authentication jwt RemeberMe

2026-05-16 05:20:42 +08:00 · 2021-02-17 13:06:30 +08:00
parent aad4e7e878
commit 5ccb71e64d
13 changed files with 388 additions and 233 deletions
--- a/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyConfig.java
+++ b/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyConfig.java
@@ -49,8 +49,6 @@ import org.mybatis.spring.annotation.MapperScan;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.InitializingBean;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.ComponentScan;
@@ -130,14 +128,6 @@ public class MaxKeyConfig  implements InitializingBean {
        return authenticationRealm;
    }
    
-    //JdbcAuthenticationRealm
-    public JdbcAuthenticationRealm jdbcAuthenticationRealm(
-                JdbcTemplate jdbcTemplate) {
-        JdbcAuthenticationRealm authenticationRealm = new JdbcAuthenticationRealm(jdbcTemplate);
-        _logger.debug("JdbcAuthenticationRealm inited.");
-        return authenticationRealm;
-    }
-    
    //LdapAuthenticationRealm
    public LdapAuthenticationRealm ldapAuthenticationRealm(
                JdbcTemplate jdbcTemplate) {
--- a/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyMvcConfig.java
+++ b/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyMvcConfig.java
@@ -17,8 +17,12 @@

 package org.maxkey;

+import org.maxkey.authn.AbstractAuthenticationProvider;
 import org.maxkey.authn.support.basic.BasicEntryPoint;
 import org.maxkey.authn.support.httpheader.HttpHeaderEntryPoint;
+import org.maxkey.authn.support.rememberme.AbstractRemeberMeService;
+import org.maxkey.authn.support.rememberme.HttpRemeberMeEntryPoint;
+import org.maxkey.configuration.ApplicationConfig;
 import org.maxkey.constants.ConstantsProperties;
 import org.maxkey.web.interceptor.HistoryLoginAppAdapter;
 import org.maxkey.web.interceptor.HistoryLogsAdapter;
@@ -27,6 +31,7 @@ import org.maxkey.web.interceptor.PreLoginAppAdapter;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.PropertySource;
@@ -42,6 +47,18 @@ import org.springframework.web.servlet.i18n.LocaleChangeInterceptor;
 public class MaxKeyMvcConfig implements WebMvcConfigurer {
    private static final  Logger _logger = LoggerFactory.getLogger(MaxKeyMvcConfig.class);
    
+    @Autowired
+  	@Qualifier("applicationConfig")
+  	ApplicationConfig applicationConfig;
+    
+    @Autowired
+    @Qualifier("authenticationProvider")
+    AbstractAuthenticationProvider authenticationProvider ;
+    
+    @Autowired
+	@Qualifier("remeberMeService")
+	AbstractRemeberMeService remeberMeService;
+    
    @Autowired
    PermissionAdapter permissionAdapter;
    
@@ -93,6 +110,23 @@ public class MaxKeyMvcConfig implements WebMvcConfigurer {
    public void addInterceptors(InterceptorRegistry registry) {
        //addPathPatterns 用于添加拦截规则 ， 先把所有路径都加入拦截， 再一个个排除
        //excludePathPatterns 表示改路径不用拦截
+        _logger.debug("add HttpRemeberMeEntryPoint");
+        registry.addInterceptor(new HttpRemeberMeEntryPoint(
+        			authenticationProvider,remeberMeService,applicationConfig,true))
+        		.addPathPatterns("/login");
+        
+        if(httpHeaderEnable) {
+            registry.addInterceptor(new HttpHeaderEntryPoint(httpHeaderName,httpHeaderEnable))
+                    .addPathPatterns("/*");
+            _logger.debug("add HttpHeaderEntryPoint");
+        }
+        
+        if(basicEnable) {
+            registry.addInterceptor(new BasicEntryPoint(basicEnable))
+                    .addPathPatterns("/*");
+            _logger.debug("add BasicEntryPoint");
+        }
+        
        registry.addInterceptor(permissionAdapter)
                .addPathPatterns("/index/**")
                .addPathPatterns("/logs/**")
@@ -176,17 +210,7 @@ public class MaxKeyMvcConfig implements WebMvcConfigurer {
        registry.addInterceptor(localeChangeInterceptor);
        _logger.debug("add LocaleChangeInterceptor");
        
-        if(httpHeaderEnable) {
-            registry.addInterceptor(new HttpHeaderEntryPoint(httpHeaderName,httpHeaderEnable))
-                    .addPathPatterns("/*");
-            _logger.debug("add HttpHeaderEntryPoint");
-        }
-        
-        if(basicEnable) {
-            registry.addInterceptor(new BasicEntryPoint(basicEnable))
-                    .addPathPatterns("/*");
-            _logger.debug("add BasicEntryPoint");
-        }
+
    }

 }
--- a/maxkey-web-maxkey/src/main/java/org/maxkey/web/endpoint/LoginEndpoint.java
+++ b/maxkey-web-maxkey/src/main/java/org/maxkey/web/endpoint/LoginEndpoint.java
@@ -27,7 +27,6 @@ import javax.servlet.http.HttpServletResponse;
 import org.maxkey.authn.AbstractAuthenticationProvider;
 import org.maxkey.authn.LoginCredential;
 import org.maxkey.authn.support.kerberos.KerberosService;
-import org.maxkey.authn.support.rememberme.AbstractRemeberMeService;
 import org.maxkey.authn.support.socialsignon.service.SocialSignOnProviderService;
 import org.maxkey.authn.support.wsfederation.WsFederationConstants;
 import org.maxkey.configuration.ApplicationConfig;
@@ -44,7 +43,6 @@ import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.stereotype.Controller;
-import org.springframework.web.bind.annotation.CookieValue;
 import org.springframework.web.bind.annotation.ModelAttribute;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.RequestMapping;
@@ -61,8 +59,6 @@ import org.springframework.web.servlet.ModelAndView;
 public class LoginEndpoint {
 	private static Logger _logger = LoggerFactory.getLogger(LoginEndpoint.class);
 	
-	
-	
 	@Autowired
  	@Qualifier("applicationConfig")
  	ApplicationConfig applicationConfig;
@@ -71,10 +67,6 @@ public class LoginEndpoint {
 	@Qualifier("socialSignOnProviderService")
 	SocialSignOnProviderService socialSignOnProviderService;
 	
-	@Autowired
-	@Qualifier("remeberMeService")
-	AbstractRemeberMeService remeberMeService;
-	
 	@Autowired
 	@Qualifier("kerberosService")
 	KerberosService kerberosService;
@@ -95,11 +87,6 @@ public class LoginEndpoint {
    @Qualifier("tfaOtpAuthn")
    protected AbstractOtpAuthn tfaOtpAuthn;
 	
-	/*
-	@Autowired
-	@Qualifier("jwtLoginService")
-	JwtLoginService jwtLoginService;
-	*/
 	/**
 	 * init login
 	 * @return
@@ -108,7 +95,6 @@ public class LoginEndpoint {
 	public ModelAndView login(
 			HttpServletRequest request,
 			HttpServletResponse response,
-			@CookieValue(value=WebConstants.REMEBER_ME_COOKIE,required=false) String remeberMe,
 			@RequestParam(value=WebConstants.CAS_SERVICE_PARAMETER,required=false) String casService,
 			@RequestParam(value=WebConstants.KERBEROS_TOKEN_PARAMETER,required=false) String kerberosToken,
 			@RequestParam(value=WebConstants.KERBEROS_USERDOMAIN_PARAMETER,required=false) String kerberosUserDomain,
@@ -119,13 +105,6 @@ public class LoginEndpoint {
 		ModelAndView modelAndView = new ModelAndView("login");
 		
 		boolean isAuthenticated= WebContext.isAuthenticated();
-		//for RemeberMe login
-		if(!isAuthenticated){
-			if(applicationConfig.getLoginConfig().isRemeberMe()&&remeberMe!=null&& !remeberMe.equals("")){
-				_logger.debug("Try RemeberMe login ");
-				isAuthenticated=remeberMeService.login(remeberMe,response);
-			}
-		}
 		//for Kerberos login
 		if(!isAuthenticated){
 			if(applicationConfig.getLoginConfig().isKerberos()&&