提交 809c02c4 编写于 作者: sq3536's avatar sq3536

zuul劫持登录到uaa-api

上级 3aa8980a
...@@ -34,9 +34,6 @@ public class ${app.getPKGCodeName()}SecurityConfig extends WebSecurityConfigurer ...@@ -34,9 +34,6 @@ public class ${app.getPKGCodeName()}SecurityConfig extends WebSecurityConfigurer
private AuthenticationEntryPoint unauthorizedHandler; private AuthenticationEntryPoint unauthorizedHandler;
@Autowired @Autowired
<#if sys.getPSSystemSetting()?? && sys.getPSSystemSetting().getDataAccCtrlArch()?? && sys.getPSSystemSetting().getDataAccCtrlArch()==1>
@Qualifier("IBZUAAUserService")
</#if>
private AuthenticationUserService userDetailsService; private AuthenticationUserService userDetailsService;
/** /**
......
...@@ -46,6 +46,12 @@ zuul: ...@@ -46,6 +46,12 @@ zuul:
serviceId: ibzwf-api serviceId: ibzwf-api
stripPrefix: true stripPrefix: true
</#if> </#if>
<#if sys.getPSSystemSetting()?? && sys.getPSSystemSetting().getDataAccCtrlArch()?? && sys.getPSSystemSetting().getDataAccCtrlArch()==1>
loginv7:
path: /v7/login
serviceId: ibzuaa-api
stripPrefix: false
</#if>
<#comment>通过设置该参数,避免Zuul转发请求时丢失Authorization请求头信息</#comment> <#comment>通过设置该参数,避免Zuul转发请求时丢失Authorization请求头信息</#comment>
sensitive-headers: sensitive-headers:
- Cookie,Set-Cookie,Authorization - Cookie,Set-Cookie,Authorization
......
...@@ -33,9 +33,6 @@ public class DevBootSecurityConfig extends WebSecurityConfigurerAdapter { ...@@ -33,9 +33,6 @@ public class DevBootSecurityConfig extends WebSecurityConfigurerAdapter {
private AuthenticationEntryPoint unauthorizedHandler; private AuthenticationEntryPoint unauthorizedHandler;
@Autowired @Autowired
<#if sys.getPSSystemSetting()?? && sys.getPSSystemSetting().getDataAccCtrlArch()?? && sys.getPSSystemSetting().getDataAccCtrlArch()==1>
@Qualifier("IBZUAAUserService")
</#if>
private AuthenticationUserService userDetailsService; private AuthenticationUserService userDetailsService;
/** /**
......
...@@ -17,11 +17,11 @@ server: ...@@ -17,11 +17,11 @@ server:
zuul: zuul:
routes: routes:
<#assign haswfentity=false> <#assign haswfentity=false>
<#list item.getAllPSAppDataEntities() as appDataEntity> <#list item.getAllPSDataEntities() as appDataEntity>
<#assign serviceId=""> <#assign serviceId="">
<#assign serviceUrl=srfpluralize(appDataEntity.codeName?lower_case)> <#assign serviceUrl=srfpluralize(appDataEntity.codeName?lower_case)>
<#assign appEntity=appDataEntity.name?lower_case> <#assign appEntity=appDataEntity.name?lower_case>
<#assign psDataEntity=appDataEntity.getPSDataEntity()> <#assign psDataEntity=appDataEntity>
<#assign systemName=sys.getCodeName()?lower_case> <#assign systemName=sys.getCodeName()?lower_case>
<#if psDataEntity.hasPSDEWF()??> <#if psDataEntity.hasPSDEWF()??>
<#assign haswfentity=true> <#assign haswfentity=true>
...@@ -30,10 +30,12 @@ zuul: ...@@ -30,10 +30,12 @@ zuul:
<#comment>serviceApi模式</#comment> <#comment>serviceApi模式</#comment>
<#assign serviceId=(psDataEntity.getPSSubSysServiceAPI().getServiceCodeName())!''> <#assign serviceId=(psDataEntity.getPSSubSysServiceAPI().getServiceCodeName())!''>
<#assign serviceUrl=srfpluralize(appDataEntity.name?lower_case)> <#assign serviceUrl=srfpluralize(appDataEntity.name?lower_case)>
<#if serviceId!="">
${appEntity}: ${appEntity}:
path: /${serviceUrl}/** path: /${serviceUrl}/**
serviceId: ${serviceId} serviceId: ${serviceId}
stripPrefix: false stripPrefix: false
</#if>
</#if> </#if>
</#list> </#list>
<#if haswfentity==true> <#if haswfentity==true>
...@@ -42,6 +44,12 @@ zuul: ...@@ -42,6 +44,12 @@ zuul:
serviceId: ibzwf-api serviceId: ibzwf-api
stripPrefix: false stripPrefix: false
</#if> </#if>
<#if sys.getPSSystemSetting()?? && sys.getPSSystemSetting().getDataAccCtrlArch()?? && sys.getPSSystemSetting().getDataAccCtrlArch()==1>
loginv7:
path: /v7/login
serviceId: ibzuaa-api
stripPrefix: false
</#if>
<#comment>通过设置该参数,避免Zuul转发请求时丢失Authorization请求头信息</#comment> <#comment>通过设置该参数,避免Zuul转发请求时丢失Authorization请求头信息</#comment>
sensitive-headers: sensitive-headers:
- Cookie,Set-Cookie,Authorization - Cookie,Set-Cookie,Authorization
......
...@@ -34,9 +34,6 @@ public class ${item.codeName}SecurityConfig extends WebSecurityConfigurerAdapter ...@@ -34,9 +34,6 @@ public class ${item.codeName}SecurityConfig extends WebSecurityConfigurerAdapter
private AuthenticationEntryPoint unauthorizedHandler; private AuthenticationEntryPoint unauthorizedHandler;
@Autowired @Autowired
<#if sys.getPSSystemSetting()?? && sys.getPSSystemSetting().getDataAccCtrlArch()?? && sys.getPSSystemSetting().getDataAccCtrlArch()==1>
@Qualifier("IBZUAAUserService")
</#if>
private AuthenticationUserService userDetailsService; private AuthenticationUserService userDetailsService;
/** /**
......
...@@ -18,9 +18,11 @@ import org.springframework.security.core.userdetails.UserDetails; ...@@ -18,9 +18,11 @@ import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.validation.annotation.Validated; import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*; import org.springframework.web.bind.annotation.*;
import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
@RestController @RestController
@RequestMapping("/") @RequestMapping("/")
@ConditionalOnProperty( name = "ibiz.enablePermissionValid", havingValue = "false")
public class AuthenticationController public class AuthenticationController
{ {
...@@ -31,9 +33,6 @@ public class AuthenticationController ...@@ -31,9 +33,6 @@ public class AuthenticationController
private AuthTokenUtil jwtTokenUtil; private AuthTokenUtil jwtTokenUtil;
@Autowired @Autowired
<#if sys.getPSSystemSetting()?? && sys.getPSSystemSetting().getDataAccCtrlArch()?? && sys.getPSSystemSetting().getDataAccCtrlArch()==1>
@Qualifier("IBZUAAUserService")
</#if>
private AuthenticationUserService userDetailsService; private AuthenticationUserService userDetailsService;
@PostMapping(value = ${r'"${ibiz.auth.path:v7/login}"'}) @PostMapping(value = ${r'"${ibiz.auth.path:v7/login}"'})
......
...@@ -30,7 +30,7 @@ public class AuthorizationTokenFilter extends OncePerRequestFilter { ...@@ -30,7 +30,7 @@ public class AuthorizationTokenFilter extends OncePerRequestFilter {
private final AuthTokenUtil authTokenUtil; private final AuthTokenUtil authTokenUtil;
private final String tokenHeader; private final String tokenHeader;
public AuthorizationTokenFilter(<#if sys.getPSSystemSetting()?? && sys.getPSSystemSetting().getDataAccCtrlArch()?? && sys.getPSSystemSetting().getDataAccCtrlArch()==1>@Qualifier("IBZUAAUserService")</#if> AuthenticationUserService userDetailsService, AuthTokenUtil authTokenUtil, @Value(${r'"${ibiz.jwt.header:Authorization}"'}) String tokenHeader) { public AuthorizationTokenFilter(AuthenticationUserService userDetailsService, AuthTokenUtil authTokenUtil, @Value(${r'"${ibiz.jwt.header:Authorization}"'}) String tokenHeader) {
this.userDetailsService = userDetailsService; this.userDetailsService = userDetailsService;
this.authTokenUtil = authTokenUtil; this.authTokenUtil = authTokenUtil;
this.tokenHeader = tokenHeader; this.tokenHeader = tokenHeader;
......
...@@ -15,11 +15,13 @@ import org.springframework.context.annotation.Primary; ...@@ -15,11 +15,13 @@ import org.springframework.context.annotation.Primary;
import org.springframework.stereotype.Service; import org.springframework.stereotype.Service;
import org.springframework.util.DigestUtils; import org.springframework.util.DigestUtils;
import org.springframework.util.StringUtils; import org.springframework.util.StringUtils;
import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
/** /**
* 实体[IBZUSER] 服务对象接口实现 * 实体[IBZUSER] 服务对象接口实现
*/ */
@Service("IBZUAAUserService") @Service("IBZUAAUserService")
@ConditionalOnExpression("${r'${ibiz.enablePermissionValid:false}'}||'${r'${ibiz.auth.service:SimpleUserService}'}'.equals('IBZUAAUserService')")
public class IBZUAAUserService implements AuthenticationUserService{ public class IBZUAAUserService implements AuthenticationUserService{
@Autowired @Autowired
......
...@@ -16,11 +16,13 @@ import ${pub.getPKGCodeName()}.util.mapper.IBZUSERMapper; ...@@ -16,11 +16,13 @@ import ${pub.getPKGCodeName()}.util.mapper.IBZUSERMapper;
import ${pub.getPKGCodeName()}.util.domain.IBZUSER; import ${pub.getPKGCodeName()}.util.domain.IBZUSER;
import org.springframework.util.DigestUtils; import org.springframework.util.DigestUtils;
import org.springframework.util.StringUtils; import org.springframework.util.StringUtils;
import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
/** /**
* 实体[IBZUSER] 服务对象接口实现 * 实体[IBZUSER] 服务对象接口实现
*/ */
@Service("IBZUSERService") @Service("IBZUSERService")
@ConditionalOnExpression("(!${r'${ibiz.enablePermissionValid:false}'})&&'${r'${ibiz.auth.service:SimpleUserService}'}'.equals('IBZUSERService')")
public class IBZUSERServiceImpl extends ServiceImpl<IBZUSERMapper, IBZUSER> implements IBZUSERService,AuthenticationUserService{ public class IBZUSERServiceImpl extends ServiceImpl<IBZUSERMapper, IBZUSER> implements IBZUSERService,AuthenticationUserService{
@Value(${r'"${ibiz.auth.pwencrymode:0}"'}) @Value(${r'"${ibiz.auth.pwencrymode:0}"'})
......
...@@ -19,12 +19,14 @@ import org.springframework.util.StringUtils; ...@@ -19,12 +19,14 @@ import org.springframework.util.StringUtils;
import com.alibaba.fastjson.JSONObject; import com.alibaba.fastjson.JSONObject;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value; import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
/** /**
* 实体[IBZUSER] 服务对象接口实现 * 实体[IBZUSER] 服务对象接口实现
*/ */
@Primary @Primary
@Service("SimpleUserService") @Service("SimpleUserService")
@ConditionalOnExpression("(!${r'${ibiz.enablePermissionValid:false}'})&&'${r'${ibiz.auth.service:SimpleUserService}'}'.equals('SimpleUserService')")
public class SimpleUserService implements AuthenticationUserService{ public class SimpleUserService implements AuthenticationUserService{
@Override @Override
......
Markdown 格式
0% or
您添加了 0 到此讨论。请谨慎行事。
先完成此消息的编辑!
想要评论请 注册