shilei
/
haojing
1
1
Fork 0
Code Issues 1 Pull Requests Packages Projects Releases Wiki Activity

#EC_HJ3# 优化登录拦截filter

Browse Source
dev
shilei 3 years ago
parent 1d0118db4a
commit b992be4749
4 changed files with 209 additions and 183 deletions
Show Stats Download Patch File Download Diff File

25
.gitignore vendored
Unescape Escape View File

@ -0,0 +1,25 @@
# ---> Java
# Compiled class file
*.class
# Log file
*.log
# BlueJ files
*.ctxt
# Mobile Tools for Java (J2ME)
.mtj.tmp/
# Package Files #
*.war
*.nar
*.ear
*.zip
*.tar.gz
*.rar
# virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml
hs_err_pid*
replay_pid*

3
WEB-INF/prop/PORTAL_INFO.properties
Unescape Escape View File

@ -36,3 +36,6 @@ bpm_workflowurl = http://172.16.25.133/bpm
## 门户待办类型
center = MCCM
bpm_host_array = 10.10.192.187

42
src/weaver/interfaces/filter/PortalLoginBeforeFilter.java
Unescape Escape View File

@ -18,10 +18,18 @@ import java.util.Map;
public class PortalLoginBeforeFilter implements Filter
{
private List<String> bpmHostList = new ArrayList<String>();
@Override
public void init(FilterConfig filterConfig) throws ServletException {
BaseBean bb = new BaseBean();
String bpm_host_array = bb.getPropValue("PORTAL_INFO","bpm_host_array");
if(!"".equals(bpm_host_array))
{
String[] bpm_host_arr = bpm_host_array.split(";");
for(int i=0;i<bpm_host_arr.length;i++){
bpmHostList.add(bpm_host_arr[i]);
}
}
}
@Override
@ -33,17 +41,34 @@ public class PortalLoginBeforeFilter implements Filter
HttpServletRequest request = (HttpServletRequest)servletRequest;
HttpServletResponse response = (HttpServletResponse)servletResponse;
// String ipAddress = request.getRequestURL().toString(); //先从nginx自定义配置获取可能unknown
// if(ipAddress.contains("10.10.192.187")){
// //bb.writeLog("10.10.192.187");
// }else{
boolean isExcludedPage = false;
String requestURL = request.getRequestURL().toString();
if(!bpmHostList.isEmpty()){
for(String bpm_host_val : bpmHostList){
if(requestURL.contains(bpm_host_val)){
isExcludedPage = true;
}
}
}
if(!isExcludedPage){
//请求地址
String getRequestURI = request.getRequestURI();
String path_lowerCase = getRequestURI.toLowerCase();
if (path_lowerCase.endsWith(".cur") || path_lowerCase.endsWith(".ico") || path_lowerCase.endsWith(".css") || path_lowerCase.endsWith(".htm") || path_lowerCase.endsWith(".js") || path_lowerCase.endsWith(".html") || path_lowerCase.endsWith(".png") || path_lowerCase.endsWith(".jpg") || path_lowerCase.endsWith(".gif")) {
// 如果发现是css或者js文件直接放行
isExcludedPage = true;
}
}
if(!isExcludedPage)
{
User loginuser = (User) request.getSession(true).getAttribute("weaver_user@bean");
if (loginuser == null)
{
String uid = "" ;
String cookies = request.getHeader("cookie");
if(!"".equals(cookies))
if(StringUtils.isNotEmpty(cookies))
{
String[] cookievals = cookies.split(";");
for(int i=0;i<cookievals.length;i++)
@ -60,7 +85,6 @@ public class PortalLoginBeforeFilter implements Filter
}
}
//ecology=BA0A2738FBB4C7664CEECCC8B0CF408B; HTML_VERSION=1603079097996;
// ZSMART_LOCALE=en; SESSION=4e101591-da0e-4425-b035-ffe684f85bca;
// areaId=731; userId=1; orgId=1;
@ -147,7 +171,7 @@ public class PortalLoginBeforeFilter implements Filter
}
}
}
// }
}
filterChain.doFilter(request, response);
}

108
src/weaver/interfaces/filter/PortalLoginFilter.java
Unescape Escape View File

@ -3,6 +3,7 @@ package weaver.interfaces.filter;
import com.alibaba.fastjson.JSONObject;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.dubbo.common.utils.StringUtils;
import weaver.conn.RecordSet;
import weaver.general.BaseBean;
import weaver.general.Util;
@ -22,7 +23,10 @@ public class PortalLoginFilter implements Filter
private List<String> uncheckurl_list = new ArrayList<String>();
private List<String> uncheck_sessionurl_list = new ArrayList<String>();
private List<String> uncheck_sessionurl_custom_list = new ArrayList<String>();
private List<String> bpmHostList = new ArrayList<String>();
private String path = "/bpm" ;
private String portal_homepage = "" ;
private String portal_user_auth = "" ;
@Override
public void init(FilterConfig filterConfig) throws ServletException {
@ -30,9 +34,11 @@ public class PortalLoginFilter implements Filter
this.application = filterConfig.getServletContext();
BaseBean bb = new BaseBean();
portal_homepage = bb.getPropValue("PORTAL_INFO","portal_homepage");
portal_user_auth = bb.getPropValue("PORTAL_INFO","portal_user_auth");
String uncheck_init = bb.getPropValue("weaver_session_filter","uncheckurl");
if(!"".equals(uncheck_init)){
String[] uncheck_url_arr = uncheck_init.split(";");
for(int i=0;i<uncheck_url_arr.length;i++){
if(uncheck_url_arr[i].startsWith(path)){
@ -42,6 +48,7 @@ public class PortalLoginFilter implements Filter
}
}
}
String uncheck_session_init = bb.getPropValue("weaver_session_filter","unchecksessionurl");
if(!"".equals(uncheck_session_init)){
String[] uncheck_session_url_arr = uncheck_session_init.split(";");
@ -67,6 +74,15 @@ public class PortalLoginFilter implements Filter
}
}
String bpm_host_array = bb.getPropValue("PORTAL_INFO","bpm_host_array");
if(!"".equals(bpm_host_array))
{
String[] bpm_host_arr = bpm_host_array.split(";");
for(int i=0;i<bpm_host_arr.length;i++){
bpmHostList.add(bpm_host_arr[i]);
}
}
}
@Override
@ -78,21 +94,23 @@ public class PortalLoginFilter implements Filter
HttpServletRequest request = (HttpServletRequest)servletRequest;
HttpServletResponse response = (HttpServletResponse)servletResponse;
String ipAddress = request.getRequestURL().toString(); //先从nginx自定义配置获取可能unknown
//bb.writeLog("ipAddress1:"+ipAddress);
// if(ipAddress.contains("10.10.192.187")){
// //bb.writeLog("10.10.192.187");
// }else{
String portal_homepage = bb.getPropValue("PORTAL_INFO","portal_homepage");
boolean isExcludedPage = false;
String getRequestURI = request.getRequestURI(); //请求地址
String requestURL = request.getRequestURL().toString();
if(!bpmHostList.isEmpty()){
for(String bpm_host_val : bpmHostList){
if(requestURL.contains(bpm_host_val)){
isExcludedPage = true;
}
}
}
String getRequestURI = request.getRequestURI();
if(!isExcludedPage){
String path_lowerCase = getRequestURI.toLowerCase();
if (path_lowerCase.endsWith(".cur") || path_lowerCase.endsWith(".ico") || path_lowerCase.endsWith(".css") || path_lowerCase.endsWith(".htm") || path_lowerCase.endsWith(".js") || path_lowerCase.endsWith(".html") || path_lowerCase.endsWith(".png") || path_lowerCase.endsWith(".jpg") || path_lowerCase.endsWith(".gif")) {
// 如果发现是css或者js文件直接放行
isExcludedPage = true;
}
}
if(!isExcludedPage)
{
@ -107,7 +125,6 @@ public class PortalLoginFilter implements Filter
}
}
if(!isExcludedPage)
{
if(uncheck_sessionurl_custom_list.contains(getRequestURI) || uncheck_sessionurl_custom_list.contains(path+"/"+getRequestURI)){
@ -115,13 +132,12 @@ public class PortalLoginFilter implements Filter
}
}
bb.writeLog("getRequestURI:"+getRequestURI+" isExcludedPage:"+isExcludedPage);
if(!isExcludedPage){
if(!isExcludedPage)
{
User loginuser = (User) request.getSession(true).getAttribute("weaver_user@bean");
if (loginuser == null)
{
bb.writeLog("getRequestURI:"+getRequestURI+" isExcludedPage:"+isExcludedPage);
String uid = "" ;
String cookies = request.getHeader("cookie");
if(!"".equals(cookies))
@ -147,17 +163,14 @@ public class PortalLoginFilter implements Filter
// CLOUD_APP_NAME=dbeptest7_pot-uportal-core;
// CLOUD_APP_ID=44074
if(!"null".equals(uid) && uid !=null && !"".equals(uid) && uid !="")
if(StringUtils.isNotEmpty(uid))
{
try{
String url = bb.getPropValue("PORTAL_INFO","portal_user_auth");
bb.writeLog("url:"+url);
bb.writeLog("url:"+portal_user_auth);
//String url = "http://172.16.25.133/portal-web/user/current" ;
HttpRequestUtil HttpRequestUtil = new HttpRequestUtil();
Map<String,String> headMap = new HashMap<String,String>();
headMap.put("Cookie","SESSION="+uid);
String msg = HttpRequestUtil.httpGet1(url,headMap,"UTF-8");
String msg = HttpRequestUtil.httpGet1(portal_user_auth,headMap,"UTF-8");
if(!"".equals(msg))
{
JSONObject jsonObject = JSONObject.parseObject(msg);
@ -221,71 +234,32 @@ public class PortalLoginFilter implements Filter
user_new.setLoginip(request.getRemoteAddr());
request.getSession(true).setMaxInactiveInterval(60 * 60 * 24);
request.getSession(true).setAttribute("weaver_user@bean", user_new);
}else{
response.setHeader("Access-Control-Allow-Origin", "*"); //解决跨域访问报错
response.setHeader("Access-Control-Allow-Methods", "POST, PUT, GET, OPTIONS, DELETE");
response.setHeader("Access-Control-Max-Age", "3600"); //设置过期时间
response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, client_id, uuid, Authorization");
response.setHeader("Cache-Control", "no-cache, no-store, must-revalidate"); // 支持HTTP 1.1.
response.setHeader("Pragma", "no-cache"); // 支持HTTP 1.0. response.setHeader("Expires", "0");
response.sendRedirect(portal_homepage);
return;
}
}else{
response.setHeader("Access-Control-Allow-Origin", "*"); //解决跨域访问报错
response.setHeader("Access-Control-Allow-Methods", "POST, PUT, GET, OPTIONS, DELETE");
response.setHeader("Access-Control-Max-Age", "3600"); //设置过期时间
response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, client_id, uuid, Authorization");
response.setHeader("Cache-Control", "no-cache, no-store, must-revalidate"); // 支持HTTP 1.1.
response.setHeader("Pragma", "no-cache"); // 支持HTTP 1.0. response.setHeader("Expires", "0");
response.sendRedirect(portal_homepage);
return;
}
}else{
response.setHeader("Access-Control-Allow-Origin", "*"); //解决跨域访问报错
response.setHeader("Access-Control-Allow-Methods", "POST, PUT, GET, OPTIONS, DELETE");
response.setHeader("Access-Control-Max-Age", "3600"); //设置过期时间
response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, client_id, uuid, Authorization");
response.setHeader("Cache-Control", "no-cache, no-store, must-revalidate"); // 支持HTTP 1.1.
response.setHeader("Pragma", "no-cache"); // 支持HTTP 1.0. response.setHeader("Expires", "0");
response.sendRedirect(portal_homepage);
return;
}
}else{
response.setHeader("Access-Control-Allow-Origin", "*"); //解决跨域访问报错
response.setHeader("Access-Control-Allow-Methods", "POST, PUT, GET, OPTIONS, DELETE");
response.setHeader("Access-Control-Max-Age", "3600"); //设置过期时间
response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, client_id, uuid, Authorization");
response.setHeader("Cache-Control", "no-cache, no-store, must-revalidate"); // 支持HTTP 1.1.
response.setHeader("Pragma", "no-cache"); // 支持HTTP 1.0. response.setHeader("Expires", "0");
response.sendRedirect(portal_homepage);
return;
}
}catch (Exception e3){
bb.writeLog("e---2:"+e3);
}
}else{
// response.setHeader("Access-Control-Allow-Origin", "*"); //解决跨域访问报错
// response.setHeader("Access-Control-Allow-Methods", "POST, PUT, GET, OPTIONS, DELETE");
// response.setHeader("Access-Control-Max-Age", "3600"); //设置过期时间
// response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, client_id, uuid, Authorization");
// response.setHeader("Cache-Control", "no-cache, no-store, must-revalidate"); // 支持HTTP 1.1.
// response.setHeader("Pragma", "no-cache"); // 支持HTTP 1.0. response.setHeader("Expires", "0");
response.setHeader("Access-Control-Allow-Origin", "*"); //解决跨域访问报错
response.setHeader("Access-Control-Allow-Methods", "POST, PUT, GET, OPTIONS, DELETE");
response.setHeader("Access-Control-Max-Age", "3600"); //设置过期时间
response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, client_id, uuid, Authorization");
response.setHeader("Cache-Control", "no-cache, no-store, must-revalidate"); // 支持HTTP 1.1.
response.setHeader("Pragma", "no-cache"); // 支持HTTP 1.0. response.setHeader("Expires", "0");
String url = portal_homepage;
response.sendRedirect(url);
response.sendRedirect(portal_homepage);
return;
}
}
}
// }
filterChain.doFilter(request, response);
}

Write Preview
Loading…
Cancel
Save