Configuration

67478a71 · MaxKey单点登录官方 · eadf6098 · 67478a71 · 67478a71 · 67478a71
19 changed file
--- a/maxkey-core/src/main/java/org/maxkey/config/ApplicationConfig.java
+++ b/maxkey-core/src/main/java/org/maxkey/config/ApplicationConfig.java
 package org.maxkey.config;

-import java.util.ArrayList;
-import java.util.concurrent.ConcurrentHashMap;
-
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.PropertySource;
+import org.springframework.stereotype.Component;

 /**
 * 全局应用程序配置
@@ -21,38 +22,52 @@ import org.slf4j.LoggerFactory;
 * @author Crystal.Sea
 * 
 */
+@Component
+@PropertySource("classpath:/config/applicationConfig.properties")
 public class ApplicationConfig {
 	private static final Logger _logger = LoggerFactory.getLogger(ApplicationConfig.class);
+	@Autowired
 	DataSoruceConfig dataSoruceConfig;
-	
+	@Autowired
 	EmailConfig emailConfig;
-	
+	@Autowired
 	CharacterEncodingConfig characterEncodingConfig;
-
-	
+	@Autowired
 	LoginConfig loginConfig;
 	
+	@Value("${config.server.domain}")
 	String domainName;
 	
+	@Value("${config.server.subdomain}")
 	String subDomainName;
 	
+	@Value("${config.server.name}")
 	String serverName;
 	
+	@Value("${config.server.prefix.uri}")
 	String serverPrefix;
+	
+	@Value("${config.server.default.uri}")
+	String defaultUri;
+	
+	@Value("${config.server.manage.uri}")
+	String manageUri;
+	
+	/*
 	//is enable whiteList for ipAddress filter
 	boolean whiteList;
 	
 	//All user have permission Access URL
 	public  ConcurrentHashMap<String,String> anonymousAccessUrls;
+	*/
 	
-	String manageUri;
 	
 	
 	
 	public ApplicationConfig() {
 		super();
 		
-		anonymousAccessUrls=new ConcurrentHashMap<String,String>();
+		/*anonymousAccessUrls=new ConcurrentHashMap<String,String>();
 		anonymousAccessUrls.put("/index/", "/index/");
 		anonymousAccessUrls.put("/index/top","/index/top/");
 		anonymousAccessUrls.put("/index/left/","/index/left/");
@@ -68,6 +83,7 @@ public class ApplicationConfig {
 		anonymousAccessUrls.put("/approles/appRolesGrid/","/approles/appRolesGrid/");
 		
 		_logger.debug("Anonymous Access Urls : \n"+anonymousAccessUrls);
+		*/
 		
 	}
 	
@@ -147,7 +163,7 @@ public class ApplicationConfig {
 	public void setSubDomainName(String subDomainName) {
 		this.subDomainName = subDomainName;
 	}
-	
+	/*
 	public ConcurrentHashMap<String, String> getAnonymousAccessUrls() {
 		return anonymousAccessUrls;
 	}
@@ -158,7 +174,7 @@ public class ApplicationConfig {
 			this.anonymousAccessUrls.put(anonymousAccessUrl,anonymousAccessUrl);
 		}
 	}
-
+*/
 	/**
 	 * @return the emailConfig
 	 */
@@ -182,12 +198,21 @@ public class ApplicationConfig {
 		this.manageUri = manageUri;
 	}

+	public String getDefaultUri() {
+		return defaultUri;
+	}
+
+	public void setDefaultUri(String defaultUri) {
+		this.defaultUri = defaultUri;
+	}
+	
+/*
 	public boolean isWhiteList() {
 		return whiteList;
 	}

 	public void setWhiteList(boolean whiteList) {
 		this.whiteList = whiteList;
-	}
+	}*/
 	
 }
--- a/maxkey-core/src/main/java/org/maxkey/config/CharacterEncodingConfig.java
+++ b/maxkey-core/src/main/java/org/maxkey/config/CharacterEncodingConfig.java
@@ -5,26 +5,35 @@ package org.maxkey.config;

 import java.io.UnsupportedEncodingException;

+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.PropertySource;
+
 /**
 * 字符集转换及转换配置
 * @author Crystal.Sea
 *
 */
+@Configuration
+@PropertySource("classpath:/config/applicationConfig.properties")
 public class CharacterEncodingConfig {
 	
 	/**
 	 * 源字符集
 	 */
+	@Value("${config.characterencoding.charset.from}")
 	String fromCharSet;
 	
 	/**
 	 * 目标字符集
 	 */
+	@Value("${config.characterencoding.charset.to}")
 	String toCharSet;
 	
 	/**
 	 * 转换标志
 	 */
+	@Value("${config.characterencoding.encoding}")
 	boolean encoding	=	false;

 	

--- a/maxkey-core/src/main/java/org/maxkey/config/DataSoruceConfig.java
+++ b/maxkey-core/src/main/java/org/maxkey/config/DataSoruceConfig.java
@@ -2,8 +2,10 @@ package org.maxkey.config;

 import org.apache.commons.logging.LogFactory;
 import org.apache.mybatis.jpa.dialect.Dialect;
-import org.maxkey.crypto.Base64Utils;
 import org.maxkey.crypto.password.PasswordReciprocal;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.PropertySource;

 /**
 * 数据源配置
@@ -20,32 +22,40 @@ import org.maxkey.crypto.password.PasswordReciprocal;
 * @author Crystal.Sea
 *
 */
+@Configuration
+@PropertySource("classpath:/config/applicationConfig.properties")
 public class DataSoruceConfig {
 	
 	/**
 	 * 数据库类型
 	 */
+	@Value("${config.datasource.database:mysql}")
 	String database;
 	/**
 	 * jdbc驱动类
 	 */
+	@Value("${config.datasource.driverclass:com.mysql.jdbc.Driver}")
 	String driverClass;
 	/**
 	 * jdbc连接地址
 	 */
+	@Value("${config.datasource.url:jdbc:mysql://localhost/maxkey?autoReconnect=true&characterEncoding=UTF-8}")
 	String url;
 	/**
 	 * 数据库用户名
 	 */
+	@Value("${config.datasource.username:root}")
 	String username;
 	/**
 	 * 数据库密码
 	 */
+	@Value("${config.datasource.password:maxkey}")
 	String password;
 	
 	/**
 	 * 数据库密码是否加密
 	 */
+	@Value("${config.datasource.password.encrypt}")
 	boolean encrypt=false;
 	
 	/**
@@ -107,7 +117,6 @@ public class DataSoruceConfig {
 	 * @param database the database to set
 	 */
 	public void setDatabase(String database) {
-		this.dialect=Dialect.getDialectMap().get(database);
 		this.database = database;

 	}
@@ -143,6 +152,9 @@ public class DataSoruceConfig {
 	 * @return the dialect
 	 */
 	public String getDialect() {
+		if(this.dialect==null) {
+			this.dialect=Dialect.getDialectMap().get(database);
+		}
 		return dialect;
 	}


--- a/maxkey-core/src/main/java/org/maxkey/config/EmailConfig.java
+++ b/maxkey-core/src/main/java/org/maxkey/config/EmailConfig.java
 package org.maxkey.config;

+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.PropertySource;

+@Configuration
+@PropertySource("classpath:/config/applicationConfig.properties")
 public class EmailConfig {

+	@Value("${config.email.username}")
 	private String username;
-
+	@Value("${config.email.password}")
 	private String password;
-
+	@Value("${config.email.smtpHost}")
 	private String smtpHost;
-	
+	@Value("${config.email.senderMail}")
 	private String senderMail;
-	
+	@Value("${config.email.port}")
 	private Integer port;
-	
+	@Value("${config.email.ssl}")
 	private boolean ssl;
 	
 	

--- a/maxkey-core/src/main/java/org/maxkey/config/LoginConfig.java
+++ b/maxkey-core/src/main/java/org/maxkey/config/LoginConfig.java
 package org.maxkey.config;

+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.PropertySource;
+
+@Configuration
+@PropertySource("classpath:/config/applicationLogin.properties")
 public class LoginConfig {
-	
+	@Value("${config.login.captcha}")
 	boolean captcha;
-	
+	@Value("${config.login.onetimepwd}")
 	boolean oneTimePwd;
-	
+	@Value("${config.login.socialsignon}")
 	boolean socialSignOn;
-	
-	
+	@Value("${config.login.kerberos}")
 	boolean kerberos;
-	
+	@Value("${config.login.remeberme}")
 	boolean remeberMe;
-	
+	@Value("${config.login.wsfederation}")
 	boolean wsFederation;
-	
+	@Value("${config.login.default.uri}")
 	String defaultUri;

 	

--- a/maxkey-web-manage/src/main/java/org/maxkey/T.java
+++ b/maxkey-web-manage/src/main/java/org/maxkey/T.java
-package org.maxkey;
-
-import org.springframework.boot.web.servlet.support.SpringBootServletInitializer;
-
-public class T extends SpringBootServletInitializer {
-
-	public static void main(String[] args) {
-		System.out.println("MaxKeyMgtApplication");
-	}
-}
--- a/maxkey-web-manage/src/main/java/org/maxkey/web/endpoint/CaptchaEndpoint.java
+++ b/maxkey-web-manage/src/main/java/org/maxkey/web/endpoint/CaptchaEndpoint.java
-package org.maxkey.web.endpoint;
-
-import java.awt.image.BufferedImage;
-
-import javax.imageio.ImageIO;
-import javax.servlet.ServletOutputStream;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.maxkey.web.WebConstants;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.stereotype.Controller;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.servlet.ModelAndView;
-
-import com.google.code.kaptcha.Producer;
-
-/**
- * @author Crystal.Sea
- *
- */ 
-@Controller
-@RequestMapping(value = "/captcha") 
-public class CaptchaEndpoint {
-	private static final Logger _logger = LoggerFactory.getLogger(CaptchaEndpoint.class);
-	
- 	@Autowired
- 	private Producer captchaProducer;
- 	
-	/**
-	 * captcha image Producer
-	 * @param request
-	 * @param response
-	 * @return
-	 * @throws Exception
-	 */
-
-	@RequestMapping
-    public ModelAndView captchaHandleRequest(HttpServletRequest request,HttpServletResponse response) throws Exception {
-            // Set to expire far in the past.
-            response.setDateHeader("Expires", 0);
-            // Set standard HTTP/1.1 no-cache headers.
-            response.setHeader("Cache-Control", "no-store, no-cache, must-revalidate");
-            // Set IE extended HTTP/1.1 no-cache headers (use addHeader).
-            response.addHeader("Cache-Control", "post-check=0, pre-check=0");
-            // Set standard HTTP/1.0 no-cache header.
-            response.setHeader("Pragma", "no-cache");
-            // return a jpeg
-            response.setContentType("image/jpeg");
-            // create the text for the image
-            String capText = captchaProducer.createText();
-            _logger.debug("Captcha Text : "+capText);
-            // store the text in the session
-            request.getSession().setAttribute(WebConstants.KAPTCHA_SESSION_KEY, capText);
-            // create the image with the text
-            BufferedImage bi = captchaProducer.createImage(capText);
-            ServletOutputStream out = response.getOutputStream();
-            // write the data out
-            ImageIO.write(bi, "jpg", out);
-            try{
-                    out.flush();
-            }finally{
-                    out.close();
-            }
-            return null;
-    }
-}
--- a/maxkey-web-manage/src/main/java/org/maxkey/web/endpoint/ImageEndpoint.java
+++ b/maxkey-web-manage/src/main/java/org/maxkey/web/endpoint/ImageEndpoint.java
@@ -2,6 +2,8 @@ package org.maxkey.web.endpoint;

 import java.awt.image.BufferedImage;
 import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
 import java.io.InputStream;

 import javax.imageio.ImageIO;
@@ -9,30 +11,73 @@ import javax.servlet.ServletOutputStream;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;

+import org.maxkey.web.WebConstants;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.servlet.ModelAndView;
+
+import com.google.code.kaptcha.Producer;

 /**
 * @author Crystal.Sea
 *
 */
 @Controller
-@RequestMapping(value = "/image")
 public class ImageEndpoint {
-
+	private static final Logger _logger = LoggerFactory.getLogger(ImageEndpoint.class);
+	
+	@Autowired
+ 	private Producer captchaProducer;

 	/**
 	 * captcha image Producer
 	 * @param request
 	 * @param response
+	 */
+ 	@RequestMapping(value = "/captcha")
+    public void captchaHandleRequest(HttpServletRequest request,HttpServletResponse response){
+ 		try{
+ 			// Set to expire far in the past.
+            response.setDateHeader("Expires", 0);
+            // Set standard HTTP/1.1 no-cache headers.
+            response.setHeader("Cache-Control", "no-store, no-cache, must-revalidate");
+            // Set IE extended HTTP/1.1 no-cache headers (use addHeader).
+            response.addHeader("Cache-Control", "post-check=0, pre-check=0");
+            // Set standard HTTP/1.0 no-cache header.
+            response.setHeader("Pragma", "no-cache");
+            // return a jpeg
+            response.setContentType("image/jpeg");
+            // create the text for the image
+            String capText = captchaProducer.createText();
+            _logger.debug("Sesssion id " + request.getSession().getId() + " , Captcha Text is " + capText);
+            // store the text in the session
+            request.getSession().setAttribute(WebConstants.KAPTCHA_SESSION_KEY, capText);
+            // create the image with the text
+            BufferedImage bi = captchaProducer.createImage(capText);
+            ServletOutputStream out = response.getOutputStream();
+            // write the data out
+            ImageIO.write(bi, "jpg", out);
+    
+            out.flush();
+            out.close();
+		}catch(Exception e) {
+			_logger.error("captcha Producer Error " + e.getMessage());
+        }
+    }
+ 	
+	/**
+	 * image Producer
+	 * @param request
+	 * @param response
 	 * @return
 	 * @throws Exception
 	 */

-	@RequestMapping("/{id}")
-    public ModelAndView imageHandleRequest(HttpServletRequest request,HttpServletResponse response,@PathVariable("id") String id) throws Exception {
+	@RequestMapping("/image/{id}")
+    public void imageHandleRequest(HttpServletRequest request,HttpServletResponse response,@PathVariable("id") String id) throws Exception {
            // Set to expire far in the past.
            response.setDateHeader("Expires", 0);
            // Set standard HTTP/1.1 no-cache headers.
@@ -45,20 +90,49 @@ public class ImageEndpoint {
            response.setContentType("image/gif");
            // create the text for the image
            byte[]image=(byte[]) request.getSession().getAttribute(id);
-            request.getSession().removeAttribute(id);
+            //request.getSession().removeAttribute(id);
            // create the image with the text
            if(image!=null){
-	            InputStream in = new ByteArrayInputStream(image);
-	            BufferedImage bi = ImageIO.read(in);
 	            ServletOutputStream out = response.getOutputStream();
 	            // write the data out
-	            ImageIO.write(bi, "gif", out);
+	            ImageIO.write(byte2BufferedImage(image), "gif", out);
 	            try{
                    out.flush();
 	            }finally{
 	                    out.close();
 	            }
            }
-            return null;
    }
+	
+	public static BufferedImage byte2BufferedImage(byte[]imageByte){
+        try {
+        	 InputStream in = new ByteArrayInputStream(imageByte);
+        	 BufferedImage bufferedImage = ImageIO.read(in);
+        	 return bufferedImage;
+		} catch (IOException e) {
+			e.printStackTrace();
+		}
+         return null;
+	}
+	
+	public static byte[] bufferedImage2Byte(BufferedImage  bufferedImage  ){
+        try {
+        	ByteArrayOutputStream byteArrayOutputStream=new ByteArrayOutputStream();
+        	ImageIO.write(bufferedImage,"gif",byteArrayOutputStream);
+        	return byteArrayOutputStream.toByteArray();
+		} catch (IOException e) {
+			e.printStackTrace();
+		}
+         return null;
+	}
+
+	public Producer getCaptchaProducer() {
+		return captchaProducer;
+	}
+
+	public void setCaptchaProducer(Producer captchaProducer) {
+		this.captchaProducer = captchaProducer;
+	}
+	
+	
 }
--- a/maxkey-web-manage/src/main/java/org/maxkey/web/interceptor/PermissionAdapter.java
+++ b/maxkey-web-manage/src/main/java/org/maxkey/web/interceptor/PermissionAdapter.java
 package org.maxkey.web.interceptor;

-import java.util.List;
 import java.util.concurrent.ConcurrentHashMap;

 import javax.servlet.RequestDispatcher;
@@ -8,8 +7,6 @@ import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;

 import org.maxkey.config.ApplicationConfig;
-import org.maxkey.domain.Navigations;
-import org.maxkey.domain.UserInfo;
 import org.maxkey.web.WebContext;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -40,55 +37,17 @@ public class PermissionAdapter extends HandlerInterceptorAdapter {
 	@Override
 	public boolean preHandle(HttpServletRequest request,HttpServletResponse response, Object handler) throws Exception {
 		 _logger.debug("PermissionAdapter preHandle");
-		 //加载定义的功能菜单地址
-		/*if(navigationsMap==null){
-			List<Navigations>   navigationsList=((NavigationsService)WebContext.getBean("navigationsService")).query(null);
-			navigationsMap=new  ConcurrentHashMap<String ,String >();
-			for(Navigations nav : navigationsList){
-				if(nav.getUrl()==null)continue;
-				if(nav.getUrl().endsWith("/")){
-					navigationsMap.put("/"+nav.getUrl(), nav.getId());
-				}else{
-					navigationsMap.put("/"+nav.getUrl()+"/", nav.getId());
-				}
-			}
-			_logger.debug("navigationsMap : "+navigationsMap);
-		}
 		
-		UserInfo userInfo =WebContext.getUserInfo();//取得登录用户
-		
-		if(userInfo==null||WebContext.getRoles()==null){//判断用户和角色，判断用户是否登录用户
+		//判断用户是否登录
+		if(WebContext.getAuthentication()==null||WebContext.getAuthentication().getAuthorities()==null){//判断用户和角色，判断用户是否登录用户
 			RequestDispatcher dispatcher = request.getRequestDispatcher("/login");
 			dispatcher.forward(request, response);
 			return false;
 		}
 		
-		//取得当前访问地址 Access URL
-		String accessURI=request.getRequestURI().substring(request.getContextPath().length());
-		if(!accessURI.endsWith("/")){
-			accessURI=accessURI+"/";
-		}
-		//定义匿名可以访问URL地址
-		if(applicationConfig.getAnonymousAccessUrls().containsKey(accessURI)){
-			_logger.debug("Access URI : "+accessURI+" , AnonymousAccessUrls .");
-			return true;
-		}
 		
-		boolean hasNavAccess=true;
-		//菜单权限匹配
-		if(navigationsMap.containsKey(accessURI)){//判断当前访问URL地址是否需要进行权限校验
-			hasNavAccess=false;
-			for(Navigations nav : WebContext.getNavigations()){//获取当前登录用户拥有URL访问列表
-				String haveURL=nav.getUrl();
-				if(haveURL==null)continue;
-				if(!haveURL.endsWith("/")){haveURL="/"+haveURL+"/";}
-				if(haveURL.endsWith(accessURI)){
-					hasNavAccess=true;
-				}
-			}
-			_logger.debug("Access URI : "+accessURI+" , hasNavAccess "+hasNavAccess);
-			if(hasNavAccess)return true;
-		}
+		boolean hasAccess=true;
+		
 		
 		/*	
 		boolean preHandler = super.preHandle(request, response, handler);
@@ -104,6 +63,6 @@ public class PermissionAdapter extends HandlerInterceptorAdapter {
 				return false;
 			}
 		}*/
-		return true;
+		return hasAccess;
 	}
 }
--- a/maxkey-web-manage/src/main/resources/config/applicationConfig.properties
+++ b/maxkey-web-manage/src/main/resources/config/applicationConfig.properties
@@ -25,11 +25,11 @@ config.datasource.driverclass=com.mysql.jdbc.Driver
 #
 config.datasource.url=jdbc:mysql://localhost/maxkey?autoReconnect=true&characterEncoding=UTF-8
 config.datasource.username=root
-#connsec/bb2002b9f55b05d3e0e6f34ec5321051
-#root/4f8520865b3793b07b23e16bc1f117b8
-config.datasource.password=bb2002b9f55b05d3e0e6f34ec5321051
-#db2,derby,mysql,oracle,postgresql,sqlserver at com.connsec.db.mybatis.dialect.Dialect
+#root/maxkey
+config.datasource.password=maxkey
+#db2,derby,mysql,oracle,postgresql,sqlserver at Dialect
 config.datasource.database=mysql
+config.datasource.password.encrypt=false
 #                        End  DataBase configuration 
 ############################################################################  
 #                        CharacterEncoding
@@ -57,11 +57,11 @@ config.server.prefix=${config.server.name}/manage
 ############################################################################ 
 #                EMAIL configuration

-config.email.username=test@connsec.com
+config.email.username=test@maxkey.org
 config.email.password=3&8Ujbnm5hkjhFD
 config.email.smtpHost=smtp.exmail.qq.com
 config.email.port=25
-config.email.senderMail=test@connsec.com
+config.email.senderMail=test@maxkey.org
 config.email.ssl=false

 ############################################################################ 

--- a/maxkey-web-manage/src/main/resources/spring/maxkey-mgt.xml
+++ b/maxkey-web-manage/src/main/resources/spring/maxkey-mgt.xml
@@ -34,62 +34,8 @@
 	  <property name="ignoreUnresolvablePlaceholders" value="true"/>
 	</bean>
 	
-	<!-- dataSoruce Config -->
-	<bean id="dataSoruceConfig" class="org.maxkey.config.DataSoruceConfig">      
-	    <property name="driverClass" value="${config.datasource.driverclass}"/>      
-	    <property name="url" value="${config.datasource.url}"/>      
-	    <property name="username" value="${config.datasource.username}"/>      
-	    <property name="password" value="${config.datasource.password}"/>  
-	    <property name="database" value="${config.datasource.database}"/> 
-	    <property name="encrypt" value="true"/>
-	</bean> 
+	<context:component-scan base-package="org.maxkey.config" />
 	
-	<!-- Character Encoding  Config -->
-	<bean id="characterEncodingConfig" class="org.maxkey.config.CharacterEncodingConfig">      
-	    <property name="encoding" value="${config.characterencoding.encoding}"/>      
-	    <property name="fromCharSet" value="${config.characterencoding.fromcharset}"/>      
-	    <property name="toCharSet" value="${config.characterencoding.tocharset}"/>
-	</bean> 
-	
-	<!-- email  Config -->
-	<bean id="emailConfig" class="org.maxkey.config.EmailConfig">      
-	    <property name="username" value="${config.email.username}"/>      
-	    <property name="password" value="${config.email.password}"/>      
-	    <property name="smtpHost" value="${config.email.smtpHost}"/>
-	    <property name="port" value="${config.email.port}"/>
-	    <property name="senderMail" value="${config.email.senderMail}"/>
-	    <property name="ssl" value="${config.email.ssl}"/>
-	</bean> 
-	
-	<!-- Login  Config -->
-	<bean id="loginConfig" class="org.maxkey.config.LoginConfig">      
-	    <property name="captcha" value="${config.login.captcha}"/>
-	    <property name="oneTimePwd" value="${config.login.onetimepwd}"/>
-	    <property name="socialSignOn" value="${config.login.socialsignon}"/>
-	    <property name="kerberos" value="${config.login.kerberos}"/>
-	    <property name="wsFederation" value="${config.login.wsfederation}"/>
-	    <property name="remeberMe" value="${config.login.remeberme}"/>
-	    <property name="defaultUri" value="${config.login.default.uri}"/>
-	</bean> 
-	
-	<!-- Application  Config -->
-	 <bean id="applicationConfig" class="org.maxkey.config.ApplicationConfig">      
-	    <property name="dataSoruceConfig" ref="dataSoruceConfig"/> 
-	    <property name="characterEncodingConfig" ref="characterEncodingConfig"/> 
-	    <property name="emailConfig" ref="emailConfig"/> 
-	    <property name="loginConfig" ref="loginConfig"/>
-	    <property name="domainName" value="${config.domain.name}"/>
-	    <property name="serverPrefix" value="${config.server.maxkey.uri}"/>
-	    <property name="manageUri" value="${config.manage.uri}"/> 
-	    <property name="whiteList" value="${config.ipaddress.whitelist}"/> 
-  		<property name="anonymousAccessUrls">
-		   <list>
-		    <value>null</value>
-		   </list>
-		</property>
-	</bean> 	
-	
-
 	<bean id="keyStoreLoader" class="org.maxkey.crypto.keystore.KeyStoreLoader">
    	<property name="entityName" value="${config.saml.v20.idp.issuing.entity.id}" />
 		<property name="keystorePassword" value="${config.saml.v20.idp.keystore.password}" /> 

--- a/maxkey-web-maxkey/src/main/java/org/maxkey/web/filter/IpAddressFilter.java
+++ b/maxkey-web-maxkey/src/main/java/org/maxkey/web/filter/IpAddressFilter.java
@@ -27,8 +27,10 @@ public class IpAddressFilter implements Filter {
 	private static final Logger _logger = LoggerFactory.getLogger(IpAddressFilter.class);
 	
 	@Autowired
-	 @Qualifier("applicationConfig")
-	 private ApplicationConfig applicationConfig;
+	@Qualifier("applicationConfig")
+	private ApplicationConfig applicationConfig;
+	
+	boolean whiteList=false;
 	
 	@Override
 	public void init(FilterConfig filterConfig) throws ServletException {
@@ -59,7 +61,7 @@ public class IpAddressFilter implements Filter {

 		}
 		//白名单地址
-		if(applicationConfig.isWhiteList()&&!IpAddressCache.ipAddressWhiteListMap.containsKey(ipAddress)){
+		if(whiteList&&!IpAddressCache.ipAddressWhiteListMap.containsKey(ipAddress)){
 			_logger.info("You IpAddress not in White List  "+ipAddress);
 			RequestDispatcher dispatcher = request.getRequestDispatcher("/accessdeny");
 			dispatcher.forward(request, response);

--- a/maxkey-web-maxkey/src/main/java/org/maxkey/web/interceptor/PermissionAdapter.java
+++ b/maxkey-web-maxkey/src/main/java/org/maxkey/web/interceptor/PermissionAdapter.java
 package org.maxkey.web.interceptor;

-import java.util.List;
 import java.util.concurrent.ConcurrentHashMap;

 import javax.servlet.RequestDispatcher;
@@ -8,8 +7,6 @@ import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;

 import org.maxkey.config.ApplicationConfig;
-import org.maxkey.domain.Navigations;
-import org.maxkey.domain.UserInfo;
 import org.maxkey.web.WebContext;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -40,70 +37,31 @@ public class PermissionAdapter extends HandlerInterceptorAdapter {
 	@Override
 	public boolean preHandle(HttpServletRequest request,HttpServletResponse response, Object handler) throws Exception {
 		 _logger.debug("PermissionAdapter preHandle");
-		 //加载定义的功能菜单地址
-		/*if(navigationsMap==null){
-			List<Navigations>   navigationsList=((NavigationsService)WebContext.getBean("navigationsService")).query(null);
-			navigationsMap=new  ConcurrentHashMap<String ,String >();
-			for(Navigations nav : navigationsList){
-				if(nav.getUrl()==null)continue;
-				if(nav.getUrl().endsWith("/")){
-					navigationsMap.put("/"+nav.getUrl(), nav.getId());
-				}else{
-					navigationsMap.put("/"+nav.getUrl()+"/", nav.getId());
-				}
-			}
-			_logger.debug("navigationsMap : "+navigationsMap);
-		}
-		
-		UserInfo userInfo =WebContext.getUserInfo();//取得登录用户
-		
-		if(userInfo==null||WebContext.getRoles()==null){//判断用户和角色，判断用户是否登录用户
-			RequestDispatcher dispatcher = request.getRequestDispatcher("/login");
-			dispatcher.forward(request, response);
-			return false;
-		}
-		
-		//取得当前访问地址 Access URL
-		String accessURI=request.getRequestURI().substring(request.getContextPath().length());
-		if(!accessURI.endsWith("/")){
-			accessURI=accessURI+"/";
-		}
-		//定义匿名可以访问URL地址
-		if(applicationConfig.getAnonymousAccessUrls().containsKey(accessURI)){
-			_logger.debug("Access URI : "+accessURI+" , AnonymousAccessUrls .");
-			return true;
-		}
-		
-		boolean hasNavAccess=true;
-		//菜单权限匹配
-		if(navigationsMap.containsKey(accessURI)){//判断当前访问URL地址是否需要进行权限校验
-			hasNavAccess=false;
-			for(Navigations nav : WebContext.getNavigations()){//获取当前登录用户拥有URL访问列表
-				String haveURL=nav.getUrl();
-				if(haveURL==null)continue;
-				if(!haveURL.endsWith("/")){haveURL="/"+haveURL+"/";}
-				if(haveURL.endsWith(accessURI)){
-					hasNavAccess=true;
-				}
-			}
-			_logger.debug("Access URI : "+accessURI+" , hasNavAccess "+hasNavAccess);
-			if(hasNavAccess)return true;
-		}
-		
-		/*	
-		boolean preHandler = super.preHandle(request, response, handler);
-		
-		if(preHandler) {
-			preHandler = false;
-			
-			
-			if(!preHandler){//无权限转向
-				log.debug("You do not have permission to access "+accessUrl);
-				RequestDispatcher dispatcher = request.getRequestDispatcher("/accessdeny");
+			//判断用户是否登录
+			if(WebContext.getAuthentication()==null||WebContext.getAuthentication().getAuthorities()==null){//判断用户和角色，判断用户是否登录用户
+				RequestDispatcher dispatcher = request.getRequestDispatcher("/login");
 				dispatcher.forward(request, response);
 				return false;
 			}
-		}*/
-		return true;
+			
+			
+			boolean hasAccess=true;
+			
+			
+			/*	
+			boolean preHandler = super.preHandle(request, response, handler);
+			
+			if(preHandler) {
+				preHandler = false;
+				
+				
+				if(!preHandler){//无权限转向
+					log.debug("You do not have permission to access "+accessUrl);
+					RequestDispatcher dispatcher = request.getRequestDispatcher("/accessdeny");
+					dispatcher.forward(request, response);
+					return false;
+				}
+			}*/
+			return hasAccess;
 	}
 }
--- a/maxkey-web-maxkey/src/main/resources/config/applicationConfig.properties
+++ b/maxkey-web-maxkey/src/main/resources/config/applicationConfig.properties
 ############################################################################
 #                        MaxKey
 ############################################################################
+#                domain name configuration
+config.server.subdomain=maxkey.org
+config.server.domain=sso.${config.server.subdomain}
+config.server.name=http://${config.server.domain}
+config.server.prefix.uri=${config.server.name}/maxkey
+#default.uri
+config.server.default.uri=${config.server.prefix.uri}/main
+config.server.manage.uri=${config.server.name}:9521/maxkey-mgt/login
+############################################################################
 #                DataBase configuration  
 ############################################################################
 #db2,derby,mysql,oracle,postgresql,sqlserver at com.connsec.db.mybatis.dialect.Dialect
@@ -25,18 +34,16 @@ config.datasource.driverclass=com.mysql.jdbc.Driver
 #
 config.datasource.url=jdbc:mysql://localhost/maxkey?autoReconnect=true&characterEncoding=UTF-8
 config.datasource.username=root
-#connsec/bb2002b9f55b05d3e0e6f34ec5321051
-#root/4f8520865b3793b07b23e16bc1f117b8
-config.datasource.password=bb2002b9f55b05d3e0e6f34ec5321051
-
+config.datasource.password=maxkey
+config.datasource.password.encrypt=false
 ############################################################################ 
 #                EMAIL configuration
 ############################################################################
-config.email.username=test@connsec.com
+config.email.username=test@maxkey.org
 config.email.password=3&8Ujbnm5hkjhFD
 config.email.smtpHost=smtp.exmail.qq.com
 config.email.port=25
-config.email.senderMail=test@connsec.com
+config.email.senderMail=test@maxkey.org
 config.email.ssl=false

 ############################################################################
@@ -45,8 +52,8 @@ config.email.ssl=false
 #				CharacterEncoding true/false

 config.characterencoding.encoding=true
-config.characterencoding.fromcharset=iso8859-1
-config.characterencoding.tocharset=UTF-8
+config.characterencoding.charset.from=iso8859-1
+config.characterencoding.charset.to=UTF-8


 config.app.issuer=CN=ConSec,CN=COM,CN=SH

--- a/maxkey-web-maxkey/src/main/resources/config/applicationLogin.properties
+++ b/maxkey-web-maxkey/src/main/resources/config/applicationLogin.properties
 ############################################################################
 #                        MaxKey
 ############################################################################
-#                domain name configuration
-config.domain.name=sso.maxkey.org
-config.server.name=http://${config.domain.name}
-config.server.maxkey.uri=${config.server.name}/maxkey
-
-############################################################################ 
 #                Login configuration
 #enable captcha
 config.login.captcha=true
@@ -22,13 +16,9 @@ config.login.wsfederation=false
 config.login.remeberme=true
 #validity
 config.login.remeberme.validity=
-#default.uri
-#to appList page
-config.login.default.uri=appList
-#to default application web site
-#config.login.default.uri=http://www.connsec.com

-config.manage.uri=http://login.connsec.com:9500/manage/login
+#to default application web site
+config.login.default.uri=appList

 config.ipaddress.whitelist=false
 ############################################################################ 
@@ -42,16 +32,6 @@ config.support.kerberos.default.fulluserdomain=CONNSEC.COM
 config.support.kerberos.default.crypto=846KZSzYq56M6d5o
 #Kerberos Authentication server RUL
 config.support.kerberos.default.redirecturi=http://sso.maxkey.org/kerberos/authn/
-############################################################################ 
-#                CAS Login configuration
-############################################################################ 
-
-config.support.cas.login.url=http://sso.maxkey.org/cas/login
-#
-config.support.cas.login.service=http://sso.maxkey.org/maxkey/cas
-#
-config.support.cas.login.validation.url=http://sso.maxkey.org/cas
-
 ############################################################################ 
 #                HTTPHEADER Login configuration
 ############################################################################
@@ -91,8 +71,8 @@ config.support.wsfederation.logoutUrl=https://adfs.connsec.com/adfs/ls/?wa=wsign
 #############################################################################

 #############################################################################
-config.oidc.metadata.issuer=${config.server.maxkey.uri}
-config.oidc.metadata.authorizationEndpoint=${config.server.maxkey.uri}/oauth/v20/authorize
-config.oidc.metadata.tokenEndpoint=${config.server.maxkey.uri}/oauth/v20/token
-config.oidc.metadata.userinfoEndpoint=${config.server.maxkey.uri}/api/connect/userinfo
+config.oidc.metadata.issuer=${config.server.prefix.uri}
+config.oidc.metadata.authorizationEndpoint=${config.server.prefix.uri}/oauth/v20/authorize
+config.oidc.metadata.tokenEndpoint=${config.server.prefix.uri}/oauth/v20/token
+config.oidc.metadata.userinfoEndpoint=${config.server.prefix.uri}/api/connect/userinfo
 #############################################################################
--- a/maxkey-web-maxkey/src/main/resources/spring/maxkey-persistence.xml
+++ b/maxkey-web-maxkey/src/main/resources/spring/maxkey-persistence.xml
@@ -71,7 +71,7 @@
 	        			org.maxkey.domain.apps,
        			" />
 		<property name="timeout" value="30" />
-		<property name="mapperLocations" value="classpath*:org/maxkey/dao/persistence/xml/#{dataSoruceConfig.database}/*.xml" />
+		<property name="mapperLocations" value="classpath*:/org/maxkey/dao/persistence/xml/#{dataSoruceConfig.database}/*.xml" />
 		<property name="interceptors">
 			<list>
 				<ref bean="StatementHandlerInterceptor"/>  

--- a/maxkey-web-maxkey/src/main/resources/spring/maxkey-security.xml
+++ b/maxkey-web-maxkey/src/main/resources/spring/maxkey-security.xml
@@ -13,29 +13,7 @@
 	        http://www.springframework.org/schema/util     
 	        http://www.springframework.org/schema/util/spring-util.xsd
 	        http://www.springframework.org/schema/mvc 
-			http://www.springframework.org/schema/mvc/spring-mvc.xsd">
-			
-    
-	<!--
-	<sec:http pattern="/jquery/**" security="none" /> 
-	<sec:http pattern="/images/**" security="none" /> 
-	<sec:http pattern="/css/**" security="none" /> 
-	<sec:http pattern="/js/**" security="none" /> 
-	
-	<sec:http pattern="/metadata/saml20/**" security="none" /> 
-	
-	<sec:http pattern="/api/oauth/v20/me" security="none" /> 
-	<sec:http pattern="/api/connect/v10/userinfo" security="none" />
-	
-	 cas api  
-	<sec:http pattern="/authz/cas/validate" security="none" />
-	<sec:http pattern="/authz/cas/serviceValidate" security="none" />
-	<sec:http pattern="/authz/cas/proxyValidate" security="none" />
-	<sec:http pattern="/authz/cas/proxy" security="none" />
-	<sec:http pattern="/authz/cas/p3/serviceValidate" security="none" />
-	<sec:http pattern="/authz/cas/p3/proxyValidate" security="none" />
-	-->
-	
+			http://www.springframework.org/schema/mvc/spring-mvc.xsd">	
 	
 	<!-- enable autowire -->
    <context:annotation-config />
@@ -107,10 +85,10 @@
 		</mvc:interceptor>

 		
-		 <ref bean="localeChangeInterceptor" />
+		<ref bean="localeChangeInterceptor" />
 	</mvc:interceptors>
     
-     	<bean id="remeberMeService" class="org.maxkey.authn.support.rememberme.JdbcRemeberMeService">
+	<bean id="remeberMeService" class="org.maxkey.authn.support.rememberme.JdbcRemeberMeService">
 		<constructor-arg ref="jdbcTemplate"/>
 		<property name="validity" value="${config.login.remeberme.validity}"/>
 	</bean>

--- a/maxkey-web-maxkey/src/main/resources/spring/maxkey-web.xml
+++ b/maxkey-web-maxkey/src/main/resources/spring/maxkey-web.xml
@@ -21,7 +21,7 @@
 	<!-- LocaleResolver -->
 	<bean id="localeResolver" class="org.springframework.web.servlet.i18n.CookieLocaleResolver">
 		<property name="cookieDomain" value="#{applicationConfig.subDomainName}"/>
-		<property name="cookieName" value="single_sign_on_lang"/>
+		<property name="cookieName" value="maxkey_lang"/>
 		<property name="cookieMaxAge" value="604800" />
 		<!-- auto select language by brower remove -->
 		<!--<property name="defaultLocale" value="en" />  -->

--- a/maxkey-web-maxkey/src/main/resources/spring/maxkey.xml
+++ b/maxkey-web-maxkey/src/main/resources/spring/maxkey.xml
@@ -30,65 +30,10 @@
 	  </property>
 	  <property name="ignoreUnresolvablePlaceholders" value="true"/>
 	</bean>
-
-	<!-- dataSoruce Config -->
-	<bean id="dataSoruceConfig" class="org.maxkey.config.DataSoruceConfig">      
-	    <property name="driverClass" value="${config.datasource.driverclass}"/>      
-	    <property name="url" value="${config.datasource.url}"/>      
-	    <property name="username" value="${config.datasource.username}"/>      
-	    <property name="password" value="${config.datasource.password}"/>  
-	    <property name="database" value="${config.datasource.database}"/> 
-	    <property name="encrypt" value="true"/>
-	</bean> 
-	
-	<!-- Character Encoding  Config -->
-	<bean id="characterEncodingConfig" class="org.maxkey.config.CharacterEncodingConfig">      
-	    <property name="encoding" value="${config.characterencoding.encoding}"/>      
-	    <property name="fromCharSet" value="${config.characterencoding.fromcharset}"/>      
-	    <property name="toCharSet" value="${config.characterencoding.tocharset}"/>
-	</bean> 
-	
-	<!-- email  Config -->
-	<bean id="emailConfig" class="org.maxkey.config.EmailConfig">      
-	    <property name="username" value="${config.email.username}"/>      
-	    <property name="password" value="${config.email.password}"/>      
-	    <property name="smtpHost" value="${config.email.smtpHost}"/>
-	    <property name="port" value="${config.email.port}"/>
-	    <property name="senderMail" value="${config.email.senderMail}"/>
-	    <property name="ssl" value="${config.email.ssl}"/>
-	</bean> 
-	
-	<!-- Login  Config -->
-	<bean id="loginConfig" class="org.maxkey.config.LoginConfig">      
-	    <property name="captcha" value="${config.login.captcha}"/>
-	    <property name="oneTimePwd" value="${config.login.onetimepwd}"/>
-	    <property name="socialSignOn" value="${config.login.socialsignon}"/>
-	    <property name="kerberos" value="${config.login.kerberos}"/>
-	    <property name="wsFederation" value="${config.login.wsfederation}"/>
-	    <property name="remeberMe" value="${config.login.remeberme}"/>
-	    <property name="defaultUri" value="${config.login.default.uri}"/>
-	</bean> 
-	
-	<!-- Application  Config -->
-	 <bean id="applicationConfig" class="org.maxkey.config.ApplicationConfig">      
-	    <property name="dataSoruceConfig" ref="dataSoruceConfig"/> 
-	    <property name="characterEncodingConfig" ref="characterEncodingConfig"/> 
-	    <property name="emailConfig" ref="emailConfig"/> 
-	    <property name="loginConfig" ref="loginConfig"/>
-	    <property name="domainName" value="${config.domain.name}"/>
-	    <property name="serverPrefix" value="${config.server.maxkey.uri}"/>
-	    <property name="manageUri" value="${config.manage.uri}"/> 
-	    <property name="whiteList" value="${config.ipaddress.whitelist}"/> 
-  		<property name="anonymousAccessUrls">
-		   <list>
-		    <value>null</value>
-		   </list>
-		</property>
-	</bean> 	
 	
 	<!-- Scans the classpath for annotated components that will be auto-registered as Spring beans.
 	 @Controller and @Service. Make sure to set the correct base-package-->
- 
+ 	<context:component-scan base-package="org.maxkey.config" />
 	<!-- domain bean  -->
 	<context:component-scan base-package="org.maxkey.domain" />
 	<context:component-scan base-package="org.maxkey.domain.apps" />