v2.9.0 FIX

2026-05-14 12:32:09 +08:00 · 2021-08-23 11:12:49 +08:00
parent 68d462003a
commit bc91908667
14 changed files with 197 additions and 162 deletions
--- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java
+++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java
@@ -134,6 +134,7 @@ public abstract class AbstractAuthenticationProvider {
        HashMap<String,Object> sessionAttributeMap = new HashMap<String,Object>();
        for(String attributeName : WebContext.sessionAttributeNameList) {
            sessionAttributeMap.put(attributeName, WebContext.getAttribute(attributeName));
            WebContext.removeAttribute(attributeName);
        }
        //new Session        
@@ -143,7 +144,9 @@ public abstract class AbstractAuthenticationProvider {
            WebContext.setAttribute(attributeName, sessionAttributeMap.get(attributeName));
        }
-        _logger.debug("Login Success Session {}.", WebContext.getSession().getId());
+        _logger.debug("Login Success Session {} Mapping to user Session {}.",
                        WebContext.getSession().getId(),
                        WebContext.getAttribute(WebConstants.CURRENT_USER_SESSION_ID));
    }
--- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/LoginCredential.java
+++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/LoginCredential.java
@@ -185,8 +185,8 @@ public class LoginCredential  implements Authentication {
    @Override
    public String toString() {
        StringBuilder builder = new StringBuilder();
-        builder.append("BasicAuthentication [username=").append(username)
+        builder.append("LoginCredential [username=").append(username)
-                .append(", password=").append(password)
+                .append(", password=").append("******")
                .append(", sessionId=").append(sessionId)
                .append(", captcha=").append(captcha)
                .append(", otpCaptcha=").append(otpCaptcha)
--- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/realm/AbstractAuthenticationRealm.java
+++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/realm/AbstractAuthenticationRealm.java
@@ -24,6 +24,7 @@ import javax.servlet.http.HttpServletResponse;
 import org.maxkey.authn.support.rememberme.AbstractRemeberMeService;
 import org.maxkey.entity.Groups;
 import org.maxkey.entity.HistoryLogin;
 import org.maxkey.entity.UserInfo;
 import org.maxkey.persistence.db.LoginHistoryService;
 import org.maxkey.persistence.db.PasswordPolicyValidator;
@@ -134,55 +135,32 @@ public abstract class AbstractAuthenticationRealm {
     * @param message
     */
    public boolean insertLoginHistory(UserInfo userInfo, String type, String provider, String code, String message) {
-        String sessionId = WebContext.genId();
+        HistoryLogin historyLogin = new HistoryLogin();
-        int sessionStatus = 7;
+        historyLogin.setSessionId(WebContext.genId());
        historyLogin.setSessionStatus(7);
        if(WebContext.getAttribute(WebConstants.CURRENT_USER_SESSION_ID) !=null) {
-            sessionStatus = 1;
+            historyLogin.setSessionStatus(1);
-            sessionId = WebContext.getAttribute(WebConstants.CURRENT_USER_SESSION_ID).toString();
+            historyLogin.setSessionId(WebContext.getAttribute(WebConstants.CURRENT_USER_SESSION_ID).toString());
        }
-        _logger.debug("user session id is {} . ",sessionId);
+        _logger.debug("user session id is {} . ",historyLogin.getSessionId());
        userInfo.setLastLoginTime(DateUtils.formatDateTime(new Date()));
        userInfo.setLastLoginIp(WebContext.getRequestIpAddress());
-        String platform = "";
+        
-        String browser = "";
+        Browser browser = resolveBrowser();
-        String userAgent = WebContext.getRequest().getHeader("User-Agent");
+        historyLogin.setBrowser(browser.getName());
-        String[] arrayUserAgent = null;
+        historyLogin.setPlatform(browser.getPlatform());
-        if (userAgent.indexOf("MSIE") > 0) {
+        historyLogin.setSourceIp(userInfo.getLastLoginIp());
-            arrayUserAgent = userAgent.split(";");
+        historyLogin.setProvider(provider);
-            browser = arrayUserAgent[1].trim();
+        historyLogin.setCode(code);
-            platform = arrayUserAgent[2].trim();
+        historyLogin.setLoginType(type);
-        } else if (userAgent.indexOf("Trident") > 0) {
+        historyLogin.setMessage(message);
-            arrayUserAgent = userAgent.split(";");
+        historyLogin.setUserId(userInfo.getId());
-            browser = "MSIE/" + arrayUserAgent[3].split("\\)")[0];
+        historyLogin.setUsername(userInfo.getUsername());
-            ;
+        historyLogin.setDisplayName(userInfo.getDisplayName());
-            platform = arrayUserAgent[0].split("\\(")[1];
+        
-        } else if (userAgent.indexOf("Chrome") > 0) {
+        loginHistoryService.login(historyLogin);
            arrayUserAgent = userAgent.split(" ");
            // browser=arrayUserAgent[8].trim();
            for (int i = 0; i < arrayUserAgent.length; i++) {
                if (arrayUserAgent[i].contains("Chrome")) {
                    browser = arrayUserAgent[i].trim();
                    browser = browser.substring(0, browser.indexOf('.'));
                }
            }
            platform = (arrayUserAgent[1].substring(1) + " " + arrayUserAgent[2] + " "
                    + arrayUserAgent[3].substring(0, arrayUserAgent[3].length() - 1)).trim();
        } else if (userAgent.indexOf("Firefox") > 0) {
            arrayUserAgent = userAgent.split(" ");
            for (int i = 0; i < arrayUserAgent.length; i++) {
                if (arrayUserAgent[i].contains("Firefox")) {
                    browser = arrayUserAgent[i].trim();
                    browser = browser.substring(0, browser.indexOf('.'));
                }
            }
            platform = (arrayUserAgent[1].substring(1) + " " + arrayUserAgent[2] + " "
                    + arrayUserAgent[3].substring(0, arrayUserAgent[3].length() - 1)).trim();
        }
        loginHistoryService.login(userInfo,sessionId, type, message, code, provider, browser, platform,sessionStatus);
        loginService.setLastLoginInfo(userInfo);
@@ -218,4 +196,67 @@ public abstract class AbstractAuthenticationRealm {
    }
    public Browser  resolveBrowser() {
        Browser browser =new Browser();
        String userAgent = WebContext.getRequest().getHeader("User-Agent");
        String[] arrayUserAgent = null;
        if (userAgent.indexOf("MSIE") > 0) {
            arrayUserAgent = userAgent.split(";");
            browser.setName(arrayUserAgent[1].trim());
            browser.setPlatform(arrayUserAgent[2].trim());
        } else if (userAgent.indexOf("Trident") > 0) {
            arrayUserAgent = userAgent.split(";");
            browser.setName( "MSIE/" + arrayUserAgent[3].split("\\)")[0]);
            browser.setPlatform( arrayUserAgent[0].split("\\(")[1]);
        } else if (userAgent.indexOf("Chrome") > 0) {
            arrayUserAgent = userAgent.split(" ");
            // browser=arrayUserAgent[8].trim();
            for (int i = 0; i < arrayUserAgent.length; i++) {
                if (arrayUserAgent[i].contains("Chrome")) {
                    browser.setName( arrayUserAgent[i].trim());
                    browser.setName( browser.getName().substring(0, browser.getName().indexOf('.')));
                }
            }
            browser.setPlatform( (arrayUserAgent[1].substring(1) + " " + arrayUserAgent[2] + " "
                    + arrayUserAgent[3].substring(0, arrayUserAgent[3].length() - 1)).trim());
        } else if (userAgent.indexOf("Firefox") > 0) {
            arrayUserAgent = userAgent.split(" ");
            for (int i = 0; i < arrayUserAgent.length; i++) {
                if (arrayUserAgent[i].contains("Firefox")) {
                    browser.setName( arrayUserAgent[i].trim());
                    browser.setName(browser.getName().substring(0, browser.getName().indexOf('.')));
                }
            }
            browser.setPlatform( (arrayUserAgent[1].substring(1) + " " + arrayUserAgent[2] + " "
                    + arrayUserAgent[3].substring(0, arrayUserAgent[3].length() - 1)).trim());
        }
        return browser;
    }
    public class Browser{
        private  String platform;
        private  String name;
        public String getPlatform() {
            return platform;
        }
        public void setPlatform(String platform) {
            this.platform = platform;
        }
        public String getName() {
            return name;
        }
        public void setName(String browser) {
            this.name = browser;
        }
    }
 }
--- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/realm/jdbc/DefaultJdbcAuthenticationRealm.java
+++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/realm/jdbc/DefaultJdbcAuthenticationRealm.java
@@ -1,87 +0,0 @@
 /*
 * Copyright [2020] [MaxKey of copyright http://www.maxkey.top]
 * 
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 * 
 *     http://www.apache.org/licenses/LICENSE-2.0
 * 
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
 package org.maxkey.authn.realm.jdbc;
 import org.maxkey.authn.realm.AbstractAuthenticationRealm;
 import org.maxkey.constants.ConstantsLoginType;
 import org.maxkey.crypto.password.PasswordReciprocal;
 import org.maxkey.entity.UserInfo;
 import org.maxkey.web.WebContext;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.jdbc.core.JdbcTemplate;
 import org.springframework.security.authentication.BadCredentialsException;
 import org.springframework.security.crypto.password.PasswordEncoder;
 /**
 * same as JdbcAuthenticationRealm.
 * 
 * @author Crystal.Sea
 * 
 */
 public class DefaultJdbcAuthenticationRealm extends AbstractAuthenticationRealm {
    private static Logger _logger = LoggerFactory.getLogger(DefaultJdbcAuthenticationRealm.class);
    protected PasswordEncoder passwordEncoder;
    public DefaultJdbcAuthenticationRealm() {
    }
    public DefaultJdbcAuthenticationRealm(JdbcTemplate jdbcTemplate) {
        this.jdbcTemplate = jdbcTemplate;
    }
    /**
     * passwordMatches.
     */
    public boolean passwordMatches(UserInfo userInfo, String password) {
        boolean passwordMatches = false;
        //jdbc password check
        _logger.trace("password : " 
                + PasswordReciprocal.getInstance().rawPassword(userInfo.getUsername(), password));
        passwordMatches = passwordEncoder.matches(password,userInfo.getPassword());
        //passwordMatches == false and ldapSupport ==true
        //validate password with LDAP
        if(!passwordMatches && ldapSupport) {
        	passwordMatches =this.ldapAuthenticationRealm.passwordMatches(userInfo, password);
        	if(passwordMatches) {
        	    //init password to local Realm
        	    UserInfo changePasswordUser = new UserInfo();
        	    changePasswordUser.setId(userInfo.getId());
        	    changePasswordUser.setUsername(userInfo.getUsername());
        	    changePasswordUser.setPassword(password);
        	    userInfoService.changePassword(changePasswordUser, false);
        	}
        }
        _logger.debug("passwordvalid : " + passwordMatches);
        if (!passwordMatches) {
            passwordPolicyValidator.plusBadPasswordCount(userInfo);
            insertLoginHistory(userInfo, ConstantsLoginType.LOCAL, "", "xe00000004", "password error");
            throw new BadCredentialsException(WebContext.getI18nValue("login.error.password"));
        }
        return passwordMatches;
    }
 }
--- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/realm/jdbc/JdbcAuthenticationRealm.java
+++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/realm/jdbc/JdbcAuthenticationRealm.java
@@ -19,13 +19,17 @@ package org.maxkey.authn.realm.jdbc;
 import org.maxkey.authn.realm.AbstractAuthenticationRealm;
 import org.maxkey.authn.support.rememberme.AbstractRemeberMeService;
 import org.maxkey.constants.ConstantsLoginType;
 import org.maxkey.entity.UserInfo;
 import org.maxkey.persistence.db.LoginHistoryService;
 import org.maxkey.persistence.db.LoginService;
 import org.maxkey.persistence.db.PasswordPolicyValidator;
 import org.maxkey.persistence.service.UserInfoService;
 import org.maxkey.web.WebContext;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.jdbc.core.JdbcTemplate;
 import org.springframework.security.authentication.BadCredentialsException;
 import org.springframework.security.crypto.password.PasswordEncoder;
 /**
@@ -33,9 +37,11 @@ import org.springframework.security.crypto.password.PasswordEncoder;
 * @author Crystal.Sea
 *
 */
-public class JdbcAuthenticationRealm extends DefaultJdbcAuthenticationRealm {
+public class JdbcAuthenticationRealm extends AbstractAuthenticationRealm {
    private static Logger _logger = LoggerFactory.getLogger(JdbcAuthenticationRealm.class);
    protected PasswordEncoder passwordEncoder;
    public JdbcAuthenticationRealm() {
        _logger.debug("init . ");
    }
@@ -86,6 +92,37 @@ public class JdbcAuthenticationRealm extends DefaultJdbcAuthenticationRealm {
        this.ldapSupport = ldapSupport;
    }
-    
+    /**
     * passwordMatches.
     */
    public boolean passwordMatches(UserInfo userInfo, String password) {
        boolean passwordMatches = false;
        //jdbc password check
        //_logger.trace("password : " 
        //        + PasswordReciprocal.getInstance().rawPassword(userInfo.getUsername(), password));
        passwordMatches = passwordEncoder.matches(password,userInfo.getPassword());
        //passwordMatches == false and ldapSupport ==true
        //validate password with LDAP
        if(!passwordMatches && ldapSupport) {
            passwordMatches =this.ldapAuthenticationRealm.passwordMatches(userInfo, password);
            if(passwordMatches) {
                //init password to local Realm
                UserInfo changePasswordUser = new UserInfo();
                changePasswordUser.setId(userInfo.getId());
                changePasswordUser.setUsername(userInfo.getUsername());
                changePasswordUser.setPassword(password);
                userInfoService.changePassword(changePasswordUser, false);
            }
        }
        _logger.debug("passwordvalid : " + passwordMatches);
        if (!passwordMatches) {
            passwordPolicyValidator.plusBadPasswordCount(userInfo);
            insertLoginHistory(userInfo, ConstantsLoginType.LOCAL, "", "xe00000004", "password error");
            throw new BadCredentialsException(WebContext.getI18nValue("login.error.password"));
        }
        return passwordMatches;
    }
 }
--- a/maxkey-core/src/main/java/org/maxkey/autoconfigure/MvcAutoConfiguration.java
+++ b/maxkey-core/src/main/java/org/maxkey/autoconfigure/MvcAutoConfiguration.java
@@ -25,6 +25,9 @@ import javax.servlet.Filter;
 import org.maxkey.constants.ConstantsProperties;
 import org.maxkey.constants.ConstantsTimeInterval;
 import org.maxkey.persistence.db.LoginHistoryService;
 import org.maxkey.persistence.db.LoginService;
 import org.maxkey.web.SessionListenerAdapter;
 import org.maxkey.web.WebXssRequestFilter;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -286,6 +289,17 @@ public class MvcAutoConfiguration implements InitializingBean {
        return registrationBean;
    }
    @Bean(name = "sessionListenerAdapter")
    public SessionListenerAdapter sessionListenerAdapter(
                LoginService loginService,
                LoginHistoryService loginHistoryService
            ) {
        SessionListenerAdapter sessionListenerAdapter =new SessionListenerAdapter();
        sessionListenerAdapter.setLoginService(loginService);
        sessionListenerAdapter.setLoginHistoryService(loginHistoryService);
        return sessionListenerAdapter;
    }
    @Override
    public void afterPropertiesSet() throws Exception {
        // TODO Auto-generated method stub
--- a/maxkey-core/src/main/java/org/maxkey/entity/HistoryLogin.java
+++ b/maxkey-core/src/main/java/org/maxkey/entity/HistoryLogin.java
@@ -76,6 +76,8 @@ public class HistoryLogin  extends JpaBaseEntity  implements Serializable{
 	@Column
 	String logoutTime;
 	int sessionStatus;
 	String startDate;
 	String endDate;
@@ -227,7 +229,15 @@ public class HistoryLogin  extends JpaBaseEntity  implements Serializable{
 		this.endDate = endDate;
 	}
-	@Override
+	public int getSessionStatus() {
        return sessionStatus;
    }
    public void setSessionStatus(int sessionStatus) {
        this.sessionStatus = sessionStatus;
    }
    @Override
    public String toString() {
        StringBuilder builder = new StringBuilder();
        builder.append("HistoryLogin [id=");
--- a/maxkey-core/src/main/java/org/maxkey/entity/UserInfo.java
+++ b/maxkey-core/src/main/java/org/maxkey/entity/UserInfo.java
@@ -1267,10 +1267,6 @@ public class UserInfo extends JpaBaseEntity {
 		builder.append(id);
 		builder.append(", username=");
 		builder.append(username);
 		builder.append(", password=");
 		builder.append(password);
 		builder.append(", decipherable=");
 		builder.append(decipherable);
 		builder.append(", sharedSecret=");
 		builder.append(sharedSecret);
 		builder.append(", sharedCounter=");
--- a/maxkey-core/src/main/java/org/maxkey/persistence/db/LoginHistoryService.java
+++ b/maxkey-core/src/main/java/org/maxkey/persistence/db/LoginHistoryService.java
@@ -19,6 +19,7 @@ package org.maxkey.persistence.db;
 import java.sql.Types;
 import org.maxkey.entity.HistoryLogin;
 import org.maxkey.entity.UserInfo;
 import org.maxkey.web.WebContext;
 import org.slf4j.Logger;
@@ -38,23 +39,54 @@ public class LoginHistoryService {
        this.jdbcTemplate = jdbcTemplate;
    }
    @Deprecated
    public void login(UserInfo userInfo,String sessionId,
            String type, String message, String code, String provider,String browser, String platform,int sessionStatus) {
        jdbcTemplate.update(HISTORY_LOGIN_INSERT_STATEMENT,
                new Object[] { WebContext.genId(), sessionId, userInfo.getId(), userInfo.getUsername(),
                        userInfo.getDisplayName(), type, message, code, provider, userInfo.getLastLoginIp(), browser, platform,
                        "Browser", WebContext.getRequest().getRequestURI() , sessionStatus},
-                new int[] { Types.VARCHAR, Types.VARCHAR, Types.VARCHAR, Types.VARCHAR, Types.VARCHAR, Types.VARCHAR,
+                new int[] { 
-                        Types.VARCHAR, Types.VARCHAR, Types.VARCHAR, Types.VARCHAR, Types.VARCHAR, Types.VARCHAR,
+                        Types.VARCHAR, Types.VARCHAR, Types.VARCHAR, Types.VARCHAR, Types.VARCHAR, 
-                        Types.VARCHAR, Types.VARCHAR ,Types.INTEGER});
+                        Types.VARCHAR, Types.VARCHAR, Types.VARCHAR, Types.VARCHAR, Types.VARCHAR,
                        Types.VARCHAR, Types.VARCHAR, Types.VARCHAR, Types.VARCHAR ,Types.INTEGER
                        });
    }
    public void login(HistoryLogin historyLogin) {
        historyLogin.setId(WebContext.genId());
        historyLogin.setLoginUrl(WebContext.getRequest().getRequestURI());
        _logger.debug(" historyLogin " + historyLogin);
        jdbcTemplate.update(HISTORY_LOGIN_INSERT_STATEMENT,
                new Object[] { 
                        historyLogin.getId(), historyLogin.getSessionId(), historyLogin.getUserId(), historyLogin.getUsername(),
                        historyLogin.getDisplayName(), historyLogin.getLoginType(), historyLogin.getMessage(), historyLogin.getCode(), 
                        historyLogin.getProvider(), historyLogin.getSourceIp(), historyLogin.getBrowser(), historyLogin.getPlatform(),
                        "Browser", historyLogin.getLoginUrl() , historyLogin.getSessionStatus()
                        },
                new int[] { 
                        Types.VARCHAR, Types.VARCHAR, Types.VARCHAR, Types.VARCHAR, Types.VARCHAR, 
                        Types.VARCHAR, Types.VARCHAR, Types.VARCHAR, Types.VARCHAR, Types.VARCHAR,
                        Types.VARCHAR, Types.VARCHAR, Types.VARCHAR, Types.VARCHAR ,Types.INTEGER
                        });
    }
    public void logoff(String lastLogoffTime,String sessionId) {
        _logger.debug(" sessionId " +sessionId +" , lastlogofftime " + lastLogoffTime);
        jdbcTemplate.update(HISTORY_LOGOUT_UPDATE_STATEMENT,
                new Object[] { lastLogoffTime, sessionId },                           
                new int[] { Types.VARCHAR, Types.VARCHAR });
    }
    public void logoff(HistoryLogin historyLogin) {
        _logger.debug(" sessionId " +historyLogin.getSessionId() +" , LogoutTime " + historyLogin.getLogoutTime());
        jdbcTemplate.update(HISTORY_LOGOUT_UPDATE_STATEMENT,
                new Object[] { historyLogin.getLogoutTime(), historyLogin.getSessionId() },                           
                new int[] { Types.VARCHAR, Types.VARCHAR });
    }
 }
--- a/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/interceptor/SessionListenerAdapter.java
+++ b/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/web/interceptor/SessionListenerAdapter.java
@@ -13,7 +13,7 @@
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
-package org.maxkey.web.interceptor;
+package org.maxkey.web;
 import java.util.Date;
@@ -27,7 +27,6 @@ import org.maxkey.entity.UserInfo;
 import org.maxkey.persistence.db.LoginHistoryService;
 import org.maxkey.persistence.db.LoginService;
 import org.maxkey.util.DateUtils;
 import org.maxkey.web.WebConstants;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
--- a/maxkey-core/src/main/java/org/maxkey/web/WebContext.java
+++ b/maxkey-core/src/main/java/org/maxkey/web/WebContext.java
@@ -76,6 +76,8 @@ public final class WebContext {
        sessionAttributeNameList.add(WebConstants.CURRENT_USER_SESSION_ID);
        sessionAttributeNameList.add(WebConstants.FIRST_SAVED_REQUEST_PARAMETER);
        sessionAttributeNameList.add(WebConstants.REMEBER_ME_SESSION);
    }
    /**
@@ -451,7 +453,7 @@ public final class WebContext {
        if (ipAddress == null || ipAddress.length() == 0 || "unknown".equalsIgnoreCase(ipAddress)) {
            ipAddress = request.getRemoteAddr();
        }
-        LogFactory.getLog(WebContext.class).debug(
+        LogFactory.getLog(WebContext.class).trace(
                "getRequestIpAddress() RequestIpAddress:" + ipAddress);
        return ipAddress;
    }
--- a/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyMvcConfig.java
+++ b/maxkey-webs/maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyMvcConfig.java
@@ -26,19 +26,15 @@ import org.maxkey.authn.support.rememberme.AbstractRemeberMeService;
 import org.maxkey.authn.support.rememberme.HttpRemeberMeEntryPoint;
 import org.maxkey.configuration.ApplicationConfig;
 import org.maxkey.constants.ConstantsProperties;
 import org.maxkey.persistence.db.LoginHistoryService;
 import org.maxkey.persistence.db.LoginService;
 import org.maxkey.web.interceptor.HistoryLoginAppAdapter;
 import org.maxkey.web.interceptor.HistoryLogsAdapter;
 import org.maxkey.web.interceptor.PermissionAdapter;
 import org.maxkey.web.interceptor.PreLoginAppAdapter;
 import org.maxkey.web.interceptor.SessionListenerAdapter;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.PropertySource;
 import org.springframework.web.servlet.config.annotation.EnableWebMvc;
@@ -234,16 +230,4 @@ public class MaxKeyMvcConfig implements WebMvcConfigurer {
    }
    @Bean(name = "sessionListenerAdapter")
    public SessionListenerAdapter sessionListenerAdapter(
                LoginService loginService,
                LoginHistoryService loginHistoryService
            ) {
        SessionListenerAdapter sessionListenerAdapter =new SessionListenerAdapter();
        sessionListenerAdapter.setLoginService(loginService);
        sessionListenerAdapter.setLoginHistoryService(loginHistoryService);
        return sessionListenerAdapter;
    }
 }
--- a/maxkey-webs/maxkey-web-maxkey/src/main/resources/application-http.properties
+++ b/maxkey-webs/maxkey-web-maxkey/src/main/resources/application-http.properties
@@ -18,6 +18,8 @@
 #server port
 server.port=8080
 #session default 1800
 #1800s =30m
 #28800s=8h
 server.servlet.session.timeout=1800
 #server context path
 server.servlet.context-path=/maxkey
--- a/maxkey-webs/maxkey-web-maxkey/src/main/resources/application-https.properties
+++ b/maxkey-webs/maxkey-web-maxkey/src/main/resources/application-https.properties
@@ -18,6 +18,8 @@
 #server port
 server.port=443
 #session default 1800
 #1800s =30m
 #28800s=8h
 server.servlet.session.timeout=1800
 #server context path
 server.servlet.context-path=/maxkey