diff --git a/ReleaseNotes.txt b/ReleaseNotes.txt
index 8ec59445a0211d9746070f1ba5e20a9715af9868..628c6def82f307d2a4925c9661cf78b57f69f08d 100644
--- a/ReleaseNotes.txt
+++ b/ReleaseNotes.txt
@@ -1,5 +1,5 @@
MaxKey v 2.0.0 GA 2020/07/**
- *(MAXKEY-200601) RBAC 基于角色的访问控制(Role-Based Access Control )支持
+ *(MAXKEY-200601) RBAC 基于角色的访问控制(Role-Based Access Control)支持
*(MAXKEY-200602) xml配置改为Spring annotation,提升模块间的组件化
*(MAXKEY-200603) 管理MGT界面优化及增加菜单图标,认证Maxkey主题切换支持-黑色经典|薄荷清新|激情紫荆
*(MAXKEY-200604) 修复用户组访问权限删除问题
@@ -15,7 +15,9 @@
*(MAXKEY-200614) OAuth2 secret修改后登陆错误修复
*(MAXKEY-200615) CAS单点登陆后进行验证空指针的异常处理,原因权限调整
*(MAXKEY-200616) LINUX操作系统支持
- *(MAXKEY-200617) 依赖jar升级,消除非必要依赖
+ *(MAXKEY-200617) 修改测试域名为sso.maxkey.top
+ *(MAXKEY-200618) 修复更新应用时状态问题
+ *(MAXKEY-200619) 依赖jar升级,消除非必要依赖
spring 5.2.7.RELEASE
springBoot 2.3.1.RELEASE
springSecurity 5.3.2.RELEASE
diff --git a/docs/tutorial.md b/docs/tutorial.md
index 6f0d257f63f390308414fccb618b8363f6c0a73f..05f4478a99b1535ecadf6da4bc83a4059e32f65c 100644
--- a/docs/tutorial.md
+++ b/docs/tutorial.md
@@ -8,10 +8,10 @@ C:\Windows\System32\drivers\etc
新增如下内容
-127.0.0.1 sso.maxkey.org
-127.0.0.1 tokenbased.demo.maxkey.org
-127.0.0.1 cas.demo.maxkey.org
-127.0.0.1 oauth.demo.maxkey.org
+127.0.0.1 sso.maxkey.top
+127.0.0.1 tokenbased.demo.maxkey.top
+127.0.0.1 cas.demo.maxkey.top
+127.0.0.1 oauth.demo.maxkey.top
应用服务启动
@@ -42,13 +42,13 @@ start_maxkey_wiki.bat
- 1 | 认证平台 | http://sso.maxkey.org/maxkey/login |
+ 1 | 认证平台 | http://sso.maxkey.top/maxkey/login |
- 2 | 管理平台 | http://sso.maxkey.org:9521/maxkey-mgt/login |
+ 2 | 管理平台 | http://sso.maxkey.top:9521/maxkey-mgt/login |
- 3 | 集成指南 | http://sso.maxkey.org:8080/wiki |
+ 3 | 集成指南 | http://sso.maxkey.top:8080/wiki |
4 | 账户密码 | admin/admin |
diff --git a/maxkey-dao/src/test/resources/application.properties b/maxkey-dao/src/test/resources/application.properties
new file mode 100644
index 0000000000000000000000000000000000000000..a8abd08a70321447cb84e69755404c74964e02cc
--- /dev/null
+++ b/maxkey-dao/src/test/resources/application.properties
@@ -0,0 +1,92 @@
+#spring.profiles.active=dev
+#application
+application.title=MaxKey
+application.name=MaxKey
+application.formatted-version=v2.0.0 GA
+#server config
+#spring.profiles.active=dev
+#server port
+#server.port=80
+server.port=443
+#ssl
+server.ssl.key-store=maxkeyserver.keystore
+server.ssl.key-alias=maxkey
+server.ssl.enabled=true
+server.ssl.key-store-password=maxkey
+server.ssl.key-store-type=JKS
+#web app context path
+server.servlet.context-path=/maxkey
+spring.servlet.multipart.enabled=true
+spring.servlet.multipart.max-file-size=4194304
+#encoding
+#server.servlet.encoding.charset=UTF-8
+#server.servlet.encoding.enabled=true
+#server.servlet.encoding.force=true
+#datasource
+spring.datasource.username=root
+spring.datasource.password=maxkey
+spring.datasource.url=jdbc:mysql://localhost/maxkey?autoReconnect=true&characterEncoding=UTF-8
+spring.datasource.driver-class-name=com.mysql.jdbc.Driver
+spring.datasource.type=com.alibaba.druid.pool.DruidDataSource
+#mybatis
+mybatis.type-aliases-package=org.maxkey.domain,org.maxkey.domain.apps,
+mybatis.mapper-locations=classpath*:/org/maxkey/dao/persistence/xml/mysql/*.xml
+#redis
+spring.redis.host=127.0.0.1
+spring.redis.port=6379
+spring.redis.password=password
+spring.redis.timeout=10000
+spring.redis.jedis.pool.max-wait=1000
+spring.redis.jedis.pool.max-idle=200
+spring.redis.lettuce.pool.max-active=-1
+spring.redis.lettuce.pool.min-idle=0
+#mail
+spring.mail.default-encoding=utf-8
+spring.mail.host=smtp.163.com
+spring.mail.port=465
+spring.mail.username=maxkey@163.com
+spring.mail.password=password
+spring.mail.protocol=smtp
+spring.mail.properties.ssl=true
+spring.mail.properties.sender=maxkey@163.com
+spring.mail.properties.mailotp.message.subject=MaxKey One Time PassWord
+spring.mail.properties.mailotp.message.template={0} You Token is {1} , it validity in {2} minutes.
+#for freemarker
+spring.freemarker.template-loader-path=classpath:/templates/views
+spring.freemarker.cache=false
+spring.freemarker.charset=UTF-8
+spring.freemarker.check-template-location=true
+spring.freemarker.content-type=text/html
+spring.freemarker.expose-request-attributes=false
+spring.freemarker.expose-session-attributes=false
+spring.freemarker.request-context-attribute=request
+spring.freemarker.suffix=.ftl
+#static resources
+spring.mvc.static-path-pattern=/static/**
+spring.messages.basename=classpath:messages/message
+spring.messages.encoding=UTF-8
+#main
+spring.main.banner-mode=log
+spring.main.allow-bean-definition-overriding=true
+
+###########【Kafka集群】###########
+spring.kafka.bootstrap-servers=localhost:9092
+###########【初始化生产者配置】###########
+# 重试次数
+spring.kafka.producer.retries=0
+# 应答级别:多少个分区副本备份完成时向生产者发送ack确认(可选0、1、all/-1)
+spring.kafka.producer.acks=1
+# 批量大小
+spring.kafka.producer.batch-size=16384
+# 提交延时
+spring.kafka.producer.properties.linger.ms=0
+# 当生产端积累的消息达到batch-size或接收到消息linger.ms后,生产者就会将消息提交给kafka
+# linger.ms为0表示每接收到一条消息就提交给kafka,这时候batch-size其实就没用了
+
+# 生产端缓冲区大小
+spring.kafka.producer.buffer-memory = 33554432
+# Kafka提供的序列化和反序列化类
+spring.kafka.producer.key-serializer=org.apache.kafka.common.serialization.StringSerializer
+spring.kafka.producer.value-serializer=org.apache.kafka.common.serialization.StringSerializer
+# 自定义分区器
+# spring.kafka.producer.properties.partitioner.class=com.felix.kafka.producer.CustomizePartitioner
diff --git a/maxkey-dao/src/test/resources/config/applicationConfig.properties b/maxkey-dao/src/test/resources/config/applicationConfig.properties
deleted file mode 100644
index bb822a3fbf0c3d0364fc2331ab50178de515ad41..0000000000000000000000000000000000000000
--- a/maxkey-dao/src/test/resources/config/applicationConfig.properties
+++ /dev/null
@@ -1,29 +0,0 @@
-############################################################################
-# DataBase configuration
-############################################################################
-#db2,derby,mysql,oracle,postgresql,sqlserver
-config.datasource.database=mysql
-# JDBC Driver
-# for MySql com.mysql.jdbc.Driver
-# for oracle oracle.jdbc.driver.OracleDriver
-# for DB2 com.ibm.db2.jdbc.app.DB2Driver
-# com.ibm.db2.jcc.DB2Driver
-# for SqlServer com.microsoft.jdbc.sqlserver.SQLServerDriver
-# for SyBase com.sybase.jdbc.SybDriver
-# for PostgreSQL org.postgresql.Driver
-# for Derby org.apache.derby.jdbc.ClientDriver
-# JDBC URL
-# you need database hostname,port,databasename
-# for MySql jdbc:mysql://hostname:port/secdb
-# for oracle jdbc:oracle:thin:@hostname:port:secdb
-# for DB2 jdbc:db2://hostname:port/secdb
-# for SqlServer jdbc:microsoft:sqlserver://hostname:port;DatabaseName=secdb
-# for SyBase jdbc:sybase:Tds:hostname:port/secdb
-# for Derby jdbc:derby://localhost:1527/secdb
-#
-config.datasource.driverclass=com.mysql.jdbc.Driver
-config.datasource.url=jdbc:mysql://localhost/maxkey?autoReconnect=true&characterEncoding=UTF-8
-config.datasource.username=root
-config.datasource.password=maxkey
-
-############################################################################
\ No newline at end of file
diff --git a/maxkey-dao/src/test/resources/maxkey.properties b/maxkey-dao/src/test/resources/maxkey.properties
new file mode 100644
index 0000000000000000000000000000000000000000..14c2148b035b7090b37ed12f1dbbe2815f70acc9
--- /dev/null
+++ b/maxkey-dao/src/test/resources/maxkey.properties
@@ -0,0 +1,218 @@
+############################################################################
+# MaxKey
+############################################################################
+# domain name configuration
+config.server.domain=maxkey.top
+config.server.domain.sub=sso.${config.server.domain}
+config.server.name=http://${config.server.domain.sub}
+config.server.prefix.uri=${config.server.name}/maxkey
+#default.uri
+config.server.default.uri=${config.server.prefix.uri}/maxkey/appList
+config.server.management.uri=${config.server.name}:9521/maxkey-mgt/login
+#InMemory 0 , jdbc 1, Redis 2
+config.server.persistence=0
+#identity
+config.identity.kafkasupport=false
+
+config.app.issuer=CN=ConSec,CN=COM,CN=SH
+############################################################################
+# Login configuration
+#enable captcha
+config.login.captcha=true
+#text or arithmetic
+config.login.captcha.type=text
+#enable two factor,use one time password
+config.login.mfa=true
+#TimeBasedOtpAuthn MailOtpAuthn SmsOtpAuthnYunxin SmsOtpAuthnAliyun SmsOtpAuthnTencentCloud
+config.login.mfa.type=TimeBasedOtpAuthn
+#enable social sign on
+config.login.socialsignon=true
+#social sign on providers
+config.login.socialsignon.providers=sinaweibo,google,qq,dingtalk,microsoft,facebook
+#Enable kerberos/SPNEGO
+config.login.kerberos=true
+#wsFederation
+config.login.wsfederation=false
+#remeberme
+config.login.remeberme=true
+#validity
+config.login.remeberme.validity=0
+
+#to default application web site
+config.login.default.uri=appList
+
+config.ipaddress.whitelist=false
+
+#SmsOtpAuthnYunxin SmsOtpAuthnAliyun SmsOtpAuthnTencentCloud
+config.otp.sms=SmsOtpAuthnYunxin
+
+config.otp.sms.aliyun.accesskeyid=94395d754eb55693043f5d6a2b772ef4
+config.otp.sms.aliyun.accesssecret=05d5485357bc
+config.otp.sms.aliyun.templatecode=14860095
+config.otp.sms.aliyun.signname=maxkey
+
+config.otp.sms.yunxin.appkey=94395d754eb55693043f5d6a2b772ef4
+config.otp.sms.yunxin.appsecret=05d5485357bc
+config.otp.sms.yunxin.templateid=14860095
+
+config.otp.sms.tencentcloud.secretid=94395d754eb55693043f5d6a2b772ef4
+config.otp.sms.tencentcloud.secretkey=05d5485357bc
+config.otp.sms.tencentcloud.smssdkappid=1486220095
+config.otp.sms.tencentcloud.templateid=14860095
+config.otp.sms.tencentcloud.sign=1486009522
+
+config.otp.keyuri.format.type=totp
+config.otp.keyuri.format.digits=6
+config.otp.keyuri.format.issuer=MaxKey
+config.otp.keyuri.format.domain=${config.server.domain}
+config.otp.keyuri.format.period=30
+
+############################################################################
+# Kerberos Login configuration
+############################################################################
+#short name of user domain must be in upper case,eg:MAXKEY
+config.support.kerberos.default.userdomain=MAXKEY
+#short name of user domain must be in upper case,eg:MAXKEY.ORG
+config.support.kerberos.default.fulluserdomain=MAXKEY.ORG
+#last 8Bit crypto for Kerberos web Authentication
+config.support.kerberos.default.crypto=846KZSzYq56M6d5o
+#Kerberos Authentication server RUL
+config.support.kerberos.default.redirecturi=http://sso.maxkey.top/kerberos/authn/
+############################################################################
+# HTTPHEADER Login configuration
+############################################################################
+config.support.httpheader.enable=false
+config.support.httpheader.headername=header-user
+# iv-user is for IBM Security Access Manager
+#config.httpheader.headername=iv-user
+
+############################################################################
+# BASIC Login support configuration
+############################################################################
+
+config.support.basic.enable=false
+
+#############################################################################
+# WsFederation Login support configuration
+#identifier: the identifer for the ADFS server
+#url: the login url for ADFS
+#principal: the name of the attribute/assertion returned by ADFS that contains the principal's username.
+#relyingParty: the identifier of the CAS Server as it has been configured in ADFS.
+#tolerance: (optional) the amount of drift to allow when validating the timestamp on the token. Default: 10000 (ms)
+#attributeMutator: (optional) a class (defined by you) that can modify the attributes/assertions returned by the ADFS server
+#signingCertificate: ADFS's signing certificate used to validate the token/assertions issued by ADFS.
+############################################################################
+
+config.support.wsfederation.identifier=http://adfs.maxkey.top/adfs/services/trust
+config.support.wsfederation.url=https://adfs.maxkey.top/adfs/ls/
+config.support.wsfederation.principal=upn
+config.support.wsfederation.relyingParty=urn:federation:connsec
+config.support.wsfederation.signingCertificate=adfs-signing.crt
+config.support.wsfederation.tolerance=10000
+config.support.wsfederation.upn.suffix=maxkey.org
+config.support.wsfederation.logoutUrl=https://adfs.maxkey.top/adfs/ls/?wa=wsignout1.0
+#############################################################################
+
+#############################################################################
+# OIDC V1.0 METADATA configuration
+config.oidc.metadata.issuer=${config.server.name}/maxkey
+config.oidc.metadata.authorizationEndpoint=${config.server.name}/maxkey/oauth/v20/authorize
+config.oidc.metadata.tokenEndpoint=${config.server.name}/maxkey/oauth/v20/token
+config.oidc.metadata.userinfoEndpoint=${config.server.name}/maxkey/api/connect/userinfo
+
+#############################################################################
+# SAML V2.0 configuration
+#saml common
+config.saml.v20.max.parser.pool.size=2
+config.saml.v20.assertion.validity.time.ins.seconds=90
+config.saml.v20.replay.cache.life.in.millis=14400000
+config.saml.v20.issue.instant.check.clock.skew.in.seconds=90
+config.saml.v20.issue.instant.check.validity.time.in.seconds=300
+
+
+#saml idp keystore
+config.saml.v20.idp.keystore.password=maxkey
+config.saml.v20.idp.keystore.private.key.password=maxkey
+config.saml.v20.idp.keystore=classpath\:config/samlServerKeystore.jks
+#keystore id for sec
+config.saml.v20.idp.issuing.entity.id=maxkey.top
+config.saml.v20.idp.issuer=https://sso.maxkey.top/maxkey/saml
+
+config.saml.v20.idp.receiver.endpoint=https\://sso.maxkey.top/
+
+#saml sp keystore
+config.saml.v20.sp.keystore.password=maxkey
+config.saml.v20.sp.keystore.private.key.password=maxkey
+config.saml.v20.sp.keystore=classpath\:config/samlClientKeystore.jks
+config.saml.v20.sp.issuing.entity.id=client.maxkey.org
+
+#Saml v20 METADATA
+config.saml.v20.metadata.orgName=maxkey
+config.saml.v20.metadata.orgDisplayName=maxkey
+config.saml.v20.metadata.orgURL=https://github.com/shimingxy/MaxKey
+config.saml.v20.metadata.contactType=technical
+config.saml.v20.metadata.company=maxkey
+config.saml.v20.metadata.givenName=maxkey
+config.saml.v20.metadata.surName=maxkey
+config.saml.v20.metadata.emailAddress=shimingxy@163.com
+config.saml.v20.metadata.telephoneNumber=4008981111
+
+############################################################################
+# Social Sign On Configuration #
+#you config client.id & client.secret only
+############################################################################
+
+############################################################################
+#sina weibo
+config.socialsignon.sinaweibo.provider=sinaweibo
+config.socialsignon.sinaweibo.provider.name=\u65B0\u6D6A\u5FAE\u535A
+config.socialsignon.sinaweibo.icon=images/social/sinaweibo.png
+config.socialsignon.sinaweibo.client.id=3379757634
+config.socialsignon.sinaweibo.client.secret=1adfdf9800299037bcab9d1c238664ba
+config.socialsignon.sinaweibo.account.id=id
+config.socialsignon.sinaweibo.sortorder=1
+
+#Google
+config.socialsignon.google.provider=google
+config.socialsignon.google.provider.name=Google
+config.socialsignon.google.icon=images/social/google.png
+config.socialsignon.google.client.id=519914515488.apps.googleusercontent.com
+config.socialsignon.google.client.secret=3aTW3Iw7e11QqMnHxciCaXTt
+config.socialsignon.google.account.id=id
+config.socialsignon.google.sortorder=2
+
+#QQ
+config.socialsignon.qq.provider=qq
+config.socialsignon.qq.provider.name=QQ
+config.socialsignon.qq.icon=images/social/qq.png
+config.socialsignon.qq.client.id=101225363
+config.socialsignon.qq.client.secret=8577d75e0eb4a91ac549cc8be3371bfd
+config.socialsignon.qq.account.id=openid
+config.socialsignon.qq.sortorder=4
+
+#dingtalk
+config.socialsignon.dingtalk.provider=dingtalk
+config.socialsignon.dingtalk.provider.name=dingtalk
+config.socialsignon.dingtalk.icon=images/social/dingtalk.png
+config.socialsignon.dingtalk.client.id=dingoawf2jyiwh2uzqnphg
+config.socialsignon.dingtalk.client.secret=Crm7YJbMKfRlvG2i1SHpg4GHVpqF_oXiEjhmRQyiSiuzNRWpbFh9i0UjDTfhOoN9
+config.socialsignon.dingtalk.account.id=openid
+config.socialsignon.dingtalk.sortorder=5
+
+#Microsoft
+config.socialsignon.microsoft.provider=microsoft
+config.socialsignon.microsoft.provider.name=Microsoft
+config.socialsignon.microsoft.icon=images/social/live.png
+config.socialsignon.microsoft.client.id=24aa73b6-7928-4e64-bd64-d8682e650f95
+config.socialsignon.microsoft.client.secret=PF[_AthtjVrtWVO2mNy@CJxY1@Z8FNf5
+config.socialsignon.microsoft.account.id=id
+config.socialsignon.microsoft.sortorder=6
+
+#facebook
+config.socialsignon.facebook.provider=facebook
+config.socialsignon.facebook.provider.name=facebook
+config.socialsignon.facebook.icon=images/social/facebook.png
+config.socialsignon.facebook.client.id=appKey
+config.socialsignon.facebook.client.secret=appSecret
+config.socialsignon.facebook.account.id=id
+config.socialsignon.facebook.sortorder=7
diff --git a/maxkey-dao/src/test/resources/spring/applicationContext-database.xml b/maxkey-dao/src/test/resources/spring/applicationContext-database.xml
index 7f6f024e7410f4cb5803435843cc00691b502472..715495d3b263c55c6eb3feb70a5f68c80dae32b8 100644
--- a/maxkey-dao/src/test/resources/spring/applicationContext-database.xml
+++ b/maxkey-dao/src/test/resources/spring/applicationContext-database.xml
@@ -21,9 +21,9 @@
-
-
-
+
+
+
\ No newline at end of file
diff --git a/maxkey-dao/src/test/resources/spring/applicationContext.xml b/maxkey-dao/src/test/resources/spring/applicationContext.xml
index 919c958ee95f01aad00d203b550d4b2b33e0ae95..f93d23ea5e9425ed93c137a33bb7b71cf593c468 100644
--- a/maxkey-dao/src/test/resources/spring/applicationContext.xml
+++ b/maxkey-dao/src/test/resources/spring/applicationContext.xml
@@ -24,7 +24,7 @@
- classpath:config/applicationConfig.properties
+ classpath:application.properties
@@ -39,7 +39,43 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/maxkey-identitys/maxkey-identity-kafka/.settings/org.eclipse.wst.common.component b/maxkey-identitys/maxkey-identity-kafka/.settings/org.eclipse.wst.common.component
index 72b93f2c419a6ae61718078c7fc8413cabdea9db..d1cb5c301f068e87617d44f2a84abc95e49d991d 100644
--- a/maxkey-identitys/maxkey-identity-kafka/.settings/org.eclipse.wst.common.component
+++ b/maxkey-identitys/maxkey-identity-kafka/.settings/org.eclipse.wst.common.component
@@ -6,11 +6,5 @@
uses
-
- uses
-
-
- uses
-
diff --git a/maxkey-identitys/maxkey-identity-kafka/build.gradle b/maxkey-identitys/maxkey-identity-kafka/build.gradle
index 375531435756a3b4e0e57fd534f77bf20451632c..0cd30408778dd4177c2d11ce2441650f21b5c6c6 100644
--- a/maxkey-identitys/maxkey-identity-kafka/build.gradle
+++ b/maxkey-identitys/maxkey-identity-kafka/build.gradle
@@ -9,7 +9,5 @@ dependencies {
compile fileTree(dir: '../maxkey-lib/*/', include: '*.jar')
compile project(":maxkey-core")
- compile project(":maxkey-dao")
- compile project(":maxkey-client-sdk")
}
\ No newline at end of file