Skip to content

L
lcj-btp-java-app
Commit 49a370ea authored by guozhipeng's avatar guozhipeng
Browse files
Options

鉴权

parent d0d0e2ab
Show whitespace changes
Inline Side-by-side
Showing with 33 additions and 14 deletions
mta.yaml
View file @ 49a370ea
......@@ -119,5 +119,5 @@ resources:
service-plan: application
path: ./xs-security.json
config:
xsappname: lianchuangjie-test-${org}-${space}
xsappname: lianchuangjie-test
tenant-mode: dedicated
srv/src/main/java/customer/lianchuangjie/common/filter/OperateAuthFilter.java
View file @ 49a370ea
......@@ -63,7 +63,7 @@ public class OperateAuthFilter implements Filter {
String ip = request.getRemoteAddr();
log.info("requestIP:{}, requestURI:{}, method:{}, appKey:{}", ip, uri, request.getMethod(), appKey);
// IP白名单
if (ipWhitelist) {
/*if (ipWhitelist) {
String language = request.getHeader("language");
if (ipWhitelistMap.isEmpty()) {
response.setCharacterEncoding(StandardCharsets.UTF_8.name());
......@@ -87,7 +87,7 @@ public class OperateAuthFilter implements Filter {
return;
}
}
}
}*/
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
if (authentication != null && authentication.isAuthenticated()) {
......@@ -199,19 +199,19 @@ public class OperateAuthFilter implements Filter {
}
log.info("requestIP:{}, requestURI:{}, method:{}, appKey:{}", ip, uri, request.getMethod(), appKey);*/
// 日志文件认证
if (uri.startsWith("/logs/")) {
/*if (uri.startsWith("/logs/")) {
if (StringUtils.isBlank(tokenForLogs)) {
throw new BtpException("init error!");
}
if (!tokenForLogs.equals(request.getParameter("appKey"))) {
return;
}
}
}*/
// 白名单认证
if (isAllowList(request, response)) {
/*if (isAllowList(request, response)) {
filterChain.doFilter(request, servletResponse);
return;// 跳过后面的认证
}
}*/
// OData接口仅允许本机访问
// if (Pattern.matches("(.*/odata/v4/.*)", uri)) {
// if ("127.0.0.1".equals(ip) || "0:0:0:0:0:0:0:1".equals(ip)) {// 本机访问
......@@ -222,22 +222,22 @@ public class OperateAuthFilter implements Filter {
// }
// }
// 禁止非POST/GET方式访问
if (!request.getMethod().equals("POST") && !request.getMethod().equals("GET")) {
/* if (!request.getMethod().equals("POST") && !request.getMethod().equals("GET")) {
return;
}
/*if (request.getMethod().equals("GET") && ("/index.html".equals(uri))) {// "/index.html"跳转到"/"
}*/
// "/"是OData默认首页 禁止访问OData默认首页
if (request.getMethod().equals("GET") && ("/index.html".equals(uri))) {// "/index.html"跳转到"/main/webapp/index.html"
response.setHeader("Cache-Control", "no-cache, no-store, must-revalidate");
response.setHeader("Pragma", "no-cache");
response.setHeader("Expires", "0");
response.sendRedirect("/");//重定向
response.sendRedirect("/main/webapp/index.html");//重定向
return;
}*/
}
/*if (request.getMethod().equals("GET") && ("/".equals(uri))) {// "/"是OData默认首页 禁止访问OData默认首页
response.setHeader("Cache-Control", "no-cache, no-store, must-revalidate");
response.setHeader("Pragma", "no-cache");
response.setHeader("Expires", "0");
//request.getServletContext().getRequestDispatcher("/index.html").forward(request, response);//重定向
request.getServletContext().getRequestDispatcher("/app/webapp/index.html").forward(request, response);//重定向
request.getServletContext().getRequestDispatcher("/main/webapp/index.html").forward(request, response);//重定向
return;
}*/
boolean allowUri = Pattern.matches("(.*/login/.*|.*/odata/v4/.*)", uri);
......
srv/src/main/resources/application.yaml
View file @ 49a370ea
---
server:
port: 8080
spring:
......@@ -56,6 +57,24 @@ cds:
firstName: Sabine
lastName: Autumnpike
email: Sabine.Autumnpike@mail.com
---
management:
endpoint:
health:
show-components: always
probes:
enabled: true
endpoints:
web:
exposure:
include: health
health:
defaults:
enabled: false
ping:
enabled: true
db:
enabled: true
logging:
level:
customer.lianchuangjie: debug
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment