Skip to content

L
lcj-btp-java-app
Commit 49a370ea authored by guozhipeng's avatar guozhipeng
Browse files
Options

鉴权

parent d0d0e2ab
Show whitespace changes
Inline Side-by-side
Showing with 33 additions and 14 deletions
mta.yaml
View file @ 49a370ea
...@@ -119,5 +119,5 @@ resources: ...@@ -119,5 +119,5 @@ resources:
service-plan: application service-plan: application
path: ./xs-security.json path: ./xs-security.json
config: config:
xsappname: lianchuangjie-test-${org}-${space} xsappname: lianchuangjie-test
tenant-mode: dedicated tenant-mode: dedicated
srv/src/main/java/customer/lianchuangjie/common/filter/OperateAuthFilter.java
View file @ 49a370ea
...@@ -63,7 +63,7 @@ public class OperateAuthFilter implements Filter { ...@@ -63,7 +63,7 @@ public class OperateAuthFilter implements Filter {
String ip = request.getRemoteAddr(); String ip = request.getRemoteAddr();
log.info("requestIP:{}, requestURI:{}, method:{}, appKey:{}", ip, uri, request.getMethod(), appKey); log.info("requestIP:{}, requestURI:{}, method:{}, appKey:{}", ip, uri, request.getMethod(), appKey);
// IP白名单 // IP白名单
if (ipWhitelist) { /*if (ipWhitelist) {
String language = request.getHeader("language"); String language = request.getHeader("language");
if (ipWhitelistMap.isEmpty()) { if (ipWhitelistMap.isEmpty()) {
response.setCharacterEncoding(StandardCharsets.UTF_8.name()); response.setCharacterEncoding(StandardCharsets.UTF_8.name());
...@@ -87,7 +87,7 @@ public class OperateAuthFilter implements Filter { ...@@ -87,7 +87,7 @@ public class OperateAuthFilter implements Filter {
return; return;
} }
} }
} }*/
Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
if (authentication != null && authentication.isAuthenticated()) { if (authentication != null && authentication.isAuthenticated()) {
...@@ -199,19 +199,19 @@ public class OperateAuthFilter implements Filter { ...@@ -199,19 +199,19 @@ public class OperateAuthFilter implements Filter {
} }
log.info("requestIP:{}, requestURI:{}, method:{}, appKey:{}", ip, uri, request.getMethod(), appKey);*/ log.info("requestIP:{}, requestURI:{}, method:{}, appKey:{}", ip, uri, request.getMethod(), appKey);*/
// 日志文件认证 // 日志文件认证
if (uri.startsWith("/logs/")) { /*if (uri.startsWith("/logs/")) {
if (StringUtils.isBlank(tokenForLogs)) { if (StringUtils.isBlank(tokenForLogs)) {
throw new BtpException("init error!"); throw new BtpException("init error!");
} }
if (!tokenForLogs.equals(request.getParameter("appKey"))) { if (!tokenForLogs.equals(request.getParameter("appKey"))) {
return; return;
} }
} }*/
// 白名单认证 // 白名单认证
if (isAllowList(request, response)) { /*if (isAllowList(request, response)) {
filterChain.doFilter(request, servletResponse); filterChain.doFilter(request, servletResponse);
return;// 跳过后面的认证 return;// 跳过后面的认证
} }*/
// OData接口仅允许本机访问 // OData接口仅允许本机访问
// if (Pattern.matches("(.*/odata/v4/.*)", uri)) { // if (Pattern.matches("(.*/odata/v4/.*)", uri)) {
// if ("127.0.0.1".equals(ip) || "0:0:0:0:0:0:0:1".equals(ip)) {// 本机访问 // if ("127.0.0.1".equals(ip) || "0:0:0:0:0:0:0:1".equals(ip)) {// 本机访问
...@@ -222,22 +222,22 @@ public class OperateAuthFilter implements Filter { ...@@ -222,22 +222,22 @@ public class OperateAuthFilter implements Filter {
// } // }
// } // }
// 禁止非POST/GET方式访问 // 禁止非POST/GET方式访问
if (!request.getMethod().equals("POST") && !request.getMethod().equals("GET")) { /* if (!request.getMethod().equals("POST") && !request.getMethod().equals("GET")) {
return; return;
} }*/
/*if (request.getMethod().equals("GET") && ("/index.html".equals(uri))) {// "/index.html"跳转到"/" // "/"是OData默认首页 禁止访问OData默认首页
if (request.getMethod().equals("GET") && ("/index.html".equals(uri))) {// "/index.html"跳转到"/main/webapp/index.html"
response.setHeader("Cache-Control", "no-cache, no-store, must-revalidate"); response.setHeader("Cache-Control", "no-cache, no-store, must-revalidate");
response.setHeader("Pragma", "no-cache"); response.setHeader("Pragma", "no-cache");
response.setHeader("Expires", "0"); response.setHeader("Expires", "0");
response.sendRedirect("/");//重定向 response.sendRedirect("/main/webapp/index.html");//重定向
return; return;
}*/ }
/*if (request.getMethod().equals("GET") && ("/".equals(uri))) {// "/"是OData默认首页 禁止访问OData默认首页 /*if (request.getMethod().equals("GET") && ("/".equals(uri))) {// "/"是OData默认首页 禁止访问OData默认首页
response.setHeader("Cache-Control", "no-cache, no-store, must-revalidate"); response.setHeader("Cache-Control", "no-cache, no-store, must-revalidate");
response.setHeader("Pragma", "no-cache"); response.setHeader("Pragma", "no-cache");
response.setHeader("Expires", "0"); response.setHeader("Expires", "0");
//request.getServletContext().getRequestDispatcher("/index.html").forward(request, response);//重定向 request.getServletContext().getRequestDispatcher("/main/webapp/index.html").forward(request, response);//重定向
request.getServletContext().getRequestDispatcher("/app/webapp/index.html").forward(request, response);//重定向
return; return;
}*/ }*/
boolean allowUri = Pattern.matches("(.*/login/.*|.*/odata/v4/.*)", uri); boolean allowUri = Pattern.matches("(.*/login/.*|.*/odata/v4/.*)", uri);
......
srv/src/main/resources/application.yaml
View file @ 49a370ea
---
server: server:
port: 8080 port: 8080
spring: spring:
...@@ -56,6 +57,24 @@ cds: ...@@ -56,6 +57,24 @@ cds:
firstName: Sabine firstName: Sabine
lastName: Autumnpike lastName: Autumnpike
email: Sabine.Autumnpike@mail.com email: Sabine.Autumnpike@mail.com
---
management:
endpoint:
health:
show-components: always
probes:
enabled: true
endpoints:
web:
exposure:
include: health
health:
defaults:
enabled: false
ping:
enabled: true
db:
enabled: true
logging: logging:
level: level:
customer.lianchuangjie: debug customer.lianchuangjie: debug
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment