微调

aa3b4438 · inroi · 99bff38f · aa3b4438 · aa3b4438 · aa3b4438
--- a/src/main/java/com/shr/filter/SecurityFilter.java
+++ b/src/main/java/com/shr/filter/SecurityFilter.java
 package com.shr.filter;

+import com.alibaba.fastjson.JSON;
+import com.shr.common.response.RestResponse;
 import com.shr.config.ThreadLocalConfig;
 import org.eetrust.security.client.util.AssertionHolder;

@@ -9,6 +11,7 @@ import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import javax.servlet.http.HttpSession;
 import java.io.IOException;
+import java.io.PrintWriter;

 /**
 * @author Inori
@@ -18,7 +21,7 @@ public class SecurityFilter implements Filter {
    public static final String SUBJECT_USER = "_subject_user_";

    @Override
-    public void init(FilterConfig filterConfig) throws ServletException {
+    public void init(FilterConfig filterConfig) {
    }

    @Override
@@ -29,6 +32,7 @@ public class SecurityFilter implements Filter {
        final HttpServletResponse response = (HttpServletResponse) servletResponse;
        final HttpSession session = request.getSession(false);
        if (session == null) {
+            this.writeResponse(response, "This Session Not Found");
            //response.sendRedirect(request.getContextPath() + "/accessDenied.jsp");
            return;
        }
@@ -38,6 +42,7 @@ public class SecurityFilter implements Filter {
        if (user == null) {
            user = AssertionHolder.getAssertion().getPrincipal().getName();
            if (user == null) {
+                this.writeResponse(response, "This Session Not Found");
                //response.sendRedirect(request.getContextPath() + "/accessDenied.jsp");
                return;
            }
@@ -54,5 +59,20 @@ public class SecurityFilter implements Filter {
    public void destroy() {
    }

+    private void writeResponse(HttpServletResponse httpServletResponse, String message) {
+        httpServletResponse.setHeader("Cache-Control", "no-store, max-age=0, no-cache, must-revalidate");
+        httpServletResponse.addHeader("Cache-Control", "post-check=0, pre-check=0");
+        httpServletResponse.setHeader("Pragma", "no-cache");
+        httpServletResponse.setCharacterEncoding("UTF-8");
+        httpServletResponse.setContentType("application/json;charset=UTF-8");
+
+        RestResponse resp = RestResponse.fail(message).setCode(RestResponse.CODE_TOKEN_NOTFOUND);
+        try (PrintWriter printWriter = httpServletResponse.getWriter()) {
+            printWriter.write(JSON.toJSONString(resp));
+        } catch (IOException e) {
+            e.printStackTrace();
+        }
+    }
+

 }
--- a/src/main/java/com/shr/filter/VerifyTicketServlet.java
+++ b/src/main/java/com/shr/filter/VerifyTicketServlet.java
 package com.shr.filter;

+import com.alibaba.fastjson.JSON;
 import com.eetrust.security.plugin.MessageConstants;
 import com.eetrust.security.plugin.SIDPlugin;
+import com.shr.common.response.RestResponse;
 import com.shr.utils.StringUtil;

 import javax.servlet.ServletConfig;
@@ -11,6 +13,7 @@ import javax.servlet.http.HttpServlet;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
+import java.io.PrintWriter;

 /**
 * @author Inori
@@ -28,7 +31,7 @@ public class VerifyTicketServlet extends HttpServlet {
    public void doPost(HttpServletRequest request, HttpServletResponse response) {
        String ticket = request.getParameter("ticket");
        if (StringUtil.isEmpty(ticket)) {
-            this.responseJsonMsg(response, "单点登录缺少登录票据[ticket]信息!");
+            this.writeResponse(response, "单点登录缺少登录票据[ticket]信息!");
            return;
        }

@@ -46,14 +49,14 @@ public class VerifyTicketServlet extends HttpServlet {
        if (result == MessageConstants.SECURITY_SERVICE_SUCCESS) {
            // 票据验证成功, 获取用户唯一标识
            String passport = sid.getPassport();
-            this.responseJsonMsg(response, "单点登录成功! 用户唯一标识: " + passport);
+            this.writeResponse(response, "单点登录成功! 用户唯一标识: " + passport);
        } else {
            // 认证失败, 获取错误编码
            String errorCode = sid.getErrorCode();

            // 认证失败, 获取错误信息
            String errorMsg = sid.getErrorMsg();
-            this.responseJsonMsg(response, "单点登录失败! 错误编码: " + errorCode + ", 错误信息: " + errorMsg);
+            this.writeResponse(response, "单点登录失败! 错误编码: " + errorCode + ", 错误信息: " + errorMsg);
        }
    }

@@ -62,14 +65,16 @@ public class VerifyTicketServlet extends HttpServlet {
        doPost(request, response);
    }

-    public void responseJsonMsg(HttpServletResponse response, String msg) {
-        try {
-            response.setHeader("Cache-Control", "no-store, max-age=0, no-cache, must-revalidate");
-            response.addHeader("Cache-Control", "post-check=0, pre-check=0");
-            response.setHeader("Pragma", "no-cache");
-            response.setContentType("text/plain;charset=UTF-8");
-            response.getWriter().write(msg);
-            response.flushBuffer();
+    private void writeResponse(HttpServletResponse httpServletResponse, String message) {
+        httpServletResponse.setHeader("Cache-Control", "no-store, max-age=0, no-cache, must-revalidate");
+        httpServletResponse.addHeader("Cache-Control", "post-check=0, pre-check=0");
+        httpServletResponse.setHeader("Pragma", "no-cache");
+        httpServletResponse.setCharacterEncoding("UTF-8");
+        httpServletResponse.setContentType("application/json;charset=UTF-8");
+
+        RestResponse resp = RestResponse.fail(message).setCode(RestResponse.CODE_TOKEN_NOTFOUND);
+        try (PrintWriter printWriter = httpServletResponse.getWriter()) {
+            printWriter.write(JSON.toJSONString(resp));
        } catch (IOException e) {
            e.printStackTrace();
        }

--- a/src/main/java/com/shr/utils/CommonUtils.java
+++ b/src/main/java/com/shr/utils/CommonUtils.java
@@ -7,12 +7,12 @@ import java.util.*;
 /**
 * @author Inori
 */
-public class CommonUtils {
+public class CommonUtil {
    private static final String BUNDLE_NAME = "com.eetrust.security.sso.config";

    private static final ResourceBundle RESOURCE_BUNDLE = ResourceBundle.getBundle(BUNDLE_NAME);

-    private CommonUtils() {
+    private CommonUtil() {
    }

    public static String getString(String key) {

--- a/src/main/resources/LtpaToken.properties
+++ b/src/main/resources/LtpaToken.properties
 #
-#Thu Feb 10 15:27:19 CST 2022
+#Tue Jul 19 17:57:20 CST 2022
 otp.domino.secret=erewqreqr876
 cookie.domain=.vanke.com
 openid.domino.secret=erewqre99988
 email.domino.secret=erewqreqr888
 token.expiration=30
-domino.secret=BfTfatX8F+HwNNejYEGtu3ZSJTWOZ/t8\=
\ No newline at end of file
+domino.secret=BTfa8F+HwNejYEGtuZShJTW3OZw/1t8E\=
--- a/src/main/resources/application-docker.yml
+++ b/src/main/resources/application-docker.yml
@@ -21,7 +21,7 @@ spring:

  datasource:
    url: jdbc:mysql://127.0.0.1:3306/shr_server?autoReconnect=true&useUnicode=true&characterEncoding=utf8&zeroDateTimeBehavior=convertToNull&useSSL=false&serverTimezone=CTT&allowPublicKeyRetrieval=true
-    username: inori
+    username: root
    password: 123456
    driver-class-name: com.mysql.cj.jdbc.Driver