diff --git a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java index 161206622..f287b758e 100644 --- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java +++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java @@ -138,7 +138,8 @@ public abstract class AbstractAuthenticationProvider { //create session this.sessionManager.create(session.getId(), session); - AuthorizationUtils.setSession(session); + //set Authentication to http session + AuthorizationUtils.setAuthentication(authenticationToken); return authenticationToken; } diff --git a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/session/InMemorySessionManager.java b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/session/InMemorySessionManager.java index 8216099f3..d78e66a6d 100644 --- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/session/InMemorySessionManager.java +++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/session/InMemorySessionManager.java @@ -85,7 +85,7 @@ public class InMemorySessionManager extends AbstractSessionManager{ LocalTime currentTime = LocalTime.now(); Duration duration = Duration.between(currentTime, session.getLastAccessTime()); - _logger.trace("OnlineTicket duration " + duration.getSeconds()); + _logger.trace("Session duration " + duration.getSeconds()); if(duration.getSeconds() > Session.MAX_EXPIRY_DURATION) { session.setLastAccessTime(currentTime); diff --git a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/session/RedisSessionManager.java b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/session/RedisSessionManager.java index d98c899e5..51947572a 100644 --- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/session/RedisSessionManager.java +++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/session/RedisSessionManager.java @@ -59,8 +59,8 @@ public class RedisSessionManager extends AbstractSessionManager { @Override public void create(String sessionId, Session ticket) { - RedisConnection conn=connectionFactory.getConnection(); - conn.setexObject(PREFIX+sessionId, serviceTicketValiditySeconds, ticket); + RedisConnection conn = connectionFactory.getConnection(); + conn.setexObject(PREFIX + sessionId, serviceTicketValiditySeconds, ticket); conn.close(); } @@ -101,7 +101,7 @@ public class RedisSessionManager extends AbstractSessionManager { LocalTime currentTime = LocalTime.now(); Duration duration = Duration.between(currentTime, session.getLastAccessTime()); - _logger.trace("OnlineTicket duration " + duration.getSeconds()); + _logger.trace("Session duration " + duration.getSeconds()); if(duration.getSeconds() > Session.MAX_EXPIRY_DURATION) { session.setLastAccessTime(currentTime); diff --git a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/AuthorizationUtils.java b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/AuthorizationUtils.java index ef7f1e5f1..94c3f1cad 100644 --- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/AuthorizationUtils.java +++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/web/AuthorizationUtils.java @@ -44,7 +44,7 @@ public class AuthorizationUtils { AuthJwtService authJwtService, SessionManager sessionManager ) throws ParseException{ - if(getSession() == null) { + if(getAuthentication() == null) { Cookie authCookie = WebContext.getCookie(request, Authorization_Cookie); if(authCookie != null ) { String authorization = authCookie.getValue(); @@ -59,7 +59,7 @@ public class AuthorizationUtils { AuthJwtService authJwtService, SessionManager sessionManager ) throws ParseException{ - if(getSession() == null) { + if(getAuthentication() == null) { String authorization = AuthorizationHeaderUtils.resolveBearer(request); if(authorization != null ) { doJwtAuthenticate(authorization,authJwtService,sessionManager); @@ -76,28 +76,12 @@ public class AuthorizationUtils { String sessionId = authJwtService.resolveJWTID(authorization); Session session = sessionManager.get(sessionId); if(session != null) { - setSession(session); setAuthentication(session.getAuthentication()); } } } - - //set session to http session - public static void setSession(Session session) { - WebContext.setAttribute(WebConstants.SESSION, session); - } - public static Session getSession() { - Session session = getSession(WebContext.getRequest()); - return session; - } - //get session to http session - public static Session getSession(HttpServletRequest request) { - Session session = (Session) request.getSession().getAttribute(WebConstants.SESSION); - return session; - } - public static Authentication getAuthentication() { Authentication authentication = (Authentication) getAuthentication(WebContext.getRequest()); return authentication; @@ -108,12 +92,13 @@ public class AuthorizationUtils { return authentication; } + //set Authentication to http session public static void setAuthentication(Authentication authentication) { WebContext.setAttribute(WebConstants.AUTHENTICATION, authentication); } public static boolean isAuthenticated() { - return getSession() != null; + return getAuthentication() != null; } public static boolean isNotAuthenticated() { diff --git a/maxkey-core/src/main/java/org/maxkey/entity/Groups.java b/maxkey-core/src/main/java/org/maxkey/entity/Groups.java index bdf386bdf..5f11875ef 100644 --- a/maxkey-core/src/main/java/org/maxkey/entity/Groups.java +++ b/maxkey-core/src/main/java/org/maxkey/entity/Groups.java @@ -166,6 +166,17 @@ public class Groups extends JpaBaseEntity implements Serializable { this.status = status; } + /** + * ROLE_ALL_USER must be + * 1, dynamic + * 2, all orgIdsList + * 3, not filters + */ + public void setDefaultAllUser() { + this.dynamic = "1"; + this.orgIdsList =""; + this.filters =""; + } public String getDynamic() { return dynamic; diff --git a/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/access/contorller/GroupsController.java b/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/access/contorller/GroupsController.java index 389d929dd..92e0f0adf 100644 --- a/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/access/contorller/GroupsController.java +++ b/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/access/contorller/GroupsController.java @@ -1,5 +1,5 @@ /* - * Copyright [2020] [MaxKey of copyright http://www.maxkey.top] + * Copyright [2022] [MaxKey of copyright http://www.maxkey.top] * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -92,6 +92,9 @@ public class GroupsController { @RequestMapping(value={"/update"}, produces = {MediaType.APPLICATION_JSON_VALUE}) public ResponseEntity update(@RequestBody Groups group,@CurrentUser UserInfo currentUser) { _logger.debug("-update group :" + group); + if(group.getId().equalsIgnoreCase("ROLE_ALL_USER")) { + group.setDefaultAllUser(); + } group.setInstId(currentUser.getInstId()); if (groupsService.update(group)) { groupsService.refreshDynamicGroups(group);