微调

pom.xml

@@ -83,13 +83,37 @@
 
         <!-- Sdk -->
         <dependency>
-            <groupId>webapi</groupId>
+            <groupId>api</groupId>
             <artifactId>shr_sso_client</artifactId>
             <scope>system</scope>
             <version>1.0</version>
             <systemPath>${project.basedir}/src/main/resources/lib/shr_sso_client.jar</systemPath>
         </dependency>
 
+        <dependency>
+            <groupId>api</groupId>
+            <artifactId>eetrust-security-client</artifactId>
+            <scope>system</scope>
+            <version>1.0</version>
+            <systemPath>${project.basedir}/src/main/resources/lib/eetrust-security-client-2.6.jar</systemPath>
+        </dependency>
+
+        <dependency>
+            <groupId>api</groupId>
+            <artifactId>eetrust-security-crypto</artifactId>
+            <scope>system</scope>
+            <version>1.0</version>
+            <systemPath>${project.basedir}/src/main/resources/lib/eetrust-security-crypto-2.2.jar</systemPath>
+        </dependency>
+
+        <dependency>
+            <groupId>api</groupId>
+            <artifactId>eetrust-security-plugin</artifactId>
+            <scope>system</scope>
+            <version>1.0</version>
+            <systemPath>${project.basedir}/src/main/resources/lib/eetrust-security-plugin-2.7.jar</systemPath>
+        </dependency>
+
         <!-- Tool -->
         <dependency>
             <groupId>org.projectlombok</groupId>

src/main/java/com/shr/ShrApplication.java

@@ -2,10 +2,12 @@ package com.shr;
 
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.boot.web.servlet.ServletComponentScan;
 
 /**
  * @author Inori
  */
+@ServletComponentScan("com.shr.filter")
 @SpringBootApplication
 public class ShrApplication {
 

src/main/java/com/shr/config/ThreadLocalConfig.java

+package com.shr.config;
+
+import org.springframework.util.CollectionUtils;
+
+import java.util.HashMap;
+import java.util.Map;
+
+/**
+ * @author Inori
+ */
+public class ThreadLocalConfig {
+
+    private static ThreadLocal<Map<String, Object>> THREAD_LOCAL = new ThreadLocal<>();
+
+
+    public static Map<String, Object> get() {
+        if (CollectionUtils.isEmpty(THREAD_LOCAL.get())) {
+            ThreadLocalConfig.set(new HashMap<>());
+        }
+        return THREAD_LOCAL.get();
+    }
+
+
+    public static void set(Map<String, Object> map) {
+        THREAD_LOCAL.set(map);
+    }
+
+
+    public static void remove() {
+        THREAD_LOCAL.remove();
+    }
+
+
+}

src/main/java/com/shr/controller/EasController.java

 package com.shr.controller;
 
 import com.kingdee.shr.sso.client.ltpa.LtpaTokenManager;
+import com.shr.config.ThreadLocalConfig;
+import com.shr.utils.StringUtil;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
@@ -26,12 +28,15 @@ public class EasController {
         //要跳转的url '//'代表首页
         String redirectTo = "//";
         //调用LtpaTokenManager,根据密钥生成用户令牌
-        String username = "administrator";
-        String password = LtpaTokenManager.generate(username, LtpaTokenManager.getDefaultLtpaConfig()).toString();
+        String ssoUsername = ThreadLocalConfig.get().get("ssoUsername").toString();
+        if (StringUtil.isBlank(ssoUsername)) {
+            return;
+        }
+        String password = LtpaTokenManager.generate(ssoUsername, LtpaTokenManager.getDefaultLtpaConfig()).toString();
         System.out.println("password: " + password);
 
         //生成EAS单点登录地址
-        String url = "http://192.168.2.219:6888/portal/index2sso.jsp?username=" + username + "&password=" + password + "&redirectTo=" + redirectTo + "&isNotCheckRelogin=true";
+        String url = "http://192.168.2.219:6888/portal/index2sso.jsp?username=" + ssoUsername + "&password=" + password + "&redirectTo=" + redirectTo + "&isNotCheckRelogin=true";
         //验证Token
         LtpaTokenManager.isValid(password);
         System.out.println(url);

src/main/java/com/shr/filter/SecurityFilter.java

+package com.shr.filter;
+
+import com.shr.config.ThreadLocalConfig;
+import org.eetrust.security.client.util.AssertionHolder;
+
+import javax.servlet.*;
+import javax.servlet.annotation.WebFilter;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+import java.io.IOException;
+
+/**
+ * @author Inori
+ */
+@WebFilter(urlPatterns = "/*")
+public class SecurityFilter implements Filter {
+    public static final String SUBJECT_USER = "_subject_user_";
+
+    @Override
+    public void init(FilterConfig filterConfig) throws ServletException {
+    }
+
+    @Override
+    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
+        // 转换参数
+        final HttpServletRequest request = (HttpServletRequest) servletRequest;
+
+        final HttpServletResponse response = (HttpServletResponse) servletResponse;
+        final HttpSession session = request.getSession(false);
+        if (session == null) {
+            //response.sendRedirect(request.getContextPath() + "/accessDenied.jsp");
+            return;
+        }
+
+        // 取得会话中登录用户
+        String user = (String) session.getAttribute(SUBJECT_USER);
+        if (user == null) {
+            user = AssertionHolder.getAssertion().getPrincipal().getName();
+            if (user == null) {
+                //response.sendRedirect(request.getContextPath() + "/accessDenied.jsp");
+                return;
+            }
+
+            ThreadLocalConfig.get().put("ssoUsername", user);
+
+            request.getSession().setAttribute(SUBJECT_USER, user);
+        }
+
+        filterChain.doFilter(servletRequest, servletResponse);
+    }
+
+    @Override
+    public void destroy() {
+    }
+
+
+}

src/main/java/com/shr/filter/VerifyTicketServlet.java

+package com.shr.filter;
+
+import com.eetrust.security.plugin.MessageConstants;
+import com.eetrust.security.plugin.SIDPlugin;
+import com.shr.utils.CommonUtils;
+import com.shr.utils.StringUtil;
+
+import javax.servlet.ServletConfig;
+import javax.servlet.ServletException;
+import javax.servlet.annotation.WebServlet;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+/**
+ * @author Inori
+ */
+@WebServlet(urlPatterns = "/*")
+public class VerifyTicketServlet extends HttpServlet {
+    private static final long serialVersionUID = 4300219912599669959L;
+
+    @Override
+    public void init(ServletConfig config) throws ServletException {
+        super.init(config);
+    }
+
+    @Override
+    public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
+        String ticket = request.getParameter("ticket");
+        if (StringUtil.isEmpty(ticket)) {
+            CommonUtils.responseJsonMsg(response, "单点登录缺少登录票据[ticket]信息!");
+            return;
+        }
+
+        // 认证服务器地址
+        String authServerIp = "10.3.40.239";
+
+        // 认证服务器端口
+        String authServerPort = "80";
+
+        // 业务系统编码
+        String authAppCode = "OASys";
+
+        SIDPlugin sid = new SIDPlugin(authServerIp, Integer.parseInt(authServerPort));
+        int result = sid.Security_VerifyTicket(authAppCode, ticket);
+        if (result == MessageConstants.SECURITY_SERVICE_SUCCESS) {
+            // 票据验证成功, 获取用户唯一标识
+            String passport = sid.getPassport();
+            CommonUtils.responseJsonMsg(response, "单点登录成功! 用户唯一标识: " + passport);
+            return;
+        } else {
+            // 认证失败, 获取错误编码
+            String errorCode = sid.getErrorCode();
+
+            // 认证失败, 获取错误信息
+            String errorMsg = sid.getErrorMsg();
+            CommonUtils.responseJsonMsg(response, "单点登录失败! 错误编码: " + errorCode + ", 错误信息: " + errorMsg);
+            return;
+        }
+    }
+
+    @Override
+    public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
+        doPost(request, response);
+    }
+
+
+}

src/main/java/com/shr/utils/CommonUtils.java

+package com.shr.utils;
+
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.util.*;
+
+/**
+ * @author Inori
+ */
+public class CommonUtils {
+    private static final String BUNDLE_NAME = "com.eetrust.security.sso.config";
+
+    private static final ResourceBundle RESOURCE_BUNDLE = ResourceBundle.getBundle(BUNDLE_NAME);
+
+    private CommonUtils() {
+    }
+
+    public static String getString(String key) {
+        try {
+            return RESOURCE_BUNDLE.getString(key);
+        } catch (MissingResourceException e) {
+            return null;
+        }
+    }
+
+    /**
+     * 判断字符串是否未空
+     */
+    public static boolean isEmpty(String input) {
+        return input == null || input.trim().length() <= 0;
+    }
+
+    /**
+     * 返回信息
+     *
+     * @param response
+     * @return
+     */
+    public static void responseJsonMsg(HttpServletResponse response, String msg) {
+        try {
+            response.setHeader("Cache-Control", "no-store, max-age=0, no-cache, must-revalidate");
+            response.addHeader("Cache-Control", "post-check=0, pre-check=0");
+            response.setHeader("Pragma", "no-cache");
+            response.setContentType("text/plain;charset=UTF-8");
+            response.getWriter().write(msg);
+            response.flushBuffer();
+        } catch (IOException e) {
+            e.printStackTrace();
+        }
+    }
+
+    /**
+     * * Check that the given CharSequence is neither <code>null</code> nor of
+     * length 0. * Note: Will return <code>true</code> for a CharSequence that
+     * purely consists of whitespace. *
+     * <p>
+     *
+     * <pre>
+     *      * StringUtils.hasLength(null) = false     * StringUtils.hasLength(&quot;&quot;) = false     * StringUtils.hasLength(&quot; &quot;) = true     * StringUtils.hasLength(&quot;Hello&quot;) = true     *
+     * </pre> *
+     *
+     * @param str the CharSequence to check (may be <code>null</code>) *
+     * @return <code>true</code> if the CharSequence is not null and has
+     * length *
+     * @see #hasText(String)
+     */
+    public static boolean hasLength(CharSequence str) {
+        return (str != null && str.length() > 0);
+    }
+
+    /**
+     * * Check whether the given CharSequence has actual text. * More
+     * specifically, returns <code>true</code> if the string not
+     * <code>null</code>, * its length is greater than 0, and it contains at
+     * least one non-whitespace character. *
+     * <p>
+     *
+     * <pre>
+     *      * StringUtils.hasText(null) = false     * StringUtils.hasText(&quot;&quot;) = false     * StringUtils.hasText(&quot; &quot;) = false     * StringUtils.hasText(&quot;12345&quot;) = true     * StringUtils.hasText(&quot; 12345 &quot;) = true     *
+     * </pre> *
+     *
+     * @param str the CharSequence to check (may be <code>null</code>) *
+     * @return <code>true</code> if the CharSequence is not <code>null</code>, *
+     * its length is greater than 0, and it does not contain whitespace
+     * only *
+     * @see Character#isWhitespace
+     */
+    public static boolean hasText(CharSequence str) {
+        if (!hasLength(str)) {
+            return false;
+        }
+        int strLen = str.length();
+        for (int i = 0; i < strLen; i++) {
+            if (!Character.isWhitespace(str.charAt(i))) {
+                return true;
+            }
+        }
+        return false;
+    }
+
+    /**
+     * * Check whether the given String has actual text. * More specifically,
+     * returns <code>true</code> if the string not <code>null</code>, * its
+     * length is greater than 0, and it contains at least one non-whitespace
+     * character. *
+     *
+     * @param str the String to check (may be <code>null</code>) *
+     * @return <code>true</code> if the String is not <code>null</code>,
+     * its length is * greater than 0, and it does not contain
+     * whitespace only *
+     * @see #hasText(CharSequence)
+     */
+    public static boolean hasText(String str) {
+        return hasText((CharSequence) str);
+    }
+
+    /**
+     * * Count the occurrences of the substring in string s. *
+     *
+     * @param str string to search in. Return 0 if this is null. *
+     * @param sub string to search for. Return 0 if this is null.
+     */
+    public static int countOccurrencesOf(String str, String sub) {
+        if (str == null || sub == null || str.length() == 0
+                || sub.length() == 0) {
+            return 0;
+        }
+        int count = 0;
+        int pos = 0;
+        int idx;
+        while ((idx = str.indexOf(sub, pos)) != -1) {
+            ++count;
+            pos = idx + sub.length();
+        }
+        return count;
+    }
+
+    /**
+     * * Tokenize the given String into a String array via a StringTokenizer. *
+     * Trims tokens and omits empty tokens. *
+     * <p>
+     * The given delimiters string is supposed to consist of any number of *
+     * delimiter characters. Each of those characters can be used to separate *
+     * tokens. A delimiter is always a single character; for multi-character *
+     * delimiters, consider using <code>delimitedListToStringArray</code> *
+     *
+     * @param str        the String to tokenize *
+     * @param delimiters the delimiter characters, assembled as String * (each of those
+     *                   characters is individually considered as delimiter). *
+     * @return an array of the tokens *
+     * @see StringTokenizer *
+     * @see String#trim() *
+     */
+    public static String[] tokenizeToStringArray(String str, String delimiters) {
+        return tokenizeToStringArray(str, delimiters, true, true);
+    }
+
+    /**
+     * * Tokenize the given String into a String array via a StringTokenizer. *
+     * <p>
+     * The given delimiters string is supposed to consist of any number of *
+     * delimiter characters. Each of those characters can be used to separate *
+     * tokens. A delimiter is always a single character; for multi-character *
+     * delimiters, consider using <code>delimitedListToStringArray</code> *
+     *
+     * @param str               the String to tokenize *
+     * @param delimiters        the delimiter characters, assembled as String * (each of those
+     *                          characters is individually considered as delimiter) *
+     * @param trimTokens        trim the tokens via String's <code>trim</code> *
+     * @param ignoreEmptyTokens omit empty tokens from the result array * (only applies to
+     *                          tokens that are empty after trimming; StringTokenizer * will
+     *                          not consider subsequent delimiters as token in the first
+     *                          place). *
+     * @return an array of the tokens (<code>null</code> if the input String *
+     * was <code>null</code>) *
+     * @see StringTokenizer *
+     * @see String#trim() *
+     * @see #delimitedListToStringArray
+     */
+    public static String[] tokenizeToStringArray(String str, String delimiters,
+                                                 boolean trimTokens, boolean ignoreEmptyTokens) {
+        if (str == null) {
+            return null;
+        }
+        StringTokenizer st = new StringTokenizer(str, delimiters);
+        List<String> tokens = new ArrayList<String>();
+        while (st.hasMoreTokens()) {
+            String token = st.nextToken();
+            if (trimTokens) {
+                token = token.trim();
+            }
+            if (!ignoreEmptyTokens || token.length() > 0) {
+                tokens.add(token);
+            }
+        }
+        return toStringArray(tokens);
+    }
+
+    /**
+     * * Copy the given Collection into a String array. * The Collection must
+     * contain String elements only. *
+     *
+     * @param collection the Collection to copy *
+     * @return the String array (<code>null</code> if the passed-in *
+     * Collection was <code>null</code>)
+     */
+    public static String[] toStringArray(Collection<String> collection) {
+        if (collection == null) {
+            return null;
+        }
+        return collection.toArray(new String[collection.size()]);
+    }
+}

src/main/resources/config.properties

+authServerIp=10.3.40.239
+authServerPort=80
+authAppCode=OASys
\ No newline at end of file