完成代码

f3c35457 · inroi · 20099294 · f3c35457 · f3c35457 · f3c35457
--- a/.gitignore
+++ b/.gitignore
 /target/*
 /.idea/*
-/log/*
\ No newline at end of file
+/log/*
+/.project
+/target
+/.classpath
--- a/WebRoot/META-INF/MANIFEST.MF
+++ b/WebRoot/META-INF/MANIFEST.MF
+Manifest-Version: 1.0
+Class-Path: 
+
--- a/WebRoot/WEB-INF/classes/com/eetrust/security/filter/SecurityFilter.class
+++ b/WebRoot/WEB-INF/classes/com/eetrust/security/filter/SecurityFilter.class
--- a/WebRoot/WEB-INF/classes/com/eetrust/security/sso/CommonUtils.class
+++ b/WebRoot/WEB-INF/classes/com/eetrust/security/sso/CommonUtils.class
--- a/WebRoot/WEB-INF/classes/com/eetrust/security/sso/VerifyTicketServlet.class
+++ b/WebRoot/WEB-INF/classes/com/eetrust/security/sso/VerifyTicketServlet.class
--- a/WebRoot/WEB-INF/classes/com/eetrust/security/sso/config.properties
+++ b/WebRoot/WEB-INF/classes/com/eetrust/security/sso/config.properties
+authServerIp=10.3.40.239
+authServerPort=80
+authAppCode=OASys
\ No newline at end of file
--- a/WebRoot/WEB-INF/lib/commons-codec-1.3.jar
+++ b/WebRoot/WEB-INF/lib/commons-codec-1.3.jar
--- a/WebRoot/WEB-INF/lib/commons-httpclient-3.1.jar
+++ b/WebRoot/WEB-INF/lib/commons-httpclient-3.1.jar
--- a/WebRoot/WEB-INF/lib/commons-logging-1.1.jar
+++ b/WebRoot/WEB-INF/lib/commons-logging-1.1.jar
--- a/WebRoot/WEB-INF/lib/dom4j-1.6.1.jar
+++ b/WebRoot/WEB-INF/lib/dom4j-1.6.1.jar
--- a/WebRoot/WEB-INF/lib/eetrust-security-client-2.6.jar
+++ b/WebRoot/WEB-INF/lib/eetrust-security-client-2.6.jar
--- a/WebRoot/WEB-INF/lib/eetrust-security-crypto-2.2.jar
+++ b/WebRoot/WEB-INF/lib/eetrust-security-crypto-2.2.jar
--- a/WebRoot/WEB-INF/lib/eetrust-security-plugin-2.7.jar
+++ b/WebRoot/WEB-INF/lib/eetrust-security-plugin-2.7.jar
--- a/WebRoot/WEB-INF/web.xml
+++ b/WebRoot/WEB-INF/web.xml
+<?xml version="1.0" encoding="UTF-8"?>
+<web-app version="2.4" 
+	xmlns="http://java.sun.com/xml/ns/j2ee" 
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
+	xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee 
+	http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
+	
+	<!-- 
+	  配置不需要被拦截的路径, 通过通配符(?/*/**)对用户访问的URL进行匹配, 使用分号分隔不同路径
+	  配置实例: /conf/*;/console/*.jsp;/init/**/*.jsp
+	 -->
+	<context-param>
+		<param-name>excludeInterceptURL</param-name>
+		<param-value>/SSO-Demo/VerifyTicketServlet</param-value>
+	</context-param>
+	
+	<context-param>
+		<param-name>ticketParameterName</param-name>
+		<param-value>ticket</param-value>
+	</context-param>
+		
+	<!-- 用于单点退出 该监听器用于实现单点退出功能 -->
+	<listener>
+		<listener-class>org.eetrust.security.client.session.SingleSignOutHttpSessionListener</listener-class>
+	</listener>
+	
+	<!-- 该过滤器用于实现单点退出功能 -->
+	<filter>
+		<filter-name>UAP Single Sign Out Filter</filter-name>
+		<filter-class>org.eetrust.security.client.session.SingleSignOutFilter</filter-class>
+	</filter>
+	
+	<filter-mapping>
+		<filter-name>UAP Single Sign Out Filter</filter-name>
+		<url-pattern>/*</url-pattern>
+	</filter-mapping>
+	
+	<!-- 该过滤器负责用户的认证工作, 必须启用它 -->
+	<filter>
+		<filter-name>UAP Security Filter</filter-name>
+		<filter-class>org.eetrust.security.client.authentication.AuthenticationFilter</filter-class>
+		<init-param>
+			<param-name>serverLoginUrl</param-name>
+			<param-value>http://10.3.40.239/login-validate</param-value>
+		</init-param>
+		<init-param>
+			<param-name>serverName</param-name>
+			<param-value>http://10.3.45.200:8090</param-value>
+		</init-param>
+		<init-param>
+			<param-name>resourceCode</param-name>
+			<param-value>OASys</param-value>
+		</init-param>
+	</filter>
+	
+	<filter-mapping>
+		<filter-name>UAP Security Filter</filter-name>
+		<url-pattern>/*</url-pattern>
+	</filter-mapping>
+
+	<!-- 该过滤器负责对Ticket的校验工作, 必须启用它 -->
+	<filter>
+		<filter-name>UAP Validation Filter</filter-name>
+		<filter-class>org.eetrust.security.client.validation.MessageTicketValidationFilter</filter-class>
+		<init-param>
+			<param-name>serverValidationHost</param-name>
+			<param-value>10.3.40.239</param-value>
+		</init-param>
+		<init-param>
+			<param-name>serverValidationPort</param-name>
+			<param-value>80</param-value>
+		</init-param>
+		<init-param>
+			<param-name>communicationServerName</param-name>
+			<param-value></param-value>
+		</init-param>
+		<init-param>
+			<param-name>communicationProtocol</param-name>
+			<param-value>http</param-value>
+		</init-param>
+		<init-param>
+			<param-name>communicationCharset</param-name>
+			<param-value>GBK</param-value>
+		</init-param>
+		<init-param>
+			<param-name>resourceCode</param-name>
+			<param-value>OASys</param-value>
+		</init-param>
+		<init-param>
+			<param-name>redirectAfterValidation</param-name>
+			<param-value>true</param-value>
+		</init-param>
+		<init-param>
+			<param-name>queryAuthorizedApps</param-name>
+			<param-value>false</param-value>
+		</init-param>
+	</filter>
+	
+	<filter-mapping>
+		<filter-name>UAP Validation Filter</filter-name>
+		<url-pattern>/*</url-pattern>
+	</filter-mapping>
+
+	<!-- 该过滤器负责实现HttpServletRequest请求的包裹, 比如允许开发者通过HttpServletRequest的getRemoteUser()方法获得SSO登录用户的登录名, 可选配置. -->
+	<filter>
+		<filter-name>UAP HttpServletRequest Wrapper Filter</filter-name>
+		<filter-class>org.eetrust.security.client.util.HttpServletRequestWrapperFilter</filter-class>
+	</filter>
+	
+	<filter-mapping>
+		<filter-name>UAP HttpServletRequest Wrapper Filter</filter-name>
+		<url-pattern>/*</url-pattern>
+	</filter-mapping>
+
+	<!-- 
+		该过滤器使得开发者可以通过org.jasig.cas.client.util.AssertionHolder来获取用户的登录名. 
+		比如AssertionHolder.getAssertion().getPrincipal().getName().  
+	-->
+	<filter>
+		<filter-name>UAP Assertion Thread Local Filter</filter-name>
+		<filter-class>org.eetrust.security.client.util.AssertionThreadLocalFilter</filter-class>
+	</filter>
+	
+	<filter-mapping>
+		<filter-name>UAP Assertion Thread Local Filter</filter-name>
+		<url-pattern>/*</url-pattern>
+	</filter-mapping>
+	
+	<!-- 第三方应用系统自身Filter, 用于获取登录用户信息, 并创建会话 -->
+	<filter>
+		<filter-name>SecurityFilter</filter-name>
+		<filter-class>com.eetrust.security.filter.SecurityFilter</filter-class>
+  	</filter> 
+
+  	<filter-mapping>
+		<filter-name>SecurityFilter</filter-name>
+		<url-pattern>/*</url-pattern>
+  	</filter-mapping>
+  	
+	<servlet>
+		<servlet-name>Verify Ticket Servlet</servlet-name>
+		<servlet-class>com.eetrust.security.sso.VerifyTicketServlet</servlet-class>
+	</servlet>
+
+	<servlet-mapping>
+		<servlet-name>Verify Ticket Servlet</servlet-name>
+		<url-pattern>/VerifyTicketServlet</url-pattern>
+	</servlet-mapping>
+	
+	<welcome-file-list>
+		<welcome-file>index.jsp</welcome-file>
+	</welcome-file-list>
+</web-app>
--- a/WebRoot/accessDenied.jsp
+++ b/WebRoot/accessDenied.jsp
+<%@ page language="java" pageEncoding="UTF-8" contentType="text/html; charset=UTF-8"%>
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<html>
+<head>
+	<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
+</head>
+<body>
+	<h1>用户未登录!</h1>
+</body>
+</html>
--- a/WebRoot/index.jsp
+++ b/WebRoot/index.jsp
+<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
+<%@page import="org.eetrust.security.client.util.AssertionHolder"%>
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
+<html>
+  <head>
+    <title>拦截器-单点登录测试页面</title>
+  </head>
+  
+  <body>
+	登录用户： ${_subject_user_}<br>
+  </body>
+</html>
--- a/pom.xml
+++ b/pom.xml
@@ -121,6 +121,11 @@
            <version>1.0</version>
            <systemPath>${project.basedir}/src/main/resources/lib/eetrust-security-plugin-2.7.jar</systemPath>
        </dependency>
+        
+        <dependency>
+			<groupId>org.apache.tomcat.embed</groupId>
+			<artifactId>tomcat-embed-jasper</artifactId>
+		</dependency>

        <!-- Tool -->
        <dependency>
@@ -205,6 +210,14 @@
            </plugin>
        </plugins>
        <resources>
+	        <!--注册webapp目录为资源目录-->
+			<resource>
+				<directory>WebRoot</directory>
+				<targetPath>META-INF/resources</targetPath>
+				<includes>
+					<include>**/*.*</include>
+				</includes>
+			</resource>
            <resource>
                <directory>src/main/resources</directory>
                <filtering>true</filtering>

--- a/src/main/resources/application-docker.yml
+++ b/src/main/resources/application-docker.yml
@@ -5,9 +5,9 @@ server:

 spring:
  mvc:
-    static-path-pattern: /static/**
    view:
-      prefix: /WEB-INF/
+      prefix: /
+      suffix: .jsp
    servlet:
      load-on-startup: 100