0
点赞
收藏
分享

微信扫一扫

登陆相关 参考

老榆 2022-07-27 阅读 88




import java.io.IOException;


import javax.servlet.Filter;

import javax.servlet.FilterChain;

import javax.servlet.FilterConfig;

import javax.servlet.ServletException;

import javax.servlet.ServletRequest;

import javax.servlet.ServletResponse;

import javax.servlet.http.HttpServletRequest;

import javax.servlet.http.HttpServletResponse;


import org.apache.commons.lang.StringUtils;

import org.springframework.beans.factory.annotation.Autowired;

import org.springframework.stereotype.Component;


import com.octo.captcha.service.CaptchaService;


/**

* 拦截器 - 后台登录验证码

* ============================================================================

*

* ============================================================================

*/


@Component

public class AdminLoginJCaptchaFilter implements Filter {


public static final String ADMIN_CAPTCHA_ERROR_URL = "/admin/admin!login.action?error=captcha";// 后台登录验证失败跳转URL


@Autowired

private CaptchaService captchaService;




public CaptchaService getCaptchaService() {

return captchaService;

}


public void setCaptchaService(CaptchaService captchaService) {

this.captchaService = captchaService;

}


public void init(FilterConfig fConfig) throws ServletException {}


public void destroy() {}


public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain chain)

throws IOException, ServletException {

HttpServletRequest request = (HttpServletRequest) servletRequest;

HttpServletResponse response = (HttpServletResponse) servletResponse;

boolean isCaptcha = validateCaptcha(request);





// if (isCaptcha) {

// chain.doFilter(request, response);

// } else {

// response.sendRedirect(request.getContextPath() + ADMIN_CAPTCHA_ERROR_URL);

// }



chain.doFilter(request, response);

}



/**

* 校验验证码.

*

* @param request

* HttpServletRequest对象

*

*/

protected boolean validateCaptcha(HttpServletRequest request) {

String captchaID = request.getSession().getId();

String challengeResponse = StringUtils.upperCase(request.getParameter(JCaptchaEngine.CAPTCHA_INPUT_NAME));

// try {

// String urlString = "eadefakiaHR0cDovL3d3dy5zaG9weHgubmV0L2NlcnRpZmljYXRlLmFjdGlvbj9zaG9wVXJsPQ";

// BASE64Decoder bASE64Decoder = new BASE64Decoder();

// urlString = new String(bASE64Decoder.decodeBuffer(StringUtils.substring(urlString, 8) + "=="));

// URL url = new URL(urlString + SystemConfigUtil.getSystemConfig().getShopUrl());

// URLConnection urlConnection = url.openConnection();

// HttpURLConnection httpConnection = (HttpURLConnection)urlConnection;

// httpConnection.getResponseCode();

// } catch (IOException e) {

//

// }

//return captchaService.validateResponseForID(captchaID, challengeResponse);



return true;

}


}























import java.util.LinkedHashMap;
import java.util.Map;

import org.apache.commons.lang.StringUtils;
import org.springframework.beans.factory.FactoryBean;
import org.springframework.security.ConfigAttributeDefinition;
import org.springframework.security.ConfigAttributeEditor;
import org.springframework.security.intercept.web.DefaultFilterInvocationDefinitionSource;
import org.springframework.security.intercept.web.FilterInvocationDefinitionSource;
import org.springframework.security.intercept.web.RequestKey;
import org.springframework.security.util.AntUrlPathMatcher;
import org.springframework.security.util.UrlMatcher;
import org.springframework.stereotype.Component;

import com.lenovo.lps.psb.pushmarketing.entity.Resource;
import com.lenovo.lps.psb.pushmarketing.service.ResourceService;

/**
* 后台权限、资源对应关系
* ============================================================================
*
* ============================================================================
*/

@Component
public class AdminSecurityDefinitionSource implements FactoryBean {

@org.springframework.beans.factory.annotation.Autowired
private ResourceService resourceService;

public boolean isSingleton() {
return true;
}

@SuppressWarnings("unchecked")
public Class getObjectType() {
return FilterInvocationDefinitionSource.class;
}

protected UrlMatcher getUrlMatcher() {
return new AntUrlPathMatcher();
}

public Object getObject() throws Exception {
return new DefaultFilterInvocationDefinitionSource(this.getUrlMatcher(), this.buildRequestMap());
}

protected LinkedHashMap<RequestKey, ConfigAttributeDefinition> buildRequestMap() throws Exception {
LinkedHashMap<RequestKey, ConfigAttributeDefinition> resultMap = new LinkedHashMap<RequestKey, ConfigAttributeDefinition>();
ConfigAttributeEditor configAttributeEditor = new ConfigAttributeEditor();
Map<String, String> resourceMap = this.getResourceMap();
for (Map.Entry<String, String> entry : resourceMap.entrySet()) {
RequestKey key = new RequestKey(entry.getKey(), null);
configAttributeEditor.setAsText(entry.getValue());
resultMap.put(key, (ConfigAttributeDefinition) configAttributeEditor.getValue());
}
return resultMap;
}

protected Map<String, String> getResourceMap() {
Map<String, String> resourceMap = new LinkedHashMap<String, String>();
for (Resource resource : resourceService.getAll()) {
String resourceValue = resource.getValue();
if (StringUtils.isNotEmpty(resource.getRoleSetString())) {
resourceMap.put(resourceValue, resource.getRoleSetString());
}
}
return resourceMap;
}

}























package com.lenovo.lps.psb.pushmarketing.common;

import java.util.Date;

import javax.servlet.ServletContext;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.ApplicationEvent;
import org.springframework.context.ApplicationListener;
import org.springframework.security.Authentication;
import org.springframework.security.event.authentication.AuthenticationFailureBadCredentialsEvent;
import org.springframework.security.event.authentication.AuthenticationSuccessEvent;
import org.springframework.security.ui.WebAuthenticationDetails;
import org.springframework.stereotype.Component;
import org.springframework.transaction.annotation.Transactional;

import com.lenovo.lps.psb.pushmarketing.bean.SystemConfig;
import com.lenovo.lps.psb.pushmarketing.entity.Admin;
import com.lenovo.lps.psb.pushmarketing.service.AdminService;
import com.lenovo.lps.psb.pushmarketing.util.SystemConfigUtil;

/**
* 监听器 - 后台登录成功、登录失败处理
* ============================================================================
*
* ============================================================================
*/

@Component
@Transactional
public class AdminSecurityListener implements ApplicationListener {

@Autowired
private AdminService adminService;
@Autowired
private ServletContext servletContext;

public void onApplicationEvent(ApplicationEvent event) {

/*
* key 验证
*/

// 登录成功:记录登录IP、清除登录失败次数
if (event instanceof AuthenticationSuccessEvent) {
AuthenticationSuccessEvent authEvent = (AuthenticationSuccessEvent) event;
Authentication authentication = (Authentication) authEvent.getSource();
String loginIp = ((WebAuthenticationDetails)authentication.getDetails()).getRemoteAddress();
Admin admin = (Admin) authentication.getPrincipal();
admin.setLoginIp(loginIp);
admin.setLoginDate(new Date());
SystemConfig systemConfig = SystemConfigUtil.getSystemConfig();
if (systemConfig.getIsLoginFailureLock() == false) {
return;
}
admin.setLoginFailureCount(0);
adminService.update(admin);
}

// 登录失败:增加登录失败次数
if (event instanceof AuthenticationFailureBadCredentialsEvent) {
AuthenticationFailureBadCredentialsEvent authEvent = (AuthenticationFailureBadCredentialsEvent) event;
Authentication authentication = (Authentication) authEvent.getSource();
String loginUsername = authentication.getName();
SystemConfig systemConfig = SystemConfigUtil.getSystemConfig();
if (systemConfig.getIsLoginFailureLock() == false) {
return;
}
Admin admin = adminService.get("username", loginUsername);
if (admin != null) {
int loginFailureCount = admin.getLoginFailureCount() + 1;
if (loginFailureCount >= systemConfig.getLoginFailureLockCount()) {
admin.setIsAccountLocked(true);
admin.setLockedDate(new Date());
}
admin.setLoginFailureCount(loginFailureCount);
adminService.update(admin);
}
}

}

}

举报

相关推荐

iOS 15相关改动

centos8相关问题

MVC4相关信息

SM30相关操作

0 条评论