changeSession login

2026-05-14 20:50:14 +08:00 · 2020-11-20 07:53:31 +08:00
parent 6e83568945
commit a99ecf16f5
11 changed files with 61 additions and 37 deletions
--- a/maxkey-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java
+++ b/maxkey-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java
@@ -18,6 +18,8 @@
 package org.maxkey.authn;

 import java.util.ArrayList;
+import java.util.HashMap;
+
 import org.maxkey.authn.online.OnlineTicketServices;
 import org.maxkey.authn.realm.AbstractAuthenticationRealm;
 import org.maxkey.authn.support.rememberme.AbstractRemeberMeService;
@@ -100,6 +102,8 @@ public abstract class AbstractAuthenticationProvider {
            throws AuthenticationException {
        _logger.debug("Trying to authenticate user '{}' via {}", 
                loginCredential.getPrincipal(), getProviderName());
+        // 登录SESSION
+        _logger.debug("Login  Session {}.", WebContext.getSession().getId());
        Authentication authentication = null;
        try {
            authentication = doInternalAuthenticate(loginCredential);
@@ -121,33 +125,34 @@ public abstract class AbstractAuthenticationProvider {
        // user authenticated
        _logger.debug("'{}' authenticated successfully by {}.", 
                authentication.getPrincipal(), getProviderName());
-
-        final UserInfo userInfo = WebContext.getUserInfo();
-        final Object passwordSetType = WebContext.getSession()
-                .getAttribute(WebConstants.CURRENT_LOGIN_USER_PASSWORD_SET_TYPE);
-        // 登录完成后切换SESSION
-        _logger.debug("Login  Session {}.", WebContext.getSession().getId());
        
-        final Object firstSavedRequest =
-                WebContext.getAttribute(WebConstants.FIRST_SAVED_REQUEST_PARAMETER);
-        //change Session
+        changeSession(authentication);
+        
+        authenticationRealm.insertLoginHistory(
+                WebContext.getUserInfo(), ConstantsLoginType.LOCAL, "", "xe00000004", "success");
+        
+        return authentication;
+    }
+    
+    protected void changeSession(Authentication authentication) {
+        
+        HashMap<String,Object> sessionAttributeMap = new HashMap<String,Object>();
+        for(String attributeName : WebContext.sessionAttributeNameList) {
+            sessionAttributeMap.put(attributeName, WebContext.getAttribute(attributeName));
+        }
+        
+        //new Session        
        WebContext.getSession().invalidate();
+        
+        for(String attributeName : WebContext.sessionAttributeNameList) {
+            WebContext.setAttribute(attributeName, sessionAttributeMap.get(attributeName));
+        }
+        
        WebContext.setAttribute(
                WebConstants.CURRENT_USER_SESSION_ID, WebContext.getSession().getId());
        _logger.debug("Login Success Session {}.", WebContext.getSession().getId());
-
-        authenticationRealm.insertLoginHistory(
-                userInfo, ConstantsLoginType.LOCAL, "", "xe00000004", "success");
-
-        WebContext.setAttribute(WebConstants.FIRST_SAVED_REQUEST_PARAMETER,firstSavedRequest);
-        // 认证设置
-        WebContext.setAuthentication(authentication);
-        WebContext.setUserInfo(userInfo);
-        WebContext.getSession().setAttribute(
-                WebConstants.CURRENT_LOGIN_USER_PASSWORD_SET_TYPE, passwordSetType);
-
-        return authentication;
    }
+   

    /**
     * session validate.
--- a/maxkey-core/src/main/java/org/maxkey/web/WebConstants.java
+++ b/maxkey-core/src/main/java/org/maxkey/web/WebConstants.java
@@ -54,7 +54,11 @@ public class WebConstants {
    public static final  String KAPTCHA_SESSION_KEY = "kaptcha_session_key";

    public static final String SINGLE_SIGN_ON_APP_ID = "single_sign_on_app_id";
-
+    
+    public static final String AUTHORIZE_SIGN_ON_APP = "authorize_sign_on_app";
+    
+    public static final String AUTHORIZE_SIGN_ON_APP_SAMLV20_ADAPTER = "authorize_sign_on_app_samlv20_adapter";
+    
    public static final String REMEBER_ME_SESSION = "remeber_me_session";

    public static final String KERBEROS_TOKEN_PARAMETER = "kerberosToken";
--- a/maxkey-core/src/main/java/org/maxkey/web/WebContext.java
+++ b/maxkey-core/src/main/java/org/maxkey/web/WebContext.java
@@ -19,6 +19,7 @@ package org.maxkey.web;

 import java.io.UnsupportedEncodingException;
 import java.net.URLEncoder;
+import java.util.ArrayList;
 import java.util.HashMap;
 import java.util.Locale;
 import java.util.Map;
@@ -55,6 +56,17 @@ public final class WebContext {
    final static Logger _logger = LoggerFactory.getLogger(WebContext.class);
    
    public static Properties properties;
+    
+    public static ArrayList<String> sessionAttributeNameList = new ArrayList<String>();
+    
+    static {
+        sessionAttributeNameList.add(WebConstants.CURRENT_LOGIN_USER_PASSWORD_SET_TYPE);
+        sessionAttributeNameList.add(WebConstants.FIRST_SAVED_REQUEST_PARAMETER);
+        sessionAttributeNameList.add(WebConstants.AUTHENTICATION);
+        sessionAttributeNameList.add(WebConstants.CURRENT_USER);
+        sessionAttributeNameList.add(WebConstants.AUTHORIZE_SIGN_ON_APP_SAMLV20_ADAPTER);
+        sessionAttributeNameList.add(WebConstants.AUTHORIZE_SIGN_ON_APP);
+    }
     
    /**
     * set Current login user to session.