Merge branch 'dev' of LiTaohong/jw2.0 into dev

app/app-iot-server/src/main/java/com/yihu/ehr/iot/security/config/EhrWebHttpSessionConfiguration.java

@@ -8,13 +8,11 @@ import org.springframework.security.core.session.SessionRegistryImpl;
/**
 * Created by progr1mmer on 2018/1/27.
 */
//@Configuration
//@EnableRedisHttpSession
@Configuration
public class EhrWebHttpSessionConfiguration {
    /*
    @Bean
    SessionRegistry sessionRegistry(){
        return new SessionRegistryImpl();
    }*/
    }
}

app/app-iot-server/src/main/java/com/yihu/ehr/iot/security/config/EhrWebSecurityConfiguration.java

@@ -11,8 +11,10 @@ import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.session.SessionRegistry;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.security.web.authentication.session.ConcurrentSessionControlAuthenticationStrategy;
/**
 * Created by progr1mmer on 2018/1/26.
@@ -34,8 +36,11 @@ public class EhrWebSecurityConfiguration extends WebSecurityConfigurerAdapter {
    private EhrWebAuthenticationFailureHandler ehrWebAuthenticationFailureHandler;
    //@Autowired
    //private EhrWebAccessDecisionManager ehrWebAccessDecisionManager;
    //@Autowired
    //private SessionRegistry sessionRegistry;
    @Autowired
    private SessionRegistry sessionRegistry;
    @Autowired
    private EhrWebContextLogoutHandler ehrWebContextLogoutHandler;
    @Override
    public void configure(WebSecurity web) throws Exception {
@@ -49,7 +54,7 @@ public class EhrWebSecurityConfiguration extends WebSecurityConfigurerAdapter {
        ehrWebUsernamePasswordAuthenticationFilter.setAuthenticationSuccessHandler(ehrWebAuthenticationSuccessHandler);
        ehrWebUsernamePasswordAuthenticationFilter.setAuthenticationFailureHandler(ehrWebAuthenticationFailureHandler);
        ehrWebUsernamePasswordAuthenticationFilter.setAuthenticationManager(authenticationManagerBean());
        //ehrWebUsernamePasswordAuthenticationFilter.setSessionAuthenticationStrategy(new ConcurrentSessionControlAuthenticationStrategy(sessionRegistry));
        ehrWebUsernamePasswordAuthenticationFilter.setSessionAuthenticationStrategy(new ConcurrentSessionControlAuthenticationStrategy(sessionRegistry));
        http.addFilterBefore(ehrWebUsernamePasswordAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);
        // ---------- 自定义Filter End ----------
        //http.sessionManagement().maximumSessions(3).expiredUrl("/login?expired").sessionRegistry(sessionRegistry);
@@ -69,7 +74,7 @@ public class EhrWebSecurityConfiguration extends WebSecurityConfigurerAdapter {
                .antMatchers("/front/views/**").hasRole("USER")
                .antMatchers("/**").hasRole("USER")
                .and().formLogin().loginPage("/login")
                .and().logout().logoutUrl("/logout").logoutSuccessUrl("/login")
                .and().logout().addLogoutHandler(ehrWebContextLogoutHandler).logoutUrl("/logout").logoutSuccessUrl("/login")
                .and().headers().frameOptions().disable()
                .and().csrf().disable();
    }
@@ -100,6 +105,11 @@ public class EhrWebSecurityConfiguration extends WebSecurityConfigurerAdapter {
    EhrWebAuthenticationFailureHandler ehrWebAuthenticationFailureHandler(){
        return new EhrWebAuthenticationFailureHandler();
    }
    @Bean
    EhrWebContextLogoutHandler ehrWebContextLogoutHandler(){
        return new EhrWebContextLogoutHandler();
    }
    /**
    @Bean
    EhrWebAccessDecisionManager ehrWebAccessDecisionManager() {

app/app-iot-server/src/main/java/com/yihu/ehr/iot/security/core/EhrWebAuthenticationSuccessHandler.java

@@ -7,6 +7,7 @@ import com.yihu.ehr.util.rest.Envelop;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.MediaType;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.session.SessionRegistry;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
@@ -27,8 +28,8 @@ public class EhrWebAuthenticationSuccessHandler implements AuthenticationSuccess
    @Autowired
    private ObjectMapper objectMapper;
    //@Autowired
    //private FindByIndexNameSessionRepository findByIndexNameSessionRepository;
    @Autowired
    SessionRegistry sessionRegistry;
    /**
     * Step 4
@@ -56,8 +57,9 @@ public class EhrWebAuthenticationSuccessHandler implements AuthenticationSuccess
        modelList.add(userDetailModel);
        envelop.setDetailModelList(modelList);
        //Map<String, Object> sessionMap = findByIndexNameSessionRepository.findByIndexNameAndIndexValue(FindByIndexNameSessionRepository.PRINCIPAL_NAME_INDEX_NAME, "admin");
        httpServletResponse.setContentType(MediaType.APPLICATION_JSON_UTF8_VALUE);
        httpServletResponse.getWriter().print(objectMapper.writeValueAsString(envelop));
        sessionRegistry.registerNewSession(httpServletRequest.getSession().getId(),userDetailModel);
    }
}

app/app-iot-server/src/main/java/com/yihu/ehr/iot/security/core/EhrWebContextLogoutHandler.java

@@ -0,0 +1,55 @@
package com.yihu.ehr.iot.security.core;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.yihu.ehr.agModel.user.UserDetailModel;
import com.yihu.ehr.iot.util.CurrentRequest;
import com.yihu.ehr.util.rest.Envelop;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.MediaType;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.session.SessionRegistry;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.security.web.authentication.logout.LogoutHandler;
import org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler;
import org.springframework.util.Assert;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
/**
 * Created by progr1mmer on 2018/1/26.
 */
public class EhrWebContextLogoutHandler extends SecurityContextLogoutHandler {
    protected final Log logger = LogFactory.getLog(this.getClass());
    @Autowired
    SessionRegistry sessionRegistry;
    /**
     * Step 5
     * @param httpServletRequest
     * @param httpServletResponse
     * @param authentication
     */
    @Override
    public void logout(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) {
        Assert.notNull(httpServletRequest, "HttpServletRequest required");
            HttpSession session = httpServletRequest.getSession(false);
            if (session != null) {
                this.logger.debug("removeSessionInformation, session: " + session.getId());
                sessionRegistry.removeSessionInformation(session.getId());
            }
    }
}

app/app-iot-server/src/main/java/com/yihu/ehr/iot/util/CurrentRequest.java

@@ -4,12 +4,18 @@ import com.fasterxml.jackson.databind.ObjectMapper;
import com.yihu.ehr.agModel.user.UserDetailModel;
import com.yihu.ehr.iot.util.http.HttpHelper;
import com.yihu.ehr.iot.util.http.HttpResponse;
import com.yihu.ehr.iot.util.spring.SpringContextHolder;
import com.yihu.ehr.util.rest.Envelop;
import org.apache.commons.lang.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.core.session.SessionInformation;
import org.springframework.security.core.session.SessionRegistry;
import org.springframework.stereotype.Component;
import javax.annotation.PostConstruct;
import javax.servlet.http.HttpServletRequest;
import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
@@ -22,29 +28,20 @@ import java.util.concurrent.ConcurrentHashMap;
@Component
public class CurrentRequest {
    @Value("${service-gateway.profileInnerUrl}")
    protected String profileInnerUrl;
    @Autowired
    private ObjectMapper objectMapper;
    public static Map<String,UserDetailModel> userMap = new ConcurrentHashMap<>(1000);
    SessionRegistry sessionRegistry;
    public UserDetailModel getCurrentUserByName(String username) throws IOException {
    /**
     * 获取当前登录用户，当前已登录的用户都缓存在session中
     * @param request
     * @return
     */
    public  UserDetailModel getCurrentUser(HttpServletRequest request){
        String sessionId = request.getSession().getId();
        UserDetailModel user = null;
        if(userMap.containsKey(username)){
            return userMap.get(username);
        }
        Map params = new HashMap<>();
        params.put("login_code", username);
        HttpResponse httpResponse = HttpHelper.get(profileInnerUrl + "/users/" + username, params);
        if(httpResponse.getStatusCode() == 200) {
            Envelop envelop = this.objectMapper.readValue(httpResponse.getBody(), Envelop.class);
            if (envelop.isSuccessFlg()){
                String userString = this.objectMapper.writeValueAsString(envelop.getObj());
                user = this.objectMapper.readValue(userString, UserDetailModel.class);
                userMap.put(username,user);
            }
        SessionInformation sessionInformation = sessionRegistry.getSessionInformation(sessionId);
        if(null != sessionInformation.getPrincipal()){
            user = (UserDetailModel)sessionInformation.getPrincipal();
        }
        return user;
    }