#EC-HJ-3# 登录filter优化

3 years ago · a264ace576
parent b992be4749
commit a264ace576
2 changed files with 40 additions and 12 deletions
--- a/src/weaver/interfaces/filter/PortalLoginBeforeFilter.java
+++ b/src/weaver/interfaces/filter/PortalLoginBeforeFilter.java
@ -43,24 +43,28 @@ public class PortalLoginBeforeFilter implements Filter

 		boolean isExcludedPage = false;
 		String requestURL = request.getRequestURL().toString();
+		bb.writeLog("bpmHostList:"+bpmHostList.size());
 		if(!bpmHostList.isEmpty()){
 			for(String bpm_host_val : bpmHostList){
+				bb.writeLog("bpm_host_val:"+bpm_host_val);
 				if(requestURL.contains(bpm_host_val)){
 					isExcludedPage = true;
 				}
 			}
 		}

+		String getRequestURI = request.getRequestURI();
 		if(!isExcludedPage){
 			//请求地址
-			String getRequestURI = request.getRequestURI();
 			String path_lowerCase = getRequestURI.toLowerCase();
-			if (path_lowerCase.endsWith(".cur") || path_lowerCase.endsWith(".ico") || path_lowerCase.endsWith(".css") || path_lowerCase.endsWith(".htm") || path_lowerCase.endsWith(".js") || path_lowerCase.endsWith(".html") || path_lowerCase.endsWith(".png") || path_lowerCase.endsWith(".jpg") || path_lowerCase.endsWith(".gif")) {
+			if (path_lowerCase.endsWith(".cur") || path_lowerCase.endsWith(".ico") || path_lowerCase.endsWith(".css") || path_lowerCase.endsWith(".htm") || path_lowerCase.endsWith(".png") || path_lowerCase.endsWith(".jpg") || path_lowerCase.endsWith(".gif")) {
 				// 如果发现是css或者js文件，直接放行
 				isExcludedPage = true;
 			}
 		}

+		bb.writeLog("getRequestURI:"+getRequestURI+" isExcludedPage:"+isExcludedPage);
+
 		if(!isExcludedPage)
 		{
 			User loginuser = (User) request.getSession(true).getAttribute("weaver_user@bean");
--- a/src/weaver/interfaces/filter/PortalLoginFilter.java
+++ b/src/weaver/interfaces/filter/PortalLoginFilter.java
@ -82,7 +82,6 @@ public class PortalLoginFilter implements Filter
 				bpmHostList.add(bpm_host_arr[i]);
 			}
 		}
-
 	}

 	@Override
@ -134,10 +133,11 @@ public class PortalLoginFilter implements Filter

 		if(!isExcludedPage)
 		{
+			bb.writeLog("getRequestURI:"+getRequestURI+"  isExcludedPage:"+isExcludedPage);
 			User loginuser = (User) request.getSession(true).getAttribute("weaver_user@bean");
 			if (loginuser == null)
 			{
-				bb.writeLog("getRequestURI:"+getRequestURI+"  isExcludedPage:"+isExcludedPage);
+				bb.writeLog("loginuser is null");
 				String uid = "" ;
 				String cookies = request.getHeader("cookie");
 				if(!"".equals(cookies))
@ -165,7 +165,7 @@ public class PortalLoginFilter implements Filter

 				if(StringUtils.isNotEmpty(uid))
 				{
-					bb.writeLog("url:"+portal_user_auth);
+					bb.writeLog("portal_user_auth:"+portal_user_auth);
 					//String url = "http://172.16.25.133/portal-web/user/current" ;
 					HttpRequestUtil HttpRequestUtil = new HttpRequestUtil();
 					Map<String,String> headMap = new HashMap<String,String>();
@ -178,7 +178,8 @@ public class PortalLoginFilter implements Filter
 						{
 							JSONObject resultObject = jsonObject.getJSONObject("resultObject");
 							String staffCode = resultObject.getString("staffCode");
-							if(!"".equals(staffCode)){
+							if(StringUtils.isNotEmpty(staffCode))
+							{
 								User user_new = null;
 								String sql = "" ;
 								if("admin".equals(staffCode)){
@ -235,7 +236,27 @@ public class PortalLoginFilter implements Filter
 									request.getSession(true).setMaxInactiveInterval(60 * 60 * 24);
 									request.getSession(true).setAttribute("weaver_user@bean", user_new);
 								}
+							}else{
+								response.setHeader("Access-Control-Allow-Origin", "*"); //解决跨域访问报错
+								response.setHeader("Access-Control-Allow-Methods", "POST, PUT, GET, OPTIONS, DELETE");
+								response.setHeader("Access-Control-Max-Age", "3600"); //设置过期时间
+								response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, client_id, uuid, Authorization");
+								response.setHeader("Cache-Control", "no-cache, no-store, must-revalidate"); // 支持HTTP 1.1.
+								response.setHeader("Pragma", "no-cache"); // 支持HTTP 1.0. response.setHeader("Expires", "0");
+
+								response.sendRedirect(portal_homepage);
+								return;
 							}
+						}else{
+							response.setHeader("Access-Control-Allow-Origin", "*"); //解决跨域访问报错
+							response.setHeader("Access-Control-Allow-Methods", "POST, PUT, GET, OPTIONS, DELETE");
+							response.setHeader("Access-Control-Max-Age", "3600"); //设置过期时间
+							response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, client_id, uuid, Authorization");
+							response.setHeader("Cache-Control", "no-cache, no-store, must-revalidate"); // 支持HTTP 1.1.
+							response.setHeader("Pragma", "no-cache"); // 支持HTTP 1.0. response.setHeader("Expires", "0");
+
+							response.sendRedirect(portal_homepage);
+							return;
 						}
 					}else{
 						response.setHeader("Access-Control-Allow-Origin", "*"); //解决跨域访问报错
@ -244,16 +265,19 @@ public class PortalLoginFilter implements Filter
 						response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, client_id, uuid, Authorization");
 						response.setHeader("Cache-Control", "no-cache, no-store, must-revalidate"); // 支持HTTP 1.1.
 						response.setHeader("Pragma", "no-cache"); // 支持HTTP 1.0. response.setHeader("Expires", "0");
+
 						response.sendRedirect(portal_homepage);
 						return;
 					}
 				}else{
-//					response.setHeader("Access-Control-Allow-Origin", "*"); //解决跨域访问报错
-//					response.setHeader("Access-Control-Allow-Methods", "POST, PUT, GET, OPTIONS, DELETE");
-//					response.setHeader("Access-Control-Max-Age", "3600"); //设置过期时间
-//					response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, client_id, uuid, Authorization");
-//					response.setHeader("Cache-Control", "no-cache, no-store, must-revalidate"); // 支持HTTP 1.1.
-//					response.setHeader("Pragma", "no-cache"); // 支持HTTP 1.0. response.setHeader("Expires", "0");
+
+					bb.writeLog("uid-- is null");
+					response.setHeader("Access-Control-Allow-Origin", "*"); //解决跨域访问报错
+					response.setHeader("Access-Control-Allow-Methods", "POST, PUT, GET, OPTIONS, DELETE");
+					response.setHeader("Access-Control-Max-Age", "3600"); //设置过期时间
+					response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, client_id, uuid, Authorization");
+					response.setHeader("Cache-Control", "no-cache, no-store, must-revalidate"); // 支持HTTP 1.1.
+					response.setHeader("Pragma", "no-cache"); // 支持HTTP 1.0. response.setHeader("Expires", "0");

 					response.sendRedirect(portal_homepage);
 					return;