Skip to content

C
cas
Commit cab2c295 by chentianzhong
Options

ca修改

parent 107609bd
Showing with 328 additions and 134 deletions
src/main/java/com/zq/cas/config/SpringConfig.java
...@@ -21,15 +21,15 @@ import org.springframework.context.annotation.Configuration; ...@@ -21,15 +21,15 @@ import org.springframework.context.annotation.Configuration;
public class SpringConfig { public class SpringConfig {
@Value("${ca.svs.root}") // @Value("${ca.svs.root}")
private String svsRoot; // private String svsRoot;
//
@Bean // @Bean
public SecurityEngineDeal securityEngineDeal() throws ApplicationNotFoundException, InitException, SVSConnectException { // public SecurityEngineDeal securityEngineDeal() throws ApplicationNotFoundException, InitException, SVSConnectException {
//SecurityEngineDeal.setProfilePath("/data/DSVSROOT"); // //SecurityEngineDeal.setProfilePath("/data/DSVSROOT");
SecurityEngineDeal.setProfilePath(svsRoot); // SecurityEngineDeal.setProfilePath(svsRoot);
SecurityEngineDeal svsDefault = SecurityEngineDeal.getInstance("SVSDefault"); // SecurityEngineDeal svsDefault = SecurityEngineDeal.getInstance("SVSDefault");
return svsDefault; // return svsDefault;
} // }
} }
src/main/java/com/zq/cas/controller/CAVerifyController.java
package com.zq.cas.controller; package com.zq.cas.controller;
import cn.hutool.core.util.StrUtil;
import cn.org.bjca.client.security.SecurityEngineDeal; import cn.org.bjca.client.security.SecurityEngineDeal;
import com.zq.cas.entity.OrgCaInfo;
import com.zq.cas.entity.SysUser; import com.zq.cas.entity.SysUser;
import com.zq.cas.service.IOrgCaInfoService;
import com.zq.cas.service.ISysUserService; import com.zq.cas.service.ISysUserService;
import com.zq.cas.util.ResultVo;
import com.zq.cas.vo.UserCertVo; import com.zq.cas.vo.UserCertVo;
import lombok.extern.slf4j.Slf4j; import lombok.extern.slf4j.Slf4j;
import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.*;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import javax.annotation.Resource; import javax.annotation.Resource;
import java.time.LocalDateTime;
import java.util.HashMap; import java.util.HashMap;
import java.util.Map; import java.util.Map;
...@@ -20,85 +22,21 @@ import java.util.Map; ...@@ -20,85 +22,21 @@ import java.util.Map;
public class CAVerifyController { public class CAVerifyController {
@Resource @Resource
private SecurityEngineDeal securityEngineDeal; private IOrgCaInfoService orgCaInfoService;
@Resource
private ISysUserService sysUserService;
@GetMapping("/param") @PostMapping("/verifyByDeviceId")
public Object param() { public ResultVo verifyByDeviceId(@RequestParam("KeyDeviceId") String KeyDeviceId) {
Map<String, Object> map = new HashMap<>(); OrgCaInfo caInfo = orgCaInfoService.getById(KeyDeviceId);
try { if (caInfo==null || StrUtil.isNotBlank(caInfo.getCert())){
String strServerCert = securityEngineDeal.getServerCertificate(); return ResultVo.fail(500, "该UKEY没有没有绑定用户证书");
String strRandom = securityEngineDeal.genRandom(24);
String strSignedData = securityEngineDeal.signData(strRandom.getBytes());
map.put("success", true);
map.put("strServerCert", strServerCert);
map.put("strServerRan", strRandom);
map.put("strServerSignedData", strSignedData);
} catch (Exception e) {
map.put("success", false);
map.put("errMsg", e.getLocalizedMessage());
} }
return map; if (LocalDateTime.now().isAfter(caInfo.getCertStartTime()) && LocalDateTime.now().isBefore(caInfo.getCertEndTime())){
} OrgCaInfo newCaInfo = new OrgCaInfo();
newCaInfo.setYouxiang(caInfo.getYouxiang());
return ResultVo.success(newCaInfo);
@PostMapping("/verify")
public Object verify(UserCertVo vo) {
Map<String, Object> map = new HashMap<>();
map.put("success", false);
try {
//verifySignedData
byte[] signedByte = securityEngineDeal.base64Decode(vo.getUserSignedData());
boolean vres = securityEngineDeal.verifySignedData(vo.getUserCert(), vo.getStrServerRan().getBytes(), signedByte);
if (!vres) {
map.put("errMsg", "证书识别错误, 刷新页面重试后联系管理员!verifySignedData is false.");
return map;
}
//验证客户端证书
int retValue = securityEngineDeal.validateCert(vo.getUserCert());
if (retValue != 1) {
map.put("errMsg", "证书识别错误, 刷新页面重试后联系管理员!validateCert is false.");
return map;
}
//获取唯一标识判断用户
String strCertEntityID = securityEngineDeal.getCertInfoByOid(vo.getUserCert(), "2.16.840.1.113732.2");
if (strCertEntityID != null && !strCertEntityID.isEmpty() && strCertEntityID.contains("SF")) {
strCertEntityID = strCertEntityID.substring(2);
}
log.info("用户身份标识[strCertEntityID]: " + strCertEntityID);
SysUser user = sysUserService.findByIdCard(strCertEntityID);
if (user!=null){
if (vo.getLoginType().trim().equals("2")){
map.put("success", true);
map.put("username", user.getUsername());
map.put("password", "8888");
}else{
String username = vo.getUsername().trim();
if (!username.contains("@gxfy.com")){
username += "@gxfy.com";
}
if (user.getUsername().equals(username)){
map.put("success", true);
map.put("username", user.getUsername());
map.put("password", "8888");
}else{
map.put("errMsg", "证书和用户不匹配!");
}
}
}else{
map.put("errMsg", "身份标识:"+strCertEntityID+"用户为空");
}
} catch (Exception e) {
map.put("success", false);
map.put("errMsg", e.getLocalizedMessage());
} }
return map; return ResultVo.fail(500, "用户证书错误,请联系管理员核对");
} }
} }
src/main/java/com/zq/cas/controller/UserVerifyController.java deleted 100644 → 0
package com.zq.cas.controller;
import com.zq.cas.entity.SysUser;
import com.zq.cas.service.ISysUserService;
import com.zq.cas.util.MD5PasswordEncoderUtil;
import lombok.extern.slf4j.Slf4j;
import org.springframework.web.bind.annotation.*;
import javax.annotation.Resource;
import java.util.HashMap;
import java.util.Map;
@RequestMapping("/user")
@RestController
@Slf4j
public class UserVerifyController {
@Resource
private ISysUserService sysUserService;
@GetMapping("/verify")
public Object verify(@RequestParam("username") String username,
@RequestParam("password") String password) {
Map<String, Object> map = new HashMap<>();
map.put("success", false);
try {
password = MD5PasswordEncoderUtil.encode(password);
SysUser sysUser = sysUserService.findByUsernameAndPwd(username, password);
if (sysUser !=null){
map.put("success", true);
map.put("data", sysUser);
}
} catch (Exception e) {
map.put("success", false);
map.put("errMsg", e.getLocalizedMessage());
}
return map;
}
}
src/main/java/com/zq/cas/controller/ViewController.java
...@@ -76,6 +76,26 @@ public class ViewController { ...@@ -76,6 +76,26 @@ public class ViewController {
@RequestMapping(value = "/searchUser",method = RequestMethod.GET)
public ModelAndView searchUser(HttpServletRequest request,
HttpServletResponse response) {
ModelAndView mav = new ModelAndView();
mav.setViewName("/app/searchUser");
return mav;
}
@RequestMapping(value = "/findUserByPhone",method = RequestMethod.POST)
@ResponseBody
public ResultVo findUserByPhone(HttpServletRequest request,
HttpServletResponse response,
@RequestParam("phone") String phone) {
return ResultVo.success(this.sysUserService.findByPhone(phone));
}
......
src/main/java/com/zq/cas/entity/OrgCaInfo.java 0 → 100644
package com.zq.cas.entity;
import com.baomidou.mybatisplus.annotation.IdType;
import com.baomidou.mybatisplus.annotation.TableField;
import com.baomidou.mybatisplus.annotation.TableId;
import com.baomidou.mybatisplus.annotation.TableName;
import lombok.Data;
import java.time.LocalDateTime;
@Data
@TableName(schema = "PUBLIC",value = "org_ca_info")
public class OrgCaInfo {
@TableId(value = "ca_id", type = IdType.INPUT)
private String caId;
@TableField("xm")
private String xm;
@TableField("fymc")
private String fymc;
@TableField("fy")
private String fy;
@TableField("youxiang")
private String youxiang;
@TableField("cert")
private String cert;
@TableField("cert_id")
private String certId;
@TableField("cert_key_id")
private String certKeyId;
@TableField("cert_start_time")
private LocalDateTime certStartTime;
@TableField("cert_end_time")
private LocalDateTime certEndTime;
@TableField("operate_by")
private String operateBy;
@TableField("operate_time")
private LocalDateTime operateTime;
}
src/main/java/com/zq/cas/mapper/OrgCaInfoMapper.java 0 → 100644
package com.zq.cas.mapper;
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import com.zq.cas.entity.OrgCaInfo;
import com.zq.cas.entity.SysUser;
import org.apache.ibatis.annotations.Mapper;
@Mapper
public interface OrgCaInfoMapper extends BaseMapper<OrgCaInfo> {
}
src/main/java/com/zq/cas/service/IOrgCaInfoService.java 0 → 100644
package com.zq.cas.service;
import com.baomidou.mybatisplus.extension.service.IService;
import com.zq.cas.entity.OrgCaInfo;
import com.zq.cas.entity.SysUser;
import java.util.List;
public interface IOrgCaInfoService extends IService<OrgCaInfo> {
}
src/main/java/com/zq/cas/service/ISysUserService.java
...@@ -11,6 +11,8 @@ public interface ISysUserService extends IService<SysUser> { ...@@ -11,6 +11,8 @@ public interface ISysUserService extends IService<SysUser> {
List<SysUser> findLikeUsernameOrIdCardOrPhone(String str); List<SysUser> findLikeUsernameOrIdCardOrPhone(String str);
List<SysUser> findByPhone(String str);
SysUser findByUsernameAndPwd(String username, String password); SysUser findByUsernameAndPwd(String username, String password);
SysUser findByIdCard(String strCertEntityID); SysUser findByIdCard(String strCertEntityID);
......
src/main/java/com/zq/cas/service/impl/OrgCaInfoServiceImpl.java 0 → 100644
package com.zq.cas.service.impl;
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
import com.baomidou.mybatisplus.core.toolkit.StringUtils;
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
import com.zq.cas.entity.OrgCaInfo;
import com.zq.cas.entity.SysUser;
import com.zq.cas.mapper.OrgCaInfoMapper;
import com.zq.cas.mapper.SysUserMapper;
import com.zq.cas.service.IOrgCaInfoService;
import com.zq.cas.service.ISysUserService;
import lombok.extern.slf4j.Slf4j;
import org.springframework.stereotype.Service;
import java.util.List;
@Service
@Slf4j
public class OrgCaInfoServiceImpl extends ServiceImpl<OrgCaInfoMapper, OrgCaInfo> implements IOrgCaInfoService {
}
src/main/java/com/zq/cas/service/impl/SysUserServiceImpl.java
...@@ -53,6 +53,11 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl ...@@ -53,6 +53,11 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
} }
@Override @Override
public List<SysUser> findByPhone(String str) {
return this.lambdaQuery().select(SysUser::getUsername, SysUser::getNickName).eq(SysUser::getPhone, str).list();
}
@Override
public SysUser findByUsernameAndPwd(String username, String password) { public SysUser findByUsernameAndPwd(String username, String password) {
LambdaQueryWrapper<SysUser> wrapper = Wrappers.lambdaQuery(SysUser.class) LambdaQueryWrapper<SysUser> wrapper = Wrappers.lambdaQuery(SysUser.class)
.eq(SysUser::getUsername, username) .eq(SysUser::getUsername, username)
......
src/main/resources/templates/app/casLoginView.html
...@@ -202,6 +202,9 @@ ...@@ -202,6 +202,9 @@
// SelectGXFYUsers.init("selectUser", "username", "hideUserId", 3, false); // SelectGXFYUsers.init("selectUser", "username", "hideUserId", 3, false);
let enterEnd = false, keyDownCount = 0, leftMouseDownCount = 0, rightMouseDownCount = 0;
$(function (){ $(function (){
$("#username-block").show(); $("#username-block").show();
$("#password-block").show(); $("#password-block").show();
...@@ -219,8 +222,22 @@ ...@@ -219,8 +222,22 @@
function queryAccount(){ function queryAccount(){
layer.open({ layer.open({
title: '提示', type: 2,
content: '这里弹窗开始,根据手机号和身份证号查询用户' title:'查询用户',
area: ['480px', '520px'],
content: '/cas/searchUser',
fixed: false, // 不固定
maxmin: true,
closeBtn: 1,
maxmin:false, //开启最大化最小化按钮 false关闭状态
//btn: ['获取表单值', '取消'],
btnAlign: 'c',
cancel:function(index, layero){
//$('#btn_login').removeAttr("disabled");
},
end: function(){
//window.parent.location.reload();//关闭open打开的页面时,刷新父页面
}
}); });
} }
</script> </script>
......
src/main/resources/templates/app/searchUser.html 0 → 100644
<!doctype html>
<html xmlns:th="http://www.thymeleaf.org">
<head>
<meta charset="utf-8">
<title>查询用户</title>
<link href="./app/layui/css/layui.css" rel="stylesheet">
<style>
body{padding:10px; font-size:14px; background:#fff; width:95%; margin:0 auto; font-size:14px; line-height:20px; overflow:hidden;}
p{margin-bottom:10px;}
input{border:1px solid #999; padding:5px 10px; margin:0 10px 10px 0;}
</style>
</head>
<body>
<form class="layui-form" action="" id="updatePasswdForm">
<div class="layui-form-item">
<label class="layui-form-label">手机号</label>
<div class="layui-input-block">
<input type="text" name="phone" id="phone" placeholder="请输入手机号码" lay-verify="required|phone" th:value="${phone}" autocomplete="off" class="layui-input" lay-size="11" style="width: 50%; display: inline">
<button type="submit" class="layui-btn" lay-submit="" lay-filter="demo1">查询</button>
</div>
</div>
</form>
<div style="padding: 16px;">
<table class="layui-hide" id="test" lay-filter="test"></table>
<!-- <ul id="userListUl">-->
<!-- </ul>-->
</div>
<!--<div style="text-align: center">-->
<!-- <button class="layui-btn layui-btn-primary" id="add">确定</button>-->
<!-- <button class="layui-btn layui-btn-primary" id="closeIframe">重置</button>-->
<!--</div>-->
<script type="text/javascript" src="./app/js/jquery/jquery.min.js"></script>
<script src="./app/layui/layui.js"></script>
<script>
layui.use(['form'], function(){
var form = layui.form
form.verify({
phone:function(value, item) {
if (!new RegExp("^1[3-9]\\d{9}").test(value)) {
return '手机号不符合规范';
}
}
});
form.on('submit(demo1)', function(data){
$.ajax({
type: 'post',
url: '/cas/findUserByPhone',
dataType: 'json',
data: data.field,
success:function(res){
if (res.success) {
var data1 = res.data;
renderTables(data1);
// var userLi = "";
// data1.forEach(function (item){
// userLi +="<li>"+item.username+"</li>"
// });
// $("#userListUl").append(userLi);
}else{
layer.msg(res.message, {icon: 0}, function(){
});
}
},
error:function (e){
//请求失败
layer.open({
title: '提示',
content: '服务连接失败。。。。'
});
}
})
return false
});
});
function renderTables(tableList){
layui.use(['table'], function(){
var table = layui.table;
table.render({
elem: '#test',
cellMinWidth: 80,
totalRow: false, // 开启合计行
page: false,
cols: [
[
{field: 'username', title: '账号'},
{field: 'nickName', title: '姓名'}
]
],
data: tableList
});
//触发行双击事件
table.on('row(test)', function (obj) {
var data = obj.data;
$("#username" , window.parent.document).val(data.username); // 传给父窗口
var index = parent.layer.getFrameIndex(window.name);
parent.layer.close(index);// 关闭子窗口
});
});
}
</script>
</body>
</html>
src/main/resources/templates/app/updatePasswd.html
...@@ -8,6 +8,10 @@ ...@@ -8,6 +8,10 @@
body{padding:10px; font-size:14px; background:#fff; width:95%; margin:0 auto; font-size:14px; line-height:20px; overflow:hidden;} body{padding:10px; font-size:14px; background:#fff; width:95%; margin:0 auto; font-size:14px; line-height:20px; overflow:hidden;}
p{margin-bottom:10px;} p{margin-bottom:10px;}
input{border:1px solid #999; padding:5px 10px; margin:0 10px 10px 0;} input{border:1px solid #999; padding:5px 10px; margin:0 10px 10px 0;}
.layui-input-block {
margin-left: 110px;
min-height: 0px;
}
</style> </style>
</head> </head>
<body> <body>
...@@ -31,14 +35,14 @@ ...@@ -31,14 +35,14 @@
<div class="layui-form-item"> <div class="layui-form-item">
<label class="layui-form-label">密码</label> <label class="layui-form-label">密码</label>
<div class="layui-input-block"> <div class="layui-input-block">
<input type="password" name="passwd" lay-verify="required" th:value="${passwd}" autocomplete="off" class="layui-input" > <input type="password" name="passwd" lay-verify="required" th:value="${passwd}" lay-min="10" autocomplete="off" class="layui-input" >
</div> </div>
</div> </div>
<div class="layui-form-item"> <div class="layui-form-item">
<label class="layui-form-label">新密码</label> <label class="layui-form-label">新密码</label>
<div class="layui-input-block"> <div class="layui-input-block">
<input type="password" name="newPasswd" lay-verify="required" th:value="${newPasswd}" autocomplete="off" class="layui-input" > <input type="password" name="newPasswd" lay-verify="required|confirmPasswd" th:value="${newPasswd}" lay-min="10" autocomplete="off" class="layui-input" >
<span style="color: red">高强度口令需由10位以上包含大小写字母(Aa不等字符)、数字、特殊符号(!@#¥等符号)组成</span> <span style="color: red">高强度口令需由10位以上包含大小写字母(Aa不等字符)、数字、特殊符号(!@#¥等符号)组成</span>
</div> </div>
</div> </div>
...@@ -46,7 +50,7 @@ ...@@ -46,7 +50,7 @@
<div class="layui-form-item"> <div class="layui-form-item">
<label class="layui-form-label">确认密码</label> <label class="layui-form-label">确认密码</label>
<div class="layui-input-block"> <div class="layui-input-block">
<input type="password" name="confirmPasswd" lay-verify="required"th:value="${confirmPasswd}" autocomplete="off" class="layui-input"> <input type="password" name="confirmPasswd" lay-verify="required|newPasswd" th:value="${confirmPasswd}" autocomplete="off" class="layui-input">
</div> </div>
</div> </div>
...@@ -68,7 +72,30 @@ ...@@ -68,7 +72,30 @@
<script> <script>
layui.use(['form'], function(){ layui.use(['form'], function(){
var form = layui.form var form = layui.form
form.verify({
newPasswd:function(value, item) {
if (!new RegExp("^(?=.*\\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[!@#$%^&*])[\\da-zA-Z!@#$%^&*]{10,16}$").test(value)) {
return '高强度口令需由10位以上包含大小写字母(Aa不等字符)、数字、特殊符号(!@#¥等符号)';
}
},
confirmPasswd:function(value, item) {
if (!new RegExp("^(?=.*\\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[!@#$%^&*])[\\da-zA-Z!@#$%^&*]{10,16}$").test(value)) {
return '高强度口令需由10位以上包含大小写字母(Aa不等字符)、数字、特殊符号(!@#¥等符号)';
}
},
});
form.on('submit(demo1)', function(data){ form.on('submit(demo1)', function(data){
var formfield = data.field;
if (!formfield.newPasswd == formfield.confirmPasswd){
layer.msg("两次密码输入不一致", {icon: 0}, function(){
});
return false;
}
$.ajax({ $.ajax({
type: 'post', type: 'post',
url: '/cas/updatePasswd', url: '/cas/updatePasswd',
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment