import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import com.octo.captcha.service.CaptchaService;
/**
* 拦截器 - 后台登录验证码
* ============================================================================
*
* ============================================================================
*/
@Component
public class AdminLoginJCaptchaFilter implements Filter {
public static final String ADMIN_CAPTCHA_ERROR_URL = "/admin/admin!login.action?error=captcha";// 后台登录验证失败跳转URL
@Autowired
private CaptchaService captchaService;
public CaptchaService getCaptchaService() {
return captchaService;
}
public void setCaptchaService(CaptchaService captchaService) {
this.captchaService = captchaService;
}
public void init(FilterConfig fConfig) throws ServletException {}
public void destroy() {}
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain chain)
throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) servletRequest;
HttpServletResponse response = (HttpServletResponse) servletResponse;
boolean isCaptcha = validateCaptcha(request);
// if (isCaptcha) {
// chain.doFilter(request, response);
// } else {
// response.sendRedirect(request.getContextPath() + ADMIN_CAPTCHA_ERROR_URL);
// }
chain.doFilter(request, response);
}
/**
* 校验验证码.
*
* @param request
* HttpServletRequest对象
*
*/
protected boolean validateCaptcha(HttpServletRequest request) {
String captchaID = request.getSession().getId();
String challengeResponse = StringUtils.upperCase(request.getParameter(JCaptchaEngine.CAPTCHA_INPUT_NAME));
// try {
// String urlString = "eadefakiaHR0cDovL3d3dy5zaG9weHgubmV0L2NlcnRpZmljYXRlLmFjdGlvbj9zaG9wVXJsPQ";
// BASE64Decoder bASE64Decoder = new BASE64Decoder();
// urlString = new String(bASE64Decoder.decodeBuffer(StringUtils.substring(urlString, 8) + "=="));
// URL url = new URL(urlString + SystemConfigUtil.getSystemConfig().getShopUrl());
// URLConnection urlConnection = url.openConnection();
// HttpURLConnection httpConnection = (HttpURLConnection)urlConnection;
// httpConnection.getResponseCode();
// } catch (IOException e) {
//
// }
//return captchaService.validateResponseForID(captchaID, challengeResponse);
return true;
}
}
import java.util.LinkedHashMap;
import java.util.Map;
import org.apache.commons.lang.StringUtils;
import org.springframework.beans.factory.FactoryBean;
import org.springframework.security.ConfigAttributeDefinition;
import org.springframework.security.ConfigAttributeEditor;
import org.springframework.security.intercept.web.DefaultFilterInvocationDefinitionSource;
import org.springframework.security.intercept.web.FilterInvocationDefinitionSource;
import org.springframework.security.intercept.web.RequestKey;
import org.springframework.security.util.AntUrlPathMatcher;
import org.springframework.security.util.UrlMatcher;
import org.springframework.stereotype.Component;
import com.lenovo.lps.psb.pushmarketing.entity.Resource;
import com.lenovo.lps.psb.pushmarketing.service.ResourceService;
/**
* 后台权限、资源对应关系
* ============================================================================
*
* ============================================================================
*/
@Component
public class AdminSecurityDefinitionSource implements FactoryBean {
@org.springframework.beans.factory.annotation.Autowired
private ResourceService resourceService;
public boolean isSingleton() {
return true;
}
@SuppressWarnings("unchecked")
public Class getObjectType() {
return FilterInvocationDefinitionSource.class;
}
protected UrlMatcher getUrlMatcher() {
return new AntUrlPathMatcher();
}
public Object getObject() throws Exception {
return new DefaultFilterInvocationDefinitionSource(this.getUrlMatcher(), this.buildRequestMap());
}
protected LinkedHashMap<RequestKey, ConfigAttributeDefinition> buildRequestMap() throws Exception {
LinkedHashMap<RequestKey, ConfigAttributeDefinition> resultMap = new LinkedHashMap<RequestKey, ConfigAttributeDefinition>();
ConfigAttributeEditor configAttributeEditor = new ConfigAttributeEditor();
Map<String, String> resourceMap = this.getResourceMap();
for (Map.Entry<String, String> entry : resourceMap.entrySet()) {
RequestKey key = new RequestKey(entry.getKey(), null);
configAttributeEditor.setAsText(entry.getValue());
resultMap.put(key, (ConfigAttributeDefinition) configAttributeEditor.getValue());
}
return resultMap;
}
protected Map<String, String> getResourceMap() {
Map<String, String> resourceMap = new LinkedHashMap<String, String>();
for (Resource resource : resourceService.getAll()) {
String resourceValue = resource.getValue();
if (StringUtils.isNotEmpty(resource.getRoleSetString())) {
resourceMap.put(resourceValue, resource.getRoleSetString());
}
}
return resourceMap;
}
}
package com.lenovo.lps.psb.pushmarketing.common;
import java.util.Date;
import javax.servlet.ServletContext;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.ApplicationEvent;
import org.springframework.context.ApplicationListener;
import org.springframework.security.Authentication;
import org.springframework.security.event.authentication.AuthenticationFailureBadCredentialsEvent;
import org.springframework.security.event.authentication.AuthenticationSuccessEvent;
import org.springframework.security.ui.WebAuthenticationDetails;
import org.springframework.stereotype.Component;
import org.springframework.transaction.annotation.Transactional;
import com.lenovo.lps.psb.pushmarketing.bean.SystemConfig;
import com.lenovo.lps.psb.pushmarketing.entity.Admin;
import com.lenovo.lps.psb.pushmarketing.service.AdminService;
import com.lenovo.lps.psb.pushmarketing.util.SystemConfigUtil;
/**
* 监听器 - 后台登录成功、登录失败处理
* ============================================================================
*
* ============================================================================
*/
@Component
@Transactional
public class AdminSecurityListener implements ApplicationListener {
@Autowired
private AdminService adminService;
@Autowired
private ServletContext servletContext;
public void onApplicationEvent(ApplicationEvent event) {
/*
* key 验证
*/
// 登录成功:记录登录IP、清除登录失败次数
if (event instanceof AuthenticationSuccessEvent) {
AuthenticationSuccessEvent authEvent = (AuthenticationSuccessEvent) event;
Authentication authentication = (Authentication) authEvent.getSource();
String loginIp = ((WebAuthenticationDetails)authentication.getDetails()).getRemoteAddress();
Admin admin = (Admin) authentication.getPrincipal();
admin.setLoginIp(loginIp);
admin.setLoginDate(new Date());
SystemConfig systemConfig = SystemConfigUtil.getSystemConfig();
if (systemConfig.getIsLoginFailureLock() == false) {
return;
}
admin.setLoginFailureCount(0);
adminService.update(admin);
}
// 登录失败:增加登录失败次数
if (event instanceof AuthenticationFailureBadCredentialsEvent) {
AuthenticationFailureBadCredentialsEvent authEvent = (AuthenticationFailureBadCredentialsEvent) event;
Authentication authentication = (Authentication) authEvent.getSource();
String loginUsername = authentication.getName();
SystemConfig systemConfig = SystemConfigUtil.getSystemConfig();
if (systemConfig.getIsLoginFailureLock() == false) {
return;
}
Admin admin = adminService.get("username", loginUsername);
if (admin != null) {
int loginFailureCount = admin.getLoginFailureCount() + 1;
if (loginFailureCount >= systemConfig.getLoginFailureLockCount()) {
admin.setIsAccountLocked(true);
admin.setLockedDate(new Date());
}
admin.setLoginFailureCount(loginFailureCount);
adminService.update(admin);
}
}
}
}
