diff --git a/modules/core/src/main/java/com/jeesite/common/shiro/realm/AuthorizingRealm.java b/modules/core/src/main/java/com/jeesite/common/shiro/realm/AuthorizingRealm.java index 4ecef0a6..5b845f75 100644 --- a/modules/core/src/main/java/com/jeesite/common/shiro/realm/AuthorizingRealm.java +++ b/modules/core/src/main/java/com/jeesite/common/shiro/realm/AuthorizingRealm.java @@ -8,23 +8,16 @@ import com.jeesite.common.codec.EncodeUtils; import com.jeesite.common.codec.SM3Utils; import com.jeesite.common.codec.ShaUtils; import com.jeesite.common.config.Global; -import com.jeesite.common.network.IpUtils; import com.jeesite.common.shiro.authc.FormToken; -import com.jeesite.common.utils.SpringUtils; -import com.jeesite.common.web.http.ServletUtils; import com.jeesite.modules.sys.entity.Log; import com.jeesite.modules.sys.entity.User; -import com.jeesite.modules.sys.service.UserService; import com.jeesite.modules.sys.utils.LogUtils; -import com.jeesite.modules.sys.utils.UserUtils; +import javax.servlet.http.HttpServletRequest; import org.apache.shiro.authc.AuthenticationException; import org.apache.shiro.authc.AuthenticationInfo; import org.apache.shiro.authc.AuthenticationToken; import org.apache.shiro.authz.AuthorizationInfo; -import javax.servlet.http.HttpServletRequest; -import java.util.Date; - /** * 系统认证授权实现类 * @author ThinkGem @@ -35,8 +28,6 @@ public class AuthorizingRealm extends BaseAuthorizingRealm { public static final int HASH_ITERATIONS = 1024; public static final int SALT_SIZE = 8; - private UserService userService; - public AuthorizingRealm() { super(); } @@ -116,38 +107,21 @@ public class AuthorizingRealm extends BaseAuthorizingRealm { } @Override - public void onLoginSuccess(LoginInfo loginInfo, HttpServletRequest request) { - super.onLoginSuccess(loginInfo, request); - - // 更新登录IP、时间、会话ID等 - User user = UserUtils.get(loginInfo.getId()); - user.setOldLastLoginIp(user.getLastLoginIp()); - user.setOldLastLoginDate(user.getLastLoginDate()); - user.setLastLoginIp(IpUtils.getRemoteAddr(request)); - user.setLastLoginDate(new Date()); - getUserService().updateUserLoginInfo(user); + public User onLoginSuccess(LoginInfo loginInfo, HttpServletRequest request) { + User user = super.onLoginSuccess(loginInfo, request); // 记录用户登录日志 LogUtils.saveLog(user, request, "系统登录", Log.TYPE_LOGIN_LOGOUT); - - // 登录成功后,验证码计算器清零 - BaseAuthorizingRealm.isValidCodeLogin(user.getLoginCode(), user.getCorpCode_(), loginInfo.getParam("deviceType"), "success"); + return user; } - + @Override - public void onLogoutSuccess(LoginInfo loginInfo, HttpServletRequest request) { - super.onLogoutSuccess(loginInfo, request); - - // 记录用户退出日志 - User user = UserUtils.get(loginInfo.getId()); - LogUtils.saveLog(user, request, "系统退出", Log.TYPE_LOGIN_LOGOUT); - } + public User onLogoutSuccess(LoginInfo loginInfo, HttpServletRequest request) { + User user = super.onLogoutSuccess(loginInfo, request); - public UserService getUserService() { - if (userService == null){ - userService = SpringUtils.getBean(UserService.class); - } - return userService; + // 记录用户退出日志 + LogUtils.saveLog(user, request, "系统退出", Log.TYPE_LOGIN_LOGOUT); + return user; } } diff --git a/modules/core/src/main/java/com/jeesite/common/shiro/realm/CasAuthorizingRealm.java b/modules/core/src/main/java/com/jeesite/common/shiro/realm/CasAuthorizingRealm.java index b42887f5..27d7844d 100644 --- a/modules/core/src/main/java/com/jeesite/common/shiro/realm/CasAuthorizingRealm.java +++ b/modules/core/src/main/java/com/jeesite/common/shiro/realm/CasAuthorizingRealm.java @@ -17,9 +17,10 @@ import com.jeesite.modules.sys.entity.EmpUser; import com.jeesite.modules.sys.entity.Log; import com.jeesite.modules.sys.entity.User; import com.jeesite.modules.sys.service.EmpUserService; -import com.jeesite.modules.sys.service.UserService; import com.jeesite.modules.sys.utils.LogUtils; import com.jeesite.modules.sys.utils.UserUtils; +import javax.servlet.http.HttpServletRequest; +import javax.validation.ValidationException; import org.apache.shiro.authc.AuthenticationException; import org.apache.shiro.authc.AuthenticationInfo; import org.apache.shiro.authc.AuthenticationToken; @@ -29,8 +30,6 @@ import org.jasig.cas.client.validation.Cas20ServiceTicketValidator; import org.jasig.cas.client.validation.TicketValidationException; import org.jasig.cas.client.validation.TicketValidator; -import javax.servlet.http.HttpServletRequest; -import javax.validation.ValidationException; import java.util.Map; /** @@ -40,14 +39,13 @@ import java.util.Map; */ @SuppressWarnings("deprecation") public class CasAuthorizingRealm extends BaseAuthorizingRealm { - - private UserService userService; - private EmpUserService empUserService; private CasOutHandler casOutHandler; private String casServerUrl; // CAS 服务器地址 private String casServerCallbackUrl; // CAS 服务器回调地址 private TicketValidator ticketValidator;// CAS 令牌验证类 + + private EmpUserService empUserService; public CasAuthorizingRealm() { super(); @@ -175,28 +173,27 @@ public class CasAuthorizingRealm extends BaseAuthorizingRealm { } @Override - public void onLoginSuccess(LoginInfo loginInfo, HttpServletRequest request) { + public User onLoginSuccess(LoginInfo loginInfo, HttpServletRequest request) { + User user = super.onLoginSuccess(loginInfo, request); + // 单点登录登出句柄(登录时注入session),在这之前必须获取下授权信息 String ticket = loginInfo.getParam("ticket"); casOutHandler.recordSession(request, ticket); //System.out.print("__sid: "+request.getSession().getId()); //System.out.println(" == "+UserUtils.getSession().getId()); + + // 记录用户登录日志 + LogUtils.saveLog(user, request, "系统登录", Log.TYPE_LOGIN_LOGOUT); + return user; } @Override - public void onLogoutSuccess(LoginInfo loginInfo, HttpServletRequest request) { - super.onLogoutSuccess(loginInfo, request); + public User onLogoutSuccess(LoginInfo loginInfo, HttpServletRequest request) { + User user = super.onLogoutSuccess(loginInfo, request); // 记录用户退出日志 - User user = UserUtils.get(loginInfo.getId()); LogUtils.saveLog(user, request, "系统退出", Log.TYPE_LOGIN_LOGOUT); - } - - public UserService getUserService() { - if (userService == null){ - userService = SpringUtils.getBean(UserService.class); - } - return userService; + return user; } public EmpUserService getEmpUserService() { diff --git a/modules/core/src/main/java/com/jeesite/common/shiro/realm/LdapAuthorizingRealm.java b/modules/core/src/main/java/com/jeesite/common/shiro/realm/LdapAuthorizingRealm.java index 4aa479dd..43c6d4e5 100644 --- a/modules/core/src/main/java/com/jeesite/common/shiro/realm/LdapAuthorizingRealm.java +++ b/modules/core/src/main/java/com/jeesite/common/shiro/realm/LdapAuthorizingRealm.java @@ -6,14 +6,11 @@ package com.jeesite.common.shiro.realm; import com.jeesite.common.shiro.authc.FormToken; import com.jeesite.common.shiro.authc.LdapToken; -import com.jeesite.common.utils.SpringUtils; import com.jeesite.common.web.http.ServletUtils; import com.jeesite.modules.sys.entity.Log; import com.jeesite.modules.sys.entity.User; -import com.jeesite.modules.sys.service.EmpUserService; -import com.jeesite.modules.sys.service.UserService; import com.jeesite.modules.sys.utils.LogUtils; -import com.jeesite.modules.sys.utils.UserUtils; +import javax.servlet.http.HttpServletRequest; import org.apache.shiro.authc.AuthenticationException; import org.apache.shiro.authc.AuthenticationInfo; import org.apache.shiro.authc.AuthenticationToken; @@ -31,7 +28,6 @@ import org.springframework.util.StringUtils; import javax.naming.AuthenticationNotSupportedException; import javax.naming.NamingException; import javax.naming.ldap.LdapContext; -import javax.servlet.http.HttpServletRequest; /** * 系统认证授权实现类 @@ -54,9 +50,6 @@ public class LdapAuthorizingRealm extends BaseAuthorizingRealm { */ private LdapContextFactory contextFactory; - private UserService userService; - private EmpUserService empUserService; - /** * Default no-argument constructor that defaults the internal {@link LdapContextFactory} instance to a * {@link JndiLdapContextFactory}. @@ -126,41 +119,24 @@ public class LdapAuthorizingRealm extends BaseAuthorizingRealm { } @Override - public void onLoginSuccess(LoginInfo loginInfo, HttpServletRequest request) { - super.onLoginSuccess(loginInfo, request); + public User onLoginSuccess(LoginInfo loginInfo, HttpServletRequest request) { + User user = super.onLoginSuccess(loginInfo, request); //System.out.print("__sid: "+request.getSession().getId()); //System.out.println(" == "+UserUtils.getSession().getId()); - - // 更新登录IP、时间、会话ID等 - User user = UserUtils.get(loginInfo.getId()); - getUserService().updateUserLoginInfo(user); - + // 记录用户登录日志 LogUtils.saveLog(user, ServletUtils.getRequest(), "系统登录", Log.TYPE_LOGIN_LOGOUT); + return user; } @Override - public void onLogoutSuccess(LoginInfo loginInfo, HttpServletRequest request) { - super.onLogoutSuccess(loginInfo, request); + public User onLogoutSuccess(LoginInfo loginInfo, HttpServletRequest request) { + User user = super.onLogoutSuccess(loginInfo, request); // 记录用户退出日志 - User user = UserUtils.get(loginInfo.getId()); LogUtils.saveLog(user, request, "系统退出", Log.TYPE_LOGIN_LOGOUT); - } - - public UserService getUserService() { - if (userService == null){ - userService = SpringUtils.getBean(UserService.class); - } - return userService; - } - - public EmpUserService getEmpUserService() { - if (empUserService == null){ - empUserService = SpringUtils.getBean(EmpUserService.class); - } - return empUserService; + return user; } /**