session共享
登录缓存清理 缓存更换为redis缓存代码提交
This commit is contained in:
段冬梅
5
pom.xml
5
pom.xml
@@ -700,6 +700,11 @@
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.crazycake</groupId>
|
||||
<artifactId>shiro-redis</artifactId>
|
||||
<version>3.2.1</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.glassfish.jersey.connectors</groupId>
|
||||
<artifactId>jersey-apache-connector</artifactId>
|
||||
|
||||
@@ -5,6 +5,7 @@ import java.util.Map;
|
||||
import java.util.Map.Entry;
|
||||
|
||||
import org.apache.log4j.Logger;
|
||||
import org.apache.shiro.cache.Cache;
|
||||
|
||||
import com.beust.jcommander.internal.Lists;
|
||||
import com.nis.domain.specific.ConfigGroupInfo;
|
||||
@@ -12,8 +13,6 @@ import com.nis.web.dao.specific.ConfigGroupInfoDao;
|
||||
import com.nis.web.service.SpringContextHolder;
|
||||
|
||||
import jersey.repackaged.com.google.common.collect.Maps;
|
||||
import net.sf.ehcache.Cache;
|
||||
import net.sf.ehcache.Element;
|
||||
|
||||
/**
|
||||
* asn no缓存工具类
|
||||
@@ -35,9 +34,12 @@ public class AsnCacheUtils{
|
||||
* @return
|
||||
*/
|
||||
public static ConfigGroupInfo get(Long key) {
|
||||
Element element = getCache(ASN_NO_CACHE).get(key/cache_rage);
|
||||
Cache cache = getCache(ASN_NO_CACHE);
|
||||
Object element = cache.get(key/cache_rage);
|
||||
|
||||
// Element element = getCache(ASN_NO_CACHE).get(key/cache_rage);
|
||||
if(element!=null) {
|
||||
Map<Long,ConfigGroupInfo> map=(Map<Long,ConfigGroupInfo>)element.getObjectValue();
|
||||
Map<Long,ConfigGroupInfo> map=(Map<Long,ConfigGroupInfo>)element;
|
||||
if(map.containsKey(key)) {
|
||||
return map.get(key);
|
||||
}
|
||||
@@ -45,20 +47,19 @@ public class AsnCacheUtils{
|
||||
return null;
|
||||
}
|
||||
public static Map<Long,ConfigGroupInfo> getMap(Object key) {
|
||||
Element element = getCache(ASN_NO_CACHE).get(key);
|
||||
return (Map<Long,ConfigGroupInfo>)element.getObjectValue();
|
||||
Object element = getCache(ASN_NO_CACHE).get(key);
|
||||
return (Map<Long,ConfigGroupInfo>)element;
|
||||
}
|
||||
public static void clearCache() {
|
||||
logger.warn("clear cache!");
|
||||
CacheUtils.getCacheManager().removeCache(ASN_NO_CACHE);
|
||||
getCache(ASN_NO_CACHE).clear();
|
||||
}
|
||||
public static List<ConfigGroupInfo> getAllAsnGroup(){
|
||||
List<ConfigGroupInfo> configGroupInfos=Lists.newArrayList();
|
||||
Cache cache=getCache(ASN_NO_CACHE);
|
||||
for(Object key:cache.getKeys()) {
|
||||
Element element = getCache(ASN_NO_CACHE).get(key);
|
||||
if(element!=null) {
|
||||
Map<Long,ConfigGroupInfo> map=(Map<Long,ConfigGroupInfo>)element.getObjectValue();
|
||||
for(Object val : cache.values()) {
|
||||
if(val!=null) {
|
||||
Map<Long,ConfigGroupInfo> map=(Map<Long,ConfigGroupInfo>)val;
|
||||
configGroupInfos.addAll(map.values());
|
||||
}
|
||||
}
|
||||
@@ -89,20 +90,22 @@ public class AsnCacheUtils{
|
||||
}
|
||||
}
|
||||
for(Entry<Long, Map<Long, ConfigGroupInfo>> e:groupMap.entrySet()) {
|
||||
Element element = new Element(e.getKey(), e.getValue());
|
||||
cache.put(element);
|
||||
cache.put(e.getKey(),e.getValue());
|
||||
}
|
||||
}else {
|
||||
//查询总量
|
||||
Long count=configGroupInfoDao.getCountByType(4);
|
||||
boolean loadDatabase=false;
|
||||
if(cache.getKeys().size()==0) {
|
||||
if(cache.keys().size()==0) {
|
||||
loadDatabase=true;
|
||||
}else {
|
||||
long c=0l;
|
||||
for(Object key:cache.getKeys()) {
|
||||
for(Object key:cache.keys()) {
|
||||
Map<Long, ConfigGroupInfo> map = getMap(key);
|
||||
if(map != null) {
|
||||
c+=getMap(key).size();
|
||||
}
|
||||
}
|
||||
if(c!=count) {
|
||||
loadDatabase=true;
|
||||
}
|
||||
@@ -121,8 +124,7 @@ public class AsnCacheUtils{
|
||||
}
|
||||
}
|
||||
for(Entry<Long, Map<Long, ConfigGroupInfo>> e:groupMap.entrySet()) {
|
||||
Element element = new Element(e.getKey(), e.getValue());
|
||||
cache.put(element);
|
||||
cache.put(e.getKey(), e.getValue());
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -137,17 +139,16 @@ public class AsnCacheUtils{
|
||||
*/
|
||||
public static void put(Long key, ConfigGroupInfo value) {
|
||||
Long _key=key/cache_rage;
|
||||
Element element = getCache(ASN_NO_CACHE).get(_key);
|
||||
Object element = getCache(ASN_NO_CACHE).get(_key);
|
||||
if(element==null) {
|
||||
Map<Long,ConfigGroupInfo> map=Maps.newHashMap();
|
||||
map.put(key, value);
|
||||
element = new Element(_key, map);
|
||||
getCache(ASN_NO_CACHE).put(_key,map);
|
||||
}else {
|
||||
Map<Long,ConfigGroupInfo> map=(Map<Long,ConfigGroupInfo>)element.getObjectValue();
|
||||
Map<Long,ConfigGroupInfo> map=(Map<Long,ConfigGroupInfo>)element;
|
||||
map.put(key, value);
|
||||
element = new Element(_key, map);
|
||||
getCache(ASN_NO_CACHE).put(_key,map);
|
||||
}
|
||||
getCache(ASN_NO_CACHE).put(element);
|
||||
}
|
||||
/**
|
||||
* 从缓存中移除
|
||||
@@ -159,30 +160,25 @@ public class AsnCacheUtils{
|
||||
}
|
||||
public static void remove(Long key) {
|
||||
Long _key=key/cache_rage;
|
||||
Element element = getCache(ASN_NO_CACHE).get(_key);
|
||||
Object element = getCache(ASN_NO_CACHE).get(_key);
|
||||
if(element!=null) {
|
||||
Map<Long,ConfigGroupInfo> map=(Map<Long,ConfigGroupInfo>)element.getObjectValue();
|
||||
Map<Long,ConfigGroupInfo> map=(Map<Long,ConfigGroupInfo>)element;
|
||||
if(map.containsKey(key)) {
|
||||
map.remove(key);
|
||||
}
|
||||
if(map.isEmpty()) {
|
||||
getCache(ASN_NO_CACHE).remove(_key);
|
||||
}else {
|
||||
element=new Element(_key,map);
|
||||
getCache(ASN_NO_CACHE).put(element);
|
||||
getCache(ASN_NO_CACHE).put(_key, map);
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
private static Cache getCache(String cacheName){
|
||||
Cache cache = CacheUtils.getCacheManager().getCache(cacheName);
|
||||
if (cache == null){
|
||||
CacheUtils.getCacheManager().addCache(cacheName);
|
||||
cache = CacheUtils.getCacheManager().getCache(cacheName);
|
||||
cache.getCacheConfiguration().setEternal(true);
|
||||
}
|
||||
return cache;
|
||||
}
|
||||
|
||||
public static String getCacheName() {
|
||||
return ASN_NO_CACHE;
|
||||
}
|
||||
|
||||
@@ -1,10 +1,11 @@
|
||||
package com.nis.util;
|
||||
|
||||
|
||||
import org.apache.shiro.cache.Cache;
|
||||
import org.crazycake.shiro.RedisCacheManager;
|
||||
|
||||
import com.nis.web.service.SpringContextHolder;
|
||||
|
||||
import net.sf.ehcache.Cache;
|
||||
import net.sf.ehcache.CacheManager;
|
||||
import net.sf.ehcache.Element;
|
||||
|
||||
/**
|
||||
* Cache工具类
|
||||
@@ -13,7 +14,7 @@ import net.sf.ehcache.Element;
|
||||
*/
|
||||
public class CacheUtils {
|
||||
|
||||
private static CacheManager cacheManager = ((CacheManager)SpringContextHolder.getBean("cacheManager"));
|
||||
private static RedisCacheManager cacheManager = (RedisCacheManager)SpringContextHolder.getBean("shiroCacheManager");
|
||||
|
||||
private static final String SYS_CACHE = "sysCache";
|
||||
|
||||
@@ -51,8 +52,7 @@ public class CacheUtils {
|
||||
* @return
|
||||
*/
|
||||
public static Object get(String cacheName, String key) {
|
||||
Element element = getCache(cacheName).get(key);
|
||||
return element==null?null:element.getObjectValue();
|
||||
return getCache(cacheName).get(key);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -62,8 +62,8 @@ public class CacheUtils {
|
||||
* @param value
|
||||
*/
|
||||
public static void put(String cacheName, String key, Object value) {
|
||||
Element element = new Element(key, value);
|
||||
getCache(cacheName).put(element);
|
||||
Cache cache=cacheManager.getCache(cacheName);
|
||||
cache.put(key, value);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -80,7 +80,7 @@ public class CacheUtils {
|
||||
* @param cacheName
|
||||
* @return
|
||||
*/
|
||||
private static Cache getCache(String cacheName){
|
||||
/*private static Cache getCache(String cacheName){
|
||||
Cache cache = cacheManager.getCache(cacheName);
|
||||
if (cache == null){
|
||||
cacheManager.addCache(cacheName);
|
||||
@@ -88,9 +88,13 @@ public class CacheUtils {
|
||||
cache.getCacheConfiguration().setEternal(true);
|
||||
}
|
||||
return cache;
|
||||
}*/
|
||||
private static Cache getCache(String cacheName){
|
||||
Cache cache = cacheManager.getCache(cacheName);
|
||||
return cache;
|
||||
}
|
||||
|
||||
public static CacheManager getCacheManager() {
|
||||
public static RedisCacheManager getCacheManager() {
|
||||
return cacheManager;
|
||||
}
|
||||
|
||||
|
||||
@@ -1,12 +1,26 @@
|
||||
package com.nis.web.controller.sys;
|
||||
|
||||
import java.util.Collection;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.apache.commons.beanutils.BeanUtils;
|
||||
import org.apache.derby.tools.sysinfo;
|
||||
import org.apache.shiro.SecurityUtils;
|
||||
import org.apache.shiro.authc.AuthenticationInfo;
|
||||
import org.apache.shiro.authc.AuthenticationToken;
|
||||
import org.apache.shiro.authz.annotation.RequiresPermissions;
|
||||
import org.apache.shiro.cache.Cache;
|
||||
import org.apache.shiro.mgt.RealmSecurityManager;
|
||||
import org.apache.shiro.realm.Realm;
|
||||
import org.apache.shiro.session.Session;
|
||||
import org.apache.shiro.subject.PrincipalCollection;
|
||||
import org.apache.shiro.subject.SimplePrincipalCollection;
|
||||
import org.apache.shiro.subject.support.DefaultSubjectContext;
|
||||
import org.crazycake.shiro.RedisCache;
|
||||
import org.springframework.stereotype.Controller;
|
||||
import org.springframework.ui.Model;
|
||||
import org.springframework.web.bind.annotation.ModelAttribute;
|
||||
@@ -22,11 +36,15 @@ import com.nis.domain.Page;
|
||||
import com.nis.domain.SysRole;
|
||||
import com.nis.domain.SysUser;
|
||||
import com.nis.util.DateUtils;
|
||||
import com.nis.util.IpUtil;
|
||||
import com.nis.util.StringUtil;
|
||||
import com.nis.util.StringUtils;
|
||||
import com.nis.util.excel.ExportExcel;
|
||||
import com.nis.web.controller.BaseController;
|
||||
import com.nis.web.security.SystemAuthorizingRealm;
|
||||
import com.nis.web.security.SystemAuthorizingRealm.Principal;
|
||||
import com.nis.web.security.UserUtils;
|
||||
import com.nis.web.security.UsernamePasswordToken;
|
||||
|
||||
@Controller
|
||||
@RequestMapping("${adminPath}/sys/user")
|
||||
@@ -97,7 +115,7 @@ public class UserController extends BaseController{
|
||||
return form(user, model);
|
||||
}*/
|
||||
if (!"true".equals(checkLoginName(user.getOldLoginId(), user.getLoginId()))){
|
||||
addMessage(redirectAttributes,"error", "save_failed");
|
||||
addMessage(model,"error", "save_failed");
|
||||
return form(user, model);
|
||||
}
|
||||
// 角色数据有效性验证,过滤不在授权内的角色
|
||||
@@ -264,6 +282,7 @@ public class UserController extends BaseController{
|
||||
|
||||
/**
|
||||
* 修改个人用户密码
|
||||
*
|
||||
* @param oldPassword
|
||||
* @param newPassword
|
||||
* @param model
|
||||
@@ -273,12 +292,37 @@ public class UserController extends BaseController{
|
||||
@RequestMapping(value = "modifyPwd")
|
||||
public String modifyPwd(String oldPassword, String newPassword, Model model) {
|
||||
SysUser user = UserUtils.getUser();
|
||||
if (StringUtils.isNotBlank(oldPassword) && StringUtils.isNotBlank(newPassword)){
|
||||
|
||||
if (StringUtils.validatePassword(oldPassword, user.getPassword())){
|
||||
if (StringUtils.isNotBlank(oldPassword) && StringUtils.isNotBlank(newPassword)) {
|
||||
if (StringUtils.validatePassword(oldPassword, user.getPassword())) {
|
||||
userService.updatePasswordById(user.getId(), user.getLoginId(), newPassword);
|
||||
Session curSession = UserUtils.getSession();// 当前登录用户的session
|
||||
Principal principal = UserUtils.getPrincipal();// 当前登录用户的鉴权信息
|
||||
// 过滤 当前用户的 非此客户的其它登录信息
|
||||
Collection<Session> allOtherSession = systemService.getActiveSessions(true, principal, curSession);
|
||||
if (allOtherSession.size() > 0) {
|
||||
// 如果是登录进来的,则踢出已在线用户
|
||||
if (UserUtils.getSubject().isAuthenticated()) {
|
||||
for (Session session : allOtherSession) {
|
||||
systemService.deleteSession(session);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
RealmSecurityManager securityManager = (RealmSecurityManager) SecurityUtils.getSecurityManager();
|
||||
Collection<Realm> realm = securityManager.getRealms();
|
||||
for (Realm realm2 : realm) {
|
||||
SystemAuthorizingRealm userRealm = (SystemAuthorizingRealm) realm2;
|
||||
RedisCache<Object, AuthenticationInfo> cache = (RedisCache<Object, AuthenticationInfo>) userRealm.getAuthenticationCache();
|
||||
String keyPrefix = cache.getKeyPrefix();
|
||||
for (AuthenticationInfo auth : cache.values()) {
|
||||
userRealm.getAuthenticationCache().remove(auth.getPrincipals().getPrimaryPrincipal());
|
||||
}
|
||||
systemService.deleteAuthenticationCache(keyPrefix + user.getName());
|
||||
systemService.deleteAuthenticationCache(keyPrefix + user.getId());
|
||||
}
|
||||
|
||||
model.addAttribute("message", "update_success");
|
||||
}else{
|
||||
} else {
|
||||
model.addAttribute("message", "update_failed");
|
||||
}
|
||||
}
|
||||
@@ -288,5 +332,4 @@ public class UserController extends BaseController{
|
||||
|
||||
|
||||
|
||||
|
||||
}
|
||||
|
||||
@@ -11,6 +11,7 @@ import org.apache.shiro.session.UnknownSessionException;
|
||||
import org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO;
|
||||
import org.apache.shiro.subject.PrincipalCollection;
|
||||
import org.apache.shiro.subject.support.DefaultSubjectContext;
|
||||
import org.crazycake.shiro.RedisSessionDAO;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
||||
@@ -26,7 +27,8 @@ import com.nis.util.StringUtils;
|
||||
* @author
|
||||
* @version
|
||||
*/
|
||||
public class CacheSessionDAO extends EnterpriseCacheSessionDAO implements SessionDAO {
|
||||
/*public class CacheSessionDAO extends EnterpriseCacheSessionDAO implements SessionDAO {*/
|
||||
public class CacheSessionDAO extends RedisSessionDAO {
|
||||
|
||||
private Logger logger = LoggerFactory.getLogger(getClass());
|
||||
|
||||
@@ -34,7 +36,7 @@ public class CacheSessionDAO extends EnterpriseCacheSessionDAO implements Sessio
|
||||
super();
|
||||
}
|
||||
|
||||
@Override
|
||||
/*@Override
|
||||
protected void doUpdate(Session session) {
|
||||
if (session == null || session.getId() == null) {
|
||||
return;
|
||||
@@ -60,9 +62,9 @@ public class CacheSessionDAO extends EnterpriseCacheSessionDAO implements Sessio
|
||||
}
|
||||
super.doUpdate(session);
|
||||
logger.debug("update {} {}", session.getId(), request != null ? request.getRequestURI() : "");
|
||||
}
|
||||
}*/
|
||||
|
||||
@Override
|
||||
/*@Override
|
||||
protected void doDelete(Session session) {
|
||||
if (session == null || session.getId() == null) {
|
||||
return;
|
||||
@@ -70,7 +72,7 @@ public class CacheSessionDAO extends EnterpriseCacheSessionDAO implements Sessio
|
||||
|
||||
super.doDelete(session);
|
||||
logger.debug("delete {} ", session.getId());
|
||||
}
|
||||
}*/
|
||||
|
||||
@Override
|
||||
protected Serializable doCreate(Session session) {
|
||||
@@ -127,7 +129,6 @@ public class CacheSessionDAO extends EnterpriseCacheSessionDAO implements Sessio
|
||||
* @param includeLeave 是否包括离线(最后访问时间大于3分钟为离线会话)
|
||||
* @return
|
||||
*/
|
||||
@Override
|
||||
public Collection<Session> getActiveSessions(boolean includeLeave) {
|
||||
return getActiveSessions(includeLeave, null, null);
|
||||
}
|
||||
@@ -139,7 +140,6 @@ public class CacheSessionDAO extends EnterpriseCacheSessionDAO implements Sessio
|
||||
* @param filterSession 不为空,则过滤掉(不包含)这个会话。
|
||||
* @return
|
||||
*/
|
||||
@Override
|
||||
public Collection<Session> getActiveSessions(boolean includeLeave, Object principal, Session filterSession) {
|
||||
// 如果包括离线,并无登录者条件。
|
||||
if (includeLeave && principal == null){
|
||||
|
||||
@@ -1,31 +1,38 @@
|
||||
package com.nis.web.security;
|
||||
|
||||
import java.io.File;
|
||||
import java.io.InputStream;
|
||||
import java.io.Serializable;
|
||||
import java.util.Arrays;
|
||||
import java.util.Collection;
|
||||
import java.util.List;
|
||||
|
||||
import javax.annotation.PostConstruct;
|
||||
|
||||
import org.apache.shiro.SecurityUtils;
|
||||
import org.apache.shiro.authc.AuthenticationException;
|
||||
import org.apache.shiro.authc.AuthenticationInfo;
|
||||
import org.apache.shiro.authc.AuthenticationToken;
|
||||
import org.apache.shiro.authc.SimpleAuthenticationInfo;
|
||||
import org.apache.shiro.authc.credential.DefaultPasswordService;
|
||||
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
|
||||
import org.apache.shiro.authc.credential.PasswordService;
|
||||
import org.apache.shiro.authz.AuthorizationInfo;
|
||||
import org.apache.shiro.authz.Permission;
|
||||
import org.apache.shiro.authz.SimpleAuthorizationInfo;
|
||||
import org.apache.shiro.cache.Cache;
|
||||
import org.apache.shiro.codec.Base64;
|
||||
import org.apache.shiro.codec.CodecSupport;
|
||||
import org.apache.shiro.codec.Hex;
|
||||
import org.apache.shiro.mgt.RealmSecurityManager;
|
||||
import org.apache.shiro.realm.AuthorizingRealm;
|
||||
import org.apache.shiro.session.Session;
|
||||
import org.apache.shiro.subject.PrincipalCollection;
|
||||
import org.apache.shiro.subject.SimplePrincipalCollection;
|
||||
import org.apache.shiro.util.ByteSource;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import com.google.code.kaptcha.Constants;
|
||||
import com.nis.domain.SysMenu;
|
||||
import com.nis.domain.SysRole;
|
||||
import com.nis.domain.SysUser;
|
||||
@@ -34,8 +41,8 @@ import com.nis.util.Encodes;
|
||||
import com.nis.util.LogUtils;
|
||||
import com.nis.util.StringUtil;
|
||||
import com.nis.util.StringUtils;
|
||||
import com.nis.util.TreeUtil;
|
||||
import com.nis.web.service.SystemService;
|
||||
import com.sun.jna.platform.win32.Netapi32Util.User;
|
||||
|
||||
|
||||
/**
|
||||
@@ -82,7 +89,8 @@ public class SystemAuthorizingRealm extends AuthorizingRealm {
|
||||
throw new AuthenticationException("msg:该已帐号禁止登录.");
|
||||
}
|
||||
byte[] salt = Encodes.decodeHex(user.getPassword().substring(0,16));
|
||||
return new SimpleAuthenticationInfo(new Principal(user, token.isMobileLogin()), user.getPassword().substring(16), ByteSource.Util.bytes(salt), getName());
|
||||
return new SimpleAuthenticationInfo(new Principal(user, token.isMobileLogin()), user.getPassword().substring(16), new MySimpleByteSource(salt), getName());
|
||||
//return new SimpleAuthenticationInfo(new Principal(user, token.isMobileLogin()), user.getPassword().substring(16), ByteSource.Util.bytes(salt), getName());
|
||||
}
|
||||
return null;
|
||||
}
|
||||
@@ -194,14 +202,37 @@ public class SystemAuthorizingRealm extends AuthorizingRealm {
|
||||
setCredentialsMatcher(matcher);
|
||||
}
|
||||
|
||||
// /**
|
||||
// * 清空用户关联权限认证,待下次使用时重新加载
|
||||
// */
|
||||
// public void clearCachedAuthorizationInfo(Principal principal) {
|
||||
// SimplePrincipalCollection principals = new SimplePrincipalCollection(principal, getName());
|
||||
// clearCachedAuthorizationInfo(principals);
|
||||
// }
|
||||
|
||||
/**
|
||||
* 清空用户关联权限认证,待下次使用时重新加载
|
||||
*/
|
||||
public void clearCachedAuthorizationInfo(Principal principal) {
|
||||
SimplePrincipalCollection principals = new SimplePrincipalCollection(principal, getName());
|
||||
clearCachedAuthorizationInfo(principals);
|
||||
}
|
||||
/**
|
||||
* 清空用户关联权限认证,待下次使用时重新加载
|
||||
*/
|
||||
public void clearCachedAuthenticationInfo(Object principal) {
|
||||
SimplePrincipalCollection principals = new SimplePrincipalCollection(principal, getName());
|
||||
clearCachedAuthenticationInfo(principals);
|
||||
}
|
||||
/**
|
||||
* 清空用户关联权限认证,待下次使用时重新加载
|
||||
*/
|
||||
public void clearCachedAuthorizationInfoC(PrincipalCollection principals) {
|
||||
SimplePrincipalCollection principalsa = new SimplePrincipalCollection(principals, getName());
|
||||
clearCachedAuthorizationInfo(principalsa);
|
||||
}
|
||||
/*@Override
|
||||
protected void clearCachedAuthenticationInfo(PrincipalCollection principals) {
|
||||
// TODO Auto-generated method stub
|
||||
super.clearCachedAuthenticationInfo(principals);
|
||||
}
|
||||
@Override
|
||||
protected void clearCachedAuthorizationInfo(PrincipalCollection principals) {
|
||||
// TODO Auto-generated method stub
|
||||
super.clearCachedAuthorizationInfo(principals);
|
||||
}*/
|
||||
|
||||
/**
|
||||
* 授权用户信息
|
||||
@@ -293,3 +324,107 @@ public class SystemAuthorizingRealm extends AuthorizingRealm {
|
||||
|
||||
}
|
||||
}
|
||||
class MySimpleByteSource implements ByteSource, Serializable {
|
||||
private static final long serialVersionUID = 5175082362119580768L;
|
||||
|
||||
private byte[] bytes;
|
||||
private String cachedHex;
|
||||
private String cachedBase64;
|
||||
|
||||
public MySimpleByteSource(){
|
||||
}
|
||||
|
||||
public MySimpleByteSource(byte[] bytes) {
|
||||
this.bytes = bytes;
|
||||
}
|
||||
|
||||
public MySimpleByteSource(char[] chars) {
|
||||
this.bytes = CodecSupport.toBytes(chars);
|
||||
}
|
||||
|
||||
public MySimpleByteSource(String string) {
|
||||
this.bytes = CodecSupport.toBytes(string);
|
||||
}
|
||||
|
||||
public MySimpleByteSource(ByteSource source) {
|
||||
this.bytes = source.getBytes();
|
||||
}
|
||||
|
||||
public MySimpleByteSource(File file) {
|
||||
this.bytes = (new MySimpleByteSource.BytesHelper()).getBytes(file);
|
||||
}
|
||||
|
||||
public MySimpleByteSource(InputStream stream) {
|
||||
this.bytes = (new MySimpleByteSource.BytesHelper()).getBytes(stream);
|
||||
}
|
||||
|
||||
public static boolean isCompatible(Object o) {
|
||||
return o instanceof byte[] || o instanceof char[] || o instanceof String || o instanceof ByteSource || o instanceof File || o instanceof InputStream;
|
||||
}
|
||||
|
||||
public void setBytes(byte[] bytes) {
|
||||
this.bytes = bytes;
|
||||
}
|
||||
|
||||
@Override
|
||||
public byte[] getBytes() {
|
||||
return this.bytes;
|
||||
}
|
||||
|
||||
|
||||
@Override
|
||||
public String toHex() {
|
||||
if(this.cachedHex == null) {
|
||||
this.cachedHex = Hex.encodeToString(this.getBytes());
|
||||
}
|
||||
return this.cachedHex;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String toBase64() {
|
||||
if(this.cachedBase64 == null) {
|
||||
this.cachedBase64 = Base64.encodeToString(this.getBytes());
|
||||
}
|
||||
|
||||
return this.cachedBase64;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean isEmpty() {
|
||||
return this.bytes == null || this.bytes.length == 0;
|
||||
}
|
||||
@Override
|
||||
public String toString() {
|
||||
return this.toBase64();
|
||||
}
|
||||
|
||||
@Override
|
||||
public int hashCode() {
|
||||
return this.bytes != null && this.bytes.length != 0? Arrays.hashCode(this.bytes):0;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean equals(Object o) {
|
||||
if(o == this) {
|
||||
return true;
|
||||
} else if(o instanceof ByteSource) {
|
||||
ByteSource bs = (ByteSource)o;
|
||||
return Arrays.equals(this.getBytes(), bs.getBytes());
|
||||
} else {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
private static final class BytesHelper extends CodecSupport {
|
||||
private BytesHelper() {
|
||||
}
|
||||
|
||||
public byte[] getBytes(File file) {
|
||||
return this.toBytes(file);
|
||||
}
|
||||
|
||||
public byte[] getBytes(InputStream stream) {
|
||||
return this.toBytes(stream);
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -24,7 +24,12 @@ import org.apache.axis2.client.Options;
|
||||
import org.apache.axis2.client.ServiceClient;
|
||||
import org.apache.axis2.rpc.client.RPCServiceClient;
|
||||
import org.apache.commons.io.FileUtils;
|
||||
import org.apache.shiro.authc.AuthenticationInfo;
|
||||
import org.apache.shiro.session.Session;
|
||||
import org.crazycake.shiro.exception.SerializationException;
|
||||
import org.crazycake.shiro.serializer.ObjectSerializer;
|
||||
import org.crazycake.shiro.serializer.RedisSerializer;
|
||||
import org.crazycake.shiro.serializer.StringSerializer;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
@@ -39,15 +44,19 @@ import com.nis.util.TimeConstants;
|
||||
import com.nis.web.dao.SrcIpDao;
|
||||
import com.nis.web.dao.SysOfficeDao;
|
||||
import com.nis.web.dao.UserDao;
|
||||
import com.nis.web.security.CacheSessionDAO;
|
||||
import com.nis.web.security.Servlets;
|
||||
import com.nis.web.security.SessionDAO;
|
||||
import com.nis.web.security.UserUtils;
|
||||
|
||||
import antlr.StringUtils;
|
||||
|
||||
@Service
|
||||
public class SystemService extends BaseService{
|
||||
|
||||
@Autowired
|
||||
private SessionDAO sessionDao;
|
||||
private CacheSessionDAO sessionDao;
|
||||
/*private SessionDAO sessionDao;*/
|
||||
|
||||
@Autowired
|
||||
private UserDao userDao;
|
||||
@@ -57,7 +66,8 @@ public class SystemService extends BaseService{
|
||||
|
||||
@Autowired
|
||||
private SrcIpDao srcIpDao;
|
||||
|
||||
private RedisSerializer keySerializer = new StringSerializer();
|
||||
private RedisSerializer valueSerializer = new ObjectSerializer();
|
||||
|
||||
public Collection<Session> getActiveSessions(boolean includeLeave) {
|
||||
return sessionDao.getActiveSessions(includeLeave);
|
||||
@@ -72,6 +82,17 @@ public class SystemService extends BaseService{
|
||||
sessionDao.delete(session);
|
||||
}
|
||||
|
||||
public void deleteAuthenticationCache(String authenticationInfo) {
|
||||
if (org.apache.commons.lang3.StringUtils.isBlank(authenticationInfo)) {
|
||||
logger.error("AuthenticationInfo is null");
|
||||
return;
|
||||
}
|
||||
try {
|
||||
sessionDao.getRedisManager().del(keySerializer.serialize(authenticationInfo));
|
||||
} catch (SerializationException e) {
|
||||
logger.error("delete AuthenticationInfo error. AuthenticationInfo key=" + authenticationInfo);
|
||||
}
|
||||
}
|
||||
|
||||
public SysUser getUserByLoginName(String loginName) {
|
||||
return UserUtils.getByLoginName(loginName);
|
||||
|
||||
@@ -77,14 +77,25 @@
|
||||
|
||||
<!-- 定义Shiro安全管理配置 -->
|
||||
<bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
|
||||
<property name="realm" ref="systemAuthorizingRealm" />
|
||||
<!-- <property name="realm" ref="systemAuthorizingRealm" /> -->
|
||||
<property name="realm" ref="shiroRealm" />
|
||||
<property name="sessionManager" ref="sessionManager" />
|
||||
<property name="cacheManager" ref="shiroCacheManager" />
|
||||
</bean>
|
||||
|
||||
<bean id="shiroRealm" class="com.nis.web.security.SystemAuthorizingRealm">
|
||||
<!-- 启用缓存 -->
|
||||
<property name="cachingEnabled" value="true"></property>
|
||||
<!-- 启用身份验证缓存 -->
|
||||
<property name="authenticationCachingEnabled" value="true"></property>
|
||||
<!-- 启用授权缓存 -->
|
||||
<property name="authorizationCachingEnabled" value="true"></property>
|
||||
</bean>
|
||||
|
||||
<!-- 自定义会话管理配置 -->
|
||||
<bean id="sessionManager" class="com.nis.web.security.SessionManager">
|
||||
<property name="sessionDAO" ref="sessionDAO"/>
|
||||
<!-- <property name="sessionDAO" ref="sessionDAO"/> -->
|
||||
<property name="sessionDAO" ref="redisSessionDAO"/>
|
||||
|
||||
<!-- 会话超时时间,单位:毫秒 -->
|
||||
<property name="globalSessionTimeout" value="${session.sessionTimeout}"/>
|
||||
@@ -98,22 +109,35 @@
|
||||
<property name="sessionIdCookieEnabled" value="true"/>
|
||||
</bean>
|
||||
|
||||
<bean id="redisSessionDAO" class="com.nis.web.security.CacheSessionDAO">
|
||||
<property name="expire" value="${redis.expire}"></property>
|
||||
<property name="redisManager" ref="redisManager"></property>
|
||||
<property name="keyPrefix" value="shiro_redis_"></property>
|
||||
</bean>
|
||||
|
||||
<!-- 指定本系统SESSIONID, 默认为: JSESSIONID 问题: 与SERVLET容器名冲突, 如JETTY, TOMCAT 等默认JSESSIONID,
|
||||
当跳出SHIRO SERVLET时如ERROR-PAGE容器会为JSESSIONID重新分配值导致登录会话丢失! -->
|
||||
<bean id="sessionIdCookie" class="org.apache.shiro.web.servlet.SimpleCookie">
|
||||
<constructor-arg name="name" value="nis.session.id"/>
|
||||
</bean>
|
||||
|
||||
<bean id="sessionDAO" class="com.nis.web.security.CacheSessionDAO">
|
||||
<!-- <bean id="sessionDAO" class="com.nis.web.security.CacheSessionDAO">
|
||||
<property name="sessionIdGenerator" ref="idGen" />
|
||||
<property name="activeSessionsCacheName" value="activeSessionsCache" />
|
||||
<property name="cacheManager" ref="shiroCacheManager" />
|
||||
</bean>
|
||||
</bean> -->
|
||||
|
||||
<!-- 定义授权缓存管理器 -->
|
||||
<!-- <bean id="shiroCacheManager" class="com.thinkgem.jeesite.common.security.shiro.cache.SessionCacheManager" /> -->
|
||||
<bean id="shiroCacheManager" class="org.apache.shiro.cache.ehcache.EhCacheManager">
|
||||
<!-- <bean id="shiroCacheManager" class="org.apache.shiro.cache.ehcache.EhCacheManager">
|
||||
<property name="cacheManager" ref="cacheManager"/>
|
||||
</bean> -->
|
||||
<bean id="shiroCacheManager" class="org.crazycake.shiro.RedisCacheManager">
|
||||
<property name="redisManager" ref="redisManager"/>
|
||||
</bean>
|
||||
|
||||
<bean id="redisManager" class="org.crazycake.shiro.RedisManager">
|
||||
<property name="host" value="${redis.host}"></property>
|
||||
<property name="timeout" value="${redis.timeout}"></property>
|
||||
</bean>
|
||||
|
||||
<!-- 保证实现了Shiro内部lifecycle函数的bean执行 -->
|
||||
|
||||
@@ -1132,7 +1132,7 @@ report_total=Total
|
||||
message_type=Message Type
|
||||
as=AS
|
||||
route=Route
|
||||
transport_layer_protocol=TLS Protocol
|
||||
transport_layer_protocol=Protocol
|
||||
av_voip_monit=VoIP Monitor
|
||||
av_voip_reject=VoIP Block
|
||||
label_proto_source=Protocol Source
|
||||
@@ -1158,7 +1158,7 @@ traffic_ipactive_hour_trend=Active IP TOP10 Trend In Nearly One Hour
|
||||
traffic_ipactive_hour_max=Active IP TOP10 Maximum In Nearly One Hour
|
||||
ip_addr=IP
|
||||
area_id=Area
|
||||
link_num=Link Number
|
||||
link_num=Link Times
|
||||
stat_time=Statistical Time
|
||||
log_menu=Operation Menu
|
||||
log_management=Log Management
|
||||
|
||||
@@ -1132,7 +1132,7 @@ report_total=\u0412\u0441\u0435\u0433\u043E
|
||||
message_type=\u0422\u0438\u043F \u0441\u043E\u043E\u0431\u0449\u0435\u043D\u0438\u044F
|
||||
as=\u041A\u0410\u041A
|
||||
route=\u041C\u0430\u0440\u0448\u0440\u0443\u0442
|
||||
transport_layer_protocol=\u041F\u0440\u043E\u0442\u043E\u043A\u043E\u043B TLS
|
||||
transport_layer_protocol=\u041F\u0440\u043E\u0442\u043E\u043A\u043E\u043B
|
||||
av_voip_monit=\u041C\u043E\u043D\u0438\u0442\u043E\u0440\u0438\u043D\u0433 VoIP
|
||||
av_voip_reject=VoIP \u0431\u043B\u043E\u043A\u0438\u0440\u043E\u0432\u0430\u043D\u0438\u0435
|
||||
label_proto_source=\u0418\u0441\u0442\u043E\u0447\u043D\u0438\u043A \u043F\u0440\u043E\u0442\u043E\u043A\u043E\u043B\u0430
|
||||
@@ -1158,7 +1158,7 @@ traffic_ipactive_hour_trend=\u0410\u043A\u0442\u0438\u0432\u043D\u044B\u0439 IP
|
||||
traffic_ipactive_hour_max=\u0410\u043A\u0442\u0438\u0432\u043D\u044B\u0439 IP TOP10 \u043C\u0430\u043A\u0441\u0438\u043C\u0443\u043C \u0437\u0430 \u043E\u0434\u0438\u043D \u0447\u0430\u0441
|
||||
ip_addr=IP
|
||||
area_id=\u0420\u0435\u0433\u0438\u043E\u043D
|
||||
link_num=\u041D\u043E\u043C\u0435\u0440 \u0441\u0441\u044B\u043B\u043A\u0438
|
||||
link_num=\u041A\u043E\u043B\u0438\u0447\u0435\u0441\u0442\u0432\u043E \u0421\u043E\u0435\u0434\u0438\u043D\u0435\u043D\u0438\u0439
|
||||
stat_time=\u0421\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u0447\u0435\u0441\u043A\u043E\u0435 \u0432\u0440\u0435\u043C\u044F
|
||||
log_menu=\u041C\u0435\u043D\u044E \u043E\u043F\u0435\u0440\u0430\u0446\u0438\u0439
|
||||
log_management=\u0423\u043F\u0440\u0430\u0432\u043B\u0435\u043D\u0438\u0435 \u0436\u0443\u0440\u043D\u0430\u043B\u043E\u043C
|
||||
|
||||
@@ -577,7 +577,7 @@ trafficBandwidthTrans=trafficBandwidthTrans
|
||||
trafficProtocolList=trafficProtocolList
|
||||
trafficAppList=trafficAppList
|
||||
ntcActionEntranceReport=ntcActionEntranceReport
|
||||
redis.host=10.0.4.1:6379
|
||||
redis.host=192.168.10.192:6379
|
||||
redis.expire=1800
|
||||
redis.timeout=10000
|
||||
dns_spoofing_ip_desc=Default Spoofing IP
|
||||
|
||||
Reference in New Issue
Block a user