Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
yujianwangzivayy
MaxKey
提交
239573cd
MaxKey
项目概览
yujianwangzivayy
/
MaxKey
与 Fork 源项目一致
Fork自
MaxKey单点登录官方(MaxKeyTop) / MaxKey
通知
1
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
DevOps
流水线
流水线任务
计划
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
MaxKey
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
DevOps
DevOps
流水线
流水线任务
计划
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
流水线任务
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
239573cd
编写于
5月 22, 2020
作者:
MaxKey单点登录官方
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Authentication Forward Fix
Authentication Forward Fix
上级
dcae0974
变更
13
隐藏空白更改
内联
并排
Showing
13 changed file
with
128 addition
and
74 deletion
+128
-74
maxkey-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java
...java/org/maxkey/authn/AbstractAuthenticationProvider.java
+5
-0
maxkey-core/src/main/java/org/maxkey/authn/SavedRequestAwareAuthenticationSuccessHandler.java
.../authn/SavedRequestAwareAuthenticationSuccessHandler.java
+46
-39
maxkey-core/src/main/java/org/maxkey/authn/realm/IAuthenticationServer.java
...in/java/org/maxkey/authn/realm/IAuthenticationServer.java
+2
-4
maxkey-core/src/main/java/org/maxkey/web/WebConstants.java
maxkey-core/src/main/java/org/maxkey/web/WebConstants.java
+2
-4
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/springframework/ui/velocity/VelocityEngineFactory.java
...rg/springframework/ui/velocity/VelocityEngineFactory.java
+0
-1
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/springframework/ui/velocity/VelocityEngineFactoryBean.java
...pringframework/ui/velocity/VelocityEngineFactoryBean.java
+0
-1
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/springframework/ui/velocity/VelocityEngineUtils.java
.../org/springframework/ui/velocity/VelocityEngineUtils.java
+0
-3
maxkey-web-manage/src/main/java/org/maxkey/MaxKeyMgtMvcConfig.java
...b-manage/src/main/java/org/maxkey/MaxKeyMgtMvcConfig.java
+7
-1
maxkey-web-maxkey/src/main/java/org/maxkey/web/endpoint/IndexEndpoint.java
.../src/main/java/org/maxkey/web/endpoint/IndexEndpoint.java
+12
-3
maxkey-web-maxkey/src/main/java/org/maxkey/web/endpoint/LoginEndpoint.java
.../src/main/java/org/maxkey/web/endpoint/LoginEndpoint.java
+8
-17
maxkey-web-maxkey/src/main/java/org/maxkey/web/interceptor/PermissionAdapter.java
...in/java/org/maxkey/web/interceptor/PermissionAdapter.java
+31
-0
maxkey-web-maxkey/src/main/resources/spring/maxkey.xml
maxkey-web-maxkey/src/main/resources/spring/maxkey.xml
+12
-0
maxkey-web-maxkey/src/main/resources/templates/views/index.ftl
...y-web-maxkey/src/main/resources/templates/views/index.ftl
+3
-1
未找到文件。
maxkey-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java
浏览文件 @
239573cd
...
...
@@ -87,6 +87,10 @@ public abstract class AbstractAuthenticationProvider {
.
getAttribute
(
WebConstants
.
CURRENT_LOGIN_USER_PASSWORD_SET_TYPE
);
// 登录完成后切换SESSION
_logger
.
debug
(
"Login Session {}."
,
WebContext
.
getSession
().
getId
());
final
Object
firstSavedRequest
=
WebContext
.
getAttribute
(
WebConstants
.
FIRST_SAVED_REQUEST_PARAMETER
);
WebContext
.
getSession
().
invalidate
();
WebContext
.
setAttribute
(
WebConstants
.
CURRENT_USER_SESSION_ID
,
WebContext
.
getSession
().
getId
());
...
...
@@ -95,6 +99,7 @@ public abstract class AbstractAuthenticationProvider {
authenticationRealm
.
insertLoginHistory
(
userInfo
,
ConstantsLoginType
.
LOCAL
,
""
,
"xe00000004"
,
"success"
);
WebContext
.
setAttribute
(
WebConstants
.
FIRST_SAVED_REQUEST_PARAMETER
,
firstSavedRequest
);
// 认证设置
WebContext
.
setAuthentication
(
authentication
);
WebContext
.
setUserInfo
(
userInfo
);
...
...
maxkey-core/src/main/java/org/maxkey/authn/SavedRequestAwareAuthenticationSuccessHandler.java
浏览文件 @
239573cd
...
...
@@ -20,45 +20,47 @@ import org.springframework.security.web.savedrequest.SavedRequest;
import
org.springframework.util.StringUtils
;
/**
* An authentication success strategy which can make use of the {@link DefaultSavedRequest} which may have been stored in
* the session by the {@link ExceptionTranslationFilter}. When such a request is intercepted and requires authentication,
* the request data is stored to record the original destination before the authentication process commenced, and to
* allow the request to be reconstructed when a redirect to the same URL occurs. This class is responsible for
* performing the redirect to the original URL if appropriate.
* An authentication success strategy which can make use of the
* {@link DefaultSavedRequest} which may have been stored in the session by the
* {@link ExceptionTranslationFilter}. When such a request is intercepted and
* requires authentication, the request data is stored to record the original
* destination before the authentication process commenced, and to allow the
* request to be reconstructed when a redirect to the same URL occurs. This
* class is responsible for performing the redirect to the original URL if
* appropriate.
* <p>
* Following a successful authentication, it decides on the redirect destination, based on the following scenarios:
* Following a successful authentication, it decides on the redirect
* destination, based on the following scenarios:
* <ul>
* <li>
* If the {@code alwaysUseDefaultTargetUrl} property is set to true, the {@code defaultTargetUrl}
* will be used for the destination. Any {@code DefaultSavedRequest} stored in the session will be
* removed.
* </li>
* <li>
* If the {@code targetUrlParameter} has been set on the request, the value will be used as the destination.
* Any {@code DefaultSavedRequest} will again be removed.
* </li>
* <li>
* If a {@link SavedRequest} is found in the {@code RequestCache} (as set by the {@link ExceptionTranslationFilter} to
* record the original destination before the authentication process commenced), a redirect will be performed to the
* Url of that original destination. The {@code SavedRequest} object will remain cached and be picked up
* when the redirected request is received
* (See {@link org.springframework.security.web.savedrequest.SavedRequestAwareWrapper SavedRequestAwareWrapper}).
* </li>
* <li>
* If no {@code SavedRequest} is found, it will delegate to the base class.
* <li>If the {@code alwaysUseDefaultTargetUrl} property is set to true, the
* {@code defaultTargetUrl} will be used for the destination. Any
* {@code DefaultSavedRequest} stored in the session will be removed.</li>
* <li>If the {@code targetUrlParameter} has been set on the request, the value
* will be used as the destination. Any {@code DefaultSavedRequest} will again
* be removed.</li>
* <li>If a {@link SavedRequest} is found in the {@code RequestCache} (as set by
* the {@link ExceptionTranslationFilter} to record the original destination
* before the authentication process commenced), a redirect will be performed to
* the Url of that original destination. The {@code SavedRequest} object will
* remain cached and be picked up when the redirected request is received (See
* {@link org.springframework.security.web.savedrequest.SavedRequestAwareWrapper
* SavedRequestAwareWrapper}).</li>
* <li>If no {@code SavedRequest} is found, it will delegate to the base class.
* </li>
* </ul>
*
* @author Luke Taylor
* @since 3.0
*/
public
class
SavedRequestAwareAuthenticationSuccessHandler
extends
SimpleUrlAuthenticationSuccessHandler
{
protected
final
Logger
_logger
=
LoggerFactory
.
getLogger
(
SavedRequestAwareAuthenticationSuccessHandler
.
class
);
public
class
SavedRequestAwareAuthenticationSuccessHandler
extends
SimpleUrlAuthenticationSuccessHandler
{
protected
final
Logger
_logger
=
LoggerFactory
.
getLogger
(
SavedRequestAwareAuthenticationSuccessHandler
.
class
);
@Autowired
@Qualifier
(
"remeberMeService"
)
protected
AbstractRemeberMeService
remeberMeService
;
@Qualifier
(
"remeberMeService"
)
protected
AbstractRemeberMeService
remeberMeService
;
private
RequestCache
requestCache
=
new
HttpSessionRequestCache
();
@Override
...
...
@@ -66,15 +68,18 @@ public class SavedRequestAwareAuthenticationSuccessHandler extends SimpleUrlAuth
Authentication
authentication
)
throws
ServletException
,
IOException
{
SavedRequest
savedRequest
=
requestCache
.
getRequest
(
request
,
response
);
remeberMeService
.
createRemeberMe
(
authentication
.
getPrincipal
().
toString
(),
request
,
response
);
remeberMeService
.
createRemeberMe
(
authentication
.
getPrincipal
().
toString
(),
request
,
response
);
if
(
savedRequest
==
null
)
{
super
.
onAuthenticationSuccess
(
request
,
response
,
authentication
);
return
;
}
String
targetUrlParameter
=
getTargetUrlParameter
();
if
(
isAlwaysUseDefaultTargetUrl
()
||
(
targetUrlParameter
!=
null
&&
StringUtils
.
hasText
(
request
.
getParameter
(
targetUrlParameter
))))
{
if
(
isAlwaysUseDefaultTargetUrl
()
||
(
targetUrlParameter
!=
null
&&
StringUtils
.
hasText
(
request
.
getParameter
(
targetUrlParameter
))))
{
requestCache
.
removeRequest
(
request
,
response
);
super
.
onAuthenticationSuccess
(
request
,
response
,
authentication
);
...
...
@@ -82,16 +87,18 @@ public class SavedRequestAwareAuthenticationSuccessHandler extends SimpleUrlAuth
}
clearAuthenticationAttributes
(
request
);
// Use the DefaultSavedRequest URL
String
targetUrl
=
savedRequest
.
getRedirectUrl
();
//is cas login , with service parameter
logger
.
info
(
request
.
getParameter
(
WebConstants
.
CAS_SERVICE_PARAMETER
));
if
(
request
.
getParameter
(
WebConstants
.
CAS_SERVICE_PARAMETER
)!=
null
&&
request
.
getParameter
(
WebConstants
.
CAS_SERVICE_PARAMETER
).
startsWith
(
"http"
)){
targetUrl
=
WebContext
.
getHttpContextPath
()+
"/authorize/cas/login?service="
+
request
.
getParameter
(
WebConstants
.
CAS_SERVICE_PARAMETER
);
// is cas login , with service parameter
logger
.
info
(
"CAS "
+
request
.
getParameter
(
WebConstants
.
CAS_SERVICE_PARAMETER
));
if
(
request
.
getParameter
(
WebConstants
.
CAS_SERVICE_PARAMETER
)
!=
null
&&
request
.
getParameter
(
WebConstants
.
CAS_SERVICE_PARAMETER
).
startsWith
(
"http"
))
{
targetUrl
=
WebContext
.
getHttpContextPath
()
+
"/authorize/cas/login?service="
+
request
.
getParameter
(
WebConstants
.
CAS_SERVICE_PARAMETER
);
}
targetUrl
=
targetUrl
==
null
?
"/forwardindex"
:
targetUrl
;
logger
.
debug
(
"Redirecting to DefaultSavedRequest Url: "
+
targetUrl
);
getRedirectStrategy
().
sendRedirect
(
request
,
response
,
targetUrl
);
}
...
...
maxkey-core/src/main/java/org/maxkey/authn/realm/IAuthenticationServer.java
浏览文件 @
239573cd
/**
*
*/
package
org.maxkey.authn.realm
;
/**
* IAuthenticationServer .
* @author Crystal.Sea
*
*/
public
interface
IAuthenticationServer
{
public
boolean
authenticate
(
String
username
,
String
password
)
;
public
boolean
authenticate
(
String
username
,
String
password
)
;
}
maxkey-core/src/main/java/org/maxkey/web/WebConstants.java
浏览文件 @
239573cd
package
org.maxkey.web
;
/**
* Web Application Constants define
* Web Application Constants define
.
*
* @author Crystal.Sea
*
...
...
@@ -32,9 +32,7 @@ public class WebConstants {
public
static
final
String
CURRENT_MESSAGE
=
"current_message"
;
// SPRING_SECURITY_SAVED_REQUEST
public
static
final
String
SPRING_PROCESS_SAVED_REQUEST
=
"SPRING_SECURITY_SAVED_REQUEST"
;
public
static
final
String
FIRST_SAVED_REQUEST_PARAMETER
=
"first_saved_request_parameter"
;
public
static
final
String
FIRST_SAVED_REQUEST_PARAMETER
=
"SPRING_SECURITY_SAVED_REQUEST"
;
public
static
final
String
KAPTCHA_SESSION_KEY
=
"kaptcha_session_key"
;
...
...
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/springframework/ui/velocity/VelocityEngineFactory.java
浏览文件 @
239573cd
...
...
@@ -71,7 +71,6 @@ import org.springframework.util.StringUtils;
* @see org.apache.velocity.app.VelocityEngine
* @deprecated as of Spring 4.3, in favor of FreeMarker
*/
@Deprecated
public
class
VelocityEngineFactory
{
protected
final
Log
logger
=
LogFactory
.
getLog
(
getClass
());
...
...
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/springframework/ui/velocity/VelocityEngineFactoryBean.java
浏览文件 @
239573cd
...
...
@@ -48,7 +48,6 @@ import org.springframework.context.ResourceLoaderAware;
* @see org.springframework.web.servlet.view.velocity.VelocityConfigurer
* @deprecated as of Spring 4.3, in favor of FreeMarker
*/
@Deprecated
public
class
VelocityEngineFactoryBean
extends
VelocityEngineFactory
implements
FactoryBean
<
VelocityEngine
>,
InitializingBean
,
ResourceLoaderAware
{
...
...
maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/springframework/ui/velocity/VelocityEngineUtils.java
浏览文件 @
239573cd
...
...
@@ -32,7 +32,6 @@ import org.apache.velocity.exception.VelocityException;
* @since 22.01.2004
* @deprecated as of Spring 4.3, in favor of FreeMarker
*/
@Deprecated
public
abstract
class
VelocityEngineUtils
{
/**
...
...
@@ -46,7 +45,6 @@ public abstract class VelocityEngineUtils {
* @deprecated Use {@link #mergeTemplate(VelocityEngine, String, String, Map, Writer)}
* instead, following Velocity 1.6's corresponding deprecation in its own API.
*/
@Deprecated
public
static
void
mergeTemplate
(
VelocityEngine
velocityEngine
,
String
templateLocation
,
Map
<
String
,
Object
>
model
,
Writer
writer
)
throws
VelocityException
{
...
...
@@ -86,7 +84,6 @@ public abstract class VelocityEngineUtils {
* @deprecated Use {@link #mergeTemplateIntoString(VelocityEngine, String, String, Map)}
* instead, following Velocity 1.6's corresponding deprecation in its own API.
*/
@Deprecated
public
static
String
mergeTemplateIntoString
(
VelocityEngine
velocityEngine
,
String
templateLocation
,
Map
<
String
,
Object
>
model
)
throws
VelocityException
{
...
...
maxkey-web-manage/src/main/java/org/maxkey/MaxKeyMgtMvcConfig.java
浏览文件 @
239573cd
...
...
@@ -43,16 +43,21 @@ public class MaxKeyMgtMvcConfig implements WebMvcConfigurer {
.
addPathPatterns
(
"/orgs/**"
)
.
addPathPatterns
(
"/userinfo/**"
)
.
addPathPatterns
(
"/apps/**"
)
.
addPathPatterns
(
"/app/accounts/**"
)
.
addPathPatterns
(
"/groups/**"
)
.
addPathPatterns
(
"/groupMember/**"
)
.
addPathPatterns
(
"/groupPrivileges/**"
)
.
addPathPatterns
(
"/roles/**"
)
.
addPathPatterns
(
"/rolemembers/**"
)
.
addPathPatterns
(
"/resources/**"
)
.
addPathPatterns
(
"/permissions/**"
)
.
addPathPatterns
(
"/config/**"
)
.
addPathPatterns
(
"/logs/**"
)
;
_logger
.
debug
(
"add PermissionAdapter"
);
registry
.
addInterceptor
(
historyLogsAdapter
)
.
addPathPatterns
(
"/users/*"
)
.
addPathPatterns
(
"/userinfo/**"
)
.
addPathPatterns
(
"/enterprises/**"
)
.
addPathPatterns
(
"/employees/**"
)
...
...
@@ -64,6 +69,7 @@ public class MaxKeyMgtMvcConfig implements WebMvcConfigurer {
.
addPathPatterns
(
"/approles/**"
)
;
_logger
.
debug
(
"add HistoryLogsAdapter"
);
registry
.
addInterceptor
(
localeChangeInterceptor
);
_logger
.
debug
(
"add LocaleChangeInterceptor"
);
...
...
maxkey-web-maxkey/src/main/java/org/maxkey/web/endpoint/IndexEndpoint.java
浏览文件 @
239573cd
package
org.maxkey.web.endpoint
;
import
java.io.IOException
;
import
javax.servlet.ServletException
;
import
javax.servlet.http.HttpServletRequest
;
import
javax.servlet.http.HttpServletResponse
;
import
org.maxkey.config.ApplicationConfig
;
import
org.maxkey.constants.ConstantsPasswordSetType
;
import
org.maxkey.domain.UserInfo
;
...
...
@@ -25,9 +30,10 @@ public class IndexEndpoint {
@Autowired
@Qualifier
(
"applicationConfig"
)
ApplicationConfig
applicationConfig
;
@RequestMapping
(
value
={
"/forwardindex"
})
public
ModelAndView
forwardindex
()
{
public
ModelAndView
forwardindex
(
HttpServletRequest
request
,
HttpServletResponse
response
)
throws
ServletException
,
IOException
{
_logger
.
debug
(
"IndexEndpoint /forwardindex."
);
ModelAndView
modelAndView
=
new
ModelAndView
();
Integer
passwordSetType
=(
Integer
)
WebContext
.
getSession
().
getAttribute
(
WebConstants
.
CURRENT_LOGIN_USER_PASSWORD_SET_TYPE
);
...
...
@@ -54,11 +60,14 @@ public class IndexEndpoint {
return
modelAndView
;
}
return
new
ModelAndView
(
"index"
);
}
@RequestMapping
(
value
={
"/index"
})
public
ModelAndView
home
()
{
public
ModelAndView
home
(
HttpServletRequest
request
,
HttpServletResponse
response
)
throws
ServletException
,
IOException
{
_logger
.
debug
(
"IndexEndpoint /index."
);
if
(
applicationConfig
.
getLoginConfig
().
getDefaultUri
()!=
null
&&
...
...
maxkey-web-maxkey/src/main/java/org/maxkey/web/endpoint/LoginEndpoint.java
浏览文件 @
239573cd
package
org.maxkey.web.endpoint
;
import
java.io.IOException
;
import
java.util.HashMap
;
import
javax.servlet.ServletException
;
import
javax.servlet.http.HttpServletRequest
;
import
javax.servlet.http.HttpServletResponse
;
...
...
@@ -22,9 +24,6 @@ import org.slf4j.Logger;
import
org.slf4j.LoggerFactory
;
import
org.springframework.beans.factory.annotation.Autowired
;
import
org.springframework.beans.factory.annotation.Qualifier
;
import
org.springframework.security.web.savedrequest.HttpSessionRequestCache
;
import
org.springframework.security.web.savedrequest.RequestCache
;
import
org.springframework.security.web.savedrequest.SavedRequest
;
import
org.springframework.stereotype.Controller
;
import
org.springframework.web.bind.annotation.CookieValue
;
import
org.springframework.web.bind.annotation.ModelAttribute
;
...
...
@@ -148,18 +147,7 @@ public class LoginEndpoint {
modelAndView
.
addObject
(
"ssopList"
,
socialSignOnProviderService
.
getSocialSignOnProviders
());
}
}
//save first protected url
SavedRequest
firstSavedRequest
=
(
SavedRequest
)
WebContext
.
getAttribute
(
WebConstants
.
FIRST_SAVED_REQUEST_PARAMETER
);
if
(
firstSavedRequest
==
null
){
RequestCache
requestCache
=
new
HttpSessionRequestCache
();
SavedRequest
savedRequest
=
requestCache
.
getRequest
(
request
,
response
);
if
(
savedRequest
!=
null
){
_logger
.
debug
(
"first request parameter "
+
savedRequest
.
getRedirectUrl
());
WebContext
.
setAttribute
(
WebConstants
.
FIRST_SAVED_REQUEST_PARAMETER
,
savedRequest
);
}
}
else
{
WebContext
.
setAttribute
(
WebConstants
.
SPRING_PROCESS_SAVED_REQUEST
,
firstSavedRequest
);
}
if
(
isAuthenticated
){
return
WebContext
.
redirect
(
"/forwardindex"
);
...
...
@@ -169,12 +157,15 @@ public class LoginEndpoint {
}
@RequestMapping
(
value
={
"/logon.do"
})
public
ModelAndView
logon
(
@ModelAttribute
(
"authentication"
)
BasicAuthentication
authentication
)
{
public
ModelAndView
logon
(
HttpServletRequest
request
,
HttpServletResponse
response
,
@ModelAttribute
(
"authentication"
)
BasicAuthentication
authentication
)
throws
ServletException
,
IOException
{
authenticationProvider
.
authenticate
(
authentication
);
if
(
WebContext
.
isAuthenticated
()){
return
WebContext
.
redirect
(
"/forwardindex"
);
return
WebContext
.
redirect
(
"/forwardindex"
);
}
else
{
return
WebContext
.
redirect
(
"/login"
);
}
...
...
maxkey-web-maxkey/src/main/java/org/maxkey/web/interceptor/PermissionAdapter.java
浏览文件 @
239573cd
...
...
@@ -4,12 +4,18 @@ import java.util.concurrent.ConcurrentHashMap;
import
javax.servlet.RequestDispatcher
;
import
javax.servlet.http.HttpServletRequest
;
import
javax.servlet.http.HttpServletResponse
;
import
org.maxkey.authn.SavedRequestAwareAuthenticationSuccessHandler
;
import
org.maxkey.config.ApplicationConfig
;
import
org.maxkey.web.WebConstants
;
import
org.maxkey.web.WebContext
;
import
org.slf4j.Logger
;
import
org.slf4j.LoggerFactory
;
import
org.springframework.beans.factory.annotation.Autowired
;
import
org.springframework.beans.factory.annotation.Qualifier
;
import
org.springframework.security.web.savedrequest.HttpSessionRequestCache
;
import
org.springframework.security.web.savedrequest.RequestCache
;
import
org.springframework.security.web.savedrequest.SavedRequest
;
import
org.springframework.web.servlet.handler.HandlerInterceptorAdapter
;
/**
...
...
@@ -26,6 +32,11 @@ public class PermissionAdapter extends HandlerInterceptorAdapter {
@Qualifier
(
"applicationConfig"
)
private
ApplicationConfig
applicationConfig
;
@Autowired
@Qualifier
(
"savedRequestSuccessHandler"
)
SavedRequestAwareAuthenticationSuccessHandler
savedRequestSuccessHandler
;
static
ConcurrentHashMap
<
String
,
String
>
navigationsMap
=
null
;
/*
...
...
@@ -41,14 +52,34 @@ public class PermissionAdapter extends HandlerInterceptorAdapter {
HttpServletResponse
response
,
Object
handler
)
throws
Exception
{
_logger
.
trace
(
"PermissionAdapter preHandle"
);
//save first protected url
SavedRequest
firstSavedRequest
=
(
SavedRequest
)
WebContext
.
getAttribute
(
WebConstants
.
FIRST_SAVED_REQUEST_PARAMETER
);
// 判断用户是否登录, 判断用户和角色,判断用户是否登录用户
if
(
WebContext
.
getAuthentication
()
==
null
||
WebContext
.
getAuthentication
().
getAuthorities
()
==
null
)
{
//保存未认证的请求信息
if
(
firstSavedRequest
==
null
){
RequestCache
requestCache
=
new
HttpSessionRequestCache
();
requestCache
.
saveRequest
(
request
,
response
);
SavedRequest
savedRequest
=
requestCache
.
getRequest
(
request
,
response
);
if
(
savedRequest
!=
null
){
_logger
.
debug
(
"first request parameter savedRequest "
+
savedRequest
.
getRedirectUrl
());
WebContext
.
setAttribute
(
WebConstants
.
FIRST_SAVED_REQUEST_PARAMETER
,
savedRequest
);
savedRequestSuccessHandler
.
setRequestCache
(
requestCache
);
}
}
_logger
.
trace
(
"No Authentication ... forward to /login"
);
RequestDispatcher
dispatcher
=
request
.
getRequestDispatcher
(
"/login"
);
dispatcher
.
forward
(
request
,
response
);
return
false
;
}
//认证完成,跳转到未认证请求
if
(
firstSavedRequest
!=
null
)
{
savedRequestSuccessHandler
.
onAuthenticationSuccess
(
request
,
response
,
WebContext
.
getAuthentication
());
WebContext
.
removeAttribute
(
WebConstants
.
FIRST_SAVED_REQUEST_PARAMETER
);
}
boolean
hasAccess
=
true
;
...
...
maxkey-web-maxkey/src/main/resources/spring/maxkey.xml
浏览文件 @
239573cd
...
...
@@ -185,6 +185,18 @@
<mvc:mapping
path=
"/historys/**"
/>
<mvc:mapping
path=
"/appList/**"
/>
<mvc:mapping
path=
"/socialsignon/**"
/>
<mvc:mapping
path=
"/authz/basic/*"
/>
<mvc:mapping
path=
"/authz/ltpa/*"
/>
<mvc:mapping
path=
"/authz/desktop/*"
/>
<mvc:mapping
path=
"/authz/formbased/*"
/>
<mvc:mapping
path=
"/authz/tokenbased/*"
/>
<mvc:mapping
path=
"/authz/saml20/idpinit/*"
/>
<mvc:mapping
path=
"/authz/saml20/assertion"
/>
<mvc:mapping
path=
"/authz/cas/login"
/>
<mvc:mapping
path=
"/authz/cas/granting"
/>
<mvc:mapping
path=
"/oauth/v20/authorize"
/>
<bean
class=
"org.maxkey.web.interceptor.PermissionAdapter"
/>
</mvc:interceptor>
...
...
maxkey-web-maxkey/src/main/resources/templates/views/index.ftl
浏览文件 @
239573cd
...
...
@@ -3,9 +3,11 @@
<head>
<meta
http-equiv=
"Content-Type"
content=
"application/xhtml+xml; charset=UTF-8"
/>
<title>
MaxKey
</title>
<base
href=
"<@base />"
/>
<link
rel=
"shortcut icon"
type=
"image/x-icon"
href=
"<@base />/static/images/favicon.ico"
/>
<link
type=
"text/css"
rel=
"stylesheet"
href=
"<@base url="
/
style.css
"
/>
" />
</head>
<body>
<script
type=
"text/javascript"
>
window
.
top
.
location
.
href
=
"
<@basePath />/forwardindex
"
;
<script
type=
"text/javascript"
>
window
.
top
.
location
.
href
=
"
<@basePath />/forwardindex
"
;
</script>
</body>
</html>
\ No newline at end of file
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录