Commit d9f05c058593e24f80d55dc06f4b47dc55621f7b
1 parent
aebf449a
1.fileauth白名单
Showing
4 changed files
with
74 additions
and
68 deletions
src/main/java/com/bsth/common/Constants.java
| ... | ... | @@ -61,4 +61,6 @@ public class Constants { |
| 61 | 61 | public static final String MULTI_REMOVE_CHILDTASK_SCH_FK = "update bsth_c_s_child_task set schedule=NULL where schedule in "; |
| 62 | 62 | |
| 63 | 63 | public static final String WEAK_CIPHER = "weakCipher"; |
| 64 | + | |
| 65 | + public static final String FILE_AUTH = "/.well-known/pki-validation/fileauth.txt"; | |
| 64 | 66 | } | ... | ... |
src/main/java/com/bsth/filter/BaseFilter.java
| 1 | -package com.bsth.filter; | |
| 2 | - | |
| 3 | -import com.bsth.common.Constants; | |
| 4 | -import org.springframework.util.AntPathMatcher; | |
| 5 | -import org.springframework.util.PathMatcher; | |
| 6 | - | |
| 7 | -import javax.servlet.*; | |
| 8 | -import javax.servlet.http.HttpServletRequest; | |
| 9 | -import javax.servlet.http.HttpServletResponse; | |
| 10 | -import java.io.IOException; | |
| 11 | - | |
| 12 | -public abstract class BaseFilter implements Filter { | |
| 13 | - | |
| 14 | - private final PathMatcher pathMatcher = new AntPathMatcher(); | |
| 15 | - | |
| 16 | - /** | |
| 17 | - * 白名单 | |
| 18 | - */ | |
| 19 | - private String[] whiteListURLs = { Constants.LOGIN_PAGE,Constants.CAPTCHA, Constants.SERVICE_INTERFACE, | |
| 20 | - Constants.ASSETS_URL, Constants.FAVICON_URL, Constants.METRONIC_URL, Constants.LOGIN, Constants.LOGIN_FAILURE, Constants.UPSTREAM_URL, Constants.XD_CHILD_PAGES, Constants.XD_REAL_GPS, Constants.UP_RFID_URL, Constants.STATION_AND_SECTION_COUNT, Constants.ACTUATOR_MANAGEMENT_HEALTH, | |
| 21 | - Constants.VEHICLE_DATA_SYNC_URL }; | |
| 22 | - | |
| 23 | - @Override | |
| 24 | - public void destroy() { | |
| 25 | - | |
| 26 | - } | |
| 27 | - | |
| 28 | - @Override | |
| 29 | - public void doFilter(ServletRequest request, ServletResponse response, | |
| 30 | - FilterChain chain) throws IOException, ServletException { | |
| 31 | - | |
| 32 | - HttpServletRequest httpRequest = (HttpServletRequest) request; | |
| 33 | - HttpServletResponse httpResponse = (HttpServletResponse) response; | |
| 34 | - | |
| 35 | - String currentURL = httpRequest.getServletPath(); | |
| 36 | - | |
| 37 | - if (isWhiteURL(currentURL)) { | |
| 38 | - chain.doFilter(request, response); | |
| 39 | - return; | |
| 40 | - } | |
| 41 | - | |
| 42 | - doFilter(httpRequest, httpResponse, chain); | |
| 43 | - return; | |
| 44 | - } | |
| 45 | - | |
| 46 | - public void doFilter(HttpServletRequest request, | |
| 47 | - HttpServletResponse response, FilterChain chain) | |
| 48 | - throws IOException, ServletException { | |
| 49 | - chain.doFilter(request, response); | |
| 50 | - } | |
| 51 | - | |
| 52 | - @Override | |
| 53 | - public void init(FilterConfig arg0) throws ServletException { | |
| 54 | - | |
| 55 | - } | |
| 56 | - | |
| 57 | - private boolean isWhiteURL(String currentURL) { | |
| 58 | - for (String whiteURL : whiteListURLs) { | |
| 59 | - if (pathMatcher.match(whiteURL, currentURL)) { | |
| 60 | - return true; | |
| 61 | - } | |
| 62 | - } | |
| 63 | - return false; | |
| 64 | - } | |
| 65 | -} | |
| 1 | +package com.bsth.filter; | |
| 2 | + | |
| 3 | +import com.bsth.common.Constants; | |
| 4 | +import org.springframework.util.AntPathMatcher; | |
| 5 | +import org.springframework.util.PathMatcher; | |
| 6 | + | |
| 7 | +import javax.servlet.*; | |
| 8 | +import javax.servlet.http.HttpServletRequest; | |
| 9 | +import javax.servlet.http.HttpServletResponse; | |
| 10 | +import java.io.IOException; | |
| 11 | + | |
| 12 | +public abstract class BaseFilter implements Filter { | |
| 13 | + | |
| 14 | + private final PathMatcher pathMatcher = new AntPathMatcher(); | |
| 15 | + | |
| 16 | + /** | |
| 17 | + * 白名单 | |
| 18 | + */ | |
| 19 | + private String[] whiteListURLs = { Constants.LOGIN_PAGE,Constants.CAPTCHA, Constants.SERVICE_INTERFACE, | |
| 20 | + Constants.ASSETS_URL, Constants.FAVICON_URL, Constants.METRONIC_URL, Constants.LOGIN, Constants.LOGIN_FAILURE, | |
| 21 | + Constants.UPSTREAM_URL, Constants.XD_CHILD_PAGES, Constants.XD_REAL_GPS, Constants.UP_RFID_URL, | |
| 22 | + Constants.STATION_AND_SECTION_COUNT, Constants.ACTUATOR_MANAGEMENT_HEALTH, Constants.VEHICLE_DATA_SYNC_URL, | |
| 23 | + Constants.FILE_AUTH}; | |
| 24 | + | |
| 25 | + @Override | |
| 26 | + public void destroy() { | |
| 27 | + | |
| 28 | + } | |
| 29 | + | |
| 30 | + @Override | |
| 31 | + public void doFilter(ServletRequest request, ServletResponse response, | |
| 32 | + FilterChain chain) throws IOException, ServletException { | |
| 33 | + | |
| 34 | + HttpServletRequest httpRequest = (HttpServletRequest) request; | |
| 35 | + HttpServletResponse httpResponse = (HttpServletResponse) response; | |
| 36 | + | |
| 37 | + String currentURL = httpRequest.getServletPath(); | |
| 38 | + | |
| 39 | + if (isWhiteURL(currentURL)) { | |
| 40 | + chain.doFilter(request, response); | |
| 41 | + return; | |
| 42 | + } | |
| 43 | + | |
| 44 | + doFilter(httpRequest, httpResponse, chain); | |
| 45 | + return; | |
| 46 | + } | |
| 47 | + | |
| 48 | + public void doFilter(HttpServletRequest request, | |
| 49 | + HttpServletResponse response, FilterChain chain) | |
| 50 | + throws IOException, ServletException { | |
| 51 | + chain.doFilter(request, response); | |
| 52 | + } | |
| 53 | + | |
| 54 | + @Override | |
| 55 | + public void init(FilterConfig arg0) throws ServletException { | |
| 56 | + | |
| 57 | + } | |
| 58 | + | |
| 59 | + private boolean isWhiteURL(String currentURL) { | |
| 60 | + for (String whiteURL : whiteListURLs) { | |
| 61 | + if (pathMatcher.match(whiteURL, currentURL)) { | |
| 62 | + return true; | |
| 63 | + } | |
| 64 | + } | |
| 65 | + return false; | |
| 66 | + } | |
| 67 | +} | ... | ... |
src/main/java/com/bsth/security/WebSecurityConfig.java
| ... | ... | @@ -42,7 +42,8 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter { |
| 42 | 42 | public void configure(WebSecurity web) throws Exception { |
| 43 | 43 | // 白名单 |
| 44 | 44 | web.ignoring().antMatchers(Constants.LOGIN, Constants.ASSETS_URL, Constants.FAVICON_URL, Constants.CAPTCHA, |
| 45 | - Constants.SERVICE_INTERFACE, Constants.METRONIC_URL, Constants.LOGIN_FAILURE, Constants.UPSTREAM_URL, Constants.XD_CHILD_PAGES, Constants.UP_RFID_URL,Constants.STATION_AND_SECTION_COUNT); | |
| 45 | + Constants.SERVICE_INTERFACE, Constants.METRONIC_URL, Constants.LOGIN_FAILURE, Constants.UPSTREAM_URL, | |
| 46 | + Constants.XD_CHILD_PAGES, Constants.UP_RFID_URL, Constants.STATION_AND_SECTION_COUNT, Constants.FILE_AUTH); | |
| 46 | 47 | } |
| 47 | 48 | |
| 48 | 49 | @Override | ... | ... |
src/main/java/com/bsth/security/filter/LoginInterceptor.java
| ... | ... | @@ -33,8 +33,9 @@ public class LoginInterceptor implements Filter { |
| 33 | 33 | * 相比于 BaseFilter,此处对线调GPS请求进行了拦截验证 |
| 34 | 34 | */ |
| 35 | 35 | private String[] whiteListURLs = { Constants.LOGIN_PAGE,Constants.CAPTCHA, Constants.SERVICE_INTERFACE, |
| 36 | - Constants.ASSETS_URL, Constants.FAVICON_URL, Constants.METRONIC_URL, Constants.LOGIN, Constants.LOGIN_FAILURE, Constants.UPSTREAM_URL, Constants.XD_CHILD_PAGES, Constants.UP_RFID_URL,Constants.STATION_AND_SECTION_COUNT, | |
| 37 | - Constants.VEHICLE_DATA_SYNC_URL }; | |
| 36 | + Constants.ASSETS_URL, Constants.FAVICON_URL, Constants.METRONIC_URL, Constants.LOGIN, | |
| 37 | + Constants.LOGIN_FAILURE, Constants.UPSTREAM_URL, Constants.XD_CHILD_PAGES, Constants.UP_RFID_URL, | |
| 38 | + Constants.STATION_AND_SECTION_COUNT, Constants.VEHICLE_DATA_SYNC_URL, Constants.FILE_AUTH }; | |
| 38 | 39 | |
| 39 | 40 | |
| 40 | 41 | @Override | ... | ... |