diff --git a/maxkey-authentications/src/main/java/org/maxkey/authn/support/basic/BasicEntryPoint.java b/maxkey-authentications/src/main/java/org/maxkey/authn/support/basic/BasicEntryPoint.java index edb8ef3d6..845fbf717 100644 --- a/maxkey-authentications/src/main/java/org/maxkey/authn/support/basic/BasicEntryPoint.java +++ b/maxkey-authentications/src/main/java/org/maxkey/authn/support/basic/BasicEntryPoint.java @@ -60,6 +60,7 @@ public class BasicEntryPoint extends HandlerInterceptorAdapter { // session not exists,session timeout,recreate new session if(request.getSession(false) == null) { + _logger.info("recreate new session ."); request.getSession(true); } String basicCredential =request.getHeader(AuthorizationHeaderUtils.AUTHORIZATION_HEADERNAME); diff --git a/maxkey-authentications/src/main/java/org/maxkey/authn/support/httpheader/HttpHeaderEntryPoint.java b/maxkey-authentications/src/main/java/org/maxkey/authn/support/httpheader/HttpHeaderEntryPoint.java index 10e61afc6..1fb77e8ac 100644 --- a/maxkey-authentications/src/main/java/org/maxkey/authn/support/httpheader/HttpHeaderEntryPoint.java +++ b/maxkey-authentications/src/main/java/org/maxkey/authn/support/httpheader/HttpHeaderEntryPoint.java @@ -52,6 +52,7 @@ public class HttpHeaderEntryPoint extends HandlerInterceptorAdapter { // session not exists,session timeout,recreate new session if(request.getSession(false) == null) { + _logger.info("recreate new session ."); request.getSession(true); } diff --git a/maxkey-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java b/maxkey-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java index d26046e8c..998b83e07 100644 --- a/maxkey-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java +++ b/maxkey-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java @@ -123,8 +123,11 @@ public abstract class AbstractAuthenticationProvider { */ protected void sessionValid(String sessionId) { if (sessionId == null || !sessionId.equals(WebContext.getSession().getId())) { - String message = WebContext.getI18nValue("login.error.session"); _logger.debug("login session valid error."); + _logger.debug("login session sessionId " + sessionId); + _logger.debug("login getSession sessionId " + WebContext.getSession().getId()); + + String message = WebContext.getI18nValue("login.error.session"); throw new BadCredentialsException(message); } } diff --git a/maxkey-core/src/main/java/org/maxkey/autoconfigure/MvcAutoConfiguration.java b/maxkey-core/src/main/java/org/maxkey/autoconfigure/MvcAutoConfiguration.java index c028c771d..b80314c79 100644 --- a/maxkey-core/src/main/java/org/maxkey/autoconfigure/MvcAutoConfiguration.java +++ b/maxkey-core/src/main/java/org/maxkey/autoconfigure/MvcAutoConfiguration.java @@ -149,7 +149,7 @@ public class MvcAutoConfiguration implements InitializingBean { new MappingJackson2HttpMessageConverter(); ArrayList mediaTypesList = new ArrayList(); mediaTypesList.add(MediaType.APPLICATION_JSON); - mediaTypesList.add(MediaType.TEXT_PLAIN); + //mediaTypesList.add(MediaType.TEXT_PLAIN); mappingJacksonHttpMessageConverter.setSupportedMediaTypes(mediaTypesList); return mappingJacksonHttpMessageConverter; } diff --git a/maxkey-core/src/main/java/org/maxkey/web/WebContext.java b/maxkey-core/src/main/java/org/maxkey/web/WebContext.java index d6824b554..7143626b9 100644 --- a/maxkey-core/src/main/java/org/maxkey/web/WebContext.java +++ b/maxkey-core/src/main/java/org/maxkey/web/WebContext.java @@ -220,6 +220,7 @@ public final class WebContext { * @return HttpSession */ public static HttpSession getSession(boolean create) { + System.out.println("new Session created"); return getRequest().getSession(create); } diff --git a/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyApplication.java b/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyApplication.java index 94c19c05f..cd974f317 100644 --- a/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyApplication.java +++ b/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyApplication.java @@ -1,6 +1,7 @@ package org.maxkey; import java.util.Date; + import javax.servlet.ServletException; import org.apache.ibatis.io.VFS; import org.apache.mybatis.jpa.SpringBootVFS; @@ -43,5 +44,13 @@ public class MaxKeyApplication extends SpringBootServletInitializer { protected SpringApplicationBuilder configure(SpringApplicationBuilder application) { return application.sources(MaxKeyApplication.class); } + + /*@Override + public void onStartup(ServletContext servletContext) throws ServletException { + super.onStartup(servletContext); + servletContext.setSessionTrackingModes(Collections.singleton(SessionTrackingMode.COOKIE)); + SessionCookieConfig sessionCookieConfig = servletContext.getSessionCookieConfig(); + sessionCookieConfig.setHttpOnly(true); + }*/ } diff --git a/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyConfig.java b/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyConfig.java index 3b1a49bc0..4579ccf9b 100644 --- a/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyConfig.java +++ b/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyConfig.java @@ -2,10 +2,6 @@ package org.maxkey; import java.util.ArrayList; import java.util.List; -import org.apache.catalina.Context; -import org.apache.catalina.connector.Connector; -import org.apache.tomcat.util.descriptor.web.SecurityCollection; -import org.apache.tomcat.util.descriptor.web.SecurityConstraint; import org.maxkey.authn.realm.jdbc.JdbcAuthenticationRealm; import org.maxkey.authn.realm.ldap.LdapAuthenticationRealm; import org.maxkey.authn.realm.ldap.LdapServer; @@ -31,7 +27,6 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.InitializingBean; import org.springframework.beans.factory.annotation.Value; -import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory; import org.springframework.boot.web.servlet.FilterRegistrationBean; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.ComponentScan; @@ -77,35 +72,7 @@ public class MaxKeyConfig implements InitializingBean { registration.setOrder(1); return registration; } - - @Bean - public Connector connector() { - Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol"); - connector.setScheme("http"); - connector.setPort(80); - connector.setSecure(false); - connector.setRedirectPort(443); - return connector; - } - - @Bean - public TomcatServletWebServerFactory tomcatServletWebServerFactory(Connector connector) { - TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory() { - @Override - protected void postProcessContext(Context context) { - SecurityConstraint securityConstraint = new SecurityConstraint(); - securityConstraint.setUserConstraint("CONFIDENTIAL"); - SecurityCollection collection = new SecurityCollection(); - collection.addPattern("/*"); - securityConstraint.addCollection(collection); - context.addConstraint(securityConstraint); - } - }; - tomcat.addAdditionalTomcatConnectors(connector); - return tomcat; - } - @Bean(name = "keyUriFormat") public KeyUriFormat keyUriFormat( @Value("${config.otp.keyuri.format.type:totp}") diff --git a/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeySslConfig.java b/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeySslConfig.java new file mode 100644 index 000000000..0ce2e79bd --- /dev/null +++ b/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeySslConfig.java @@ -0,0 +1,60 @@ +package org.maxkey; + +import org.apache.catalina.Context; +import org.apache.catalina.connector.Connector; +import org.apache.tomcat.util.descriptor.web.SecurityCollection; +import org.apache.tomcat.util.descriptor.web.SecurityConstraint; +import org.maxkey.constants.ConstantsProperties; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.InitializingBean; +import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.context.annotation.PropertySource; + + +@Configuration +//@ImportResource(locations = { "classpath:spring/maxkey.xml" }) +@PropertySource(ConstantsProperties.applicationPropertySource) +@PropertySource(ConstantsProperties.maxKeyPropertySource) +public class MaxKeySslConfig implements InitializingBean { + private static final Logger _logger = LoggerFactory.getLogger(MaxKeySslConfig.class); + + @Bean + public Connector connector() { + Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol"); + connector.setScheme("http"); + connector.setPort(80); + connector.setSecure(true); + //connector.setRedirectPort(443); + _logger.debug("Ssl Support ."); + return connector; + } + + @Bean + public TomcatServletWebServerFactory tomcatServletWebServerFactory(Connector connector) { + TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory() { + @Override + protected void postProcessContext(Context context) { + SecurityConstraint securityConstraint = new SecurityConstraint(); + securityConstraint.setUserConstraint("CONFIDENTIAL"); + SecurityCollection collection = new SecurityCollection(); + collection.addPattern("/*"); + securityConstraint.addCollection(collection); + context.addConstraint(securityConstraint); + } + }; + tomcat.addAdditionalTomcatConnectors(connector); + return tomcat; + } + + + @Override + public void afterPropertiesSet() throws Exception { + + } + + + +} diff --git a/maxkey-web-maxkey/src/main/resources/maxkey.properties b/maxkey-web-maxkey/src/main/resources/maxkey.properties index 14c2148b0..ec4748771 100644 --- a/maxkey-web-maxkey/src/main/resources/maxkey.properties +++ b/maxkey-web-maxkey/src/main/resources/maxkey.properties @@ -5,7 +5,7 @@ config.server.domain=maxkey.top config.server.domain.sub=sso.${config.server.domain} config.server.name=http://${config.server.domain.sub} -config.server.prefix.uri=${config.server.name}/maxkey +config.server.prefix.uri=${config.server.name}:80/maxkey #default.uri config.server.default.uri=${config.server.prefix.uri}/maxkey/appList config.server.management.uri=${config.server.name}:9521/maxkey-mgt/login