Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
C
cas
Overview
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
陈天仲
cas
Commits
ef727ce5
Commit
ef727ce5
authored
Jul 21, 2023
by
chentianzhong
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
ca修改
parent
cab2c295
Hide whitespace changes
Inline
Side-by-side
Showing
7 changed files
with
309 additions
and
165 deletions
+309
-165
src/main/java/com/zq/cas/controller/CAVerifyController.java
+1
-0
src/main/java/com/zq/cas/handler/MyAuthenticationHandler.java
+1
-0
src/main/resources/static/app/js/ca/mToken.js
+0
-0
src/main/resources/static/app/js/myself/ca.js
+209
-144
src/main/resources/static/app/js/myself/login.js
+2
-2
src/main/resources/static/app/js/myself/login_new.js
+83
-7
src/main/resources/templates/app/casLoginView.html
+13
-12
No files found.
src/main/java/com/zq/cas/controller/CAVerifyController.java
View file @
ef727ce5
...
...
@@ -33,6 +33,7 @@ public class CAVerifyController {
}
if
(
LocalDateTime
.
now
().
isAfter
(
caInfo
.
getCertStartTime
())
&&
LocalDateTime
.
now
().
isBefore
(
caInfo
.
getCertEndTime
())){
OrgCaInfo
newCaInfo
=
new
OrgCaInfo
();
newCaInfo
.
setXm
(
caInfo
.
getXm
());
newCaInfo
.
setYouxiang
(
caInfo
.
getYouxiang
());
return
ResultVo
.
success
(
newCaInfo
);
}
...
...
src/main/java/com/zq/cas/handler/MyAuthenticationHandler.java
View file @
ef727ce5
...
...
@@ -59,6 +59,7 @@ public class MyAuthenticationHandler extends AbstractPreAndPostProcessingAuthent
if
(!
username
.
contains
(
"@gxfy.com"
))
{
username
+=
"@gxfy.com"
;
}
ServletRequestAttributes
servletRequestAttributes
=
(
ServletRequestAttributes
)
RequestContextHolder
.
getRequestAttributes
();
HttpServletRequest
request
=
servletRequestAttributes
.
getRequest
();
String
ipAddr
=
ServletUtil
.
getClientIP
(
request
);
...
...
src/main/resources/static/app/js/ca/mToken.js
0 → 100644
View file @
ef727ce5
This source diff could not be displayed because it is too large. You can
view the blob
instead.
src/main/resources/static/app/js/myself/ca.js
View file @
ef727ce5
// var strServerCert;
// var strServerRan;
// var strServerSignedData;
//验证是否插入key
function
getCAKeyAuth
()
{
SetUserCertList
(
"certUser"
,
CERT_TYPE_HARD
);
setTimeout
(
function
()
{
var
certUser
=
$
(
"#certUser option:selected"
).
val
();
console
.
log
(
"certUser"
,
certUser
)
if
(
!
certUser
){
layer
.
open
({
title
:
'提示'
,
content
:
'获取CA用户失败,请检查是否插入UKey!'
});
$
(
'#btn_login'
).
attr
(
"disabled"
,
false
);
return
false
;
var
bCheckTimer
=
null
;
//定时任务
var
bCheckTimer1
;
//定时任务
var
deviceName
=
""
;
//key设备名称
var
deviceYOUXIANG
=
""
;
//key设备绑定邮箱
var
mTokenPlugin
;
//CA驱动插件
//验证是否安装驱动
function
isInstallDrive
()
{
try
{
//if (mTokenPlugin == null) {
var
token
=
new
mToken
(
"mTokenPlugin"
);
if
(
token
)
{
var
ret
=
token
.
SOF_LoadLibrary
(
token
.
GM3000
);
if
(
ret
!=
0
)
{
throw
new
Error
(
"加载控件失败,请检查是否安装CA驱动程序!"
);
}
else
{
mTokenPlugin
=
token
;
// var device1 = mTokenPlugin.SOF_EnumDevice();
// if (device1) {
//
// }
}
}
else
{
throw
new
Error
(
"加载控件失败,请重新安装驱动!"
);
}
return
true
;
}
catch
(
e
)
{
layer
.
msg
(
e
.
message
);
//btnStopExist();
return
false
;
}
}
//验证是否插key,发生异常或者nRet!=1 就是没有插入key
function
isKey
(
val
)
{
console
.
log
(
"isKey-------"
,
val
)
try
{
var
token
=
new
mToken
(
"mTokenPlugin"
);
var
ret
=
token
.
SOF_LoadLibrary
(
token
.
GM3000
);
if
(
ret
!=
0
)
{
throw
new
Error
(
"加载控件失败,请检查是否安装CA驱动程序!"
);
}
},
800
);
var
device
=
token
.
SOF_EnumDevice
();
console
.
log
(
"device"
,
device
)
if
(
device
)
{
if
(
device
[
0
]
!=
deviceName
)
{
console
.
log
(
"前后插入key不相等"
)
console
.
log
(
deviceName
)
console
.
log
(
device
)
deviceName
=
device
[
0
];
getKeyAuth
(
deviceName
,
val
);
}
else
{
console
.
log
(
"前后插入key相等"
)
}
}
else
{
console
.
log
(
"没插key"
)
$
(
"#certUser"
).
empty
();
deviceName
=
""
;
$
(
"#certUser"
).
empty
();
$
(
"#username"
).
val
(
""
);
$
(
"#password"
).
val
(
""
);
$
(
"#certPwd"
).
val
(
""
);
}
}
catch
(
e
){
deviceName
=
""
;
$
(
"#certUser"
).
empty
();
$
(
"#username"
).
val
(
""
);
$
(
"#password"
).
val
(
""
);
$
(
"#certPwd"
).
val
(
""
);
layer
.
msg
(
e
.
message
);
btnStopExist
();
}
}
//获取strServerSignedData、strServerRan和strServerCert
function
certLoginVerify
(
strCertID
,
pin
,
loginType
,
username
,
password
){
console
.
log
(
"strCertID"
,
strCertID
,
"pin"
,
pin
)
$
.
get
(
"ca/param"
,
function
(
res
){
if
(
res
&&
res
.
success
)
{
var
strServerCert
=
res
.
strServerCert
;
var
strServerRan
=
res
.
strServerRan
;
var
strServerSignedData
=
res
.
strServerSignedData
;
if
(
strServerSignedData
===
""
||
strServerRan
===
""
||
strServerCert
===
""
){
//开启定时器
function
btnStartExist
(
val
)
{
//将定时按钮启用
bCheckTimer
=
setInterval
(
isKey
,
1000
,
val
);
}
//取掉定时
function
btnStopExist
()
{
//将定时按钮启用
clearInterval
(
bCheckTimer
);
}
//获取key绑定用户
function
getKeyAuth
(
deviceSId
,
type
){
if
(
deviceName
)
{
var
formData
=
new
FormData
()
formData
.
append
(
'KeyDeviceId'
,
deviceName
);
$
.
ajax
({
type
:
'post'
,
url
:
'/cas/ca/verifyByDeviceId'
,
dataType
:
'json'
,
data
:
formData
,
contentType
:
false
,
processData
:
false
,
success
:
function
(
res
)
{
if
(
res
&&
res
.
success
)
{
var
data1
=
res
.
data
;
if
(
type
==
2
){
$
(
"#username"
).
val
(
data1
.
youxiang
);
$
(
"#password"
).
val
(
randomString
(
10
));
}
$
(
"#hideUserId"
).
val
(
data1
.
youxiang
);
$
(
"#certUser"
).
empty
();
$
(
"#certUser"
).
append
(
'<option value="'
+
data1
.
youxiang
+
'" selected>'
+
data1
.
xm
+
'</option>'
)
//$("#certUser").val(1);
deviceYOUXIANG
=
data1
.
youxiang
;
}
else
{
layer
.
open
({
title
:
'提示'
,
content
:
res
.
message
});
}
},
error
:
function
(
e
)
{
//请求失败
layer
.
open
({
title
:
'提示
1
'
,
content
:
'
连接CA服务器失败,请刷新页面重试无效后联系管理员!'
title
:
'提示'
,
content
:
'
服务连接失败。'
+
e
.
message
});
$
(
'#btn_login'
).
attr
(
"disabled"
,
false
);
return
false
;
}
})
}
}
//2.校验证书密码
VerifyUserPIN
(
strCertID
,
pin
,
function
(
retObj
)
{
if
(
!
retObj
.
retVal
)
{
//校验失败
//2.1获取PIN剩余次数
GetUserPINRetryCount
(
strCertID
,
function
(
retObj
){
var
retryCount
=
Number
(
retObj
.
retVal
);
if
(
retryCount
>
0
)
{
layer
.
open
({
title
:
'提示'
,
content
:
'校验证书密码失败!您还有'
+
retryCount
+
'次机会重试!'
});
$
(
'#btn_login'
).
attr
(
"disabled"
,
false
);
return
;
}
else
if
(
retryCount
==
0
)
{
layer
.
open
({
title
:
'提示'
,
content
:
'您的证书密码已被锁死,请联系管理员进行解锁!'
});
$
(
'#btn_login'
).
attr
(
"disabled"
,
false
);
return
;
function
verifyKeyPinAndLogin
(){
$
(
document
).
unbind
(
"keyup"
);
//关闭定时器
try
{
var
certUser
=
$
(
"#certUser"
).
val
();
if
(
certUser
)
{
layer
.
prompt
(
{
title
:
'密令输入框'
,
formType
:
1
,
btn2
:
function
(){
bindKeyup
();
$
(
'#btn_login'
).
removeAttr
(
"disabled"
);
},
cancel
:
function
(){
bindKeyup
();
$
(
'#btn_login'
).
removeAttr
(
"disabled"
);
}
},
function
(
pass
,
index
)
{
var
token
=
new
mToken
(
"mTokenPlugin"
);
var
ret
=
token
.
SOF_LoadLibrary
(
token
.
GM3000
);
if
(
ret
!=
0
)
{
layer
.
close
(
index
);
throw
new
Error
(
"加载控件失败,请检查是否安装CA驱动程序!"
);
}
var
device
=
token
.
SOF_EnumDevice
();
if
(
!
device
)
{
throw
new
Error
(
"请插入UKey!"
);
}
if
(
device
[
0
]
!=
deviceName
)
{
throw
new
Error
(
"当前插入UKey不符合,请刷新页面后重试!"
);
}
ret
=
token
.
SOF_GetDeviceInstance
(
deviceName
,
""
);
if
(
ret
!=
0
)
{
throw
new
Error
(
"绑定应用失败,确定是否初始化Key,错误码:"
+
token
.
SOF_GetLastError
());
}
btnStopExist
();
if
(
pass
)
{
ret
=
token
.
SOF_Login
(
pass
);
if
(
ret
!=
0
)
{
var
retryCount
=
token
.
SOF_GetPinRetryCount
();
layer
.
msg
(
"验证密码错误,剩余次数:"
+
retryCount
);
}
else
{
layer
.
open
({
title
:
'提示'
,
content
:
'证书服务错误,登录失败!'
});
$
(
'#btn_login'
).
attr
(
"disabled"
,
false
);
return
;
layer
.
close
(
index
);
$
(
"#loginForm"
).
submit
();
}
});
}
else
{
//3、获取用户证书
GetSignCert
(
strCertID
,
function
(
retObj
){
var
UserCert
=
retObj
.
retVal
;
if
(
UserCert
==
""
)
{
layer
.
open
({
title
:
'提示1'
,
content
:
'获取签名证书失败,请联系管理员!'
});
$
(
'#btn_login'
).
attr
(
"disabled"
,
false
);
return
;
}
else
{
//4.验证服务端签名
VerifySignedData
(
strServerCert
,
strServerRan
,
strServerSignedData
,
function
(
retObj
){
if
(
!
retObj
.
retVal
)
{
layer
.
open
({
title
:
'提示1'
,
content
:
'验证服务端签名失败,请联系管理员!'
});
$
(
'#btn_login'
).
attr
(
"disabled"
,
false
);
return
;
}
else
{
//5、客户端对服务器随机数签名
SignedData
(
strCertID
,
strServerRan
,
function
(
retObj
){
if
(
retObj
.
retVal
==
""
)
{
layer
.
open
({
title
:
'提示1'
,
content
:
'客户端签名失败,请联系管理员!'
});
$
(
'#btn_login'
).
attr
(
"disabled"
,
false
);
return
;
}
else
{
var
UserSignedData
=
retObj
.
retVal
;
$
.
post
(
"ca/verify"
,
{
"userCert"
:
UserCert
,
"strServerRan"
:
strServerRan
,
"userSignedData"
:
UserSignedData
,
"loginType"
:
loginType
,
"username"
:
username
,
"password"
:
password
},
function
(
result
)
{
if
(
result
){
if
(
result
.
success
){
console
.
log
(
"result"
,
result
)
console
.
log
(
"loginType"
,
loginType
)
$
(
'#username'
).
val
(
result
.
username
);
if
(
loginType
==
2
)
{
$
(
'#password'
).
val
(
result
.
password
);
$
(
"#loginForm"
).
submit
();
}
else
if
(
loginType
==
3
)
{
$
(
"#loginForm"
).
submit
();
}
}
else
{
alert
(
result
.
errMsg
);
$
(
'#btn_login'
).
attr
(
"disabled"
,
false
);
}
}
}).
error
(
function
(
xhr
,
status
,
info
)
{
alert
(
"服务连接失败......"
);
$
(
'#btn_login'
).
attr
(
"disabled"
,
false
);
});
//在此处写你的代码,把UserCert,strServerRan,UserSignedData等传到后台验证
//6、通过ajax把 UserCert,strServerRan,UserSignedData传到后台,由后台解析验证,判断用户是否有权限登陆系统
//alert("通过ajax把 UserCert,strServerRan,UserSignedData传到后台,由后台解析验证,判断用户是否有权限登陆系统");
}
});
}
});
}
});
}
})
}
else
{
layer
.
msg
(
"请输入密码"
);
return
;
}
});
}
else
{
$
(
"#msg"
).
html
(
"请先插入UKey"
);
$
(
'#btn_login'
).
removeAttr
(
"disabled"
);
}
}
catch
(
e
){
layer
.
msg
(
e
.
message
);
btnStartExist
();
bindKeyup
();
$
(
'#btn_login'
).
removeAttr
(
"disabled"
);
}
}
}
else
{
layer
.
open
({
title
:
'提示2'
,
content
:
'连接CA服务器失败,请刷新页面重试无效后联系管理员!'
});
$
(
'#btn_login'
).
attr
(
"disabled"
,
false
);
}
}).
error
(
function
(
xhr
,
status
,
info
)
{
alert
(
"服务连接失败......"
);
$
(
'#btn_login'
).
attr
(
"disabled"
,
false
);
});
function
randomString
(
e
)
{
e
=
e
||
32
;
var
t
=
"ABCDEFGHJKMNPQRSTWXYZabcdefhijkmnprstwxyz2345678"
,
a
=
t
.
length
,
n
=
""
;
for
(
i
=
0
;
i
<
e
;
i
++
)
{
n
+=
t
.
charAt
(
Math
.
floor
(
Math
.
random
()
*
a
));
}
return
n
}
src/main/resources/static/app/js/myself/login.js
View file @
ef727ce5
...
...
@@ -17,10 +17,10 @@ function validAndLogin(){
userPwdLogin
();
break
;
case
"2"
:
certLogin
(
loginType
);
certLogin
(
2
);
break
;
case
"3"
:
PwdAndCertLogin
(
loginType
);
PwdAndCertLogin
(
3
);
break
;
default
:
userPwdLogin
();
...
...
src/main/resources/static/app/js/myself/login_new.js
View file @
ef727ce5
...
...
@@ -89,14 +89,81 @@ function userPwdLogin(){
//CA证书登录
function
certLogin
(
loginType
){
$
(
"#msg"
).
html
(
"暂支持证书登录,待CA研发"
);
$
(
'#btn_login'
).
removeAttr
(
"disabled"
);
verifyKeyPinAndLogin
(
loginType
);
}
//密码+证书登录
function
PwdAndCertLogin
(
loginType
){
$
(
"#msg"
).
html
(
"暂支持证书登录,待CA研发"
);
$
(
'#btn_login'
).
removeAttr
(
"disabled"
);
//获取ukey、再检验用户密码,最后检验ukey密码
let
certUser
=
$
(
"#certUser"
).
val
();
if
(
certUser
)
{
var
hideUserId
=
$
(
'#hideUserId'
).
val
();
var
username
=
$
(
'#username'
).
val
();
var
password
=
$
(
'#password'
).
val
();
if
(
!
checkUserPwd
(
username
,
password
)){
$
(
"#msg"
).
html
(
"用户名或密码不能为空"
);
$
(
'#btn_login'
).
removeAttr
(
"disabled"
);
return
false
;
}
if
(
!
username
.
endsWith
(
"@gxfy.com"
)){
username
=
username
+
"@gxfy.com"
;
}
if
(
hideUserId
!=
username
){
$
(
"#msg"
).
html
(
"证书用户和输入的账号不一致"
);
$
(
'#btn_login'
).
removeAttr
(
"disabled"
);
return
false
;
}
var
formData
=
{
"username"
:
username
,
"password"
:
password
};
$
.
ajax
({
type
:
'post'
,
url
:
"/cas/user/checkExpirePwd"
,
dataType
:
'json'
,
data
:
formData
,
shadeClose
:
false
,
success
:
function
(
res
){
if
(
res
.
success
){
if
(
res
.
code
==
8888
){
var
rdata
=
res
.
data
;
console
.
log
(
"rdata------------"
,
rdata
);
layer
.
open
({
type
:
2
,
title
:
'您的密码是初始密码,需要先修改密码后才能登录门户'
,
area
:
[
'680px'
,
'520px'
],
content
:
'/cas/updatePasswd?username='
+
rdata
.
username
+
"&useKey="
+
rdata
.
useKey
,
fixed
:
false
,
// 不固定
maxmin
:
true
,
closeBtn
:
1
,
maxmin
:
false
,
//开启最大化最小化按钮 false关闭状态
//btn: ['获取表单值', '取消'],
btnAlign
:
'c'
,
cancel
:
function
(
index
,
layero
){
$
(
'#btn_login'
).
removeAttr
(
"disabled"
);
},
end
:
function
(){
window
.
parent
.
location
.
reload
();
//关闭open打开的页面时,刷新父页面
}
});
}
else
{
verifyKeyPinAndLogin
(
loginType
);
}
$
(
'#btn_login'
).
removeAttr
(
"disabled"
);
}
else
{
$
(
"#msg"
).
html
(
res
.
message
);
$
(
'#btn_login'
).
removeAttr
(
"disabled"
);
}
},
error
:
function
(
e
){
$
(
"#msg"
).
html
(
"网络异常.请求失败"
);
$
(
'#btn_login'
).
removeAttr
(
"disabled"
);
}
})
}
else
{
$
(
"#msg"
).
html
(
"请先插入UKey"
);
$
(
'#btn_login'
).
removeAttr
(
"disabled"
);
}
}
//检查用户名密码非空
...
...
@@ -125,6 +192,9 @@ function loginTypeFunc(){
$
(
"#certPwd-block"
).
hide
();
$
(
'#btn_login'
).
removeAttr
(
"disabled"
);
$
(
"#msg"
).
html
(
""
);
btnStopExist
();
break
;
case
"2"
:
$
(
'#username'
).
val
(
""
);
...
...
@@ -132,10 +202,13 @@ function loginTypeFunc(){
$
(
"#username-block"
).
hide
();
$
(
"#password-block"
).
hide
();
$
(
"#certUser-block"
).
show
();
$
(
"#certPwd-block"
).
show
();
$
(
"#certPwd-block"
).
hide
();
$
(
'#btn_login'
).
removeAttr
(
"disabled"
);
getCAKeyAuth
();
$
(
"#msg"
).
html
(
""
);
btnStartExist
(
2
);
break
;
case
"3"
:
$
(
'#username'
).
val
(
""
);
...
...
@@ -144,8 +217,11 @@ function loginTypeFunc(){
$
(
"#password-block"
).
show
();
$
(
"#certUser-block"
).
show
();
$
(
"#certPwd-block"
).
hide
();
$
(
'#btn_login'
).
removeAttr
(
"disabled"
);
getCAKeyAuth
();
$
(
"#msg"
).
html
(
""
);
btnStartExist
(
3
);
break
;
default
:
//alert("叫你没事别瞎几把点!");
...
...
src/main/resources/templates/app/casLoginView.html
View file @
ef727ce5
...
...
@@ -11,8 +11,8 @@
<script
type=
"text/javascript"
src=
"./app/js/jquery/jquery.min.js"
></script>
<script
type=
"text/javascript"
src=
"./app/js/jquery/jquery.cookie.js"
></script>
<script
type=
"text/javascript"
src=
"./app/js/pintuer.js"
></script>
<script
type=
"text/javascript"
src=
"./app/js/ca/mToken.js"
></script>
<script
type=
"text/javascript"
src=
"./app/js/myself/cookie.js"
></script>
<script
type=
"text/javascript"
src=
"./app/js/myself/ca.js"
></script>
<style>
.after_css
{
height
:
20px
;
...
...
@@ -98,7 +98,7 @@
<span
class=
"icon icon-user"
></span>
<select
class=
"required input"
id=
"certUser"
name=
"certUser"
style=
"width:235px;overflow:hidden;"
title=
"请选择
登录
用户"
>
title=
"请选择
证书
用户"
>
</select>
</div>
</div>
...
...
@@ -194,16 +194,14 @@
</div>
</div>
<script
src=
"./app/layui/layui.js"
></script>
<script
type=
"text/javascript"
src=
"./app/js/myself/ca.js"
></script>
<script
type=
"text/javascript"
src=
"./app/js/myself/messenger.js"
></script>
<script
type=
"text/javascript"
src=
"./app/js/myself/SelectGXFYUsers.js"
></script>
<!--<script type="text/javascript" src="./app/js/ca/XTXSAB.js"></script>-->
<script
type=
"text/javascript"
src=
"./app/js/myself/login_new.js"
></script>
<script
type=
"text/javascript"
>
// SelectGXFYUsers.init("selectUser", "username", "hideUserId", 3, false);
let
enterEnd
=
false
,
keyDownCount
=
0
,
leftMouseDownCount
=
0
,
rightMouseDownCount
=
0
;
bindKeyup
();
$
(
function
(){
$
(
"#username-block"
).
show
();
...
...
@@ -213,12 +211,15 @@
$
(
"#certPwd-block"
).
hide
();
})
$
(
document
).
keyup
(
function
(
e
){
var
curKey
=
e
.
which
;
if
(
curKey
==
13
){
validAndLogin
();
}
})
function
bindKeyup
(){
$
(
document
).
keyup
(
function
(
e
){
var
curKey
=
e
.
which
;
if
(
curKey
==
13
){
validAndLogin
();
}
})
}
function
queryAccount
(){
layer
.
open
({
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment