会话管理移到upms-client,统一会话管理和集中授权
This commit is contained in:
shuzheng
parent
03de869ff1
commit
4ab32f29fe
|
|
@ -31,6 +31,11 @@
|
|||
<version>1.0.0</version>
|
||||
<type>jar</type>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.zheng</groupId>
|
||||
<artifactId>zheng-upms-rpc-api</artifactId>
|
||||
<version>1.0.0</version>
|
||||
</dependency>
|
||||
<!-- servlet -->
|
||||
<dependency>
|
||||
<groupId>javax.servlet</groupId>
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
package com.zheng.upms.server.shiro;
|
||||
package com.zheng.upms.client.shiro;
|
||||
|
||||
import org.apache.shiro.session.mgt.SimpleSession;
|
||||
|
||||
|
|
@ -1,7 +1,6 @@
|
|||
package com.zheng.upms.server.shiro;
|
||||
package com.zheng.upms.client.shiro;
|
||||
|
||||
import com.zheng.common.util.RedisUtil;
|
||||
import org.apache.shiro.SecurityUtils;
|
||||
import org.apache.shiro.session.Session;
|
||||
import org.apache.shiro.session.mgt.SimpleSession;
|
||||
import org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO;
|
||||
|
|
@ -1,4 +1,4 @@
|
|||
package com.zheng.upms.server.shiro;
|
||||
package com.zheng.upms.client.shiro;
|
||||
|
||||
import org.apache.shiro.session.Session;
|
||||
import org.apache.shiro.session.mgt.SessionContext;
|
||||
|
|
@ -1,4 +1,4 @@
|
|||
package com.zheng.upms.server.shiro;
|
||||
package com.zheng.upms.client.shiro;
|
||||
|
||||
import org.apache.shiro.session.Session;
|
||||
import org.apache.shiro.web.filter.AccessControlFilter;
|
||||
|
|
@ -1,4 +1,4 @@
|
|||
package com.zheng.upms.server.shiro;
|
||||
package com.zheng.upms.client.shiro;
|
||||
|
||||
import org.apache.shiro.session.Session;
|
||||
import org.apache.shiro.session.SessionListener;
|
||||
|
|
@ -1,12 +1,10 @@
|
|||
package com.zheng.upms.server.shiro.realm;
|
||||
package com.zheng.upms.client.shiro.realm;
|
||||
|
||||
import com.zheng.common.util.MD5Util;
|
||||
import com.zheng.upms.dao.model.UpmsPermission;
|
||||
import com.zheng.upms.dao.model.UpmsRole;
|
||||
import com.zheng.upms.dao.model.UpmsUser;
|
||||
import com.zheng.upms.dao.model.UpmsUserExample;
|
||||
import com.zheng.upms.rpc.api.UpmsApiService;
|
||||
import com.zheng.upms.rpc.api.UpmsUserService;
|
||||
import org.apache.commons.lang.StringUtils;
|
||||
import org.apache.shiro.authc.*;
|
||||
import org.apache.shiro.authz.AuthorizationInfo;
|
||||
|
|
@ -22,15 +20,13 @@ import java.util.List;
|
|||
import java.util.Set;
|
||||
|
||||
/**
|
||||
* 用户认证和授权
|
||||
* Created by shuzheng on 2017/1/20.
|
||||
*/
|
||||
public class UpmsRealm extends AuthorizingRealm {
|
||||
|
||||
private static Logger _log = LoggerFactory.getLogger(UpmsRealm.class);
|
||||
|
||||
@Autowired
|
||||
private UpmsUserService upmsUserService;
|
||||
|
||||
@Autowired
|
||||
private UpmsApiService upmsApiService;
|
||||
|
||||
|
|
@ -41,7 +37,8 @@ public class UpmsRealm extends AuthorizingRealm {
|
|||
*/
|
||||
@Override
|
||||
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
|
||||
UpmsUser upmsUser = (UpmsUser) principalCollection.getPrimaryPrincipal();
|
||||
String username = (String) principalCollection.getPrimaryPrincipal();
|
||||
UpmsUser upmsUser = upmsApiService.selectUpmsUserByUsername(username);
|
||||
|
||||
// 当前用户所有角色
|
||||
List<UpmsRole> upmsRoles = upmsApiService.selectUpmsRoleByUpmsUserId(upmsUser.getUserId());
|
||||
|
|
@ -79,10 +76,7 @@ public class UpmsRealm extends AuthorizingRealm {
|
|||
String password = new String((char[]) authenticationToken.getCredentials());
|
||||
|
||||
// 查询用户信息
|
||||
UpmsUserExample upmsUserExample = new UpmsUserExample();
|
||||
upmsUserExample.createCriteria()
|
||||
.andUsernameEqualTo(username);
|
||||
UpmsUser upmsUser = upmsUserService.selectFirstByExample(upmsUserExample);
|
||||
UpmsUser upmsUser = upmsApiService.selectUpmsUserByUsername(username);
|
||||
|
||||
if (null == upmsUser) {
|
||||
throw new UnknownAccountException();
|
||||
|
|
@ -94,7 +88,7 @@ public class UpmsRealm extends AuthorizingRealm {
|
|||
throw new LockedAccountException();
|
||||
}
|
||||
|
||||
return new SimpleAuthenticationInfo(upmsUser, password, getName());
|
||||
return new SimpleAuthenticationInfo(username, password, getName());
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -30,7 +30,7 @@
|
|||
</bean>
|
||||
|
||||
<!-- 强制退出会话过滤器 -->
|
||||
<bean id="upmsSessionForceLogout" class="com.zheng.upms.server.shiro.UpmsSessionForceLogoutFilter"/>
|
||||
<bean id="upmsSessionForceLogout" class="com.zheng.upms.client.shiro.UpmsSessionForceLogoutFilter"/>
|
||||
|
||||
<!-- 安全管理器 -->
|
||||
<bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
|
||||
|
|
@ -43,7 +43,7 @@
|
|||
</bean>
|
||||
|
||||
<!-- realm实现,继承自AuthorizingRealm -->
|
||||
<bean id="upmsRealm" class="com.zheng.upms.server.shiro.realm.UpmsRealm"></bean>
|
||||
<bean id="upmsRealm" class="com.zheng.upms.client.shiro.realm.UpmsRealm"></bean>
|
||||
|
||||
<!-- 会话管理器 -->
|
||||
<bean id="sessionManager" class="org.apache.shiro.web.session.mgt.DefaultWebSessionManager">
|
||||
|
|
@ -73,7 +73,7 @@
|
|||
</bean>
|
||||
|
||||
<!-- 会话DAO,可重写,持久化session -->
|
||||
<bean id="sessionDAO" class="com.zheng.upms.server.shiro.UpmsSessionDao"/>
|
||||
<bean id="sessionDAO" class="com.zheng.upms.client.shiro.UpmsSessionDao"/>
|
||||
|
||||
<!-- 会话Cookie模板 -->
|
||||
<bean id="sessionIdCookie" class="org.apache.shiro.web.servlet.SimpleCookie">
|
||||
|
|
@ -86,10 +86,10 @@
|
|||
</bean>
|
||||
|
||||
<!-- 会话监听器 -->
|
||||
<bean id="sessionListener" class="com.zheng.upms.server.shiro.UpmsSessionListener"/>
|
||||
<bean id="sessionListener" class="com.zheng.upms.client.shiro.UpmsSessionListener"/>
|
||||
|
||||
<!-- session工厂 -->
|
||||
<bean id="sessionFactory" class="com.zheng.upms.server.shiro.UpmsSessionFactory"/>
|
||||
<bean id="sessionFactory" class="com.zheng.upms.client.shiro.UpmsSessionFactory"/>
|
||||
|
||||
<!-- rememberMe管理器 -->
|
||||
<bean id="rememberMeManager" class="org.apache.shiro.web.mgt.CookieRememberMeManager">
|
||||
|
|
@ -17,7 +17,7 @@
|
|||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>com.zheng</groupId>
|
||||
<artifactId>zheng-upms-rpc-api</artifactId>
|
||||
<artifactId>zheng-upms-client</artifactId>
|
||||
<version>1.0.0</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
|
|
|
|||
|
|
@ -46,7 +46,8 @@ public class ManageController extends BaseController {
|
|||
modelMap.put("upmsSystems", upmsSystems);
|
||||
// 当前登录用户权限
|
||||
Subject subject = SecurityUtils.getSubject();
|
||||
UpmsUser upmsUser = (UpmsUser) subject.getPrincipal();
|
||||
String username = (String) subject.getPrincipal();
|
||||
UpmsUser upmsUser = upmsApiService.selectUpmsUserByUsername(username);
|
||||
List<UpmsPermission> upmsPermissions = upmsApiService.selectUpmsPermissionByUpmsUserId(upmsUser.getUserId());
|
||||
modelMap.put("upmsPermissions", upmsPermissions);
|
||||
return "/manage/index";
|
||||
|
|
|
|||
|
|
@ -2,13 +2,13 @@ package com.zheng.upms.server.controller;
|
|||
|
||||
import com.zheng.common.base.BaseController;
|
||||
import com.zheng.common.util.RedisUtil;
|
||||
import com.zheng.upms.client.shiro.UpmsSession;
|
||||
import com.zheng.upms.client.shiro.UpmsSessionDao;
|
||||
import com.zheng.upms.common.constant.UpmsResult;
|
||||
import com.zheng.upms.common.constant.UpmsResultConstant;
|
||||
import com.zheng.upms.dao.model.UpmsSystemExample;
|
||||
import com.zheng.upms.rpc.api.UpmsSystemService;
|
||||
import com.zheng.upms.rpc.api.UpmsUserService;
|
||||
import com.zheng.upms.server.shiro.UpmsSession;
|
||||
import com.zheng.upms.server.shiro.UpmsSessionDao;
|
||||
import io.swagger.annotations.Api;
|
||||
import io.swagger.annotations.ApiOperation;
|
||||
import org.apache.commons.lang.BooleanUtils;
|
||||
|
|
|
|||
|
|
@ -1,9 +1,9 @@
|
|||
package com.zheng.upms.server.controller.manage;
|
||||
|
||||
import com.zheng.common.base.BaseController;
|
||||
import com.zheng.upms.client.shiro.UpmsSessionDao;
|
||||
import com.zheng.upms.common.constant.UpmsResult;
|
||||
import com.zheng.upms.common.constant.UpmsResultConstant;
|
||||
import com.zheng.upms.server.shiro.UpmsSessionDao;
|
||||
import io.swagger.annotations.Api;
|
||||
import io.swagger.annotations.ApiOperation;
|
||||
import org.apache.shiro.authz.annotation.RequiresPermissions;
|
||||
|
|
@ -22,35 +22,35 @@ import org.springframework.web.bind.annotation.*;
|
|||
@RequestMapping("/manage/session")
|
||||
public class UpmsSessionController extends BaseController {
|
||||
|
||||
private static Logger _log = LoggerFactory.getLogger(UpmsSessionController.class);
|
||||
private static Logger _log = LoggerFactory.getLogger(UpmsSessionController.class);
|
||||
|
||||
@Autowired
|
||||
private UpmsSessionDao sessionDAO;
|
||||
@Autowired
|
||||
private UpmsSessionDao sessionDAO;
|
||||
|
||||
@ApiOperation(value = "会话首页")
|
||||
@RequiresPermissions("upms:session:read")
|
||||
@RequestMapping(value = "/index", method = RequestMethod.GET)
|
||||
public String index() {
|
||||
return "/manage/session/index";
|
||||
}
|
||||
@ApiOperation(value = "会话首页")
|
||||
@RequiresPermissions("upms:session:read")
|
||||
@RequestMapping(value = "/index", method = RequestMethod.GET)
|
||||
public String index() {
|
||||
return "/manage/session/index";
|
||||
}
|
||||
|
||||
@ApiOperation(value = "会话列表")
|
||||
@RequiresPermissions("upms:session:read")
|
||||
@RequestMapping(value = "/list", method = RequestMethod.GET)
|
||||
@ResponseBody
|
||||
public Object list(
|
||||
@RequestParam(required = false, defaultValue = "0", value = "offset") int offset,
|
||||
@RequestParam(required = false, defaultValue = "10", value = "limit") int limit) {
|
||||
return sessionDAO.getActiveSessions(offset, limit);
|
||||
}
|
||||
@ApiOperation(value = "会话列表")
|
||||
@RequiresPermissions("upms:session:read")
|
||||
@RequestMapping(value = "/list", method = RequestMethod.GET)
|
||||
@ResponseBody
|
||||
public Object list(
|
||||
@RequestParam(required = false, defaultValue = "0", value = "offset") int offset,
|
||||
@RequestParam(required = false, defaultValue = "10", value = "limit") int limit) {
|
||||
return sessionDAO.getActiveSessions(offset, limit);
|
||||
}
|
||||
|
||||
@ApiOperation(value = "强制退出")
|
||||
@RequiresPermissions("upms:session:forceout")
|
||||
@RequestMapping(value = "/forceout/{ids}",method = RequestMethod.GET)
|
||||
@ResponseBody
|
||||
public Object forceout(@PathVariable("ids") String ids) {
|
||||
int count = sessionDAO.forceout(ids);
|
||||
return new UpmsResult(UpmsResultConstant.SUCCESS, count);
|
||||
}
|
||||
@ApiOperation(value = "强制退出")
|
||||
@RequiresPermissions("upms:session:forceout")
|
||||
@RequestMapping(value = "/forceout/{ids}", method = RequestMethod.GET)
|
||||
@ResponseBody
|
||||
public Object forceout(@PathVariable("ids") String ids) {
|
||||
int count = sessionDAO.forceout(ids);
|
||||
return new UpmsResult(UpmsResultConstant.SUCCESS, count);
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -1,11 +1,13 @@
|
|||
package com.zheng.upms.server.interceptor;
|
||||
|
||||
import com.zheng.upms.dao.model.UpmsUser;
|
||||
import com.zheng.upms.rpc.api.UpmsApiService;
|
||||
import com.zheng.upms.server.controller.manage.UpmsOrganizationController;
|
||||
import org.apache.shiro.SecurityUtils;
|
||||
import org.apache.shiro.subject.Subject;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.web.servlet.ModelAndView;
|
||||
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
|
||||
|
||||
|
|
@ -20,6 +22,9 @@ public class UpmsInterceptor extends HandlerInterceptorAdapter {
|
|||
|
||||
private static Logger _log = LoggerFactory.getLogger(UpmsInterceptor.class);
|
||||
|
||||
@Autowired
|
||||
UpmsApiService upmsApiService;
|
||||
|
||||
@Override
|
||||
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
|
||||
// 过滤ajax
|
||||
|
|
@ -28,7 +33,8 @@ public class UpmsInterceptor extends HandlerInterceptorAdapter {
|
|||
}
|
||||
// 登录信息
|
||||
Subject subject = SecurityUtils.getSubject();
|
||||
UpmsUser upmsUser = (UpmsUser) subject.getPrincipal();
|
||||
String username = (String) subject.getPrincipal();
|
||||
UpmsUser upmsUser = upmsApiService.selectUpmsUserByUsername(username);
|
||||
request.setAttribute("upmsUser", upmsUser);
|
||||
return true;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,32 +0,0 @@
|
|||
<beans:beans xmlns="http://www.springframework.org/schema/security"
|
||||
xmlns:beans="http://www.springframework.org/schema/beans"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:schemaLocation="http://www.springframework.org/schema/beans
|
||||
http://www.springframework.org/schema/beans/spring-beans.xsd
|
||||
http://www.springframework.org/schema/security
|
||||
http://www.springframework.org/schema/security/spring-security.xsd">
|
||||
|
||||
<!-- 不需要控制权限的资源 -->
|
||||
<http pattern="/resources/**" security="none"/>
|
||||
|
||||
<http use-expressions="false">
|
||||
<!-- 登录页面不需要控制权限 -->
|
||||
<intercept-url pattern="/manage/login" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
|
||||
<!-- 访问其他所有页面都需要有USER权限 -->
|
||||
<intercept-url pattern="/manage/**" access="ROLE_ADMIN"/>
|
||||
<!-- 登录功能 -->
|
||||
<form-login login-page="/manage/login" authentication-failure-url="/manage/login?error"/>
|
||||
<!-- 登出功能 -->
|
||||
<logout/>
|
||||
</http>
|
||||
|
||||
<authentication-manager>
|
||||
<authentication-provider>
|
||||
<user-service>
|
||||
<!-- 这里创建两个用户,可以通过用户名密码登录 -->
|
||||
<user name="admin" password="123456" authorities="ROLE_ADMIN"/>
|
||||
</user-service>
|
||||
</authentication-provider>
|
||||
</authentication-manager>
|
||||
|
||||
</beans:beans>
|
||||
Loading…
Reference in New Issue