource;
|
||||
|
||||
|
||||
@Configuration
|
||||
@PropertySource("classpath:/application.properties")
|
||||
@PropertySource("classpath:/config/applicationConfig.properties")
|
||||
public class JwtAuthnAutoConfiguration implements InitializingBean {
|
||||
private static final Logger _logger = LoggerFactory.getLogger(JwtAuthnAutoConfiguration.class);
|
||||
|
||||
/**
|
||||
* OIDCProviderMetadataDetails.
|
||||
* Self-issued Provider Metadata
|
||||
* http://openid.net/specs/openid-connect-core-1_0.html#SelfIssued
|
||||
*/
|
||||
@Bean(name = "oidcProviderMetadata")
|
||||
public OIDCProviderMetadataDetails OIDCProviderMetadataDetails(
|
||||
@Value("${config.oidc.metadata.issuer}")
|
||||
String issuer,
|
||||
@Value("${config.oidc.metadata.authorizationEndpoint}")
|
||||
URI authorizationEndpoint,
|
||||
@Value("${config.oidc.metadata.tokenEndpoint}")
|
||||
URI tokenEndpoint,
|
||||
@Value("${config.oidc.metadata.userinfoEndpoint}")
|
||||
URI userinfoEndpoint) {
|
||||
_logger.debug("RedisConnectionFactory init .");
|
||||
OIDCProviderMetadataDetails oidcProviderMetadata = new OIDCProviderMetadataDetails();
|
||||
oidcProviderMetadata.setIssuer(issuer);
|
||||
oidcProviderMetadata.setAuthorizationEndpoint(authorizationEndpoint);
|
||||
oidcProviderMetadata.setTokenEndpoint(tokenEndpoint);
|
||||
oidcProviderMetadata.setUserinfoEndpoint(userinfoEndpoint);
|
||||
return oidcProviderMetadata;
|
||||
}
|
||||
|
||||
/**
|
||||
* jwtSetKeyStore.
|
||||
* @return
|
||||
*/
|
||||
@Bean(name = "jwkSetKeyStore")
|
||||
public JWKSetKeyStore jwtSetKeyStore() {
|
||||
JWKSetKeyStore jwkSetKeyStore = new JWKSetKeyStore();
|
||||
ClassPathResource classPathResource = new ClassPathResource("/config/keystore.jwks");
|
||||
jwkSetKeyStore.setLocation(classPathResource);
|
||||
return jwkSetKeyStore;
|
||||
}
|
||||
|
||||
/**
|
||||
* jwtSetKeyStore.
|
||||
* @return
|
||||
* @throws JOSEException
|
||||
* @throws InvalidKeySpecException
|
||||
* @throws NoSuchAlgorithmException
|
||||
*/
|
||||
@Bean(name = "jwtSignerValidationService")
|
||||
public DefaultJwtSigningAndValidationService jwtSignerValidationService(
|
||||
JWKSetKeyStore jwtSetKeyStore)
|
||||
throws NoSuchAlgorithmException, InvalidKeySpecException, JOSEException {
|
||||
DefaultJwtSigningAndValidationService jwtSignerValidationService =
|
||||
new DefaultJwtSigningAndValidationService(jwtSetKeyStore);
|
||||
jwtSignerValidationService.setDefaultSignerKeyId("maxkey_rsa");
|
||||
jwtSignerValidationService.setDefaultSigningAlgorithmName("RS256");
|
||||
return jwtSignerValidationService;
|
||||
}
|
||||
|
||||
/**
|
||||
* jwtSetKeyStore.
|
||||
* @return
|
||||
* @throws JOSEException
|
||||
* @throws InvalidKeySpecException
|
||||
* @throws NoSuchAlgorithmException
|
||||
*/
|
||||
@Bean(name = "jwtEncryptionService")
|
||||
public DefaultJwtEncryptionAndDecryptionService jwtEncryptionService(
|
||||
JWKSetKeyStore jwtSetKeyStore)
|
||||
throws NoSuchAlgorithmException, InvalidKeySpecException, JOSEException {
|
||||
DefaultJwtEncryptionAndDecryptionService jwtEncryptionService =
|
||||
new DefaultJwtEncryptionAndDecryptionService(jwtSetKeyStore);
|
||||
jwtEncryptionService.setDefaultAlgorithm(JWEAlgorithm.RSA1_5);//RSA1_5
|
||||
jwtEncryptionService.setDefaultDecryptionKeyId("maxkey_rsa");
|
||||
jwtEncryptionService.setDefaultEncryptionKeyId("maxkey_rsa");
|
||||
return jwtEncryptionService;
|
||||
}
|
||||
|
||||
/**
|
||||
* JwtLoginService.
|
||||
* @return
|
||||
*/
|
||||
@Bean(name = "jwtLoginService")
|
||||
public JwtLoginService jwtLoginService(
|
||||
DefaultJwtSigningAndValidationService jwtSignerValidationService,
|
||||
OIDCProviderMetadataDetails oidcProviderMetadata) {
|
||||
JwtLoginService jwkSetKeyStore = new JwtLoginService();
|
||||
jwkSetKeyStore.setJwtSignerValidationService(jwtSignerValidationService);
|
||||
jwkSetKeyStore.setJwtProviderMetadata(oidcProviderMetadata);
|
||||
return jwkSetKeyStore;
|
||||
}
|
||||
|
||||
|
||||
@Override
|
||||
public void afterPropertiesSet() throws Exception {
|
||||
// TODO Auto-generated method stub
|
||||
|
||||
}
|
||||
}
|
||||
@ -3,6 +3,7 @@ package org.maxkey;
|
||||
import java.util.Date;
|
||||
import javax.servlet.ServletException;
|
||||
import org.maxkey.web.InitializeContext;
|
||||
import org.mybatis.spring.annotation.MapperScan;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.boot.SpringApplication;
|
||||
@ -16,9 +17,22 @@ import org.springframework.context.annotation.ImportResource;
|
||||
@SpringBootApplication
|
||||
@ImportResource(locations={"classpath:spring/maxkey-mgt.xml"})
|
||||
@ComponentScan(basePackages = {
|
||||
"org.maxkey.MaxKeyMgtConfig"
|
||||
"org.maxkey.MaxKeyMgtConfig",
|
||||
"org.maxkey.config",
|
||||
"org.maxkey.domain",
|
||||
"org.maxkey.domain.apps",
|
||||
"org.maxkey.domain.userinfo",
|
||||
"org.maxkey.web.endpoint",
|
||||
"org.maxkey.web.contorller",
|
||||
"org.maxkey.web.apps.contorller",
|
||||
"org.maxkey.web.endpoint",
|
||||
"org.maxkey.authn",
|
||||
"org.maxkey.dao",
|
||||
"org.maxkey.web",
|
||||
"org.maxkey.web.tag"
|
||||
}
|
||||
)
|
||||
@MapperScan("org.maxkey.dao.persistence,")
|
||||
public class MaxKeyMgtApplication extends SpringBootServletInitializer {
|
||||
private static final Logger _logger = LoggerFactory.getLogger(MaxKeyMgtApplication.class);
|
||||
|
||||
@ -28,7 +42,6 @@ public class MaxKeyMgtApplication extends SpringBootServletInitializer {
|
||||
ConfigurableApplicationContext applicationContext =SpringApplication.run(MaxKeyMgtApplication.class, args);
|
||||
InitializeContext initWebContext=new InitializeContext(applicationContext);
|
||||
|
||||
|
||||
try {
|
||||
initWebContext.init(null);
|
||||
} catch (ServletException e) {
|
||||
|
||||
@ -1,16 +1,19 @@
|
||||
package org.maxkey;
|
||||
|
||||
import org.mybatis.spring.annotation.MapperScan;
|
||||
import javax.sql.DataSource;
|
||||
import org.maxkey.authz.oauth2.provider.client.JdbcClientDetailsService;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.beans.factory.InitializingBean;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.context.annotation.PropertySource;
|
||||
import org.springframework.security.crypto.password.PasswordEncoder;
|
||||
|
||||
@Configuration
|
||||
@PropertySource("classpath:/application.properties")
|
||||
@MapperScan("org.maxkey.dao.persistence,")
|
||||
public class MaxKeyMgtConfig {
|
||||
public class MaxKeyMgtConfig implements InitializingBean {
|
||||
private static final Logger _logger = LoggerFactory.getLogger(MaxKeyMgtConfig.class);
|
||||
|
||||
@Value("${server.port:8080}")
|
||||
@ -23,5 +26,19 @@ public class MaxKeyMgtConfig {
|
||||
public void setPort(int port) {
|
||||
this.port = port;
|
||||
}
|
||||
|
||||
@Bean(name = "oauth20JdbcClientDetailsService")
|
||||
public JdbcClientDetailsService JdbcClientDetailsService(
|
||||
DataSource dataSource,PasswordEncoder passwordReciprocal) {
|
||||
JdbcClientDetailsService clientDetailsService = new JdbcClientDetailsService(dataSource);
|
||||
clientDetailsService.setPasswordEncoder(passwordReciprocal);
|
||||
return clientDetailsService;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void afterPropertiesSet() throws Exception {
|
||||
// TODO Auto-generated method stub
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@ -3,4 +3,6 @@ org.springframework.boot.autoconfigure.EnableAutoConfiguration=\
|
||||
org.maxkey.autoconfigure.ApplicationAutoConfiguration,\
|
||||
org.maxkey.autoconfigure.KaptchaAutoConfiguration,\
|
||||
org.maxkey.autoconfigure.MvcAutoConfiguration,\
|
||||
org.maxkey.autoconfigure.JwtAuthnAutoConfiguration,\
|
||||
org.maxkey.autoconfigure.RedisAutoConfiguration,\
|
||||
org.maxkey.MaxKeyMgtConfig
|
||||
|
||||
@ -24,6 +24,15 @@ spring.datasource.type=com.alibaba.druid.pool.DruidDataSource
|
||||
#mybatis
|
||||
mybatis.type-aliases-package=org.maxkey.domain,org.maxkey.domain.apps,
|
||||
mybatis.mapper-locations=classpath*:/org/maxkey/dao/persistence/xml/mysql/*.xml
|
||||
#redis
|
||||
spring.redis.host=127.0.0.1
|
||||
spring.redis.port=6379
|
||||
spring.redis.password=password
|
||||
spring.redis.timeout=10000
|
||||
spring.redis.jedis.pool.max-wait=1000
|
||||
spring.redis.jedis.pool.max-idle=200
|
||||
spring.redis.lettuce.pool.max-active=-1
|
||||
spring.redis.lettuce.pool.min-idle=0
|
||||
#mail
|
||||
spring.mail.default-encoding=utf-8
|
||||
spring.mail.host=smtp.163.com
|
||||
|
||||
@ -9,6 +9,8 @@ config.server.prefix.uri=${config.server.name}:9521/maxkey-mgt
|
||||
#default.uri
|
||||
config.server.default.uri=${config.server.prefix.uri}/main
|
||||
config.maxkey.uri=${config.server.name}/maxkey
|
||||
#InMemory 0 , jdbc 1, Redis 2
|
||||
config.server.persistence=0
|
||||
############################################################################
|
||||
# Login configuration
|
||||
#enable captcha
|
||||
@ -26,7 +28,7 @@ config.login.wsfederation=false
|
||||
#remeberme
|
||||
config.login.remeberme=false
|
||||
#validity
|
||||
config.login.remeberme.validity=
|
||||
config.login.remeberme.validity=0
|
||||
#default.uri
|
||||
#to appList page
|
||||
config.login.default.uri=appList
|
||||
|
||||
@ -1,169 +0,0 @@
|
||||
<?xml version="1.0" encoding="UTF-8" ?>
|
||||
<beans xmlns="http://www.springframework.org/schema/beans"
|
||||
xmlns:context="http://www.springframework.org/schema/context"
|
||||
xmlns:mvc="http://www.springframework.org/schema/mvc"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xmlns:p="http://www.springframework.org/schema/p"
|
||||
xmlns:util="http://www.springframework.org/schema/util"
|
||||
xsi:schemaLocation="
|
||||
http://www.springframework.org/schema/beans
|
||||
http://www.springframework.org/schema/beans/spring-beans.xsd
|
||||
http://www.springframework.org/schema/context
|
||||
http://www.springframework.org/schema/context/spring-context.xsd
|
||||
http://www.springframework.org/schema/util
|
||||
http://www.springframework.org/schema/util/spring-util.xsd
|
||||
http://www.springframework.org/schema/mvc
|
||||
http://www.springframework.org/schema/mvc/spring-mvc.xsd">
|
||||
|
||||
<!-- enable autowire -->
|
||||
<context:annotation-config />
|
||||
<!-- language select must remove -->
|
||||
<mvc:annotation-driven />
|
||||
|
||||
<!--
|
||||
* Self-issued Provider Metadata
|
||||
*
|
||||
* http://openid.net/specs/openid-connect-core-1_0.html#SelfIssued
|
||||
* -->
|
||||
<bean id="oidcProviderMetadata" class="org.maxkey.config.oidc.OIDCProviderMetadataDetails">
|
||||
<property name="issuer" value="${config.oidc.metadata.issuer}" />
|
||||
<property name="authorizationEndpoint" value="${config.oidc.metadata.authorizationEndpoint}" />
|
||||
<property name="tokenEndpoint" value="${config.oidc.metadata.tokenEndpoint}" />
|
||||
<property name="userinfoEndpoint" value="${config.oidc.metadata.userinfoEndpoint}" />
|
||||
</bean>
|
||||
|
||||
<bean id="jwkSetKeyStore" class="org.maxkey.crypto.jose.keystore.JWKSetKeyStore">
|
||||
<property name="location" value="classpath:config/keystore.jwks" />
|
||||
</bean>
|
||||
|
||||
<bean id="jwtSignerValidationService" class="org.maxkey.crypto.jwt.signer.service.impl.DefaultJwtSigningAndValidationService">
|
||||
<constructor-arg name="keyStore" ref="jwkSetKeyStore" />
|
||||
<property name="defaultSignerKeyId" value="maxkey_rsa" />
|
||||
<property name="defaultSigningAlgorithmName" value="RS256" />
|
||||
</bean>
|
||||
|
||||
<bean id="jwtEncryptionService" class="org.maxkey.crypto.jwt.encryption.service.impl.DefaultJwtEncryptionAndDecryptionService">
|
||||
<constructor-arg name="keyStore" ref="jwkSetKeyStore" />
|
||||
<property name="defaultAlgorithm" value="RSA1_5" />
|
||||
<property name="defaultDecryptionKeyId" value="maxkey_rsa" />
|
||||
<property name="defaultEncryptionKeyId" value="maxkey_rsa" />
|
||||
</bean>
|
||||
|
||||
<bean id="jwtLoginService" class="org.maxkey.authn.support.jwt.JwtLoginService">
|
||||
<property name="jwtSignerValidationService" ref="jwtSignerValidationService" />
|
||||
<property name="jwtProviderMetadata" ref="oidcProviderMetadata" />
|
||||
</bean>
|
||||
|
||||
<!-- web Controller InterceptorAdapter -->
|
||||
<mvc:interceptors>
|
||||
<!-- web Controller InterceptorAdapter for platform permission -->
|
||||
<mvc:interceptor>
|
||||
<mvc:mapping path="/main*/**" />
|
||||
<mvc:mapping path="/main*/**" />
|
||||
<mvc:mapping path="/orgs*/**" />
|
||||
<mvc:mapping path="/userinfo*/**" />
|
||||
<mvc:mapping path="/apps*/**" />
|
||||
<mvc:mapping path="/app*/**" />
|
||||
<mvc:mapping path="/groups*/**" />
|
||||
<mvc:mapping path="/groupMember*/**" />
|
||||
<mvc:mapping path="/groupPrivileges*/**" />
|
||||
<mvc:mapping path="/config*/**" />
|
||||
<mvc:mapping path="/logs*/**" />
|
||||
|
||||
<bean class="org.maxkey.web.interceptor.PermissionAdapter" />
|
||||
</mvc:interceptor>
|
||||
<!-- web Controller InterceptorAdapter for platform log -->
|
||||
<mvc:interceptor>
|
||||
<mvc:mapping path="/users/*" />
|
||||
<mvc:mapping path="/userinfo/*" />
|
||||
<mvc:mapping path="/enterprises/*" />
|
||||
<mvc:mapping path="/employees/*" />
|
||||
<mvc:mapping path="/authInfo/*" />
|
||||
<mvc:mapping path="/usercenter/*"/>
|
||||
<mvc:mapping path="/retrievePassword/*"/>
|
||||
<mvc:mapping path="/roles/*"/>
|
||||
<mvc:mapping path="/applications/*"/>
|
||||
<mvc:mapping path="/approles/*"/>
|
||||
<bean class="org.maxkey.web.interceptor.HistoryLogsAdapter" />
|
||||
</mvc:interceptor>
|
||||
|
||||
<ref bean="localeChangeInterceptor" />
|
||||
</mvc:interceptors>
|
||||
<!--
|
||||
<bean id="remeberMeService" class="org.maxkey.authn.support.rememberme.JdbcRemeberMeService">
|
||||
<constructor-arg ref="jdbcTemplate"/>
|
||||
<property name="validity" value="${config.login.remeberme.validity}"/>
|
||||
</bean>
|
||||
-->
|
||||
<bean id="remeberMeService" class="org.maxkey.authn.support.rememberme.InMemoryRemeberMeService">
|
||||
</bean>
|
||||
|
||||
<bean id="timeBasedKeyUriFormat" class="org.maxkey.crypto.password.opt.algorithm.KeyUriFormat">
|
||||
<property name="type" value="totp" />
|
||||
<property name="digits" value="6" />
|
||||
<property name="issuer" value="maxkey" />
|
||||
<property name="domain" value="maxkey.org" />
|
||||
<property name="period" value="30" />
|
||||
|
||||
</bean>
|
||||
|
||||
<bean id="tfaOptAuthn" class="org.maxkey.crypto.password.opt.impl.TimeBasedOtpAuthn">
|
||||
</bean>
|
||||
|
||||
<!-- Authentication Password Encoder Config -->
|
||||
<bean id="passwordEncoder" class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder"></bean>
|
||||
|
||||
<!-- LDAP Realm
|
||||
<bean id="authenticationRealm" class="org.maxkey.web.authentication.realm.ldap.LdapAuthenticationRealm">
|
||||
<constructor-arg ref="jdbcTemplate"/>
|
||||
<property name="ldapServers">
|
||||
<list>
|
||||
<bean id="ldapServer1" class="org.maxkey.web.authentication.realm.ldap.LdapServer">
|
||||
<property name="ldapUtils">
|
||||
<bean id="ldapUtils" class="org.maxkey.ldap.LdapUtils">
|
||||
<property name="providerUrl" value="ldap://localhost:389"></property>
|
||||
<property name="principal" value="cn=root"></property>
|
||||
<property name="credentials" value="rootroot"></property>
|
||||
<property name="baseDN" value="dc=connsec,dc=com"></property>
|
||||
</bean>
|
||||
</property>
|
||||
<property name="filterAttribute" value="uid"></property>
|
||||
</bean>
|
||||
</list>
|
||||
</property>
|
||||
</bean> -->
|
||||
|
||||
<!-- Active Directory Realm
|
||||
<bean id="authenticationRealm" class="org.maxkey.web.authentication.realm.activedirectory.ActiveDirectoryAuthenticationRealm">
|
||||
<constructor-arg ref="jdbcTemplate"/>
|
||||
<property name="activeDirectoryServers">
|
||||
<list>
|
||||
<bean id="activeDirectory1" class="org.maxkey.web.authentication.realm.activedirectory.ActiveDirectoryServer">
|
||||
<property name="activeDirectoryUtils">
|
||||
<bean id="ldapUtils" class="org.maxkey.ldap.ActiveDirectoryUtils">
|
||||
<property name="providerUrl" value="ldap://localhost:389"></property>
|
||||
<property name="principal" value="cn=root"></property>
|
||||
<property name="credentials" value="rootroot"></property>
|
||||
<property name="domain" value="connsec"></property>
|
||||
</bean>
|
||||
</property>
|
||||
</bean>
|
||||
</list>
|
||||
</property>
|
||||
</bean> -->
|
||||
|
||||
<!-- Default Realm-->
|
||||
<!-- realm use jdbc -->
|
||||
<bean id="authenticationRealm" class="org.maxkey.authn.realm.jdbc.JdbcAuthenticationRealm">
|
||||
<constructor-arg ref="jdbcTemplate"/>
|
||||
</bean>
|
||||
|
||||
<!-- Authentication providers -->
|
||||
<bean id="authenticationProvider" class="org.maxkey.authn.RealmAuthenticationProvider" >
|
||||
</bean>
|
||||
|
||||
<mvc:annotation-driven />
|
||||
|
||||
<mvc:default-servlet-handler />
|
||||
|
||||
</beans>
|
||||
@ -1,51 +0,0 @@
|
||||
<?xml version="1.0" encoding="UTF-8" ?>
|
||||
<beans xmlns="http://www.springframework.org/schema/beans"
|
||||
xmlns:context="http://www.springframework.org/schema/context"
|
||||
xmlns:mvc="http://www.springframework.org/schema/mvc"
|
||||
xmlns:sec="http://www.springframework.org/schema/security"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xmlns:p="http://www.springframework.org/schema/p"
|
||||
xmlns:util="http://www.springframework.org/schema/util"
|
||||
xsi:schemaLocation="
|
||||
http://www.springframework.org/schema/beans
|
||||
http://www.springframework.org/schema/beans/spring-beans.xsd
|
||||
http://www.springframework.org/schema/context
|
||||
http://www.springframework.org/schema/context/spring-context.xsd
|
||||
http://www.springframework.org/schema/util
|
||||
http://www.springframework.org/schema/util/spring-util.xsd
|
||||
http://www.springframework.org/schema/mvc
|
||||
http://www.springframework.org/schema/mvc/spring-mvc.xsd
|
||||
http://www.springframework.org/schema/security
|
||||
http://www.springframework.org/schema/security/spring-security.xsd">
|
||||
|
||||
<!-- Scheduler Task Start -->
|
||||
<!-- Day login report
|
||||
<bean id="loginDayReport" class="org.maxkey.tasks.report.LoginDayReport">
|
||||
<property name="jdbcTemplate" ref="jdbcTemplate" />
|
||||
</bean>
|
||||
|
||||
<bean id="jobDetailLoginDayReport" class="org.springframework.scheduling.quartz.MethodInvokingJobDetailFactoryBean" >
|
||||
<property name="targetObject" ref="loginDayReport" />
|
||||
<property name="targetMethod" value="dayReportCount" />
|
||||
<property name="concurrent" value="false" />
|
||||
</bean>
|
||||
|
||||
<bean id="triggerJobDetailLoginDayReport" class="org.springframework.scheduling.quartz.CronTriggerFactoryBean">
|
||||
<property name="cronExpression" value="59 59 23 * * ?" />
|
||||
</bean>
|
||||
|
||||
|
||||
<bean class="org.springframework.scheduling.quartz.SchedulerFactoryBean">
|
||||
<property name="triggers">
|
||||
<list>
|
||||
<ref bean="triggerJobDetailLoginDayReport" />
|
||||
|
||||
<ref bean="cronTrigger" />
|
||||
<ref bean="simpleTrigger" />
|
||||
</list>
|
||||
</property>
|
||||
</bean> -->
|
||||
|
||||
<!-- Scheduler Task End -->
|
||||
|
||||
</beans>
|
||||
@ -19,58 +19,94 @@
|
||||
http://www.springframework.org/schema/mvc/spring-mvc.xsd">
|
||||
<!-- enable autowire -->
|
||||
<context:annotation-config />
|
||||
<!-- language select must remove -->
|
||||
<mvc:annotation-driven />
|
||||
|
||||
<context:component-scan base-package="org.maxkey.config" />
|
||||
<!-- Scans the classpath for annotated components that will be auto-registered as Spring beans.
|
||||
@Controller and @Service. Make sure to set the correct base-package-->
|
||||
|
||||
<!-- domain bean -->
|
||||
<context:component-scan base-package="org.maxkey.domain" />
|
||||
<context:component-scan base-package="org.maxkey.domain.apps" />
|
||||
<context:component-scan base-package="org.maxkey.domain.userinfo" />
|
||||
<!-- web Controller InterceptorAdapter -->
|
||||
<mvc:interceptors>
|
||||
<!-- web Controller InterceptorAdapter for platform permission -->
|
||||
<mvc:interceptor>
|
||||
<mvc:mapping path="/main*/**" />
|
||||
<mvc:mapping path="/main*/**" />
|
||||
<mvc:mapping path="/orgs*/**" />
|
||||
<mvc:mapping path="/userinfo*/**" />
|
||||
<mvc:mapping path="/apps*/**" />
|
||||
<mvc:mapping path="/app*/**" />
|
||||
<mvc:mapping path="/groups*/**" />
|
||||
<mvc:mapping path="/groupMember*/**" />
|
||||
<mvc:mapping path="/groupPrivileges*/**" />
|
||||
<mvc:mapping path="/config*/**" />
|
||||
<mvc:mapping path="/logs*/**" />
|
||||
|
||||
<bean class="org.maxkey.web.interceptor.PermissionAdapter" />
|
||||
</mvc:interceptor>
|
||||
<!-- web Controller InterceptorAdapter for platform log -->
|
||||
<mvc:interceptor>
|
||||
<mvc:mapping path="/users/*" />
|
||||
<mvc:mapping path="/userinfo/*" />
|
||||
<mvc:mapping path="/enterprises/*" />
|
||||
<mvc:mapping path="/employees/*" />
|
||||
<mvc:mapping path="/authInfo/*" />
|
||||
<mvc:mapping path="/usercenter/*"/>
|
||||
<mvc:mapping path="/retrievePassword/*"/>
|
||||
<mvc:mapping path="/roles/*"/>
|
||||
<mvc:mapping path="/applications/*"/>
|
||||
<mvc:mapping path="/approles/*"/>
|
||||
<bean class="org.maxkey.web.interceptor.HistoryLogsAdapter" />
|
||||
</mvc:interceptor>
|
||||
|
||||
<ref bean="localeChangeInterceptor" />
|
||||
</mvc:interceptors>
|
||||
|
||||
<bean id="tfaOptAuthn" class="org.maxkey.crypto.password.opt.impl.TimeBasedOtpAuthn">
|
||||
</bean>
|
||||
|
||||
<!-- Business Contorller -->
|
||||
<context:component-scan base-package="org.maxkey.web.endpoint" />
|
||||
<context:component-scan base-package="org.maxkey.web.contorller" />
|
||||
<context:component-scan base-package="org.maxkey.web.apps.contorller" />
|
||||
<context:component-scan base-package="org.maxkey.web.endpoint" />
|
||||
<context:component-scan base-package="org.maxkey.authn" />
|
||||
<context:component-scan base-package="org.maxkey.dao" />
|
||||
<context:component-scan base-package="org.maxkey.web" />
|
||||
<context:component-scan base-package="org.maxkey.web.tag" />
|
||||
<!-- LDAP Realm
|
||||
<bean id="authenticationRealm" class="org.maxkey.web.authentication.realm.ldap.LdapAuthenticationRealm">
|
||||
<constructor-arg ref="jdbcTemplate"/>
|
||||
<property name="ldapServers">
|
||||
<list>
|
||||
<bean id="ldapServer1" class="org.maxkey.web.authentication.realm.ldap.LdapServer">
|
||||
<property name="ldapUtils">
|
||||
<bean id="ldapUtils" class="org.maxkey.ldap.LdapUtils">
|
||||
<property name="providerUrl" value="ldap://localhost:389"></property>
|
||||
<property name="principal" value="cn=root"></property>
|
||||
<property name="credentials" value="rootroot"></property>
|
||||
<property name="baseDN" value="dc=connsec,dc=com"></property>
|
||||
</bean>
|
||||
</property>
|
||||
<property name="filterAttribute" value="uid"></property>
|
||||
</bean>
|
||||
</list>
|
||||
</property>
|
||||
</bean> -->
|
||||
|
||||
|
||||
<bean id="keyStoreLoader" class="org.maxkey.crypto.keystore.KeyStoreLoader">
|
||||
<property name="entityName" value="${config.saml.v20.idp.issuing.entity.id}" />
|
||||
<property name="keystorePassword" value="${config.saml.v20.idp.keystore.password}" />
|
||||
<property name="keystoreFile" value="${config.saml.v20.idp.keystore}"/>
|
||||
|
||||
</bean>
|
||||
|
||||
<bean id="spKeyStoreLoader" class="org.maxkey.crypto.keystore.KeyStoreLoader">
|
||||
<property name="entityName" value="${config.saml.v20.sp.issuing.entity.id}" />
|
||||
<property name="keystorePassword" value="${config.saml.v20.sp.keystore.password}" />
|
||||
<property name="keystoreFile" value="${config.saml.v20.sp.keystore}"/>
|
||||
</bean>
|
||||
|
||||
<bean id="spIssuingEntityName" class="java.lang.String" >
|
||||
<constructor-arg value="${config.saml.v20.sp.issuing.entity.id}"/>
|
||||
</bean>
|
||||
|
||||
<bean id="maxKeyURI" class="java.lang.String" >
|
||||
<constructor-arg value="${config.maxkey.uri}"/>
|
||||
</bean>
|
||||
|
||||
<bean id="oauth20JdbcClientDetailsService" class="org.maxkey.authz.oauth2.provider.client.JdbcClientDetailsService" >
|
||||
<constructor-arg ref="dataSource" />
|
||||
<property name="passwordEncoder" ref="passwordReciprocal"></property>
|
||||
</bean>
|
||||
|
||||
<import resource="maxkey-mgt-security.xml"/>
|
||||
|
||||
<import resource="maxkey-mgt-task.xml"/>
|
||||
<!-- Active Directory Realm
|
||||
<bean id="authenticationRealm" class="org.maxkey.web.authentication.realm.activedirectory.ActiveDirectoryAuthenticationRealm">
|
||||
<constructor-arg ref="jdbcTemplate"/>
|
||||
<property name="activeDirectoryServers">
|
||||
<list>
|
||||
<bean id="activeDirectory1" class="org.maxkey.web.authentication.realm.activedirectory.ActiveDirectoryServer">
|
||||
<property name="activeDirectoryUtils">
|
||||
<bean id="ldapUtils" class="org.maxkey.ldap.ActiveDirectoryUtils">
|
||||
<property name="providerUrl" value="ldap://localhost:389"></property>
|
||||
<property name="principal" value="cn=root"></property>
|
||||
<property name="credentials" value="rootroot"></property>
|
||||
<property name="domain" value="connsec"></property>
|
||||
</bean>
|
||||
</property>
|
||||
</bean>
|
||||
</list>
|
||||
</property>
|
||||
</bean> -->
|
||||
|
||||
<!-- Default Realm-->
|
||||
<!-- realm use jdbc -->
|
||||
<bean id="authenticationRealm" class="org.maxkey.authn.realm.jdbc.JdbcAuthenticationRealm">
|
||||
<constructor-arg ref="jdbcTemplate"/>
|
||||
</bean>
|
||||
|
||||
<mvc:annotation-driven />
|
||||
|
||||
<mvc:default-servlet-handler />
|
||||
|
||||
</beans>
|
||||
@ -9,20 +9,34 @@ import org.maxkey.crypto.password.opt.algorithm.KeyUriFormat;
|
||||
import org.mybatis.spring.annotation.MapperScan;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.beans.factory.InitializingBean;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory;
|
||||
import org.springframework.boot.web.servlet.FilterRegistrationBean;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.ComponentScan;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.context.annotation.ImportResource;
|
||||
import org.springframework.context.annotation.PropertySource;
|
||||
|
||||
|
||||
|
||||
|
||||
@Configuration
|
||||
@ImportResource(locations = { "classpath:spring/maxkey.xml" })
|
||||
@PropertySource("classpath:/application.properties")
|
||||
@PropertySource("classpath:/config/applicationConfig.properties")
|
||||
@MapperScan("org.maxkey.dao.persistence,")
|
||||
public class MaxKeyConfig {
|
||||
@ComponentScan(basePackages = {
|
||||
"org.maxkey.config",
|
||||
"org.maxkey.domain",
|
||||
"org.maxkey.domain.apps",
|
||||
"org.maxkey.domain.userinfo",
|
||||
"org.maxkey.api.v1.contorller",
|
||||
"org.maxkey.web.endpoint",
|
||||
"org.maxkey.web.contorller"
|
||||
})
|
||||
public class MaxKeyConfig implements InitializingBean {
|
||||
private static final Logger _logger = LoggerFactory.getLogger(MaxKeyConfig.class);
|
||||
|
||||
@Value("${server.port:8080}")
|
||||
@ -94,6 +108,12 @@ public class MaxKeyConfig {
|
||||
return keyUriFormat;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void afterPropertiesSet() throws Exception {
|
||||
// TODO Auto-generated method stub
|
||||
|
||||
}
|
||||
|
||||
|
||||
|
||||
}
|
||||
|
||||
@ -9,7 +9,8 @@ config.server.prefix.uri=${config.server.name}/maxkey
|
||||
#default.uri
|
||||
config.server.default.uri=${config.server.prefix.uri}/maxkey/appList
|
||||
config.server.management.uri=${config.server.name}:9521/maxkey-mgt/login
|
||||
|
||||
#InMemory 0 , jdbc 1, Redis 2
|
||||
config.server.persistence=0
|
||||
config.app.issuer=CN=ConSec,CN=COM,CN=SH
|
||||
############################################################################
|
||||
# Login configuration
|
||||
@ -28,7 +29,7 @@ config.login.wsfederation=false
|
||||
#remeberme
|
||||
config.login.remeberme=true
|
||||
#validity
|
||||
config.login.remeberme.validity=
|
||||
config.login.remeberme.validity=0
|
||||
|
||||
#to default application web site
|
||||
config.login.default.uri=appList
|
||||
|
||||
@ -1,33 +0,0 @@
|
||||
<?xml version="1.0" encoding="UTF-8" ?>
|
||||
<beans xmlns="http://www.springframework.org/schema/beans"
|
||||
xmlns:context="http://www.springframework.org/schema/context"
|
||||
xmlns:mvc="http://www.springframework.org/schema/mvc"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xmlns:p="http://www.springframework.org/schema/p"
|
||||
xmlns:util="http://www.springframework.org/schema/util"
|
||||
xsi:schemaLocation="
|
||||
http://www.springframework.org/schema/beans
|
||||
http://www.springframework.org/schema/beans/spring-beans.xsd
|
||||
http://www.springframework.org/schema/context
|
||||
http://www.springframework.org/schema/context/spring-context.xsd
|
||||
http://www.springframework.org/schema/util
|
||||
http://www.springframework.org/schema/util/spring-util.xsd
|
||||
http://www.springframework.org/schema/mvc
|
||||
http://www.springframework.org/schema/mvc/spring-mvc.xsd">
|
||||
|
||||
<!-- Single Sign On for application -->
|
||||
<context:component-scan base-package="org.maxkey.authz.endpoint" />
|
||||
<context:component-scan base-package="org.maxkey.authz.desktop.endpoint" />
|
||||
<context:component-scan base-package="org.maxkey.authz.exapi.endpoint" />
|
||||
<context:component-scan base-package="org.maxkey.authz.formbased.endpoint" />
|
||||
<context:component-scan base-package="org.maxkey.authz.ltpa.endpoint" />
|
||||
<context:component-scan base-package="org.maxkey.authz.token.endpoint" />
|
||||
|
||||
<import resource="maxkey-protocol-cas.xml"/>
|
||||
|
||||
<import resource="maxkey-protocol-saml.xml"/>
|
||||
|
||||
<import resource="maxkey-protocol-oauth2.0.xml"/>
|
||||
|
||||
|
||||
</beans>
|
||||
@ -1,149 +0,0 @@
|
||||
<?xml version="1.0" encoding="UTF-8" ?>
|
||||
<beans xmlns="http://www.springframework.org/schema/beans"
|
||||
xmlns:context="http://www.springframework.org/schema/context"
|
||||
xmlns:mvc="http://www.springframework.org/schema/mvc"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xmlns:p="http://www.springframework.org/schema/p"
|
||||
xmlns:util="http://www.springframework.org/schema/util"
|
||||
xsi:schemaLocation="
|
||||
http://www.springframework.org/schema/beans
|
||||
http://www.springframework.org/schema/beans/spring-beans.xsd
|
||||
http://www.springframework.org/schema/context
|
||||
http://www.springframework.org/schema/context/spring-context.xsd
|
||||
http://www.springframework.org/schema/util
|
||||
http://www.springframework.org/schema/util/spring-util.xsd
|
||||
http://www.springframework.org/schema/mvc
|
||||
http://www.springframework.org/schema/mvc/spring-mvc.xsd">
|
||||
|
||||
<!-- enable autowire -->
|
||||
<context:annotation-config />
|
||||
|
||||
<!-- language select must remove -->
|
||||
<mvc:annotation-driven />
|
||||
|
||||
<!-- web Controller InterceptorAdapter -->
|
||||
<mvc:interceptors>
|
||||
<!-- web Controller InterceptorAdapter for platform permission -->
|
||||
<mvc:interceptor>
|
||||
<!-- for permission -->
|
||||
<mvc:mapping path="/index*/**" />
|
||||
<mvc:mapping path="/logs*/**" />
|
||||
<mvc:mapping path="/userinfo*/**" />
|
||||
<mvc:mapping path="/profile*/**" />
|
||||
<mvc:mapping path="/safe*/**" />
|
||||
<mvc:mapping path="/historys*/**" />
|
||||
<mvc:mapping path="/appList*/**" />
|
||||
<bean class="org.maxkey.web.interceptor.PermissionAdapter" />
|
||||
</mvc:interceptor>
|
||||
<!-- web Controller InterceptorAdapter for platform log -->
|
||||
<mvc:interceptor>
|
||||
<mvc:mapping path="/users/*" />
|
||||
<mvc:mapping path="/userinfo/*" />
|
||||
<mvc:mapping path="/authInfo/*" />
|
||||
<mvc:mapping path="/retrievePassword/*"/>
|
||||
<bean class="org.maxkey.web.interceptor.HistoryLogsAdapter" />
|
||||
</mvc:interceptor>
|
||||
<!-- web Controller sso Adapter -->
|
||||
<mvc:interceptor>
|
||||
<mvc:mapping path="/authz/basic/*" />
|
||||
<mvc:mapping path="/authz/ltpa/*" />
|
||||
<mvc:mapping path="/authz/desktop/*" />
|
||||
<mvc:mapping path="/authz/formbased/*" />
|
||||
<mvc:mapping path="/authz/tokenbased/*"/>
|
||||
<mvc:mapping path="/authz/saml20/idpinit/*"/>
|
||||
<mvc:mapping path="/authz/saml20/assertion"/>
|
||||
<mvc:mapping path="/authz/cas/login"/>
|
||||
<mvc:mapping path="/authz/cas/granting"/>
|
||||
<bean class="org.maxkey.web.interceptor.PreLoginAppAdapter" />
|
||||
</mvc:interceptor>
|
||||
<!-- web Controller sso Adapter -->
|
||||
<mvc:interceptor>
|
||||
<mvc:mapping path="/authz/basic/*" />
|
||||
<mvc:mapping path="/authz/ltpa/*" />
|
||||
<mvc:mapping path="/authz/desktop/*" />
|
||||
<mvc:mapping path="/authz/formbased/*" />
|
||||
<mvc:mapping path="/authz/tokenbased/*"/>
|
||||
<mvc:mapping path="/authz/saml20/idpinit/*"/>
|
||||
<mvc:mapping path="/authz/saml20/assertion"/>
|
||||
<mvc:mapping path="/authz/cas/granting"/>
|
||||
<bean class="org.maxkey.web.interceptor.HistoryLoginAppAdapter" />
|
||||
</mvc:interceptor>
|
||||
|
||||
|
||||
<ref bean="localeChangeInterceptor" />
|
||||
</mvc:interceptors>
|
||||
|
||||
<bean id="remeberMeService" class="org.maxkey.authn.support.rememberme.InMemoryRemeberMeService">
|
||||
</bean>
|
||||
<!--
|
||||
<bean id="remeberMeService" class="org.maxkey.authn.support.rememberme.RedisRemeberMeService">
|
||||
<property name="connectionFactory" ref="redisConnectionFactory"></property>
|
||||
</bean>
|
||||
-->
|
||||
<bean id="tfaOptAuthn" class="org.maxkey.crypto.password.opt.impl.TimeBasedOtpAuthn">
|
||||
</bean>
|
||||
<!--
|
||||
<bean id="tfaOptAuthn" class="org.maxkey.crypto.password.opt.impl.sms.SmsOtpAuthnYunxin">
|
||||
</bean>
|
||||
-->
|
||||
|
||||
<!-- for Forgot Password -->
|
||||
<bean id="tfaMailOptAuthn" class="org.maxkey.crypto.password.opt.impl.MailOtpAuthn">
|
||||
</bean>
|
||||
|
||||
<bean id="tfaMobileOptAuthn" class="org.maxkey.crypto.password.opt.impl.sms.SmsOtpAuthnYunxin">
|
||||
</bean>
|
||||
|
||||
<!-- Authentication Password Encoder Config -->
|
||||
<bean id="passwordEncoder" class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder"></bean>
|
||||
|
||||
<!-- LDAP Realm
|
||||
<bean id="authenticationRealm" class="org.maxkey.web.authentication.realm.ldap.LdapAuthenticationRealm">
|
||||
<constructor-arg ref="jdbcTemplate"/>
|
||||
<property name="ldapServers">
|
||||
<list>
|
||||
<bean id="ldapServer1" class="org.maxkey.web.authentication.realm.ldap.LdapServer">
|
||||
<property name="ldapUtils">
|
||||
<bean id="ldapUtils" class="org.maxkey.ldap.LdapUtils">
|
||||
<property name="providerUrl" value="ldap://localhost:389"></property>
|
||||
<property name="principal" value="cn=root"></property>
|
||||
<property name="credentials" value="rootroot"></property>
|
||||
<property name="baseDN" value="dc=connsec,dc=com"></property>
|
||||
</bean>
|
||||
</property>
|
||||
<property name="filterAttribute" value="uid"></property>
|
||||
</bean>
|
||||
</list>
|
||||
</property>
|
||||
</bean> -->
|
||||
|
||||
<!-- Active Directory Realm
|
||||
<bean id="authenticationRealm" class="org.maxkey.web.authentication.realm.activedirectory.ActiveDirectoryAuthenticationRealm">
|
||||
<constructor-arg ref="jdbcTemplate"/>
|
||||
<property name="activeDirectoryServers">
|
||||
<list>
|
||||
<bean id="activeDirectory1" class="org.maxkey.web.authentication.realm.activedirectory.ActiveDirectoryServer">
|
||||
<property name="activeDirectoryUtils">
|
||||
<bean id="ldapUtils" class="org.maxkey.ldap.ActiveDirectoryUtils">
|
||||
<property name="providerUrl" value="ldap://localhost:389"></property>
|
||||
<property name="principal" value="cn=root"></property>
|
||||
<property name="credentials" value="rootroot"></property>
|
||||
<property name="domain" value="connsec"></property>
|
||||
</bean>
|
||||
</property>
|
||||
</bean>
|
||||
</list>
|
||||
</property>
|
||||
</bean> -->
|
||||
|
||||
<!-- Default Realm-->
|
||||
<!-- realm use jdbc -->
|
||||
<bean id="authenticationRealm" class="org.maxkey.authn.realm.jdbc.JdbcAuthenticationRealm">
|
||||
<constructor-arg ref="jdbcTemplate"/>
|
||||
</bean>
|
||||
|
||||
<mvc:annotation-driven />
|
||||
|
||||
<mvc:default-servlet-handler />
|
||||
|
||||
</beans>
|
||||
@ -1,36 +0,0 @@
|
||||
<?xml version="1.0" encoding="UTF-8" ?>
|
||||
<beans xmlns="http://www.springframework.org/schema/beans"
|
||||
xmlns:context="http://www.springframework.org/schema/context"
|
||||
xmlns:mvc="http://www.springframework.org/schema/mvc"
|
||||
xmlns:sec="http://www.springframework.org/schema/security"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xmlns:p="http://www.springframework.org/schema/p"
|
||||
xmlns:util="http://www.springframework.org/schema/util"
|
||||
xsi:schemaLocation="
|
||||
http://www.springframework.org/schema/beans
|
||||
http://www.springframework.org/schema/beans/spring-beans.xsd
|
||||
http://www.springframework.org/schema/context
|
||||
http://www.springframework.org/schema/context/spring-context.xsd
|
||||
http://www.springframework.org/schema/util
|
||||
http://www.springframework.org/schema/util/spring-util.xsd
|
||||
http://www.springframework.org/schema/mvc
|
||||
http://www.springframework.org/schema/mvc/spring-mvc.xsd
|
||||
http://www.springframework.org/schema/security
|
||||
http://www.springframework.org/schema/security/spring-security.xsd">
|
||||
|
||||
<!-- Authentication -->
|
||||
<import resource="maxkey-support-httpheader.xml"/>
|
||||
|
||||
<import resource="maxkey-support-basic.xml"/>
|
||||
|
||||
<import resource="maxkey-support-kerberos.xml"/>
|
||||
|
||||
<import resource="maxkey-support-social.xml"/>
|
||||
<!--
|
||||
<import resource="maxkey-support-wsfederation.xml"/>
|
||||
|
||||
|
||||
<import resource="maxkey-support-jwt.xml"/>
|
||||
-->
|
||||
|
||||
</beans>
|
||||
@ -1,23 +0,0 @@
|
||||
<?xml version="1.0" encoding="UTF-8" ?>
|
||||
<beans xmlns="http://www.springframework.org/schema/beans"
|
||||
xmlns:context="http://www.springframework.org/schema/context"
|
||||
xmlns:mvc="http://www.springframework.org/schema/mvc"
|
||||
xmlns:sec="http://www.springframework.org/schema/security"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xmlns:p="http://www.springframework.org/schema/p"
|
||||
xmlns:util="http://www.springframework.org/schema/util"
|
||||
xsi:schemaLocation="
|
||||
http://www.springframework.org/schema/beans
|
||||
http://www.springframework.org/schema/beans/spring-beans.xsd
|
||||
http://www.springframework.org/schema/context
|
||||
http://www.springframework.org/schema/context/spring-context.xsd
|
||||
http://www.springframework.org/schema/util
|
||||
http://www.springframework.org/schema/util/spring-util.xsd
|
||||
http://www.springframework.org/schema/mvc
|
||||
http://www.springframework.org/schema/mvc/spring-mvc.xsd
|
||||
http://www.springframework.org/schema/security
|
||||
http://www.springframework.org/schema/security/spring-security.xsd">
|
||||
|
||||
|
||||
|
||||
</beans>
|
||||
@ -17,28 +17,151 @@
|
||||
http://www.springframework.org/schema/util/spring-util.xsd
|
||||
http://www.springframework.org/schema/mvc
|
||||
http://www.springframework.org/schema/mvc/spring-mvc.xsd">
|
||||
|
||||
<!-- Scans the classpath for annotated components that will be auto-registered as Spring beans.
|
||||
@Controller and @Service. Make sure to set the correct base-package-->
|
||||
<context:component-scan base-package="org.maxkey.config" />
|
||||
<!-- domain bean -->
|
||||
<context:component-scan base-package="org.maxkey.domain" />
|
||||
<context:component-scan base-package="org.maxkey.domain.apps" />
|
||||
<context:component-scan base-package="org.maxkey.domain.userinfo" />
|
||||
<!-- REST API interface -->
|
||||
<context:component-scan base-package="org.maxkey.api.v1.contorller" />
|
||||
|
||||
<!-- Business Contorller -->
|
||||
<context:component-scan base-package="org.maxkey.web.endpoint" />
|
||||
<context:component-scan base-package="org.maxkey.web.contorller" />
|
||||
|
||||
|
||||
<!-- authn support -->
|
||||
<import resource="maxkey-support.xml"/>
|
||||
<!-- single sign on protocol -->
|
||||
<import resource="maxkey-protocol.xml"/>
|
||||
<!-- Scheduler task -->
|
||||
<import resource="maxkey-task.xml"/>
|
||||
<!-- Authentication -->
|
||||
<import resource="maxkey-support-httpheader.xml"/>
|
||||
<import resource="maxkey-support-basic.xml"/>
|
||||
<import resource="maxkey-support-kerberos.xml"/>
|
||||
<import resource="maxkey-support-social.xml"/>
|
||||
<!--
|
||||
<import resource="maxkey-support-wsfederation.xml"/>
|
||||
<import resource="maxkey-support-jwt.xml"/>
|
||||
-->
|
||||
|
||||
<!-- single sign on protocol -->
|
||||
<!-- Single Sign On for application -->
|
||||
<context:component-scan base-package="org.maxkey.authz.endpoint" />
|
||||
<context:component-scan base-package="org.maxkey.authz.desktop.endpoint" />
|
||||
<context:component-scan base-package="org.maxkey.authz.exapi.endpoint" />
|
||||
<context:component-scan base-package="org.maxkey.authz.formbased.endpoint" />
|
||||
<context:component-scan base-package="org.maxkey.authz.ltpa.endpoint" />
|
||||
<context:component-scan base-package="org.maxkey.authz.token.endpoint" />
|
||||
|
||||
<import resource="maxkey-protocol-cas.xml"/>
|
||||
<import resource="maxkey-protocol-saml.xml"/>
|
||||
<import resource="maxkey-protocol-oauth2.0.xml"/>
|
||||
|
||||
<!-- Basic Authn for user login -->
|
||||
<import resource="maxkey-security.xml"/>
|
||||
<!-- enable autowire -->
|
||||
<context:annotation-config />
|
||||
|
||||
<!-- language select must remove -->
|
||||
<mvc:annotation-driven />
|
||||
|
||||
<!-- web Controller InterceptorAdapter -->
|
||||
<mvc:interceptors>
|
||||
<!-- web Controller InterceptorAdapter for platform permission -->
|
||||
<mvc:interceptor>
|
||||
<!-- for permission -->
|
||||
<mvc:mapping path="/index*/**" />
|
||||
<mvc:mapping path="/logs*/**" />
|
||||
<mvc:mapping path="/userinfo*/**" />
|
||||
<mvc:mapping path="/profile*/**" />
|
||||
<mvc:mapping path="/safe*/**" />
|
||||
<mvc:mapping path="/historys*/**" />
|
||||
<mvc:mapping path="/appList*/**" />
|
||||
<bean class="org.maxkey.web.interceptor.PermissionAdapter" />
|
||||
</mvc:interceptor>
|
||||
<!-- web Controller InterceptorAdapter for platform log -->
|
||||
<mvc:interceptor>
|
||||
<mvc:mapping path="/users/*" />
|
||||
<mvc:mapping path="/userinfo/*" />
|
||||
<mvc:mapping path="/authInfo/*" />
|
||||
<mvc:mapping path="/retrievePassword/*"/>
|
||||
<bean class="org.maxkey.web.interceptor.HistoryLogsAdapter" />
|
||||
</mvc:interceptor>
|
||||
<!-- web Controller sso Adapter -->
|
||||
<mvc:interceptor>
|
||||
<mvc:mapping path="/authz/basic/*" />
|
||||
<mvc:mapping path="/authz/ltpa/*" />
|
||||
<mvc:mapping path="/authz/desktop/*" />
|
||||
<mvc:mapping path="/authz/formbased/*" />
|
||||
<mvc:mapping path="/authz/tokenbased/*"/>
|
||||
<mvc:mapping path="/authz/saml20/idpinit/*"/>
|
||||
<mvc:mapping path="/authz/saml20/assertion"/>
|
||||
<mvc:mapping path="/authz/cas/login"/>
|
||||
<mvc:mapping path="/authz/cas/granting"/>
|
||||
<bean class="org.maxkey.web.interceptor.PreLoginAppAdapter" />
|
||||
</mvc:interceptor>
|
||||
<!-- web Controller sso Adapter -->
|
||||
<mvc:interceptor>
|
||||
<mvc:mapping path="/authz/basic/*" />
|
||||
<mvc:mapping path="/authz/ltpa/*" />
|
||||
<mvc:mapping path="/authz/desktop/*" />
|
||||
<mvc:mapping path="/authz/formbased/*" />
|
||||
<mvc:mapping path="/authz/tokenbased/*"/>
|
||||
<mvc:mapping path="/authz/saml20/idpinit/*"/>
|
||||
<mvc:mapping path="/authz/saml20/assertion"/>
|
||||
<mvc:mapping path="/authz/cas/granting"/>
|
||||
<bean class="org.maxkey.web.interceptor.HistoryLoginAppAdapter" />
|
||||
</mvc:interceptor>
|
||||
|
||||
|
||||
<ref bean="localeChangeInterceptor" />
|
||||
</mvc:interceptors>
|
||||
|
||||
<bean id="tfaOptAuthn" class="org.maxkey.crypto.password.opt.impl.TimeBasedOtpAuthn">
|
||||
</bean>
|
||||
<!--
|
||||
<bean id="tfaOptAuthn" class="org.maxkey.crypto.password.opt.impl.sms.SmsOtpAuthnYunxin">
|
||||
</bean>
|
||||
-->
|
||||
|
||||
<!-- for Forgot Password -->
|
||||
<bean id="tfaMailOptAuthn" class="org.maxkey.crypto.password.opt.impl.MailOtpAuthn">
|
||||
</bean>
|
||||
|
||||
<bean id="tfaMobileOptAuthn" class="org.maxkey.crypto.password.opt.impl.sms.SmsOtpAuthnYunxin">
|
||||
</bean>
|
||||
|
||||
<!-- LDAP Realm
|
||||
<bean id="authenticationRealm" class="org.maxkey.web.authentication.realm.ldap.LdapAuthenticationRealm">
|
||||
<constructor-arg ref="jdbcTemplate"/>
|
||||
<property name="ldapServers">
|
||||
<list>
|
||||
<bean id="ldapServer1" class="org.maxkey.web.authentication.realm.ldap.LdapServer">
|
||||
<property name="ldapUtils">
|
||||
<bean id="ldapUtils" class="org.maxkey.ldap.LdapUtils">
|
||||
<property name="providerUrl" value="ldap://localhost:389"></property>
|
||||
<property name="principal" value="cn=root"></property>
|
||||
<property name="credentials" value="rootroot"></property>
|
||||
<property name="baseDN" value="dc=connsec,dc=com"></property>
|
||||
</bean>
|
||||
</property>
|
||||
<property name="filterAttribute" value="uid"></property>
|
||||
</bean>
|
||||
</list>
|
||||
</property>
|
||||
</bean> -->
|
||||
|
||||
<!-- Active Directory Realm
|
||||
<bean id="authenticationRealm" class="org.maxkey.web.authentication.realm.activedirectory.ActiveDirectoryAuthenticationRealm">
|
||||
<constructor-arg ref="jdbcTemplate"/>
|
||||
<property name="activeDirectoryServers">
|
||||
<list>
|
||||
<bean id="activeDirectory1" class="org.maxkey.web.authentication.realm.activedirectory.ActiveDirectoryServer">
|
||||
<property name="activeDirectoryUtils">
|
||||
<bean id="ldapUtils" class="org.maxkey.ldap.ActiveDirectoryUtils">
|
||||
<property name="providerUrl" value="ldap://localhost:389"></property>
|
||||
<property name="principal" value="cn=root"></property>
|
||||
<property name="credentials" value="rootroot"></property>
|
||||
<property name="domain" value="connsec"></property>
|
||||
</bean>
|
||||
</property>
|
||||
</bean>
|
||||
</list>
|
||||
</property>
|
||||
</bean> -->
|
||||
|
||||
<!-- Default Realm-->
|
||||
<!-- realm use jdbc -->
|
||||
<bean id="authenticationRealm" class="org.maxkey.authn.realm.jdbc.JdbcAuthenticationRealm">
|
||||
<constructor-arg ref="jdbcTemplate"/>
|
||||
</bean>
|
||||
|
||||
<mvc:annotation-driven />
|
||||
|
||||
<mvc:default-servlet-handler />
|
||||
|
||||
</beans>
|
||||
Loading…
x
Reference in New Issue
Block a user