Skip to content

N
nouiWithSpringMVC
Commit 541b9147 by fukai
Options

Merge branch 'master' of http://exam.letrd.com:8900/gechengyang/nouiWithSpringMVC

parents 8f3721d0 c5401715
Showing with 88 additions and 48 deletions
pom.xml
......@@ -108,6 +108,21 @@
<systemPath>${project.basedir}/src/main/webapp/WEB-INF/lib/eibs-pojosupport-2.0.0.jar</systemPath>
</dependency>
<dependency>
<groupId>org.sss</groupId>
<artifactId>eibs-hibernatesupport</artifactId>
<version>2.0.0</version>
<scope>system</scope>
<systemPath>${project.basedir}/src/main/webapp/WEB-INF/lib/eibs-hibernatesupport-2.0.0.jar</systemPath>
</dependency>
<dependency>
<groupId>cfca.integration</groupId>
<artifactId>SADK</artifactId>
<version>3.2.0.5</version>
<scope>system</scope>
<systemPath>${project.basedir}/src/main/webapp/WEB-INF/lib/SADK-3.2.0.5.jar</systemPath>
</dependency>
<!-- <dependency>
<groupId>org.sss</groupId>
<artifactId>eibs-pojosupport</artifactId>
......@@ -299,7 +314,7 @@
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>3.8.1</version>
<version>4.12</version>
<scope>test</scope>
</dependency>
<dependency>
......@@ -313,11 +328,6 @@
<version>${log4j2.version}</version>
</dependency>
<dependency>
<groupId>cfca.integration</groupId>
<artifactId>SADK</artifactId>
<version>3.2.0.5</version>
</dependency>
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>druid</artifactId>
<version>1.1.23</version>
......
src/main/java/org/sss/presentation/noui/controller/AbstractCommonController.java
package org.sss.presentation.noui.controller;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import log.Log;
import log.LogFactory;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.multipart.MultipartFile;
import org.sss.common.model.EventType;
import org.sss.common.model.IBaseObject;
import org.sss.common.model.IDatafield;
import org.sss.common.model.IModule;
import org.sss.common.model.IModuleList;
import org.sss.common.model.IPanel;
import org.sss.common.model.IStream;
import org.sss.common.model.*;
import org.sss.presentation.noui.api.exception.NoUiException;
import org.sss.presentation.noui.api.model.Alias;
import org.sss.presentation.noui.api.request.NoUiRequest;
......@@ -35,8 +23,12 @@ import org.sss.presentation.noui.util.NoUiPresentationUtil;
import org.sss.presentation.noui.util.RedisUtil;
import org.sss.presentation.noui.util.StringUtil;
import log.Log;
import log.LogFactory;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
public abstract class AbstractCommonController {
protected static final Log log = LogFactory.getLog(AbstractCommonController.class);
......@@ -142,7 +134,7 @@ public abstract class AbstractCommonController {
NoUiPresentationUtil.handleErrorReturnData(context, alias), NoUiPresentationUtil.handleCodeTableReturnData(context, alias), noUiVersion.getVersion());
} catch (Exception e) {
log.error("OnClick command error", e);
ret = ResultUtil.result(ErrorCodes.ERROR, "hander error", e.getMessage(), noUiVersion.getVersion());
ret = ResultUtil.result(ErrorCodes.ERROR, "hander error", "service error", noUiVersion.getVersion());
} finally {
if (context != null)
{
......
src/main/java/org/sss/presentation/noui/controller/UkeyLoginController.java
......@@ -44,16 +44,19 @@ public class UkeyLoginController {
log.info("====getLoginidByDN====map"+map);
if(map.containsKey("nam")) {
String loginid = map.get("nam").toString();
String dncode = map.get("ukey").toString();
log.info("====getUserByDn====loginid" + loginid);
if (StringUtils.isNotBlank(loginid)) {
if (StringUtils.isNotBlank(loginid) && StringUtils.isNotBlank(dncode)) {
retDatamap.put("msgCode", "0000");
retDatamap.put("loginid", loginid);
retDatamap.put("dncode", dncode);
return ResultUtil.result(ErrorCodes.SUCCESS, ErrorCodes.SUCCESS_INFO, retDatamap, noUiVersion.getVersion());
}
}
}
retDatamap.put("msgCode", "9999");
retDatamap.put("loginid", "");
retDatamap.put("dncode", "");
return ResultUtil.result(ErrorCodes.SUCCESS, ErrorCodes.SUCCESS_INFO, retDatamap, noUiVersion.getVersion());
}
......
src/main/java/org/sss/presentation/noui/filter/ResourceAccessFilter.java
......@@ -2,7 +2,6 @@ package org.sss.presentation.noui.filter;
import log.Log;
import log.LogFactory;
import org.apache.commons.lang.ArrayUtils;
import org.sss.presentation.noui.jwt.RedisLoginInfo;
import org.sss.presentation.noui.util.RedisUtil;
import org.sss.presentation.noui.util.StringUtil;
......@@ -11,8 +10,10 @@ import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.InputStream;
public class ResourceAccessFilter implements Filter {
public static final String FORBIDDEN = "forbidden.pdf";
protected static final Log log = LogFactory.getLog(ResourceAccessFilter.class);
private static final String KEY = "session.##.WEB";
private static final String SALT = "1314520@Wc;";
......@@ -20,8 +21,9 @@ public class ResourceAccessFilter implements Filter {
private static final String _HTML_CONTENT = "text/html; charset=UTF-8";
private static final String _403_JSON = "{'code': '403', 'msg': 'Access Forbidden, Unauthorized!'}";
private static final String _403_HTML = "<html><body><div style='text-align:center'><h1 style='margin-top: 10px;'>Access Forbidden, Unauthorized!</h1></div></body></html>";
public static String pdfpth;
public static String[] pdfpth;
public static String[] exclude;
public static final String NO_FOUND_PDF="/WEB-INF/classes/forbidden.pdf";
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
throws IOException, ServletException {
......@@ -29,9 +31,10 @@ public class ResourceAccessFilter implements Filter {
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) res;
String uri = request.getRequestURI();
if (needPdfsFilter(uri)) {
if (!doPdfsFilter(request, response)) {
chain.doFilter(req, res);
String servletPath = request.getServletPath();
if (needPdfsFilter(servletPath)) {
if (!doPdfsFilter(servletPath, request, response)) {
return;
}
} else if (isExcludeRes(uri)) {
response.setStatus(403);
......@@ -45,20 +48,26 @@ public class ResourceAccessFilter implements Filter {
}
}
private boolean doPdfsFilter(HttpServletRequest request, HttpServletResponse response) throws Exception {
String[] sec = request.getParameterValues("sec");
String[] uid = request.getParameterValues("uid");
String[] res = request.getParameterValues("file");
if (ArrayUtils.isEmpty(sec) || ArrayUtils.isEmpty(uid) || ArrayUtils.isEmpty(res)) {
private boolean doPdfsFilter(String uri, HttpServletRequest request, HttpServletResponse response) throws Exception {
String[] parts = uri.split("_");
if (parts.length != 3) {
log.warn("Access Pdfs Forbidden");
return forbidden403(request, response);
}
String res = parts[0];
String uid = parts[1];
String sec = parts[2];
if (StringUtil.isEmpty(sec) || StringUtil.isEmpty(uid) || StringUtil.isEmpty(res)) {
log.warn("Access Pdfs Forbidden");
return forbiddenPdf(request, response);
} else {
//校验usrid+token+固定值的加密
if (!isLegalSec(sec[0], uid[0], res[0])) {
if (!isLegalSec(sec, uid, res)) {
log.warn("Access Pdfs Forbidden");
return forbidden403(request, response);
return forbiddenPdf(request, response);
}
}
pdfWriter(request.getSession().getServletContext().getResourceAsStream(res), response);
return false;
}
......@@ -86,15 +95,17 @@ public class ResourceAccessFilter implements Filter {
}
private boolean needPdfsFilter(String uri) {
if (pdfpth.equals(uri)) {
return true;
for (String pdf : pdfpth) {
if (uri.startsWith(pdf)) {
return true;
}
}
return false;
}
private boolean isExcludeRes(String uri) {
for(String pth:exclude){
if(uri.startsWith(pth)){
for (String pth : exclude) {
if (uri.startsWith(pth)) {
return true;
}
......@@ -127,9 +138,33 @@ public class ResourceAccessFilter implements Filter {
return false;
}
private boolean forbiddenPdf(HttpServletRequest request, HttpServletResponse response) throws IOException {
pdfWriter(request.getSession().getServletContext().getResourceAsStream(NO_FOUND_PDF), response);
return true;
}
private void pdfWriter(InputStream inputStream, HttpServletResponse response) {
response.reset();
ServletOutputStream out;
try {
out = response.getOutputStream();
int b = 0;
byte[] buffer = new byte[512];
while (b != -1) {
b = inputStream.read(buffer);
out.write(buffer, 0, b);
}
inputStream.close();
out.close();
out.flush();
} catch (IOException e) {
log.warn("Access Pdfs IOException");
}
}
public void init(FilterConfig filterConfig) {
if (filterConfig.getInitParameter("pdfpth") != null) {
pdfpth = filterConfig.getInitParameter("pdfpth");
pdfpth = filterConfig.getInitParameter("pdfpth").split(";");
}
if (!StringUtil.isEmpty(filterConfig.getInitParameter("exclude"))) {
exclude = filterConfig.getInitParameter("exclude").split(";");
......
src/main/java/org/sss/presentation/noui/util/RedisUtil.java
......@@ -46,25 +46,25 @@ public class RedisUtil {
public static RedisTemplate<String, Object> getRedisConnection() {
if (master.equals("redisAPA")) {
log.info("getRedisMaster redisAPA1");
// log.info("getRedisMaster redisAPA1");
if (getRedisMaster(redisAPA)) {
log.info("getRedisMaster redisAPA");
setMaster("redisAPA");
return redisAPA;
} else {
log.info("getRedisMaster redisAPB");
// log.info("getRedisMaster redisAPB");
setMaster("redisAPB");
}
}
if (master.equals("redisAPB")) {
log.info("getRedisMaster redisAPB1");
// log.info("getRedisMaster redisAPB1");
if (getRedisMaster(redisAPB)) {
setMaster("redisAPB");
log.info("getRedisMaster redisAPB");
return redisAPB;
} else {
setMaster("redisAPA");
log.info("getRedisMaster redisAPA");
// log.info("getRedisMaster redisAPA");
}
}
return null;
......
src/main/webapp/WEB-INF/web.xml
......@@ -65,11 +65,11 @@
<filter-class>org.sss.presentation.noui.filter.ResourceAccessFilter</filter-class>
<init-param>
<param-name>pdfpth</param-name>
<param-value>/esfeserver/pdfjs/web/viewer.html</param-value>
<param-value>/data/files;/data/docpdf</param-value>
</init-param>
<init-param>
<param-name>exclude</param-name>
<param-value>/esfeserver/data/docpdf;/esfeserver/data/dsp;/esfeserver/data/bimdata;/esfeserver/data/delete;/esfeserver/data/elcin;/esfeserver/data/elcout;/esfeserver/data/files;/esfeserver/data/trndata;</param-value>
<param-value>/esfeserver/data/bimdata;/esfeserver/data/delete;/esfeserver/data/elcin;/esfeserver/data/elcout;/esfeserver/data/trndata;</param-value>
</init-param>
</filter>
<filter-mapping>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment