7 jaren geleden · 2a9c2976e8
--- a/app/app-iot-server/src/main/java/com/yihu/ehr/iot/security/config/EhrWebHttpSessionConfiguration.java
+++ b/app/app-iot-server/src/main/java/com/yihu/ehr/iot/security/config/EhrWebHttpSessionConfiguration.java
@ -8,13 +8,11 @@ import org.springframework.security.core.session.SessionRegistryImpl;
 
				/**
			
 
				 * Created by progr1mmer on 2018/1/27.
			
 
				 */
			
 
				//@Configuration
			
 
				//@EnableRedisHttpSession
			
 
				@Configuration
			
 
				public class EhrWebHttpSessionConfiguration {
			
 
				
			
 
				    /*
			
 
				    @Bean
			
 
				    SessionRegistry sessionRegistry(){
			
 
				        return new SessionRegistryImpl();
			
 
				    }*/
			
 
				    }
			
 
				}
			
--- a/app/app-iot-server/src/main/java/com/yihu/ehr/iot/security/config/EhrWebSecurityConfiguration.java
+++ b/app/app-iot-server/src/main/java/com/yihu/ehr/iot/security/config/EhrWebSecurityConfiguration.java
@ -11,8 +11,10 @@ import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 
				import org.springframework.security.config.annotation.web.builders.WebSecurity;
			
 
				import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
			
 
				import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
			
 
				import org.springframework.security.core.session.SessionRegistry;
			
 
				import org.springframework.security.core.userdetails.UserDetailsService;
			
 
				import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
			
 
				import org.springframework.security.web.authentication.session.ConcurrentSessionControlAuthenticationStrategy;
			
 
				
			
 
				/**
			
 
				 * Created by progr1mmer on 2018/1/26.
			
@ -34,8 +36,11 @@ public class EhrWebSecurityConfiguration extends WebSecurityConfigurerAdapter {
 
				    private EhrWebAuthenticationFailureHandler ehrWebAuthenticationFailureHandler;
			
 
				    //@Autowired
			
 
				    //private EhrWebAccessDecisionManager ehrWebAccessDecisionManager;
			
 
				    //@Autowired
			
 
				    //private SessionRegistry sessionRegistry;
			
 
				    @Autowired
			
 
				    private SessionRegistry sessionRegistry;
			
 
				
			
 
				    @Autowired
			
 
				    private EhrWebContextLogoutHandler ehrWebContextLogoutHandler;
			
 
				
			
 
				    @Override
			
 
				    public void configure(WebSecurity web) throws Exception {
			
@ -49,7 +54,7 @@ public class EhrWebSecurityConfiguration extends WebSecurityConfigurerAdapter {
 
				        ehrWebUsernamePasswordAuthenticationFilter.setAuthenticationSuccessHandler(ehrWebAuthenticationSuccessHandler);
			
 
				        ehrWebUsernamePasswordAuthenticationFilter.setAuthenticationFailureHandler(ehrWebAuthenticationFailureHandler);
			
 
				        ehrWebUsernamePasswordAuthenticationFilter.setAuthenticationManager(authenticationManagerBean());
			
 
				        //ehrWebUsernamePasswordAuthenticationFilter.setSessionAuthenticationStrategy(new ConcurrentSessionControlAuthenticationStrategy(sessionRegistry));
			
 
				        ehrWebUsernamePasswordAuthenticationFilter.setSessionAuthenticationStrategy(new ConcurrentSessionControlAuthenticationStrategy(sessionRegistry));
			
 
				        http.addFilterBefore(ehrWebUsernamePasswordAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);
			
 
				        // ---------- 自定义Filter End ----------
			
 
				        //http.sessionManagement().maximumSessions(3).expiredUrl("/login?expired").sessionRegistry(sessionRegistry);
			
@ -69,7 +74,7 @@ public class EhrWebSecurityConfiguration extends WebSecurityConfigurerAdapter {
 
				                .antMatchers("/front/views/**").hasRole("USER")
			
 
				                .antMatchers("/**").hasRole("USER")
			
 
				                .and().formLogin().loginPage("/login")
			
 
				                .and().logout().logoutUrl("/logout").logoutSuccessUrl("/login")
			
 
				                .and().logout().addLogoutHandler(ehrWebContextLogoutHandler).logoutUrl("/logout").logoutSuccessUrl("/login")
			
 
				                .and().headers().frameOptions().disable()
			
 
				                .and().csrf().disable();
			
 
				    }
			
@ -100,6 +105,11 @@ public class EhrWebSecurityConfiguration extends WebSecurityConfigurerAdapter {
 
				    EhrWebAuthenticationFailureHandler ehrWebAuthenticationFailureHandler(){
			
 
				        return new EhrWebAuthenticationFailureHandler();
			
 
				    }
			
 
				
			
 
				    @Bean
			
 
				    EhrWebContextLogoutHandler ehrWebContextLogoutHandler(){
			
 
				        return new EhrWebContextLogoutHandler();
			
 
				    }
			
 
				    /**
			
 
				    @Bean
			
 
				    EhrWebAccessDecisionManager ehrWebAccessDecisionManager() {
			
--- a/app/app-iot-server/src/main/java/com/yihu/ehr/iot/security/core/EhrWebAuthenticationSuccessHandler.java
+++ b/app/app-iot-server/src/main/java/com/yihu/ehr/iot/security/core/EhrWebAuthenticationSuccessHandler.java
@ -7,6 +7,7 @@ import com.yihu.ehr.util.rest.Envelop;
 
				import org.springframework.beans.factory.annotation.Autowired;
			
 
				import org.springframework.http.MediaType;
			
 
				import org.springframework.security.core.Authentication;
			
 
				import org.springframework.security.core.session.SessionRegistry;
			
 
				import org.springframework.security.core.userdetails.UserDetails;
			
 
				import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
			
 
				
			
@ -27,8 +28,8 @@ public class EhrWebAuthenticationSuccessHandler implements AuthenticationSuccess
 
				    @Autowired
			
 
				    private ObjectMapper objectMapper;
			
 
				
			
 
				    //@Autowired
			
 
				    //private FindByIndexNameSessionRepository findByIndexNameSessionRepository;
			
 
				    @Autowired
			
 
				    SessionRegistry sessionRegistry;
			
 
				
			
 
				    /**
			
 
				     * Step 4
			
@ -56,8 +57,9 @@ public class EhrWebAuthenticationSuccessHandler implements AuthenticationSuccess
 
				        modelList.add(userDetailModel);
			
 
				        envelop.setDetailModelList(modelList);
			
 
				
			
 
				        //Map<String, Object> sessionMap = findByIndexNameSessionRepository.findByIndexNameAndIndexValue(FindByIndexNameSessionRepository.PRINCIPAL_NAME_INDEX_NAME, "admin");
			
 
				        httpServletResponse.setContentType(MediaType.APPLICATION_JSON_UTF8_VALUE);
			
 
				        httpServletResponse.getWriter().print(objectMapper.writeValueAsString(envelop));
			
 
				
			
 
				        sessionRegistry.registerNewSession(httpServletRequest.getSession().getId(),userDetailModel);
			
 
				    }
			
 
				}
			
--- a/app/app-iot-server/src/main/java/com/yihu/ehr/iot/security/core/EhrWebContextLogoutHandler.java
+++ b/app/app-iot-server/src/main/java/com/yihu/ehr/iot/security/core/EhrWebContextLogoutHandler.java
@ -0,0 +1,55 @@
 
				package com.yihu.ehr.iot.security.core;
			
 
				
			
 
				import com.fasterxml.jackson.databind.ObjectMapper;
			
 
				import com.yihu.ehr.agModel.user.UserDetailModel;
			
 
				import com.yihu.ehr.iot.util.CurrentRequest;
			
 
				import com.yihu.ehr.util.rest.Envelop;
			
 
				import org.apache.commons.logging.Log;
			
 
				import org.apache.commons.logging.LogFactory;
			
 
				import org.springframework.beans.factory.annotation.Autowired;
			
 
				import org.springframework.http.MediaType;
			
 
				import org.springframework.security.core.Authentication;
			
 
				import org.springframework.security.core.context.SecurityContext;
			
 
				import org.springframework.security.core.context.SecurityContextHolder;
			
 
				import org.springframework.security.core.session.SessionRegistry;
			
 
				import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
			
 
				import org.springframework.security.web.authentication.logout.LogoutHandler;
			
 
				import org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler;
			
 
				import org.springframework.util.Assert;
			
 
				
			
 
				import javax.servlet.ServletException;
			
 
				import javax.servlet.http.HttpServletRequest;
			
 
				import javax.servlet.http.HttpServletResponse;
			
 
				import javax.servlet.http.HttpSession;
			
 
				import java.io.IOException;
			
 
				import java.util.ArrayList;
			
 
				import java.util.HashMap;
			
 
				import java.util.List;
			
 
				import java.util.Map;
			
 
				
			
 
				/**
			
 
				 * Created by progr1mmer on 2018/1/26.
			
 
				 */
			
 
				public class EhrWebContextLogoutHandler extends SecurityContextLogoutHandler {
			
 
				
			
 
				    protected final Log logger = LogFactory.getLog(this.getClass());
			
 
				
			
 
				    @Autowired
			
 
				    SessionRegistry sessionRegistry;
			
 
				
			
 
				    /**
			
 
				     * Step 5
			
 
				     * @param httpServletRequest
			
 
				     * @param httpServletResponse
			
 
				     * @param authentication
			
 
				     */
			
 
				    @Override
			
 
				    public void logout(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) {
			
 
				        Assert.notNull(httpServletRequest, "HttpServletRequest required");
			
 
				            HttpSession session = httpServletRequest.getSession(false);
			
 
				            if (session != null) {
			
 
				                this.logger.debug("removeSessionInformation, session: " + session.getId());
			
 
				                sessionRegistry.removeSessionInformation(session.getId());
			
 
				            }
			
 
				    }
			
 
				}
			
--- a/app/app-iot-server/src/main/java/com/yihu/ehr/iot/util/CurrentRequest.java
+++ b/app/app-iot-server/src/main/java/com/yihu/ehr/iot/util/CurrentRequest.java
@ -4,12 +4,18 @@ import com.fasterxml.jackson.databind.ObjectMapper;
 
				import com.yihu.ehr.agModel.user.UserDetailModel;
			
 
				import com.yihu.ehr.iot.util.http.HttpHelper;
			
 
				import com.yihu.ehr.iot.util.http.HttpResponse;
			
 
				import com.yihu.ehr.iot.util.spring.SpringContextHolder;
			
 
				import com.yihu.ehr.util.rest.Envelop;
			
 
				import org.apache.commons.lang.StringUtils;
			
 
				import org.springframework.beans.factory.annotation.Autowired;
			
 
				import org.springframework.beans.factory.annotation.Value;
			
 
				import org.springframework.context.annotation.Configuration;
			
 
				import org.springframework.security.core.session.SessionInformation;
			
 
				import org.springframework.security.core.session.SessionRegistry;
			
 
				import org.springframework.stereotype.Component;
			
 
				
			
 
				import javax.annotation.PostConstruct;
			
 
				import javax.servlet.http.HttpServletRequest;
			
 
				import java.io.IOException;
			
 
				import java.util.HashMap;
			
 
				import java.util.Map;
			
@ -22,29 +28,20 @@ import java.util.concurrent.ConcurrentHashMap;
 
				@Component
			
 
				public class CurrentRequest {
			
 
				
			
 
				    @Value("${service-gateway.profileInnerUrl}")
			
 
				    protected String profileInnerUrl;
			
 
				
			
 
				    @Autowired
			
 
				    private ObjectMapper objectMapper;
			
 
				
			
 
				    public static Map<String,UserDetailModel> userMap = new ConcurrentHashMap<>(1000);
			
 
				    SessionRegistry sessionRegistry;
			
 
				
			
 
				    public UserDetailModel getCurrentUserByName(String username) throws IOException {
			
 
				    /**
			
 
				     * 获取当前登录用户，当前已登录的用户都缓存在session中
			
 
				     * @param request
			
 
				     * @return
			
 
				     */
			
 
				    public  UserDetailModel getCurrentUser(HttpServletRequest request){
			
 
				        String sessionId = request.getSession().getId();
			
 
				        UserDetailModel user = null;
			
 
				        if(userMap.containsKey(username)){
			
 
				            return userMap.get(username);
			
 
				        }
			
 
				        Map params = new HashMap<>();
			
 
				        params.put("login_code", username);
			
 
				        HttpResponse httpResponse = HttpHelper.get(profileInnerUrl + "/users/" + username, params);
			
 
				        if(httpResponse.getStatusCode() == 200) {
			
 
				            Envelop envelop = this.objectMapper.readValue(httpResponse.getBody(), Envelop.class);
			
 
				            if (envelop.isSuccessFlg()){
			
 
				                String userString = this.objectMapper.writeValueAsString(envelop.getObj());
			
 
				                user = this.objectMapper.readValue(userString, UserDetailModel.class);
			
 
				                userMap.put(username,user);
			
 
				            }
			
 
				        SessionInformation sessionInformation = sessionRegistry.getSessionInformation(sessionId);
			
 
				        if(null != sessionInformation.getPrincipal()){
			
 
				            user = (UserDetailModel)sessionInformation.getPrincipal();
			
 
				        }
			
 
				        return user;
			
 
				    }