1.加入IP白名单限制

王通
1 parent 1b325dff
Showing 7 changed files with 593 additions and 336 deletions
src/main/java/com/bsth/XDApplication.java
src/main/java/com/bsth/common/Setting.java
src/main/java/com/bsth/data/BasicData.java
src/main/java/com/bsth/entity/WhiteIp.java
src/main/java/com/bsth/filter/WhiteIpFilter.java
src/main/java/com/bsth/security/WebSecurityConfig.java
src/main/resources/application-prod.properties
-package com.bsth;
-
-import com.bsth.data.BasicData;
-import com.bsth.data.LineVersionsData;
-import com.bsth.data.ThreadMonotor;
-import com.bsth.data.car_out_info.UpdateDBThread;
-import com.bsth.data.directive.DirectivesPstThread;
-import com.bsth.data.forecast.SampleTimeDataLoader;
-import com.bsth.data.gpsdata_v2.thread.GpsDataLoaderThread;
-import com.bsth.data.gpsdata_v2.thread.OfflineMonitorThread;
-import com.bsth.data.msg_queue.DirectivePushQueue;
-import com.bsth.data.msg_queue.WebSocketPushQueue;
-import com.bsth.data.safe_driv.SafeDrivDataLoadThread;
-import com.bsth.data.schedule.DayOfSchedule;
-import com.bsth.data.schedule.auto_exec.AutoExecScanThread;
-import com.bsth.data.schedule.e_state_check.thread.FixedCheckStationCodeThread;
-import com.bsth.data.schedule.edit_logs.SeiPstThread;
-import com.bsth.data.schedule.late_adjust.ScheduleLateThread;
-import com.bsth.data.schedule.signal.SchSiginUpdateDBThread;
-import com.bsth.data.schedule.thread.CalcOilThread;
-import com.bsth.data.schedule.thread.SchedulePstThread;
-import com.bsth.data.schedule.thread.ScheduleRefreshThread;
-import com.bsth.data.schedule.thread.SubmitToTrafficManage;
-import com.bsth.util.DateUtils;
-import com.bsth.util.Tools;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.boot.CommandLineRunner;
-import org.springframework.stereotype.Component;
-
-import java.util.concurrent.ScheduledExecutorService;
-import java.util.concurrent.TimeUnit;
-
-/**
- * 线调大部分服务都在这里启动
- * Created by panzhao on 2017/5/14.
- */
-@Component
-public class XDApplication implements CommandLineRunner {
-
-    Logger log = LoggerFactory.getLogger(this.getClass());
-
-    @Autowired
-    BasicData.BasicDataLoader basicDataLoader;
-    @Autowired
-    UpdateDBThread fcxxUpdateThread;
-    @Autowired
-    ScheduleRefreshThread scheduleRefreshThread;
-    @Autowired
-    SchedulePstThread schedulePstThread;
-    @Autowired
-    ScheduleLateThread scheduleLateThread;
-    @Autowired
-    SubmitToTrafficManage submitToTrafficManage;
-    @Autowired
-    CalcOilThread calcOilThread;
-    @Autowired
-    DirectivesPstThread directivesPstThread;
-    @Autowired
-    ThreadMonotor threadMonotor;
-    @Autowired
-    SeiPstThread seiPstThread;
-    @Autowired
-    SampleTimeDataLoader sampleTimeDataLoader;
-    @Autowired
-    SchSiginUpdateDBThread schSiginUpdateDBThread;
-    @Autowired
-    AutoExecScanThread autoExecScanThread;
-
-    @Autowired
-    GpsDataLoaderThread gpsDataLoader;
-
-    @Autowired
-    OfflineMonitorThread offlineMonitorThread;
-
-    @Autowired
-    LineVersionsData lineVersionsData;
-
-    /*@Autowired
-    FixedEnableVerionsThread fixedEnableVerionsThread;*/
-
-    @Autowired
-    SafeDrivDataLoadThread safeDrivDataLoadThread;
-
-    @Autowired
-    FixedCheckStationCodeThread fixedCheckStationCodeThread;
-
-    private static long timeDiff;
-    private static long timeDiffTraffic;
-
-    static {
-        // 早上2:20
-        timeDiff = (DateUtils.getTimestamp() + 1000 * 60 * 140) - System.currentTimeMillis();
-        if (timeDiff < 0)
-            timeDiff += (1000 * 60 * 60 * 24);
-        // 早上07:00
-        timeDiffTraffic = (DateUtils.getTimestamp() + 1000 * 60 * 60 * 7) - System.currentTimeMillis();
-        if (timeDiffTraffic < 0)
-            timeDiffTraffic += (1000 * 60 * 60 * 24);
-    }
-
-    @Override
-    public void run(String... strings) throws Exception {
-        try {
-            Tools tools = new Tools("application.properties");
-            String environment = tools.getValue("spring.profiles.active");
-            //预先加载基础的对照数据
-            basicDataLoader.loadAllData();
-            switch (environment){
-                case "dev":
-                    devInit();
-                    break;
-                case "prod":
-                    prodInit();
-                    break;
-            }
-        }catch (Exception e){
-            log.error("线调后台启动出现异常！！", e);
-            System.exit(1);
-        }
-    }
-
-    @Autowired
-    DayOfSchedule dayOfSchedule;
-    public void devInit(){
-        log.info("devInit...");
-        ScheduledExecutorService sexec = Application.mainServices;
-        //抓取GPS数据
-        GpsDataLoaderThread.setFlag(-1);
-        //dayOfSchedule.dataRecovery();
-        //sexec.scheduleWithFixedDelay(gpsDataLoader, 60, 4, TimeUnit.SECONDS);
-        //实际排班更新线程
-        //sexec.scheduleWithFixedDelay(scheduleRefreshThread, 15, 240, TimeUnit.SECONDS);
-        //sexec.scheduleWithFixedDelay(scheduleLateThread, 140, 30, TimeUnit.SECONDS);//检查班次误点
-        //sexec.scheduleWithFixedDelay(autoExecScanThread, 100, 50, TimeUnit.SECONDS);//班次自动执行
-        //WebSocketPushQueue.start();//消息队列 -webSocket ，推送至线调web页面的
-
-        //sexec.scheduleWithFixedDelay(fixedCheckStationCodeThread, 50, 60 * 5, TimeUnit.SECONDS);//检查班次站点编码
-        //实际排班延迟入库线程
-        //sexec.scheduleWithFixedDelay(schedulePstThread, 60, 15, TimeUnit.SECONDS);
-        //班次修正日志延迟入库
-        //sexec.scheduleWithFixedDelay(seiPstThread, 60, 30, TimeUnit.SECONDS);
-        //调度指令延迟入库
-        //sexec.scheduleWithFixedDelay(directivesPstThread, 180, 180, TimeUnit.SECONDS);
-        //线程监听（防止重要的线程阻塞、异常结束。以及部分主备切换工作）
-        //sexec.scheduleWithFixedDelay(threadMonotor, 240, 60, TimeUnit.SECONDS);
-
-        //安全驾驶
-        //sexec.scheduleWithFixedDelay(safeDrivDataLoadThread, 40, 30, TimeUnit.SECONDS);
-
-        //sexec.scheduleWithFixedDelay(fixedEnableVerionsThread, 20, 60 * 2 , TimeUnit.SECONDS);
-    }
-
-    public void prodInit(){
-        log.info("prodInit...");
-        ScheduledExecutorService sexec = Application.mainServices;
-        //安全驾驶
-        //sexec.scheduleWithFixedDelay(safeDrivDataLoadThread, 180, 10, TimeUnit.SECONDS);
-
-        /** 线调业务 */
-        sexec.scheduleWithFixedDelay(scheduleRefreshThread, 10, 120, TimeUnit.SECONDS);//班次更新线程
-        sexec.scheduleWithFixedDelay(scheduleLateThread, 140, 20, TimeUnit.SECONDS);//检查班次误点
-        GpsDataLoaderThread.setFlag(-1);
-        sexec.scheduleWithFixedDelay(gpsDataLoader, 100, 2, TimeUnit.SECONDS);//抓取GPS数据
-        sexec.scheduleWithFixedDelay(fixedCheckStationCodeThread, 60, 60 * 5, TimeUnit.SECONDS);//检查班次站点编码
-
-        sexec.scheduleWithFixedDelay(offlineMonitorThread, 120, 60, TimeUnit.SECONDS);//GPS设备掉离线
-        sexec.scheduleWithFixedDelay(schedulePstThread, 180, 10, TimeUnit.SECONDS);//班次延迟入库线程
-        sexec.scheduleWithFixedDelay(seiPstThread, 180, 60, TimeUnit.SECONDS);//班次修正日志入库
-        sexec.scheduleWithFixedDelay(directivesPstThread, 120, 60, TimeUnit.SECONDS);//调度指令延迟入库
-        //sexec.scheduleWithFixedDelay(threadMonotor, 240, 60, TimeUnit.SECONDS);//线程监听（防止重要的线程阻塞、异常结束。以及部分主备切换工作）
-        sexec.scheduleWithFixedDelay(sampleTimeDataLoader, 140, 120 * 60, TimeUnit.SECONDS);//到离站预测需要的站点间耗时数据
-        sexec.scheduleWithFixedDelay(basicDataLoader, 1, 1, TimeUnit.HOURS);//基础数据更新
-        sexec.scheduleWithFixedDelay(autoExecScanThread, 180, 50, TimeUnit.SECONDS);//班次自动执行
-        DirectivePushQueue.start();//消息队列 -指令，系统下发的
-        WebSocketPushQueue.start();//消息队列 -webSocket ，推送至线调web页面的
-
-        /** 线调为其他程序提供的数据 --写入数据库 */
-        sexec.scheduleWithFixedDelay(fcxxUpdateThread, 160, 30, TimeUnit.SECONDS);//发车信息（发车屏、信息发布）
-        //线路首末班数据（网关用，班次更新时写入）
-        //com.bsth.data.schedule.f_a_l.FirstAndLastHandler
-        sexec.scheduleWithFixedDelay(schSiginUpdateDBThread, 160, 60 * 30, TimeUnit.SECONDS);//无法自动完成的班次信息（网关用，补信号）
-
-        //运管处静态数据提交
-        log.info(timeDiff / 1000 / 60 + "分钟之后提交到运管处");
-        sexec.scheduleAtFixedRate(submitToTrafficManage, timeDiffTraffic / 1000, 60 * 60 * 24, TimeUnit.SECONDS);
-        //计算油、公里加注
-        sexec.scheduleAtFixedRate(calcOilThread, timeDiff / 1000, 60 * 60 * 24, TimeUnit.SECONDS);
-
-        //线路版本更新
-        sexec.scheduleWithFixedDelay(lineVersionsData, 60 * 5, 60 * 15, TimeUnit.SECONDS);
-
-        //线路版本更新
-        //sexec.scheduleWithFixedDelay(fixedEnableVerionsThread, 60 * 4, 60 * 2 , TimeUnit.SECONDS);
-    }
-}
+package com.bsth;
+
+import com.bsth.data.BasicData;
+import com.bsth.data.LineVersionsData;
+import com.bsth.data.ThreadMonotor;
+import com.bsth.data.car_out_info.UpdateDBThread;
+import com.bsth.data.directive.DirectivesPstThread;
+import com.bsth.data.forecast.SampleTimeDataLoader;
+import com.bsth.data.gpsdata_v2.thread.GpsDataLoaderThread;
+import com.bsth.data.gpsdata_v2.thread.OfflineMonitorThread;
+import com.bsth.data.msg_queue.DirectivePushQueue;
+import com.bsth.data.msg_queue.WebSocketPushQueue;
+import com.bsth.data.safe_driv.SafeDrivDataLoadThread;
+import com.bsth.data.schedule.DayOfSchedule;
+import com.bsth.data.schedule.auto_exec.AutoExecScanThread;
+import com.bsth.data.schedule.e_state_check.thread.FixedCheckStationCodeThread;
+import com.bsth.data.schedule.edit_logs.SeiPstThread;
+import com.bsth.data.schedule.late_adjust.ScheduleLateThread;
+import com.bsth.data.schedule.signal.SchSiginUpdateDBThread;
+import com.bsth.data.schedule.thread.CalcOilThread;
+import com.bsth.data.schedule.thread.SchedulePstThread;
+import com.bsth.data.schedule.thread.ScheduleRefreshThread;
+import com.bsth.data.schedule.thread.SubmitToTrafficManage;
+import com.bsth.util.DateUtils;
+import com.bsth.util.Tools;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.CommandLineRunner;
+import org.springframework.stereotype.Component;
+
+import java.util.concurrent.ScheduledExecutorService;
+import java.util.concurrent.TimeUnit;
+
+/**
+ * 线调大部分服务都在这里启动
+ * Created by panzhao on 2017/5/14.
+ */
+@Component
+public class XDApplication implements CommandLineRunner {
+
+    Logger log = LoggerFactory.getLogger(this.getClass());
+
+    @Autowired
+    BasicData.BasicDataLoader basicDataLoader;
+
+    @Autowired
+    BasicData.WhiteIpDataLoader whiteIpDataLoader;
+
+    @Autowired
+    UpdateDBThread fcxxUpdateThread;
+
+    @Autowired
+    ScheduleRefreshThread scheduleRefreshThread;
+
+    @Autowired
+    SchedulePstThread schedulePstThread;
+
+    @Autowired
+    ScheduleLateThread scheduleLateThread;
+
+    @Autowired
+    SubmitToTrafficManage submitToTrafficManage;
+
+    @Autowired
+    CalcOilThread calcOilThread;
+
+    @Autowired
+    DirectivesPstThread directivesPstThread;
+
+    @Autowired
+    ThreadMonotor threadMonotor;
+
+    @Autowired
+    SeiPstThread seiPstThread;
+
+    @Autowired
+    SampleTimeDataLoader sampleTimeDataLoader;
+
+    @Autowired
+    SchSiginUpdateDBThread schSiginUpdateDBThread;
+
+    @Autowired
+    AutoExecScanThread autoExecScanThread;
+
+    @Autowired
+    GpsDataLoaderThread gpsDataLoader;
+
+    @Autowired
+    OfflineMonitorThread offlineMonitorThread;
+
+    @Autowired
+    LineVersionsData lineVersionsData;
+
+    /*@Autowired
+    FixedEnableVerionsThread fixedEnableVerionsThread;*/
+
+    @Autowired
+    SafeDrivDataLoadThread safeDrivDataLoadThread;
+
+    @Autowired
+    FixedCheckStationCodeThread fixedCheckStationCodeThread;
+
+    private static long timeDiff;
+    private static long timeDiffTraffic;
+
+    static {
+        // 早上2:20
+        timeDiff = (DateUtils.getTimestamp() + 1000 * 60 * 140) - System.currentTimeMillis();
+        if (timeDiff < 0)
+            timeDiff += (1000 * 60 * 60 * 24);
+        // 早上07:00
+        timeDiffTraffic = (DateUtils.getTimestamp() + 1000 * 60 * 60 * 7) - System.currentTimeMillis();
+        if (timeDiffTraffic < 0)
+            timeDiffTraffic += (1000 * 60 * 60 * 24);
+    }
+
+    @Override
+    public void run(String... strings) throws Exception {
+        try {
+            Tools tools = new Tools("application.properties");
+            String environment = tools.getValue("spring.profiles.active");
+            //预先加载基础的对照数据
+            basicDataLoader.loadAllData();
+            switch (environment){
+                case "dev":
+                    devInit();
+                    break;
+                case "prod":
+                    prodInit();
+                    break;
+            }
+        }catch (Exception e){
+            log.error("线调后台启动出现异常！！", e);
+            System.exit(1);
+        }
+    }
+
+    @Autowired
+    DayOfSchedule dayOfSchedule;
+    public void devInit(){
+        log.info("devInit...");
+        ScheduledExecutorService sexec = Application.mainServices;
+        //抓取GPS数据
+        GpsDataLoaderThread.setFlag(-1);
+        //dayOfSchedule.dataRecovery();
+        //sexec.scheduleWithFixedDelay(gpsDataLoader, 60, 4, TimeUnit.SECONDS);
+        //实际排班更新线程
+        //sexec.scheduleWithFixedDelay(scheduleRefreshThread, 15, 240, TimeUnit.SECONDS);
+        //sexec.scheduleWithFixedDelay(scheduleLateThread, 140, 30, TimeUnit.SECONDS);//检查班次误点
+        //sexec.scheduleWithFixedDelay(autoExecScanThread, 100, 50, TimeUnit.SECONDS);//班次自动执行
+        //WebSocketPushQueue.start();//消息队列 -webSocket ，推送至线调web页面的
+
+        //sexec.scheduleWithFixedDelay(fixedCheckStationCodeThread, 50, 60 * 5, TimeUnit.SECONDS);//检查班次站点编码
+        //实际排班延迟入库线程
+        //sexec.scheduleWithFixedDelay(schedulePstThread, 60, 15, TimeUnit.SECONDS);
+        //班次修正日志延迟入库
+        //sexec.scheduleWithFixedDelay(seiPstThread, 60, 30, TimeUnit.SECONDS);
+        //调度指令延迟入库
+        //sexec.scheduleWithFixedDelay(directivesPstThread, 180, 180, TimeUnit.SECONDS);
+        //线程监听（防止重要的线程阻塞、异常结束。以及部分主备切换工作）
+        //sexec.scheduleWithFixedDelay(threadMonotor, 240, 60, TimeUnit.SECONDS);
+
+        //安全驾驶
+        //sexec.scheduleWithFixedDelay(safeDrivDataLoadThread, 40, 30, TimeUnit.SECONDS);
+
+        //sexec.scheduleWithFixedDelay(fixedEnableVerionsThread, 20, 60 * 2 , TimeUnit.SECONDS);
+    }
+
+    public void prodInit(){
+        log.info("prodInit...");
+        ScheduledExecutorService sexec = Application.mainServices;
+        //安全驾驶
+        //sexec.scheduleWithFixedDelay(safeDrivDataLoadThread, 180, 10, TimeUnit.SECONDS);
+
+        /** 线调业务 */
+        sexec.scheduleWithFixedDelay(scheduleRefreshThread, 10, 120, TimeUnit.SECONDS);//班次更新线程
+        sexec.scheduleWithFixedDelay(scheduleLateThread, 140, 20, TimeUnit.SECONDS);//检查班次误点
+        GpsDataLoaderThread.setFlag(-1);
+        sexec.scheduleWithFixedDelay(gpsDataLoader, 100, 2, TimeUnit.SECONDS);//抓取GPS数据
+        sexec.scheduleWithFixedDelay(fixedCheckStationCodeThread, 60, 60 * 5, TimeUnit.SECONDS);//检查班次站点编码
+
+        sexec.scheduleWithFixedDelay(offlineMonitorThread, 120, 60, TimeUnit.SECONDS);//GPS设备掉离线
+        sexec.scheduleWithFixedDelay(schedulePstThread, 180, 10, TimeUnit.SECONDS);//班次延迟入库线程
+        sexec.scheduleWithFixedDelay(seiPstThread, 180, 60, TimeUnit.SECONDS);//班次修正日志入库
+        sexec.scheduleWithFixedDelay(directivesPstThread, 120, 60, TimeUnit.SECONDS);//调度指令延迟入库
+        //sexec.scheduleWithFixedDelay(threadMonotor, 240, 60, TimeUnit.SECONDS);//线程监听（防止重要的线程阻塞、异常结束。以及部分主备切换工作）
+        sexec.scheduleWithFixedDelay(sampleTimeDataLoader, 140, 120 * 60, TimeUnit.SECONDS);//到离站预测需要的站点间耗时数据
+        sexec.scheduleWithFixedDelay(basicDataLoader, 1, 1, TimeUnit.HOURS);//基础数据更新
+        sexec.scheduleWithFixedDelay(whiteIpDataLoader, 0, 1, TimeUnit.MINUTES);//IP白名单数据更新
+        sexec.scheduleWithFixedDelay(autoExecScanThread, 180, 50, TimeUnit.SECONDS);//班次自动执行
+        DirectivePushQueue.start();//消息队列 -指令，系统下发的
+        WebSocketPushQueue.start();//消息队列 -webSocket ，推送至线调web页面的
+
+        /** 线调为其他程序提供的数据 --写入数据库 */
+        sexec.scheduleWithFixedDelay(fcxxUpdateThread, 160, 30, TimeUnit.SECONDS);//发车信息（发车屏、信息发布）
+        //线路首末班数据（网关用，班次更新时写入）
+        //com.bsth.data.schedule.f_a_l.FirstAndLastHandler
+        sexec.scheduleWithFixedDelay(schSiginUpdateDBThread, 160, 60 * 30, TimeUnit.SECONDS);//无法自动完成的班次信息（网关用，补信号）
+
+        //运管处静态数据提交
+        log.info(timeDiff / 1000 / 60 + "分钟之后提交到运管处");
+        sexec.scheduleAtFixedRate(submitToTrafficManage, timeDiffTraffic / 1000, 60 * 60 * 24, TimeUnit.SECONDS);
+        //计算油、公里加注
+        sexec.scheduleAtFixedRate(calcOilThread, timeDiff / 1000, 60 * 60 * 24, TimeUnit.SECONDS);
+
+        //线路版本更新
+        sexec.scheduleWithFixedDelay(lineVersionsData, 60 * 5, 60 * 15, TimeUnit.SECONDS);
+
+        //线路版本更新
+        //sexec.scheduleWithFixedDelay(fixedEnableVerionsThread, 60 * 4, 60 * 2 , TimeUnit.SECONDS);
+    }
+}
+package com.bsth.common;
+
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.stereotype.Component;
+
+@Component
+public class Setting {
+
+    @Value("${enabled.whiteip}")
+    private boolean whiteipEnabled;
+
+    public boolean isWhiteipEnabled() {
+        return whiteipEnabled;
+    }
+
+    public void setWhiteipEnabled(boolean whiteipEnabled) {
+        this.whiteipEnabled = whiteipEnabled;
+    }
+}
 \ No newline at end of file
@@ -12,6 +12,8 @@ import org.apache.commons.lang3.StringUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.jdbc.core.BeanPropertyRowMapper;
+import org.springframework.jdbc.core.JdbcTemplate;
 import org.springframework.stereotype.Component;
  
 import java.util.*;
@@ -77,6 +79,8 @@ public class BasicData {
     //站点名和运管处编号 对照
     public static Map<String, Integer> stationName2YgcNumber;
  
+    public static List<WhiteIp> whiteIpList;
+
     private static Map<String, SystemParam> key2param = new HashMap<>();
  
     static Logger logger = LoggerFactory.getLogger(BasicData.class);
@@ -391,6 +395,41 @@ public class BasicData {
         }
     }
  
+    @Component
+    public static class WhiteIpDataLoader extends Thread {
+        @Autowired
+        JdbcTemplate jdbcTemplate;
+
+        @Override
+        public void run() {
+            // IP白名单
+            loadData();
+        }
+
+        /**
+         * @Title: loadAllData
+         * @Description: TODO(加载所有数据)
+         */
+        public int loadData() {
+            try {
+                logger.info("开始加载IP白名单数据..，");
+                loadWhiteIp();
+                logger.info("加载IP白名单数据成功！，");
+            } catch (Exception e) {
+                logger.error("加载IP白名单数据时出现异常，", e);
+            }
+            return 0;
+        }
+
+        /**
+         * 加载IP白名单
+         */
+        public void loadWhiteIp() {
+            List<WhiteIp> result = jdbcTemplate.query("select * from control_interface.bsth_c_white_ip where valid_date > now()", BeanPropertyRowMapper.newInstance(WhiteIp.class));
+            whiteIpList = result;
+        }
+    }
+
     public static Map<String, SystemParam> getSystemParam() {
         return key2param;
     }
+package com.bsth.entity;
+
+import com.fasterxml.jackson.annotation.JsonIgnore;
+
+import java.util.Date;
+
+
+/**
+ * @author Hill
+ */
+public class WhiteIp {
+
+    @JsonIgnore
+    private Integer id;
+
+    private String ip;
+
+    private String commitCompany;
+
+    private String commitBcompany;
+
+    @JsonIgnore
+    private String commitName;
+
+    private Date validDate;
+
+    @JsonIgnore
+    private String hash;
+
+    @JsonIgnore
+    private Date createDate;
+
+    @JsonIgnore
+    private Date updateDate;
+
+    public Integer getId() {
+        return id;
+    }
+
+    public void setId(Integer id) {
+        this.id = id;
+    }
+
+    public String getIp() {
+        return ip;
+    }
+
+    public void setIp(String ip) {
+        this.ip = ip;
+    }
+
+    public String getCommitCompany() {
+        return commitCompany;
+    }
+
+    public void setCommitCompany(String commitCompany) {
+        this.commitCompany = commitCompany;
+    }
+
+    public String getCommitBcompany() {
+        return commitBcompany;
+    }
+
+    public void setCommitBcompany(String commitBcompany) {
+        this.commitBcompany = commitBcompany;
+    }
+
+    public String getCommitName() {
+        return commitName;
+    }
+
+    public void setCommitName(String commitName) {
+        this.commitName = commitName;
+    }
+
+    public Date getValidDate() {
+        return validDate;
+    }
+
+    public void setValidDate(Date validDate) {
+        this.validDate = validDate;
+    }
+
+    public String getHash() {
+        return hash;
+    }
+
+    public void setHash(String hash) {
+        this.hash = hash;
+    }
+
+    public Date getCreateDate() {
+        return createDate;
+    }
+
+    public void setCreateDate(Date createDate) {
+        this.createDate = createDate;
+    }
+
+    public Date getUpdateDate() {
+        return updateDate;
+    }
+
+    public void setUpdateDate(Date updateDate) {
+        this.updateDate = updateDate;
+    }
+}
 \ No newline at end of file
+package com.bsth.filter;
+
+import com.bsth.common.Setting;
+import com.bsth.data.BasicData;
+import com.bsth.entity.WhiteIp;
+import com.bsth.util.IpUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.stereotype.Component;
+
+import javax.servlet.*;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.util.List;
+
+/**
+ * IP白名单过滤器
+ * @author Hill
+ */
+//@Component
+public class WhiteIpFilter implements Filter {
+
+    Logger logger = LoggerFactory.getLogger(this.getClass());
+
+    private Setting setting;
+
+    public Setting getSetting() {
+        return setting;
+    }
+
+    public void setSetting(Setting setting) {
+        this.setting = setting;
+    }
+
+    @Override
+    public void init(FilterConfig filterConfig) throws ServletException {
+
+    }
+
+    @Override
+    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
+        HttpServletRequest req = (HttpServletRequest)request;
+        HttpServletResponse res = (HttpServletResponse)response;
+
+        String ip = IpUtils.getIpAddr(req);
+        boolean isMatch = false;
+        List<WhiteIp> whiteIps = BasicData.whiteIpList;
+        if (whiteIps != null) {
+            for (WhiteIp whiteIp : whiteIps) {
+                if (ip.equals(whiteIp.getIp())) {
+                    isMatch = true;
+                    break;
+                }
+            }
+        }
+        if (isMatch || !setting.isWhiteipEnabled()) {
+            chain.doFilter(request, response);
+        } else {
+            logger.info(ip + "未在白名单中，不予访问");
+            res.setStatus(404);
+            return;
+        }
+    }
+
+    @Override
+    public void destroy() {
+
+    }
+}
 \ No newline at end of file
-package com.bsth.security;
-
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.boot.context.embedded.ServletListenerRegistrationBean;
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
-import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.builders.WebSecurity;
-import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
-import org.springframework.security.core.session.SessionRegistry;
-import org.springframework.security.core.session.SessionRegistryImpl;
-import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
-import org.springframework.security.web.access.intercept.FilterSecurityInterceptor;
-import org.springframework.security.web.session.HttpSessionEventPublisher;
-
-import com.bsth.common.Constants;
-import com.bsth.security.filter.LoginInterceptor;
-
-@Configuration
-@EnableWebSecurity
-public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
-
-    @Autowired
-    UserDetailServiceImpl customUserDetailService;
-
-    @Autowired
-    CustomAccessDecisionManager customAccessDecisionManager;
-
-    @Autowired
-    SecurityMetadataSourceService securityMetadataSourceService;
-
-
-    @Override
-    public void configure(WebSecurity web) throws Exception {
-        // 白名单
-        web.ignoring().antMatchers(Constants.LOGIN_PAGE, Constants.LOGIN, Constants.ASSETS_URL, Constants.FAVICON_URL, Constants.CAPTCHA,
-                Constants.SERVICE_INTERFACE, Constants.METRONIC_URL, Constants.LOGIN_FAILURE, Constants.UPSTREAM_URL, Constants.XD_CHILD_PAGES, Constants.UP_RFID_URL,Constants.STATION_AND_SECTION_COUNT);
-    }
-
-    @Override
-    protected void configure(AuthenticationManagerBuilder auth)
-            throws Exception {
-        auth.userDetailsService(customUserDetailService).passwordEncoder(
-                new BCryptPasswordEncoder(4));
-    }
-
-    @Override
-    protected void configure(HttpSecurity http) throws Exception {
-        http.authorizeRequests().antMatchers("/").permitAll().anyRequest()
-                .authenticated().and()
-                .formLogin()
-                //指定登录页
-                .loginPage(Constants.LOGIN_PAGE)
-                .loginProcessingUrl(Constants.LOGIN).permitAll()
-                .and().logout()
-                //禁用CXRF
-                .and().csrf().disable()
-                //禁用匿名用户功能
-                .anonymous().disable()
-                //允许 iframe
-                .headers().frameOptions().disable();
-
-        // 同时只保持一个回话
-        http.sessionManagement().maximumSessions(1)
-                .expiredUrl(Constants.LOGIN_PAGE + "?error=true")
-                .maxSessionsPreventsLogin(false)//让之前的登录过期
-                .sessionRegistry(sessionRegistry());
-
-        http.addFilterBefore(new LoginInterceptor(), FilterSecurityInterceptor.class);
-        http.addFilter(filterSecurityInterceptor());
-    }
-
-    private FilterSecurityInterceptor filterSecurityInterceptor()
-            throws Exception {
-        FilterSecurityInterceptor filterSecurityInterceptor = new FilterSecurityInterceptor();
-        filterSecurityInterceptor
-                .setAccessDecisionManager(customAccessDecisionManager);
-        filterSecurityInterceptor
-                .setSecurityMetadataSource(securityMetadataSourceService);
-        filterSecurityInterceptor
-                .setAuthenticationManager(authenticationManager());
-        return filterSecurityInterceptor;
-    }
-
-/*	@Bean
-	public LoginSuccessHandler loginSuccessHandler(){
-		return new LoginSuccessHandler();
-	}*/
-	
-/*	@Bean
-	public LogoutHandler logoutHandler(){
-		return new CustomLogoutHandler();
-	}*/
-
-    @Bean
-    public SessionRegistry sessionRegistry() {
-        SessionRegistry sessionRegistry = new SessionRegistryImpl();
-        return sessionRegistry;
-    }
-
-    @Bean
-    public static ServletListenerRegistrationBean<HttpSessionEventPublisher> httpSessionEventPublisher() {
-        return new ServletListenerRegistrationBean<HttpSessionEventPublisher>(
-                new HttpSessionEventPublisher());
-    }
-}
+package com.bsth.security;
+
+import com.bsth.common.Setting;
+import com.bsth.filter.WhiteIpFilter;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.boot.context.embedded.ServletListenerRegistrationBean;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.builders.WebSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.core.session.SessionRegistry;
+import org.springframework.security.core.session.SessionRegistryImpl;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.web.access.intercept.FilterSecurityInterceptor;
+import org.springframework.security.web.firewall.DefaultHttpFirewall;
+import org.springframework.security.web.firewall.HttpFirewall;
+import org.springframework.security.web.session.HttpSessionEventPublisher;
+
+import com.bsth.common.Constants;
+import com.bsth.security.filter.LoginInterceptor;
+
+@Configuration
+@EnableWebSecurity
+public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
+
+    @Autowired
+    UserDetailServiceImpl customUserDetailService;
+
+    @Autowired
+    CustomAccessDecisionManager customAccessDecisionManager;
+
+    @Autowired
+    SecurityMetadataSourceService securityMetadataSourceService;
+
+    @Autowired
+    private Setting setting;
+
+    @Override
+    public void configure(WebSecurity web) throws Exception {
+        // 白名单
+        web.ignoring().antMatchers(Constants.LOGIN, Constants.ASSETS_URL, Constants.FAVICON_URL, Constants.CAPTCHA,
+                Constants.SERVICE_INTERFACE, Constants.METRONIC_URL, Constants.LOGIN_FAILURE, Constants.UPSTREAM_URL,
+                Constants.XD_CHILD_PAGES, Constants.UP_RFID_URL, Constants.STATION_AND_SECTION_COUNT);
+    }
+
+    @Override
+    protected void configure(AuthenticationManagerBuilder auth)
+            throws Exception {
+        auth.userDetailsService(customUserDetailService).passwordEncoder(
+                new BCryptPasswordEncoder(4));
+    }
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        http.authorizeRequests().antMatchers("/").permitAll().anyRequest()
+                .authenticated().and()
+                .formLogin()
+                //指定登录页
+                .loginPage(Constants.LOGIN_PAGE)
+                .loginProcessingUrl(Constants.LOGIN).permitAll()
+                .and().logout().logoutSuccessUrl(Constants.LOGIN_PAGE)
+                //禁用CXRF
+                .and().csrf().disable()
+                //禁用匿名用户功能
+                .anonymous().disable()
+                //允许 iframe
+                .headers().frameOptions().disable();
+
+        // 同时只保持一个回话 maxSessionsPreventsLogin(false)让之前的登录过期
+        http.sessionManagement().maximumSessions(1)
+                .expiredUrl(Constants.LOGIN_PAGE + "?error=true")
+                .maxSessionsPreventsLogin(false)
+                .sessionRegistry(sessionRegistry());
+
+        WhiteIpFilter whiteIpFilter = new WhiteIpFilter();
+        whiteIpFilter.setSetting(setting);
+        http.addFilterBefore(whiteIpFilter, FilterSecurityInterceptor.class);
+        http.addFilterBefore(new LoginInterceptor(), FilterSecurityInterceptor.class);
+        http.addFilter(filterSecurityInterceptor());
+    }
+
+    private FilterSecurityInterceptor filterSecurityInterceptor()
+            throws Exception {
+        FilterSecurityInterceptor filterSecurityInterceptor = new FilterSecurityInterceptor();
+        filterSecurityInterceptor
+                .setAccessDecisionManager(customAccessDecisionManager);
+        filterSecurityInterceptor
+                .setSecurityMetadataSource(securityMetadataSourceService);
+        filterSecurityInterceptor
+                .setAuthenticationManager(authenticationManager());
+        return filterSecurityInterceptor;
+    }
+
+    @Bean
+    public SessionRegistry sessionRegistry() {
+        SessionRegistry sessionRegistry = new SessionRegistryImpl();
+        return sessionRegistry;
+    }
+
+    @Bean
+    public static ServletListenerRegistrationBean<HttpSessionEventPublisher> httpSessionEventPublisher() {
+        return new ServletListenerRegistrationBean<HttpSessionEventPublisher>(
+                new HttpSessionEventPublisher());
+    }
+
+    @Bean
+    public HttpFirewall httpFirewall() {
+        return new DefaultHttpFirewall();
+    }
+}
-server.port=9088
-management.port= 9001
-management.address= 127.0.0.1
-
-dubbo.use=true
-
-spring.jpa.hibernate.ddl-auto= none
-spring.jpa.hibernate.naming_strategy= org.hibernate.cfg.ImprovedNamingStrategy
-#DATABASE
-spring.jpa.database= MYSQL
-spring.jpa.show-sql= true
-spring.datasource.driver-class-name= com.mysql.jdbc.Driver
-spring.datasource.url= jdbc:mysql://192.168.40.100:3306/qp_control?useUnicode=true&characterEncoding=utf-8&useSSL=false
-spring.datasource.username= root
-spring.datasource.password= root@JSP2jsp
-#DATASOURCE
-spring.datasource.max-active=100
-spring.datasource.max-idle=8
-spring.datasource.min-idle=8
-spring.datasource.initial-size=5
-
-spring.datasource.test-on-borrow=true
-spring.datasource.test-on-connect=true
-spring.datasource.test-on-return=true
-spring.datasource.test-while-idle=true
-spring.datasource.validation-query=select 1
-
-## gateway real data
-http.gps.real.url= http://192.168.40.82:8080/transport_server/rtgps/
-## gateway send directive
-http.send.directive = http://192.168.40.82:8080/transport_server/message/
+server.port=9088
+management.port= 9001
+management.address= 127.0.0.1
+
+dubbo.use= false
+
+spring.jpa.hibernate.ddl-auto= none
+spring.jpa.hibernate.naming_strategy= org.hibernate.cfg.ImprovedNamingStrategy
+#DATABASE
+spring.jpa.database= MYSQL
+spring.jpa.show-sql= true
+spring.datasource.driver-class-name= com.mysql.jdbc.Driver
+spring.datasource.url= jdbc:mysql://192.168.40.100:3306/qp_control?useUnicode=true&characterEncoding=utf-8&useSSL=false
+spring.datasource.username= root
+spring.datasource.password= root@JSP2jsp
+#DATASOURCE
+spring.datasource.max-active=100
+spring.datasource.max-idle=8
+spring.datasource.min-idle=8
+spring.datasource.initial-size=5
+
+spring.datasource.test-on-borrow=true
+spring.datasource.test-on-connect=true
+spring.datasource.test-on-return=true
+spring.datasource.test-while-idle=true
+spring.datasource.validation-query=select 1
+
+## gateway real data
+http.gps.real.url= http://192.168.40.82:8080/transport_server/rtgps/
+## gateway send directive
+http.send.directive = http://192.168.40.82:8080/transport_server/message/