├── .DS_Store
├── .gitignore
├── Insurance
├── .DS_Store
├── .classpath
├── .gitignore
├── .project
├── .settings
│ ├── .jsdtscope
│ ├── org.eclipse.core.resources.prefs
│ ├── org.eclipse.jdt.core.prefs
│ ├── org.eclipse.m2e.core.prefs
│ ├── org.eclipse.wst.common.component
│ ├── org.eclipse.wst.common.project.facet.core.xml
│ ├── org.eclipse.wst.jsdt.ui.superType.container
│ └── org.eclipse.wst.jsdt.ui.superType.name
├── ToorJar
│ ├── .gitignore
│ └── mysql-connector-java-5.1.44.jar
├── WebContent
│ ├── .DS_Store
│ ├── META-INF
│ │ └── MANIFEST.MF
│ └── WEB-INF
│ │ └── .DS_Store
├── pom.xml
└── src
│ ├── .DS_Store
│ ├── DBScript
│ ├── .DS_Store
│ ├── Insurance_Data_Script.sql
│ ├── Insurance_Mate_Script.sql
│ └── Insurance_Str_Script.sql
│ └── main
│ ├── .DS_Store
│ ├── java
│ ├── .DS_Store
│ └── com
│ │ ├── .DS_Store
│ │ └── Insurance
│ │ ├── ADemo
│ │ ├── AccessToken.java
│ │ ├── CaptchaModule.java
│ │ ├── DbController.java
│ │ ├── DemoController.java
│ │ ├── JsonWebToken.java
│ │ ├── LoginPara.java
│ │ ├── RedisConfig.java
│ │ ├── UserController.java
│ │ ├── UserInfo.java
│ │ └── UserInfoRepository.java
│ │ ├── Business
│ │ ├── LoginController.java
│ │ └── UserController.java
│ │ ├── Filter
│ │ ├── Audience.java
│ │ ├── HTTPBasicAuthorizeAttribute.java
│ │ ├── HTTPBearerAuthorizeAttribute.java
│ │ ├── JWTLoginFilter.java
│ │ ├── JwtAuthenticationFilter.java
│ │ ├── ResultMsg.java
│ │ └── ResultStatusCode.java
│ │ ├── InsuranceApplication.java
│ │ ├── Model
│ │ └── InsuranceUser.java
│ │ ├── Utils
│ │ ├── JwtHelper.java
│ │ └── SecurityHelper.java
│ │ └── repository
│ │ └── InsuranceUserRepository.java
│ └── resources
│ ├── .DS_Store
│ ├── application.properties
│ ├── jwt.properties
│ └── mapper
│ └── config
│ └── sqlMapConfig.xml
└── Servers
├── .DS_Store
├── .project
├── .settings
└── org.eclipse.wst.server.core.prefs
└── Tomcat v9.0 Server at localhost-config
├── catalina.policy
├── catalina.properties
├── context.xml
├── server.xml
├── tomcat-users.xml
└── web.xml
/.DS_Store:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/abysmkami/java-springboot-Insurance/88e9d2974b6d9a01b5459cb6f0a05e977c97c572/.DS_Store
--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | /.metadata/
2 | RemoteSystemsTempFiles/.project
3 | Insurance/.DS_Store
4 | Insurance/.DS_Store
5 | Insurance/.metadata/.lock
6 | Insurance/.metadata/.log
7 | Insurance/.metadata/.mylyn/repositories.xml.zip
8 | Insurance/.metadata/.plugins/org.eclipse.core.resources/.root/.indexes/history.version
9 | *.index
10 | Insurance/.metadata/.plugins/org.eclipse.core.resources/.root/.indexes/properties.version
11 | Insurance/.metadata/.plugins/org.eclipse.core.resources/.root/1.tree
12 | Insurance/.metadata/.plugins/org.eclipse.core.resources/.safetable/org.eclipse.core.resources
13 | *.prefs
14 | *.xmi
15 | Insurance/.metadata/.plugins/org.eclipse.epp.logging.aeri.ide/org.eclipse.epp.logging.aeri.ide.server/http-cache.lucene60/segments_1
16 | Insurance/.metadata/.plugins/org.eclipse.epp.logging.aeri.ide/org.eclipse.epp.logging.aeri.ide.server/http-cache.lucene60/write.lock
17 | Insurance/.metadata/.plugins/org.eclipse.epp.logging.aeri.ide/org.eclipse.epp.logging.aeri.ide.server/local-history.lucene60/_0.cfe
18 | *.cfs
19 | *.si
20 | Insurance/.metadata/.plugins/org.eclipse.epp.logging.aeri.ide/org.eclipse.epp.logging.aeri.ide.server/local-history.lucene60/segments_1
21 | *.lock
22 | Insurance/.metadata/.plugins/org.eclipse.epp.logging.aeri.ide/org.eclipse.epp.logging.aeri.ide.server/server-config.json
23 | Insurance/.metadata/.plugins/org.eclipse.jdt.core/assumedExternalFilesCache
24 | Insurance/.metadata/.plugins/org.eclipse.jdt.core/index.db
25 | Insurance/.metadata/.plugins/org.eclipse.jdt.core/nonChainingJarsCache
26 | Insurance/.metadata/.plugins/org.eclipse.jdt.core/externalFilesCache
27 | Insurance/.metadata/.plugins/org.eclipse.jdt.core/variablesAndContainers.dat
28 | Insurance/.metadata/version.ini
29 | Insurance/.metadata/.plugins/org.eclipse.ui.workbench/dialog_settings.xml
30 | Insurance/.metadata/.plugins/org.eclipse.ui.intro/introstate
31 | Insurance/.metadata/.plugins/org.eclipse.pde.core/.cache/clean-cache.properties
32 | Insurance/.metadata/.plugins/org.eclipse.m2e.logback.configuration/logback.1.8.2.20171007-0217.xml
33 | Insurance/.metadata/.plugins/org.eclipse.m2e.logback.configuration/0.log
34 | Insurance/.metadata/.plugins/org.eclipse.jdt.ui/QualifiedTypeNameHistory.xml
35 | Insurance/.metadata/.plugins/org.eclipse.jdt.ui/OpenTypeHistory.xml
36 |
--------------------------------------------------------------------------------
/Insurance/.DS_Store:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/abysmkami/java-springboot-Insurance/88e9d2974b6d9a01b5459cb6f0a05e977c97c572/Insurance/.DS_Store
--------------------------------------------------------------------------------
/Insurance/.classpath:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 |
26 |
27 |
28 |
29 |
30 |
31 |
32 |
33 |
34 |
35 |
36 |
37 |
38 |
39 |
--------------------------------------------------------------------------------
/Insurance/.gitignore:
--------------------------------------------------------------------------------
1 | /target/
2 |
--------------------------------------------------------------------------------
/Insurance/.project:
--------------------------------------------------------------------------------
1 |
2 |
3 | Insurance
4 |
5 |
6 |
7 |
8 |
9 | org.eclipse.wst.common.project.facet.core.builder
10 |
11 |
12 |
13 |
14 | org.eclipse.jdt.core.javabuilder
15 |
16 |
17 |
18 |
19 | org.eclipse.wst.validation.validationbuilder
20 |
21 |
22 |
23 |
24 | org.eclipse.m2e.core.maven2Builder
25 |
26 |
27 |
28 |
29 |
30 | org.eclipse.jem.workbench.JavaEMFNature
31 | org.eclipse.wst.common.modulecore.ModuleCoreNature
32 | org.eclipse.jdt.core.javanature
33 | org.eclipse.m2e.core.maven2Nature
34 | org.eclipse.wst.common.project.facet.core.nature
35 | org.eclipse.wst.jsdt.core.jsNature
36 |
37 |
38 |
--------------------------------------------------------------------------------
/Insurance/.settings/.jsdtscope:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
--------------------------------------------------------------------------------
/Insurance/.settings/org.eclipse.core.resources.prefs:
--------------------------------------------------------------------------------
1 | eclipse.preferences.version=1
2 | encoding//src/main/java=UTF-8
3 | encoding//src/main/resources=UTF-8
4 | encoding//src/test/java=UTF-8
5 | encoding//src/test/resources=UTF-8
6 | encoding/=UTF-8
7 |
--------------------------------------------------------------------------------
/Insurance/.settings/org.eclipse.jdt.core.prefs:
--------------------------------------------------------------------------------
1 | eclipse.preferences.version=1
2 | org.eclipse.jdt.core.compiler.codegen.inlineJsrBytecode=enabled
3 | org.eclipse.jdt.core.compiler.codegen.methodParameters=do not generate
4 | org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.8
5 | org.eclipse.jdt.core.compiler.codegen.unusedLocal=preserve
6 | org.eclipse.jdt.core.compiler.compliance=1.8
7 | org.eclipse.jdt.core.compiler.debug.lineNumber=generate
8 | org.eclipse.jdt.core.compiler.debug.localVariable=generate
9 | org.eclipse.jdt.core.compiler.debug.sourceFile=generate
10 | org.eclipse.jdt.core.compiler.problem.assertIdentifier=error
11 | org.eclipse.jdt.core.compiler.problem.enumIdentifier=error
12 | org.eclipse.jdt.core.compiler.problem.forbiddenReference=warning
13 | org.eclipse.jdt.core.compiler.source=1.8
14 |
--------------------------------------------------------------------------------
/Insurance/.settings/org.eclipse.m2e.core.prefs:
--------------------------------------------------------------------------------
1 | activeProfiles=
2 | eclipse.preferences.version=1
3 | resolveWorkspaceProjects=true
4 | version=1
5 |
--------------------------------------------------------------------------------
/Insurance/.settings/org.eclipse.wst.common.component:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
--------------------------------------------------------------------------------
/Insurance/.settings/org.eclipse.wst.common.project.facet.core.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
--------------------------------------------------------------------------------
/Insurance/.settings/org.eclipse.wst.jsdt.ui.superType.container:
--------------------------------------------------------------------------------
1 | org.eclipse.wst.jsdt.launching.baseBrowserLibrary
--------------------------------------------------------------------------------
/Insurance/.settings/org.eclipse.wst.jsdt.ui.superType.name:
--------------------------------------------------------------------------------
1 | Window
--------------------------------------------------------------------------------
/Insurance/ToorJar/.gitignore:
--------------------------------------------------------------------------------
1 | /mysql-connector-java-5.1.44.jar
2 |
--------------------------------------------------------------------------------
/Insurance/ToorJar/mysql-connector-java-5.1.44.jar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/abysmkami/java-springboot-Insurance/88e9d2974b6d9a01b5459cb6f0a05e977c97c572/Insurance/ToorJar/mysql-connector-java-5.1.44.jar
--------------------------------------------------------------------------------
/Insurance/WebContent/.DS_Store:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/abysmkami/java-springboot-Insurance/88e9d2974b6d9a01b5459cb6f0a05e977c97c572/Insurance/WebContent/.DS_Store
--------------------------------------------------------------------------------
/Insurance/WebContent/META-INF/MANIFEST.MF:
--------------------------------------------------------------------------------
1 | Manifest-Version: 1.0
2 | Class-Path:
3 |
4 |
--------------------------------------------------------------------------------
/Insurance/WebContent/WEB-INF/.DS_Store:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/abysmkami/java-springboot-Insurance/88e9d2974b6d9a01b5459cb6f0a05e977c97c572/Insurance/WebContent/WEB-INF/.DS_Store
--------------------------------------------------------------------------------
/Insurance/pom.xml:
--------------------------------------------------------------------------------
1 |
2 |
4 | 4.0.0
5 |
6 | com.Insurance
7 | Insurance
8 | 0.0.1-SNAPSHOT
9 | jar
10 |
11 | insurance
12 | recommend insurance project for Spring Boot
13 |
14 |
15 | org.springframework.boot
16 | spring-boot-starter-parent
17 | 1.5.7.RELEASE
18 |
19 |
20 |
21 |
22 | UTF-8
23 | UTF-8
24 | 1.8
25 |
26 |
27 |
28 |
29 |
30 | org.springframework
31 | spring-webmvc
32 |
33 |
34 |
35 | org.springframework.boot
36 | spring-boot-starter
37 |
38 |
39 |
40 | org.springframework.boot
41 | spring-boot-starter-test
42 | test
43 |
44 |
45 | org.springframework.boot
46 | spring-boot-starter-web
47 |
48 |
49 | mysql
50 | mysql-connector-java
51 |
52 |
53 | org.springframework.boot
54 | spring-boot-starter-jdbc
55 |
56 |
57 | org.springframework.boot
58 | spring-boot-starter-security
59 |
60 |
61 | org.springframework.boot
62 | spring-boot-starter-data-jpa
63 |
64 |
65 | io.jsonwebtoken
66 | jjwt
67 | 0.7.0
68 |
69 |
70 | org.mybatis.spring.boot
71 | mybatis-spring-boot-starter
72 | 1.1.1
73 |
74 |
75 | org.springframework.boot
76 | spring-boot-starter-redis
77 | 1.4.7.RELEASE
78 |
79 |
80 | cn.apiclub.tool
81 | simplecaptcha
82 | 1.2.2
83 |
84 |
85 |
86 |
87 |
88 |
89 | org.apache.maven.plugins
90 | maven-compiler-plugin
91 |
92 | 1.7
93 | 1.7
94 | UTF-8
95 |
96 |
97 |
98 | org.springframework.boot
99 | spring-boot-maven-plugin
100 |
101 |
102 |
103 |
104 |
105 |
106 | org.apache.tomcat.maven
107 | tomcat7-maven-plugin
108 | 9.0
109 |
110 |
111 |
112 |
113 |
114 |
115 |
116 |
117 |
--------------------------------------------------------------------------------
/Insurance/src/.DS_Store:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/abysmkami/java-springboot-Insurance/88e9d2974b6d9a01b5459cb6f0a05e977c97c572/Insurance/src/.DS_Store
--------------------------------------------------------------------------------
/Insurance/src/DBScript/.DS_Store:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/abysmkami/java-springboot-Insurance/88e9d2974b6d9a01b5459cb6f0a05e977c97c572/Insurance/src/DBScript/.DS_Store
--------------------------------------------------------------------------------
/Insurance/src/DBScript/Insurance_Data_Script.sql:
--------------------------------------------------------------------------------
1 | insert insuranceuser (id,username,userpwd,phonenumb,email,nickname) values (1,'admin','admin','18701442226','abysmkami@163.com','创世大魔王');
2 |
3 |
--------------------------------------------------------------------------------
/Insurance/src/DBScript/Insurance_Mate_Script.sql:
--------------------------------------------------------------------------------
1 | insert insurancerole (id,rolename,roledisplayname) values (1,'sysadmin','系统管理员');
2 | insert insurancerole (id,rolename,roledisplayname) values (2,'sysmanager','系统业务员');
3 | insert insurancerole (id,rolename,roledisplayname) values (4,'companyadmin','公司管理员');
4 | insert insurancerole (id,rolename,roledisplayname) values (8,'companymanager','公司业务员');
5 | insert insurancerole (id,rolename,roledisplayname) values (16,'companyuser','公司用户');
6 | insert insurancerole (id,rolename,roledisplayname, values (32,'user','普通用户');
7 |
--------------------------------------------------------------------------------
/Insurance/src/DBScript/Insurance_Str_Script.sql:
--------------------------------------------------------------------------------
1 | use insurance
2 | CREATE TABLE insuranceuser (
3 | id INTEGER UNSIGNED NOT NULL,
4 | username VARCHAR(100),
5 | userpwd VARCHAR(100),
6 | phonenumb varchar(30),
7 | email varchar(100),
8 | nickname varchar (100),
9 | PRIMARY KEY (id)
10 | ) ENGINE=InnoDB
11 | create table insurancerole
12 | (
13 | id INTEGER UNSIGNED NOT NULL,
14 | rolename VARCHAR(30),
15 | roledisplayname varchar(30),
16 | PRIMARY KEY (id)
17 | )
18 |
--------------------------------------------------------------------------------
/Insurance/src/main/.DS_Store:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/abysmkami/java-springboot-Insurance/88e9d2974b6d9a01b5459cb6f0a05e977c97c572/Insurance/src/main/.DS_Store
--------------------------------------------------------------------------------
/Insurance/src/main/java/.DS_Store:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/abysmkami/java-springboot-Insurance/88e9d2974b6d9a01b5459cb6f0a05e977c97c572/Insurance/src/main/java/.DS_Store
--------------------------------------------------------------------------------
/Insurance/src/main/java/com/.DS_Store:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/abysmkami/java-springboot-Insurance/88e9d2974b6d9a01b5459cb6f0a05e977c97c572/Insurance/src/main/java/com/.DS_Store
--------------------------------------------------------------------------------
/Insurance/src/main/java/com/Insurance/ADemo/AccessToken.java:
--------------------------------------------------------------------------------
1 | package com.Insurance.ADemo;
2 |
3 | public class AccessToken {
4 | private String access_token;
5 | private String token_type;
6 | private long expires_in;
7 | public String getAccess_token() {
8 | return access_token;
9 | }
10 | public void setAccess_token(String access_token) {
11 | this.access_token = access_token;
12 | }
13 | public String getToken_type() {
14 | return token_type;
15 | }
16 | public void setToken_type(String token_type) {
17 | this.token_type = token_type;
18 | }
19 | public long getExpires_in() {
20 | return expires_in;
21 | }
22 | public void setExpires_in(long expires_in) {
23 | this.expires_in = expires_in;
24 | }
25 | }
26 |
--------------------------------------------------------------------------------
/Insurance/src/main/java/com/Insurance/ADemo/CaptchaModule.java:
--------------------------------------------------------------------------------
1 | package com.Insurance.ADemo;
2 |
3 | import java.io.ByteArrayOutputStream;
4 | import java.io.IOException;
5 | import java.util.UUID;
6 | import java.util.concurrent.TimeUnit;
7 |
8 | import javax.imageio.ImageIO;
9 | import javax.servlet.http.Cookie;
10 | import javax.servlet.http.HttpServletResponse;
11 |
12 | import org.springframework.beans.factory.annotation.Autowired;
13 | import org.springframework.data.redis.core.RedisTemplate;
14 | import org.springframework.http.MediaType;
15 | import org.springframework.web.bind.annotation.RequestMapping;
16 | import org.springframework.web.bind.annotation.RequestMethod;
17 | import org.springframework.web.bind.annotation.ResponseBody;
18 | import org.springframework.web.bind.annotation.RestController;
19 |
20 | import cn.apiclub.captcha.Captcha;
21 | import cn.apiclub.captcha.backgrounds.GradiatedBackgroundProducer;
22 | import cn.apiclub.captcha.gimpy.FishEyeGimpyRenderer;
23 |
24 | @RestController
25 | @RequestMapping("captcha")
26 | public class CaptchaModule {
27 |
28 | @Autowired
29 | private RedisTemplate redisTemplate;
30 |
31 | private static int captchaExpires = 3*60; //超时时间3min
32 | private static int captchaW = 200;
33 | private static int captchaH = 60;
34 |
35 | @RequestMapping(value = "getcaptcha", method = RequestMethod.GET, produces = MediaType.IMAGE_PNG_VALUE)
36 |
37 | public @ResponseBody byte[] getCaptcha(HttpServletResponse response)
38 | {
39 | //生成验证码
40 | String uuid = UUID.randomUUID().toString();
41 | Captcha captcha = new Captcha.Builder(captchaW, captchaH)
42 | .addText().addBackground(new GradiatedBackgroundProducer())
43 | .gimp(new FishEyeGimpyRenderer())
44 | .build();
45 |
46 | //将验证码以形式缓存到redis
47 | redisTemplate.opsForValue().set(uuid, captcha.getAnswer(), captchaExpires, TimeUnit.SECONDS);
48 |
49 | //将验证码key,及验证码的图片返回
50 | Cookie cookie = new Cookie("CaptchaCode",uuid);
51 | response.addCookie(cookie);
52 | ByteArrayOutputStream bao = new ByteArrayOutputStream();
53 | try {
54 | ImageIO.write(captcha.getImage(), "png", bao);
55 | return bao.toByteArray();
56 | } catch (IOException e) {
57 | return null;
58 | }
59 | }
60 | }
61 |
--------------------------------------------------------------------------------
/Insurance/src/main/java/com/Insurance/ADemo/DbController.java:
--------------------------------------------------------------------------------
1 | package com.Insurance.ADemo;
2 |
3 | import java.util.Iterator;
4 | import java.util.List;
5 | import java.util.Map;
6 | import java.util.Map.Entry;
7 | import java.util.Set;
8 |
9 | import org.springframework.beans.factory.annotation.Autowired;
10 | import org.springframework.jdbc.core.JdbcTemplate;
11 | import org.springframework.web.bind.annotation.PathVariable;
12 | import org.springframework.web.bind.annotation.RequestMapping;
13 | import org.springframework.web.bind.annotation.RestController;
14 |
15 | @RestController
16 | @RequestMapping("/mydb")
17 | public class DbController {
18 |
19 | @Autowired
20 | private JdbcTemplate jdbcTemplate;
21 |
22 | @RequestMapping("/getUsers")
23 | public List> getDbType(){
24 | String sql = "select * from appuser";
25 | List> list = jdbcTemplate.queryForList(sql);
26 | for (Map map : list) {
27 | Set> entries = map.entrySet( );
28 | if(entries != null) {
29 | Iterator> iterator = entries.iterator( );
30 | while(iterator.hasNext( )) {
31 | Entry entry =(Entry) iterator.next( );
32 | Object key = entry.getKey( );
33 | Object value = entry.getValue();
34 | System.out.println(key+":"+value);
35 | }
36 | }
37 | }
38 | return list;
39 | }
40 |
41 | @RequestMapping("/user/{id}")
42 | public Map getUser(@PathVariable String id){
43 | Map map = null;
44 |
45 | List> list = getDbType();
46 |
47 | for (Map dbmap : list) {
48 |
49 | Set set = dbmap.keySet();
50 |
51 | for (String key : set) {
52 | if(key.equals("id")){
53 | if(dbmap.get(key).equals(id)){
54 | map = dbmap;
55 | }
56 | }
57 | }
58 | }
59 |
60 | if(map==null)
61 | map = list.get(0);
62 | return map;
63 | }
64 |
65 | }
66 |
--------------------------------------------------------------------------------
/Insurance/src/main/java/com/Insurance/ADemo/DemoController.java:
--------------------------------------------------------------------------------
1 | package com.Insurance.ADemo;
2 |
3 | import org.springframework.web.bind.annotation.RequestMapping;
4 | import org.springframework.web.bind.annotation.RestController;
5 |
6 | @RestController
7 | public class DemoController {
8 |
9 | @RequestMapping("demo")
10 | public String hello() {
11 | return "成功喽";
12 | }
13 |
14 | }
15 |
--------------------------------------------------------------------------------
/Insurance/src/main/java/com/Insurance/ADemo/JsonWebToken.java:
--------------------------------------------------------------------------------
1 | package com.Insurance.ADemo;
2 |
3 | import org.springframework.beans.factory.annotation.Autowired;
4 | import org.springframework.data.redis.core.RedisTemplate;
5 | import org.springframework.web.bind.annotation.RequestBody;
6 | import org.springframework.web.bind.annotation.RequestMapping;
7 | import org.springframework.web.bind.annotation.RestController;
8 |
9 | import com.Insurance.Filter.Audience;
10 | import com.Insurance.Filter.ResultMsg;
11 | import com.Insurance.Filter.ResultStatusCode;
12 | import com.Insurance.Utils.JwtHelper;
13 | import com.Insurance.Utils.SecurityHelper;
14 |
15 |
16 |
17 | @RestController
18 | public class JsonWebToken {
19 | @Autowired
20 | private UserInfoRepository userRepositoy;
21 |
22 | @Autowired
23 | private Audience audienceEntity;
24 | @Autowired
25 | private RedisTemplate redisTemplate;
26 |
27 | @RequestMapping("oauth/token")
28 | public Object getAccessToken(@RequestBody LoginPara loginPara)
29 | {
30 | ResultMsg resultMsg;
31 | try
32 | {
33 | if(loginPara.getClientId() == null
34 | || (loginPara.getClientId().compareTo(audienceEntity.getClientId()) != 0))
35 | {
36 | resultMsg = new ResultMsg(ResultStatusCode.INVALID_CLIENTID.getErrcode(),
37 | ResultStatusCode.INVALID_CLIENTID.getErrmsg(), null);
38 | return resultMsg;
39 | }
40 |
41 | //验证码校验
42 | String captchaCode = loginPara.getCaptchaCode();
43 | try {
44 | if (captchaCode == null)
45 | {
46 | throw new Exception();
47 | }
48 | String captchaValue = redisTemplate.opsForValue().get(captchaCode);
49 | if (captchaValue == null)
50 | {
51 | throw new Exception();
52 | }
53 | redisTemplate.delete(captchaCode);
54 |
55 | if (captchaValue.compareTo(loginPara.getCaptchaValue()) != 0)
56 | {
57 | throw new Exception();
58 | }
59 | } catch (Exception e) {
60 | resultMsg = new ResultMsg(ResultStatusCode.INVALID_CAPTCHA.getErrcode(),
61 | ResultStatusCode.INVALID_CAPTCHA.getErrmsg(), null);
62 | return resultMsg;
63 | }
64 |
65 |
66 | //验证用户名密码
67 | UserInfo user = userRepositoy.findUserInfoByName(loginPara.getUserName());
68 | if (user == null)
69 | {
70 | resultMsg = new ResultMsg(ResultStatusCode.INVALID_PASSWORD.getErrcode(),
71 | ResultStatusCode.INVALID_PASSWORD.getErrmsg(), null);
72 | return resultMsg;
73 | }
74 | else
75 | {
76 | String md5Password = SecurityHelper.getMD5(loginPara.getPassword()+user.getSalt());
77 |
78 | if (md5Password.compareTo(user.getPassword()) != 0)
79 | {
80 | resultMsg = new ResultMsg(ResultStatusCode.INVALID_PASSWORD.getErrcode(),
81 | ResultStatusCode.INVALID_PASSWORD.getErrmsg(), null);
82 | return resultMsg;
83 | }
84 | }
85 |
86 | //拼装accessToken
87 | String accessToken = JwtHelper.createJWT(loginPara.getUserName(), String.valueOf(user.getName()),
88 | user.getRole(), audienceEntity.getClientId(), audienceEntity.getName(),
89 | audienceEntity.getExpiresSecond() * 1000, audienceEntity.getBase64Secret());
90 |
91 | //返回accessToken
92 | AccessToken accessTokenEntity = new AccessToken();
93 | accessTokenEntity.setAccess_token(accessToken);
94 | accessTokenEntity.setExpires_in(audienceEntity.getExpiresSecond());
95 | accessTokenEntity.setToken_type("bearer");
96 | resultMsg = new ResultMsg(ResultStatusCode.OK.getErrcode(),
97 | ResultStatusCode.OK.getErrmsg(), accessTokenEntity);
98 | return resultMsg;
99 |
100 | }
101 | catch(Exception ex)
102 | {
103 | resultMsg = new ResultMsg(ResultStatusCode.SYSTEM_ERR.getErrcode(),
104 | ResultStatusCode.SYSTEM_ERR.getErrmsg(), null);
105 | return resultMsg;
106 | }
107 | }
108 |
109 | }
--------------------------------------------------------------------------------
/Insurance/src/main/java/com/Insurance/ADemo/LoginPara.java:
--------------------------------------------------------------------------------
1 | package com.Insurance.ADemo;
2 |
3 | public class LoginPara {
4 | private String clientId;
5 | private String userName;
6 | private String password;
7 | private String captchaCode;
8 | private String captchaValue;
9 |
10 | public String getClientId() {
11 | return clientId;
12 | }
13 | public void setClientId(String clientId) {
14 | this.clientId = clientId;
15 | }
16 | public String getUserName() {
17 | return userName;
18 | }
19 | public void setUserName(String userName) {
20 | this.userName = userName;
21 | }
22 | public String getPassword() {
23 | return password;
24 | }
25 | public void setPassword(String password) {
26 | this.password = password;
27 | }
28 | public String getCaptchaCode() {
29 | return captchaCode;
30 | }
31 | public void setCaptchaCode(String captchaCode) {
32 | this.captchaCode = captchaCode;
33 | }
34 | public String getCaptchaValue() {
35 | return captchaValue;
36 | }
37 | public void setCaptchaValue(String captchaValue) {
38 | this.captchaValue = captchaValue;
39 | }
40 | }
41 |
--------------------------------------------------------------------------------
/Insurance/src/main/java/com/Insurance/ADemo/RedisConfig.java:
--------------------------------------------------------------------------------
1 | package com.Insurance.ADemo;
2 |
3 | import org.springframework.context.annotation.Bean;
4 | import org.springframework.data.redis.connection.RedisConnectionFactory;
5 | import org.springframework.data.redis.connection.jedis.JedisConnectionFactory;
6 | import org.springframework.data.redis.core.RedisTemplate;
7 | import org.springframework.data.redis.serializer.StringRedisSerializer;
8 |
9 | public class RedisConfig {
10 | @Bean
11 | JedisConnectionFactory jedisConnectionFactory() {
12 | return new JedisConnectionFactory();
13 | }
14 |
15 | @Bean RedisTemplateredisTemplate(RedisConnectionFactory factory)
16 | {
17 | RedisTemplate template = new RedisTemplate();
18 | template.setConnectionFactory(jedisConnectionFactory());
19 |
20 | template.setKeySerializer(new StringRedisSerializer());
21 | template.setValueSerializer(new StringRedisSerializer());
22 | return template;
23 | }
24 | }
25 |
--------------------------------------------------------------------------------
/Insurance/src/main/java/com/Insurance/ADemo/UserController.java:
--------------------------------------------------------------------------------
1 | package com.Insurance.ADemo;
2 |
3 | import java.util.List;
4 |
5 | import org.springframework.beans.factory.annotation.Autowired;
6 | import org.springframework.data.jpa.repository.Modifying;
7 | import org.springframework.web.bind.annotation.RequestBody;
8 | import org.springframework.web.bind.annotation.RequestMapping;
9 | import org.springframework.web.bind.annotation.RestController;
10 |
11 | import com.Insurance.Filter.ResultMsg;
12 | import com.Insurance.Filter.ResultStatusCode;
13 |
14 |
15 | @RestController
16 | @RequestMapping("user")
17 | public class UserController {
18 | @Autowired
19 | private UserInfoRepository userRepositoy;
20 |
21 | @RequestMapping("getuser")
22 | public Object getUser(int id)
23 | {
24 | UserInfo userEntity = userRepositoy.findUserInfoById(id);
25 | ResultMsg resultMsg = new ResultMsg(ResultStatusCode.OK.getErrcode(), ResultStatusCode.OK.getErrmsg(), userEntity);
26 | return resultMsg;
27 | }
28 |
29 | @RequestMapping("getusers")
30 | public Object getUsers(String role)
31 | {
32 | List userEntities = userRepositoy.findUserInfoByRole(role);
33 | ResultMsg resultMsg = new ResultMsg(ResultStatusCode.OK.getErrcode(), ResultStatusCode.OK.getErrmsg(), userEntities);
34 | return resultMsg;
35 | }
36 |
37 | @Modifying
38 | @RequestMapping("adduser")
39 | public Object addUser(@RequestBody UserInfo userEntity)
40 | {
41 | userRepositoy.save(userEntity);
42 | ResultMsg resultMsg = new ResultMsg(ResultStatusCode.OK.getErrcode(), ResultStatusCode.OK.getErrmsg(), userEntity);
43 | return resultMsg;
44 | }
45 |
46 | @Modifying
47 | @RequestMapping("updateuser")
48 | public Object updateUser(@RequestBody UserInfo userEntity)
49 | {
50 | UserInfo user = userRepositoy.findUserInfoById(userEntity.getId());
51 | if (user != null)
52 | {
53 | user.setName(userEntity.getName());
54 | userRepositoy.save(user);
55 | }
56 | ResultMsg resultMsg = new ResultMsg(ResultStatusCode.OK.getErrcode(), ResultStatusCode.OK.getErrmsg(), null);
57 | return resultMsg;
58 | }
59 |
60 | @Modifying
61 | @RequestMapping("deleteuser")
62 | public Object deleteUser(int id)
63 | {
64 | userRepositoy.delete(id);
65 | ResultMsg resultMsg = new ResultMsg(ResultStatusCode.OK.getErrcode(), ResultStatusCode.OK.getErrmsg(), null);
66 | return resultMsg;
67 | }
68 | }
69 |
--------------------------------------------------------------------------------
/Insurance/src/main/java/com/Insurance/ADemo/UserInfo.java:
--------------------------------------------------------------------------------
1 | package com.Insurance.ADemo;
2 | import javax.persistence.Entity;
3 | import javax.persistence.GeneratedValue;
4 | import javax.persistence.GenerationType;
5 | import javax.persistence.Id;
6 | import javax.persistence.Table;
7 | import javax.validation.constraints.NotNull;
8 |
9 | @Entity
10 | @Table(name="t_user")
11 | public class UserInfo {
12 | @Id
13 | @GeneratedValue(strategy = GenerationType.AUTO)
14 | private int id;
15 | @NotNull
16 | private String name;
17 |
18 | private String password;
19 |
20 | private String salt;
21 |
22 | private String role;
23 |
24 | public int getId() {
25 | return id;
26 | }
27 |
28 | public void setId(int id) {
29 | this.id = id;
30 | }
31 |
32 | public String getName() {
33 | return name;
34 | }
35 |
36 | public void setName(String name) {
37 | this.name = name;
38 | }
39 |
40 | public String getPassword() {
41 | return password;
42 | }
43 |
44 | public void setPassword(String password) {
45 | this.password = password;
46 | }
47 |
48 | public String getSalt() {
49 | return salt;
50 | }
51 |
52 | public void setSalt(String salt) {
53 | this.salt = salt;
54 | }
55 |
56 | public String getRole() {
57 | return role;
58 | }
59 |
60 | public void setRole(String role) {
61 | this.role = role;
62 | }
63 | }
64 |
--------------------------------------------------------------------------------
/Insurance/src/main/java/com/Insurance/ADemo/UserInfoRepository.java:
--------------------------------------------------------------------------------
1 | package com.Insurance.ADemo;
2 |
3 | import java.util.List;
4 |
5 | import org.springframework.data.jpa.repository.Query;
6 | import org.springframework.data.repository.CrudRepository;
7 |
8 | public interface UserInfoRepository extends CrudRepository{
9 | UserInfo findUserInfoById(int id);
10 | List findUserInfoByRole(String role);
11 | UserInfo findUserInfoByName(String name);
12 |
13 | @Query(value = "select * from t_user limit ?1", nativeQuery =true)
14 | List findAllUsersByCount(int count);
15 | }
16 |
--------------------------------------------------------------------------------
/Insurance/src/main/java/com/Insurance/Business/LoginController.java:
--------------------------------------------------------------------------------
1 | package com.Insurance.Business;
2 |
3 | import org.springframework.web.bind.annotation.RequestMapping;
4 | import org.springframework.web.bind.annotation.RestController;
5 |
6 | @RestController
7 | @RequestMapping("/login")
8 | public class LoginController {
9 |
10 |
11 | }
12 |
--------------------------------------------------------------------------------
/Insurance/src/main/java/com/Insurance/Business/UserController.java:
--------------------------------------------------------------------------------
1 | package com.Insurance.Business;
2 |
3 | import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
4 | import org.springframework.web.bind.annotation.PostMapping;
5 | import org.springframework.web.bind.annotation.RequestBody;
6 |
7 | import com.Insurance.Model.InsuranceUser;
8 | import com.Insurance.repository.InsuranceUserRepository;
9 |
10 | public class UserController {
11 | private InsuranceUserRepository applicationUserRepository;
12 | private BCryptPasswordEncoder bCryptPasswordEncoder;
13 |
14 | public UserController(InsuranceUserRepository myUserRepository,
15 | BCryptPasswordEncoder bCryptPasswordEncoder) {
16 | this.applicationUserRepository = myUserRepository;
17 | this.bCryptPasswordEncoder = bCryptPasswordEncoder;
18 | }
19 |
20 | @PostMapping("/signup")
21 | public void signUp(@RequestBody InsuranceUser user) {
22 | user.setPassword(bCryptPasswordEncoder.encode(user.getPassword()));
23 | applicationUserRepository.save(user);
24 | }
25 |
26 | }
27 |
--------------------------------------------------------------------------------
/Insurance/src/main/java/com/Insurance/Filter/Audience.java:
--------------------------------------------------------------------------------
1 | package com.Insurance.Filter;
2 |
3 | import org.springframework.beans.factory.annotation.Value;
4 | import org.springframework.boot.context.properties.ConfigurationProperties;
5 | import org.springframework.context.annotation.PropertySource;
6 | import org.springframework.transaction.annotation.EnableTransactionManagement;
7 |
8 | @ConfigurationProperties(prefix = "audience")
9 | @EnableTransactionManagement
10 | @PropertySource(value = "classpath:jwt.properties", ignoreResourceNotFound = true)
11 |
12 | public class Audience {
13 | @Value("${audience.clientId}")
14 | private String clientId;
15 | @Value("${audience.base64Secret}")
16 | private String base64Secret;
17 | @Value("${audience.name}")
18 | private String name;
19 | @Value("${audience.expiresSecond}")
20 | private int expiresSecond;
21 | public String getClientId() {
22 | return clientId;
23 | }
24 | public void setClientId(String clientId) {
25 | this.clientId = clientId;
26 | }
27 | public String getBase64Secret() {
28 | return base64Secret;
29 | }
30 | public void setBase64Secret(String base64Secret) {
31 | this.base64Secret = base64Secret;
32 | }
33 | public String getName() {
34 | return name;
35 | }
36 | public void setName(String name) {
37 | this.name = name;
38 | }
39 | public int getExpiresSecond() {
40 | return expiresSecond;
41 | }
42 | public void setExpiresSecond(int expiresSecond) {
43 | this.expiresSecond = expiresSecond;
44 | }
45 | }
46 |
--------------------------------------------------------------------------------
/Insurance/src/main/java/com/Insurance/Filter/HTTPBasicAuthorizeAttribute.java:
--------------------------------------------------------------------------------
1 | package com.Insurance.Filter;
2 |
3 | import java.io.IOException;
4 |
5 | import javax.servlet.Filter;
6 | import javax.servlet.FilterChain;
7 | import javax.servlet.FilterConfig;
8 | import javax.servlet.ServletException;
9 | import javax.servlet.ServletRequest;
10 | import javax.servlet.ServletResponse;
11 | import javax.servlet.http.HttpServletRequest;
12 | import javax.servlet.http.HttpServletResponse;
13 |
14 | import com.fasterxml.jackson.databind.ObjectMapper;
15 | import sun.misc.BASE64Decoder;
16 |
17 | @SuppressWarnings("restriction")
18 | public class HTTPBasicAuthorizeAttribute implements Filter{
19 |
20 | private static String Name = "test";
21 | private static String Password = "test";
22 |
23 | @Override
24 | public void destroy() {
25 | // TODO Auto-generated method stub
26 |
27 | }
28 |
29 | @Override
30 | public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
31 | throws IOException, ServletException {
32 | // TODO Auto-generated method stub
33 |
34 | ResultStatusCode resultStatusCode = checkHTTPBasicAuthorize(request);
35 | if (resultStatusCode != ResultStatusCode.OK)
36 | {
37 | HttpServletResponse httpResponse = (HttpServletResponse) response;
38 | httpResponse.setCharacterEncoding("UTF-8");
39 | httpResponse.setContentType("application/json; charset=utf-8");
40 | httpResponse.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
41 |
42 | ObjectMapper mapper = new ObjectMapper();
43 |
44 | ResultMsg resultMsg = new ResultMsg(ResultStatusCode.PERMISSION_DENIED.getErrcode(), ResultStatusCode.PERMISSION_DENIED.getErrmsg(), null);
45 | httpResponse.getWriter().write(mapper.writeValueAsString(resultMsg));
46 | return;
47 | }
48 | else
49 | {
50 | chain.doFilter(request, response);
51 | }
52 | }
53 |
54 | @Override
55 | public void init(FilterConfig arg0) throws ServletException {
56 | // TODO Auto-generated method stub
57 |
58 | }
59 |
60 | private ResultStatusCode checkHTTPBasicAuthorize(ServletRequest request)
61 | {
62 | try
63 | {
64 | HttpServletRequest httpRequest = (HttpServletRequest)request;
65 | String auth = httpRequest.getHeader("Authorization");
66 | if ((auth != null) && (auth.length() > 6))
67 | {
68 | String HeadStr = auth.substring(0, 5).toLowerCase();
69 | if (HeadStr.compareTo("basic") == 0)
70 | {
71 | auth = auth.substring(6, auth.length());
72 | String decodedAuth = getFromBASE64(auth);
73 | if (decodedAuth != null)
74 | {
75 | String[] UserArray = decodedAuth.split(":");
76 |
77 | if (UserArray != null && UserArray.length == 2)
78 | {
79 | if (UserArray[0].compareTo(Name) == 0
80 | && UserArray[1].compareTo(Password) == 0)
81 | {
82 | return ResultStatusCode.OK;
83 | }
84 | }
85 | }
86 | }
87 | }
88 | return ResultStatusCode.PERMISSION_DENIED;
89 | }
90 | catch(Exception ex)
91 | {
92 | return ResultStatusCode.PERMISSION_DENIED;
93 | }
94 |
95 | }
96 |
97 | private String getFromBASE64(String s) {
98 | if (s == null)
99 | return null;
100 | BASE64Decoder decoder = new BASE64Decoder();
101 | try {
102 | byte[] b = decoder.decodeBuffer(s);
103 | return new String(b);
104 | } catch (Exception e) {
105 | return null;
106 | }
107 | }
108 |
109 | }
110 |
--------------------------------------------------------------------------------
/Insurance/src/main/java/com/Insurance/Filter/HTTPBearerAuthorizeAttribute.java:
--------------------------------------------------------------------------------
1 | package com.Insurance.Filter;
2 | import java.io.IOException;
3 |
4 | import javax.servlet.Filter;
5 | import javax.servlet.FilterChain;
6 | import javax.servlet.FilterConfig;
7 | import javax.servlet.ServletException;
8 | import javax.servlet.ServletRequest;
9 | import javax.servlet.ServletResponse;
10 | import javax.servlet.http.HttpServletRequest;
11 | import javax.servlet.http.HttpServletResponse;
12 |
13 | import org.springframework.beans.factory.annotation.Autowired;
14 | import org.springframework.web.context.support.SpringBeanAutowiringSupport;
15 |
16 | import com.Insurance.Utils.JwtHelper;
17 | import com.fasterxml.jackson.databind.ObjectMapper;
18 |
19 | public class HTTPBearerAuthorizeAttribute implements Filter{
20 | @Autowired
21 | private Audience audienceEntity;
22 |
23 | @Override
24 | public void init(FilterConfig filterConfig) throws ServletException {
25 | // TODO Auto-generated method stub
26 | SpringBeanAutowiringSupport.processInjectionBasedOnServletContext(this,
27 | filterConfig.getServletContext());
28 |
29 | }
30 |
31 | @Override
32 | public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
33 | throws IOException, ServletException {
34 | // TODO Auto-generated method stub
35 |
36 | ResultMsg resultMsg;
37 | HttpServletRequest httpRequest = (HttpServletRequest)request;
38 | String auth = httpRequest.getHeader("Authorization");
39 | if ((auth != null) && (auth.length() > 7))
40 | {
41 | String HeadStr = auth.substring(0, 6).toLowerCase();
42 | if (HeadStr.compareTo("bearer") == 0)
43 | {
44 |
45 | auth = auth.substring(7, auth.length());
46 | if (JwtHelper.parseJWT(auth, audienceEntity.getBase64Secret()) != null)
47 | {
48 | chain.doFilter(request, response);
49 | return;
50 | }
51 | }
52 | }
53 |
54 | HttpServletResponse httpResponse = (HttpServletResponse) response;
55 | httpResponse.setCharacterEncoding("UTF-8");
56 | httpResponse.setContentType("application/json; charset=utf-8");
57 | httpResponse.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
58 |
59 | ObjectMapper mapper = new ObjectMapper();
60 |
61 | resultMsg = new ResultMsg(ResultStatusCode.INVALID_TOKEN.getErrcode(), ResultStatusCode.INVALID_TOKEN.getErrmsg(), null);
62 | httpResponse.getWriter().write(mapper.writeValueAsString(resultMsg));
63 | return;
64 | }
65 |
66 | @Override
67 | public void destroy() {
68 | // TODO Auto-generated method stub
69 |
70 | }
71 | }
72 |
--------------------------------------------------------------------------------
/Insurance/src/main/java/com/Insurance/Filter/JWTLoginFilter.java:
--------------------------------------------------------------------------------
1 | package com.Insurance.Filter;
2 | import com.Insurance.Model.InsuranceUser;
3 | import com.fasterxml.jackson.databind.ObjectMapper;
4 |
5 | import io.jsonwebtoken.Jwts;
6 | import io.jsonwebtoken.SignatureAlgorithm;
7 |
8 | import org.springframework.security.authentication.AuthenticationManager;
9 | import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
10 | import org.springframework.security.core.Authentication;
11 | import org.springframework.security.core.AuthenticationException;
12 | import org.springframework.security.core.userdetails.User;
13 | import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
14 |
15 | import javax.servlet.FilterChain;
16 | import javax.servlet.ServletException;
17 | import javax.servlet.http.HttpServletRequest;
18 | import javax.servlet.http.HttpServletResponse;
19 | import java.io.IOException;
20 | import java.util.ArrayList;
21 | import java.util.Date;
22 |
23 | public class JWTLoginFilter extends UsernamePasswordAuthenticationFilter {
24 | private AuthenticationManager authenticationManager;
25 |
26 | public JWTLoginFilter(AuthenticationManager authenticationManager) {
27 | this.authenticationManager = authenticationManager;
28 | }
29 |
30 | @Override
31 | public Authentication attemptAuthentication(HttpServletRequest req,
32 | HttpServletResponse res) throws AuthenticationException {
33 | try {
34 | InsuranceUser user = new ObjectMapper()
35 | .readValue(req.getInputStream(), InsuranceUser.class);
36 |
37 | return authenticationManager.authenticate(
38 | new UsernamePasswordAuthenticationToken(
39 | user.getUsername(),
40 | user.getPassword(),
41 | new ArrayList<>())
42 | );
43 | } catch (IOException e) {
44 | throw new RuntimeException(e);
45 | }
46 | }
47 |
48 | @Override
49 | protected void successfulAuthentication(HttpServletRequest req,
50 | HttpServletResponse res,
51 | FilterChain chain,
52 | Authentication auth) throws IOException, ServletException {
53 |
54 | String token = Jwts.builder()
55 | .setSubject(((User) auth.getPrincipal()).getUsername())
56 | .setExpiration(new Date(System.currentTimeMillis() + 60 * 60 * 24 * 1000))
57 | .signWith(SignatureAlgorithm.HS512, "MyJwtSecret")
58 | .compact();
59 | res.addHeader("Authorization", "Bearer " + token);
60 | }
61 | }
62 |
--------------------------------------------------------------------------------
/Insurance/src/main/java/com/Insurance/Filter/JwtAuthenticationFilter.java:
--------------------------------------------------------------------------------
1 | package com.Insurance.Filter;
2 |
3 | import io.jsonwebtoken.Jwts;
4 | import org.springframework.security.authentication.AuthenticationManager;
5 | import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
6 | import org.springframework.security.core.context.SecurityContextHolder;
7 | import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
8 |
9 | import javax.servlet.FilterChain;
10 | import javax.servlet.ServletException;
11 | import javax.servlet.http.HttpServletRequest;
12 | import javax.servlet.http.HttpServletResponse;
13 | import java.io.IOException;
14 | import java.util.ArrayList;
15 |
16 | public class JwtAuthenticationFilter extends BasicAuthenticationFilter {
17 | public JwtAuthenticationFilter(AuthenticationManager authManager) {
18 | super(authManager);
19 | }
20 |
21 | @Override
22 | protected void doFilterInternal(HttpServletRequest req,
23 | HttpServletResponse res,
24 | FilterChain chain) throws IOException, ServletException {
25 | String header = req.getHeader("Authorization");
26 |
27 | if (header == null || !header.startsWith("Bearer ")) {
28 | chain.doFilter(req, res);
29 | return;
30 | }
31 |
32 | UsernamePasswordAuthenticationToken authentication = getAuthentication(req);
33 |
34 | SecurityContextHolder.getContext().setAuthentication(authentication);
35 | chain.doFilter(req, res);
36 | }
37 |
38 | private UsernamePasswordAuthenticationToken getAuthentication(HttpServletRequest request) {
39 | String token = request.getHeader("Authorization");
40 | if (token != null) {
41 | // parse the token.
42 | String user = Jwts.parser()
43 | .setSigningKey("MyJwtSecret")
44 | .parseClaimsJws(token.replace("Bearer ", ""))
45 | .getBody()
46 | .getSubject();
47 |
48 | if (user != null) {
49 | return new UsernamePasswordAuthenticationToken(user, null, new ArrayList<>());
50 | }
51 | return null;
52 | }
53 | return null;
54 | }
55 | }
--------------------------------------------------------------------------------
/Insurance/src/main/java/com/Insurance/Filter/ResultMsg.java:
--------------------------------------------------------------------------------
1 | package com.Insurance.Filter;
2 |
3 | public class ResultMsg {
4 | private int errcode;
5 | private String errmsg;
6 | private Object p2pdata;
7 |
8 | public ResultMsg(int ErrCode, String ErrMsg, Object P2pData)
9 | {
10 | this.errcode = ErrCode;
11 | this.errmsg = ErrMsg;
12 | this.p2pdata = P2pData;
13 | }
14 | public int getErrcode() {
15 | return errcode;
16 | }
17 | public void setErrcode(int errcode) {
18 | this.errcode = errcode;
19 | }
20 | public String getErrmsg() {
21 | return errmsg;
22 | }
23 | public void setErrmsg(String errmsg) {
24 | this.errmsg = errmsg;
25 | }
26 | public Object getP2pdata() {
27 | return p2pdata;
28 | }
29 | public void setP2pdata(Object p2pdata) {
30 | this.p2pdata = p2pdata;
31 | }
32 | }
33 |
--------------------------------------------------------------------------------
/Insurance/src/main/java/com/Insurance/Filter/ResultStatusCode.java:
--------------------------------------------------------------------------------
1 | package com.Insurance.Filter;
2 |
3 | public enum ResultStatusCode {
4 | OK(0, "OK"),
5 | SYSTEM_ERR(30001, "System error"),
6 | PERMISSION_DENIED(30002, "Permission denied"),
7 | INVALID_CLIENTID(30003, "Invalid clientid"),
8 | INVALID_PASSWORD(30004, "User name or password is incorrect"),
9 | INVALID_CAPTCHA(30005, "Invalid captcha or captcha overdue"),
10 | INVALID_TOKEN(30006, "Invalid token");
11 | ;
12 |
13 | private int errcode;
14 | private String errmsg;
15 | public int getErrcode() {
16 | return errcode;
17 | }
18 |
19 | public void setErrcode(int errcode) {
20 | this.errcode = errcode;
21 | }
22 |
23 | public String getErrmsg() {
24 | return errmsg;
25 | }
26 |
27 | public void setErrmsg(String errmsg) {
28 | this.errmsg = errmsg;
29 | }
30 | private ResultStatusCode(int Errode, String ErrMsg)
31 | {
32 | this.errcode = Errode;
33 | this.errmsg = ErrMsg;
34 | }
35 | }
36 |
--------------------------------------------------------------------------------
/Insurance/src/main/java/com/Insurance/InsuranceApplication.java:
--------------------------------------------------------------------------------
1 | package com.Insurance;
2 |
3 | import java.nio.charset.Charset;
4 | import java.util.ArrayList;
5 | import java.util.List;
6 |
7 | import org.springframework.boot.SpringApplication;
8 | import org.springframework.boot.autoconfigure.SpringBootApplication;
9 | import org.springframework.boot.context.properties.EnableConfigurationProperties;
10 | import org.springframework.boot.web.servlet.FilterRegistrationBean;
11 | import org.springframework.context.annotation.Bean;
12 | import org.springframework.context.annotation.Configuration;
13 | import org.springframework.http.converter.StringHttpMessageConverter;
14 | import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
15 | import org.springframework.stereotype.Controller;
16 | import org.springframework.web.bind.annotation.RequestMapping;
17 | import org.springframework.web.bind.annotation.ResponseBody;
18 | import org.springframework.web.bind.annotation.RestController;
19 |
20 | import com.Insurance.Filter.Audience;
21 | import com.Insurance.Filter.HTTPBasicAuthorizeAttribute;
22 | import com.Insurance.Filter.HTTPBearerAuthorizeAttribute;
23 | @Controller
24 | @SpringBootApplication
25 | @EnableConfigurationProperties(Audience.class)
26 | //@Configuration
27 | public class InsuranceApplication {
28 |
29 | @Bean
30 | public StringHttpMessageConverter stringHttpMessageConverter() {
31 | StringHttpMessageConverter converter = new StringHttpMessageConverter(Charset.forName("UTF-8"));
32 | return converter;
33 | }
34 | @Bean
35 | public BCryptPasswordEncoder bCryptPasswordEncoder() {
36 | return new BCryptPasswordEncoder();
37 | }
38 | @Bean
39 | public FilterRegistrationBean basicFilterRegistrationBean() {
40 | FilterRegistrationBean registrationBean = new FilterRegistrationBean();
41 | HTTPBasicAuthorizeAttribute httpBasicFilter = new HTTPBasicAuthorizeAttribute();
42 | registrationBean.setFilter(httpBasicFilter);
43 | List urlPatterns = new ArrayList();
44 | urlPatterns.add("/user/getuser");
45 | registrationBean.setUrlPatterns(urlPatterns);
46 | return registrationBean;
47 | }
48 |
49 | @Bean
50 | public FilterRegistrationBean jwtFilterRegistrationBean(){
51 | FilterRegistrationBean registrationBean = new FilterRegistrationBean();
52 | HTTPBearerAuthorizeAttribute httpBearerFilter = new HTTPBearerAuthorizeAttribute();
53 | registrationBean.setFilter(httpBearerFilter);
54 | List urlPatterns = new ArrayList();
55 | urlPatterns.add("/user/getusers");
56 | registrationBean.setUrlPatterns(urlPatterns);
57 | return registrationBean;
58 | }
59 |
60 | public static void main(String[] args)
61 | {
62 | SpringApplication.run(InsuranceApplication.class, args);
63 | }
64 |
65 | }
66 |
--------------------------------------------------------------------------------
/Insurance/src/main/java/com/Insurance/Model/InsuranceUser.java:
--------------------------------------------------------------------------------
1 | package com.Insurance.Model;
2 |
3 | import javax.persistence.Entity;
4 | import javax.persistence.GeneratedValue;
5 | import javax.persistence.GenerationType;
6 | import javax.persistence.Id;
7 |
8 | @Entity
9 | public class InsuranceUser {
10 | @Id
11 | @GeneratedValue(strategy = GenerationType.IDENTITY)
12 | private long id;
13 | private String username;
14 | private String password;
15 |
16 | public long getId() {
17 | return id;
18 | }
19 |
20 | public String getUsername() {
21 | return username;
22 | }
23 |
24 | public void setUsername(String username) {
25 | this.username = username;
26 | }
27 |
28 | public String getPassword() {
29 | return password;
30 | }
31 |
32 | public void setPassword(String password) {
33 | this.password = password;
34 | }
35 |
36 | }
37 |
--------------------------------------------------------------------------------
/Insurance/src/main/java/com/Insurance/Utils/JwtHelper.java:
--------------------------------------------------------------------------------
1 | package com.Insurance.Utils;
2 | import java.security.Key;
3 | import java.util.Date;
4 |
5 | import javax.crypto.spec.SecretKeySpec;
6 | import javax.xml.bind.DatatypeConverter;
7 |
8 | import io.jsonwebtoken.Claims;
9 | import io.jsonwebtoken.JwtBuilder;
10 | import io.jsonwebtoken.Jwts;
11 | import io.jsonwebtoken.SignatureAlgorithm;
12 |
13 | public class JwtHelper {
14 | public static Claims parseJWT(String jsonWebToken, String base64Security){
15 | try
16 | {
17 | Claims claims = Jwts.parser()
18 | .setSigningKey(DatatypeConverter.parseBase64Binary(base64Security))
19 | .parseClaimsJws(jsonWebToken).getBody();
20 | return claims;
21 | }
22 | catch(Exception ex)
23 | {
24 | return null;
25 | }
26 | }
27 |
28 | public static String createJWT(String name, String userId, String role,
29 | String audience, String issuer, long TTLMillis, String base64Security)
30 | {
31 | SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.HS256;
32 |
33 | long nowMillis = System.currentTimeMillis();
34 | Date now = new Date(nowMillis);
35 |
36 | //生成签名密钥
37 | byte[] apiKeySecretBytes = DatatypeConverter.parseBase64Binary(base64Security);
38 | Key signingKey = new SecretKeySpec(apiKeySecretBytes, signatureAlgorithm.getJcaName());
39 |
40 | //添加构成JWT的参数
41 | JwtBuilder builder = Jwts.builder().setHeaderParam("typ", "JWT")
42 | .claim("role", role)
43 | .claim("unique_name", name)
44 | .claim("userid", userId)
45 | .setIssuer(issuer)
46 | .setAudience(audience)
47 | .signWith(signatureAlgorithm, signingKey);
48 | //添加Token过期时间
49 | if (TTLMillis >= 0) {
50 | long expMillis = nowMillis + TTLMillis;
51 | Date exp = new Date(expMillis);
52 | builder.setExpiration(exp).setNotBefore(now);
53 | }
54 |
55 | //生成JWT
56 | return builder.compact();
57 | }
58 | }
--------------------------------------------------------------------------------
/Insurance/src/main/java/com/Insurance/Utils/SecurityHelper.java:
--------------------------------------------------------------------------------
1 | package com.Insurance.Utils;
2 | import java.security.MessageDigest;
3 | public class SecurityHelper {
4 | public static String getMD5(String inStr) {
5 | MessageDigest md5 = null;
6 | try {
7 | md5 = MessageDigest.getInstance("MD5");
8 | } catch (Exception e) {
9 |
10 | e.printStackTrace();
11 | return "";
12 | }
13 | char[] charArray = inStr.toCharArray();
14 | byte[] byteArray = new byte[charArray.length];
15 |
16 | for (int i = 0; i < charArray.length; i++)
17 | byteArray[i] = (byte) charArray[i];
18 |
19 | byte[] md5Bytes = md5.digest(byteArray);
20 |
21 | StringBuffer hexValue = new StringBuffer();
22 |
23 | for (int i = 0; i < md5Bytes.length; i++) {
24 | int val = ((int) md5Bytes[i]) & 0xff;
25 | if (val < 16)
26 | hexValue.append("0");
27 | hexValue.append(Integer.toHexString(val));
28 | }
29 |
30 | return hexValue.toString();
31 | }
32 | }
33 |
--------------------------------------------------------------------------------
/Insurance/src/main/java/com/Insurance/repository/InsuranceUserRepository.java:
--------------------------------------------------------------------------------
1 | package com.Insurance.repository;
2 |
3 | import org.springframework.data.jpa.repository.JpaRepository;
4 |
5 | import com.Insurance.Model.InsuranceUser;
6 |
7 |
8 | public interface InsuranceUserRepository extends JpaRepository {
9 | InsuranceUser findByUsername(String username);
10 | }
11 |
--------------------------------------------------------------------------------
/Insurance/src/main/resources/.DS_Store:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/abysmkami/java-springboot-Insurance/88e9d2974b6d9a01b5459cb6f0a05e977c97c572/Insurance/src/main/resources/.DS_Store
--------------------------------------------------------------------------------
/Insurance/src/main/resources/application.properties:
--------------------------------------------------------------------------------
1 | spring.datasource.url=jdbc:mysql://127.0.0.1:3306/Insurance
2 | spring.datasource.username=root
3 | spring.datasource.password=1qaz2wsxE
4 | spring.datasource.driver-class-name=com.mysql.jdbc.Driver
5 | spring.datasource.max-idle=10
6 | spring.datasource.max-wait=10000
7 | spring.datasource.min-idle=5
8 | spring.datasource.initial-size=5
9 |
10 | spring.jpa.database = MYSQL
11 | spring.jpa.show-sql = true
12 |
13 | spring.jpa.hibernate.ddl-auto = create
14 | spring.jpa.hibernate.naming-strategy = org.hibernate.cfg.ImprovedNamingStrategy
15 | spring.jpa.properties.hibernate.dialect = org.hibernate.dialect.MySQL5Dialect
16 |
17 |
18 | server.port=8080
19 | server.session.timeout=10
20 | server.tomcat.uri-encoding=UTF-8
21 | management.security.enabled=false
22 | security.basic.enabled=false
23 | #spring.resources.static-locations=classpath:/META-INF/resources/,classpath:/META-INF/,classpath:/resources/,classpath:/static/,classpath:/public/
24 |
25 |
26 | #mybatis.mapper-locations = classpath:mapper/*Mapper.xml
27 | #mybatis.config-location = classpath:mapper/config/sqlMapConfig
28 | #mybatis.type-aliases-package = com.insurance
29 |
30 | spring.redis.database=4
31 | spring.redis.host=10.211.55.3
32 | spring.redis.password=foobared
33 | spring.redis.port=6379
34 | spring.redis.timeout=2000
35 | spring.redis.pool.max-idle=8
36 | spring.redis.pool.min-idle=0
37 | spring.redis.pool.max-active=8
38 | spring.redis.pool.max-wait=-1
39 |
40 |
41 |
42 |
--------------------------------------------------------------------------------
/Insurance/src/main/resources/jwt.properties:
--------------------------------------------------------------------------------
1 | audience.clientId=098f6bcd4621d373cade4e832627b4f6
2 | audience.base64Secret=MDk4ZjZiY2Q0NjIxZDM3M2NhZGU0ZTgzMjYyN2I0ZjY=
3 | audience.name=restapiuser
4 | audience.expiresSecond=172800
--------------------------------------------------------------------------------
/Insurance/src/main/resources/mapper/config/sqlMapConfig.xml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/abysmkami/java-springboot-Insurance/88e9d2974b6d9a01b5459cb6f0a05e977c97c572/Insurance/src/main/resources/mapper/config/sqlMapConfig.xml
--------------------------------------------------------------------------------
/Servers/.DS_Store:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/abysmkami/java-springboot-Insurance/88e9d2974b6d9a01b5459cb6f0a05e977c97c572/Servers/.DS_Store
--------------------------------------------------------------------------------
/Servers/.project:
--------------------------------------------------------------------------------
1 |
2 |
3 | Servers
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
--------------------------------------------------------------------------------
/Servers/.settings/org.eclipse.wst.server.core.prefs:
--------------------------------------------------------------------------------
1 | #Mon Nov 20 16:07:02 CST 2017
2 | org.eclipse.wst.server.core.isServerProject=true
3 | eclipse.preferences.version=1
4 |
--------------------------------------------------------------------------------
/Servers/Tomcat v9.0 Server at localhost-config/catalina.policy:
--------------------------------------------------------------------------------
1 | // Licensed to the Apache Software Foundation (ASF) under one or more
2 | // contributor license agreements. See the NOTICE file distributed with
3 | // this work for additional information regarding copyright ownership.
4 | // The ASF licenses this file to You under the Apache License, Version 2.0
5 | // (the "License"); you may not use this file except in compliance with
6 | // the License. You may obtain a copy of the License at
7 | //
8 | // http://www.apache.org/licenses/LICENSE-2.0
9 | //
10 | // Unless required by applicable law or agreed to in writing, software
11 | // distributed under the License is distributed on an "AS IS" BASIS,
12 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | // See the License for the specific language governing permissions and
14 | // limitations under the License.
15 |
16 | // ============================================================================
17 | // catalina.policy - Security Policy Permissions for Tomcat
18 | //
19 | // This file contains a default set of security policies to be enforced (by the
20 | // JVM) when Catalina is executed with the "-security" option. In addition
21 | // to the permissions granted here, the following additional permissions are
22 | // granted to each web application:
23 | //
24 | // * Read access to the web application's document root directory
25 | // * Read, write and delete access to the web application's working directory
26 | // ============================================================================
27 |
28 |
29 | // ========== SYSTEM CODE PERMISSIONS =========================================
30 |
31 |
32 | // These permissions apply to javac
33 | grant codeBase "file:${java.home}/lib/-" {
34 | permission java.security.AllPermission;
35 | };
36 |
37 | // These permissions apply to all shared system extensions
38 | grant codeBase "file:${java.home}/jre/lib/ext/-" {
39 | permission java.security.AllPermission;
40 | };
41 |
42 | // These permissions apply to javac when ${java.home] points at $JAVA_HOME/jre
43 | grant codeBase "file:${java.home}/../lib/-" {
44 | permission java.security.AllPermission;
45 | };
46 |
47 | // These permissions apply to all shared system extensions when
48 | // ${java.home} points at $JAVA_HOME/jre
49 | grant codeBase "file:${java.home}/lib/ext/-" {
50 | permission java.security.AllPermission;
51 | };
52 |
53 |
54 | // ========== CATALINA CODE PERMISSIONS =======================================
55 |
56 |
57 | // These permissions apply to the daemon code
58 | grant codeBase "file:${catalina.home}/bin/commons-daemon.jar" {
59 | permission java.security.AllPermission;
60 | };
61 |
62 | // These permissions apply to the logging API
63 | // Note: If tomcat-juli.jar is in ${catalina.base} and not in ${catalina.home},
64 | // update this section accordingly.
65 | // grant codeBase "file:${catalina.base}/bin/tomcat-juli.jar" {..}
66 | grant codeBase "file:${catalina.home}/bin/tomcat-juli.jar" {
67 | permission java.io.FilePermission
68 | "${java.home}${file.separator}lib${file.separator}logging.properties", "read";
69 |
70 | permission java.io.FilePermission
71 | "${catalina.base}${file.separator}conf${file.separator}logging.properties", "read";
72 | permission java.io.FilePermission
73 | "${catalina.base}${file.separator}logs", "read, write";
74 | permission java.io.FilePermission
75 | "${catalina.base}${file.separator}logs${file.separator}*", "read, write, delete";
76 |
77 | permission java.lang.RuntimePermission "shutdownHooks";
78 | permission java.lang.RuntimePermission "getClassLoader";
79 | permission java.lang.RuntimePermission "setContextClassLoader";
80 |
81 | permission java.lang.management.ManagementPermission "monitor";
82 |
83 | permission java.util.logging.LoggingPermission "control";
84 |
85 | permission java.util.PropertyPermission "java.util.logging.config.class", "read";
86 | permission java.util.PropertyPermission "java.util.logging.config.file", "read";
87 | permission java.util.PropertyPermission "org.apache.juli.AsyncLoggerPollInterval", "read";
88 | permission java.util.PropertyPermission "org.apache.juli.AsyncMaxRecordCount", "read";
89 | permission java.util.PropertyPermission "org.apache.juli.AsyncOverflowDropType", "read";
90 | permission java.util.PropertyPermission "org.apache.juli.ClassLoaderLogManager.debug", "read";
91 | permission java.util.PropertyPermission "catalina.base", "read";
92 |
93 | // Note: To enable per context logging configuration, permit read access to
94 | // the appropriate file. Be sure that the logging configuration is
95 | // secure before enabling such access.
96 | // E.g. for the examples web application (uncomment and unwrap
97 | // the following to be on a single line):
98 | // permission java.io.FilePermission "${catalina.base}${file.separator}
99 | // webapps${file.separator}examples${file.separator}WEB-INF
100 | // ${file.separator}classes${file.separator}logging.properties", "read";
101 | };
102 |
103 | // These permissions apply to the server startup code
104 | grant codeBase "file:${catalina.home}/bin/bootstrap.jar" {
105 | permission java.security.AllPermission;
106 | };
107 |
108 | // These permissions apply to the servlet API classes
109 | // and those that are shared across all class loaders
110 | // located in the "lib" directory
111 | grant codeBase "file:${catalina.home}/lib/-" {
112 | permission java.security.AllPermission;
113 | };
114 |
115 |
116 | // If using a per instance lib directory, i.e. ${catalina.base}/lib,
117 | // then the following permission will need to be uncommented
118 | // grant codeBase "file:${catalina.base}/lib/-" {
119 | // permission java.security.AllPermission;
120 | // };
121 |
122 |
123 | // ========== WEB APPLICATION PERMISSIONS =====================================
124 |
125 |
126 | // These permissions are granted by default to all web applications
127 | // In addition, a web application will be given a read FilePermission
128 | // for all files and directories in its document root.
129 | grant {
130 | // Required for JNDI lookup of named JDBC DataSource's and
131 | // javamail named MimePart DataSource used to send mail
132 | permission java.util.PropertyPermission "java.home", "read";
133 | permission java.util.PropertyPermission "java.naming.*", "read";
134 | permission java.util.PropertyPermission "javax.sql.*", "read";
135 |
136 | // OS Specific properties to allow read access
137 | permission java.util.PropertyPermission "os.name", "read";
138 | permission java.util.PropertyPermission "os.version", "read";
139 | permission java.util.PropertyPermission "os.arch", "read";
140 | permission java.util.PropertyPermission "file.separator", "read";
141 | permission java.util.PropertyPermission "path.separator", "read";
142 | permission java.util.PropertyPermission "line.separator", "read";
143 |
144 | // JVM properties to allow read access
145 | permission java.util.PropertyPermission "java.version", "read";
146 | permission java.util.PropertyPermission "java.vendor", "read";
147 | permission java.util.PropertyPermission "java.vendor.url", "read";
148 | permission java.util.PropertyPermission "java.class.version", "read";
149 | permission java.util.PropertyPermission "java.specification.version", "read";
150 | permission java.util.PropertyPermission "java.specification.vendor", "read";
151 | permission java.util.PropertyPermission "java.specification.name", "read";
152 |
153 | permission java.util.PropertyPermission "java.vm.specification.version", "read";
154 | permission java.util.PropertyPermission "java.vm.specification.vendor", "read";
155 | permission java.util.PropertyPermission "java.vm.specification.name", "read";
156 | permission java.util.PropertyPermission "java.vm.version", "read";
157 | permission java.util.PropertyPermission "java.vm.vendor", "read";
158 | permission java.util.PropertyPermission "java.vm.name", "read";
159 |
160 | // Required for OpenJMX
161 | permission java.lang.RuntimePermission "getAttribute";
162 |
163 | // Allow read of JAXP compliant XML parser debug
164 | permission java.util.PropertyPermission "jaxp.debug", "read";
165 |
166 | // All JSPs need to be able to read this package
167 | permission java.lang.RuntimePermission "accessClassInPackage.org.apache.tomcat";
168 |
169 | // Precompiled JSPs need access to these packages.
170 | permission java.lang.RuntimePermission "accessClassInPackage.org.apache.jasper.el";
171 | permission java.lang.RuntimePermission "accessClassInPackage.org.apache.jasper.runtime";
172 | permission java.lang.RuntimePermission
173 | "accessClassInPackage.org.apache.jasper.runtime.*";
174 |
175 | // Precompiled JSPs need access to these system properties.
176 | permission java.util.PropertyPermission
177 | "org.apache.jasper.runtime.BodyContentImpl.LIMIT_BUFFER", "read";
178 | permission java.util.PropertyPermission
179 | "org.apache.el.parser.COERCE_TO_ZERO", "read";
180 |
181 | // The cookie code needs these.
182 | permission java.util.PropertyPermission
183 | "org.apache.catalina.STRICT_SERVLET_COMPLIANCE", "read";
184 | permission java.util.PropertyPermission
185 | "org.apache.tomcat.util.http.ServerCookie.STRICT_NAMING", "read";
186 | permission java.util.PropertyPermission
187 | "org.apache.tomcat.util.http.ServerCookie.FWD_SLASH_IS_SEPARATOR", "read";
188 |
189 | // Applications using WebSocket need to be able to access these packages
190 | permission java.lang.RuntimePermission "accessClassInPackage.org.apache.tomcat.websocket";
191 | permission java.lang.RuntimePermission "accessClassInPackage.org.apache.tomcat.websocket.server";
192 | };
193 |
194 |
195 | // The Manager application needs access to the following packages to support the
196 | // session display functionality. It also requires the custom Tomcat
197 | // DeployXmlPermission to enable the use of META-INF/context.xml
198 | // These settings support the following configurations:
199 | // - default CATALINA_HOME == CATALINA_BASE
200 | // - CATALINA_HOME != CATALINA_BASE, per instance Manager in CATALINA_BASE
201 | // - CATALINA_HOME != CATALINA_BASE, shared Manager in CATALINA_HOME
202 | grant codeBase "file:${catalina.base}/webapps/manager/-" {
203 | permission java.lang.RuntimePermission "accessClassInPackage.org.apache.catalina";
204 | permission java.lang.RuntimePermission "accessClassInPackage.org.apache.catalina.ha.session";
205 | permission java.lang.RuntimePermission "accessClassInPackage.org.apache.catalina.manager";
206 | permission java.lang.RuntimePermission "accessClassInPackage.org.apache.catalina.manager.util";
207 | permission java.lang.RuntimePermission "accessClassInPackage.org.apache.catalina.util";
208 | permission org.apache.catalina.security.DeployXmlPermission "manager";
209 | };
210 | grant codeBase "file:${catalina.home}/webapps/manager/-" {
211 | permission java.lang.RuntimePermission "accessClassInPackage.org.apache.catalina";
212 | permission java.lang.RuntimePermission "accessClassInPackage.org.apache.catalina.ha.session";
213 | permission java.lang.RuntimePermission "accessClassInPackage.org.apache.catalina.manager";
214 | permission java.lang.RuntimePermission "accessClassInPackage.org.apache.catalina.manager.util";
215 | permission java.lang.RuntimePermission "accessClassInPackage.org.apache.catalina.util";
216 | permission org.apache.catalina.security.DeployXmlPermission "manager";
217 | };
218 |
219 | // The Host Manager application needs the custom Tomcat DeployXmlPermission to
220 | // enable the use of META-INF/context.xml
221 | // These settings support the following configurations:
222 | // - default CATALINA_HOME == CATALINA_BASE
223 | // - CATALINA_HOME != CATALINA_BASE, per instance Host Manager in CATALINA_BASE
224 | // - CATALINA_HOME != CATALINA_BASE, shared Host Manager in CATALINA_HOME
225 | grant codeBase "file:${catalina.base}/webapps/host-manager/-" {
226 | permission org.apache.catalina.security.DeployXmlPermission "host-manager";
227 | };
228 | grant codeBase "file:${catalina.home}/webapps/host-manager/-" {
229 | permission org.apache.catalina.security.DeployXmlPermission "host-manager";
230 | };
231 |
232 |
233 | // You can assign additional permissions to particular web applications by
234 | // adding additional "grant" entries here, based on the code base for that
235 | // application, /WEB-INF/classes/, or /WEB-INF/lib/ jar files.
236 | //
237 | // Different permissions can be granted to JSP pages, classes loaded from
238 | // the /WEB-INF/classes/ directory, all jar files in the /WEB-INF/lib/
239 | // directory, or even to individual jar files in the /WEB-INF/lib/ directory.
240 | //
241 | // For instance, assume that the standard "examples" application
242 | // included a JDBC driver that needed to establish a network connection to the
243 | // corresponding database and used the scrape taglib to get the weather from
244 | // the NOAA web server. You might create a "grant" entries like this:
245 | //
246 | // The permissions granted to the context root directory apply to JSP pages.
247 | // grant codeBase "file:${catalina.base}/webapps/examples/-" {
248 | // permission java.net.SocketPermission "dbhost.mycompany.com:5432", "connect";
249 | // permission java.net.SocketPermission "*.noaa.gov:80", "connect";
250 | // };
251 | //
252 | // The permissions granted to the context WEB-INF/classes directory
253 | // grant codeBase "file:${catalina.base}/webapps/examples/WEB-INF/classes/-" {
254 | // };
255 | //
256 | // The permission granted to your JDBC driver
257 | // grant codeBase "jar:file:${catalina.base}/webapps/examples/WEB-INF/lib/driver.jar!/-" {
258 | // permission java.net.SocketPermission "dbhost.mycompany.com:5432", "connect";
259 | // };
260 | // The permission granted to the scrape taglib
261 | // grant codeBase "jar:file:${catalina.base}/webapps/examples/WEB-INF/lib/scrape.jar!/-" {
262 | // permission java.net.SocketPermission "*.noaa.gov:80", "connect";
263 | // };
264 |
265 | // To grant permissions for web applications using packed WAR files, use the
266 | // Tomcat specific WAR url scheme.
267 | //
268 | // The permissions granted to the entire web application
269 | // grant codeBase "war:file:${catalina.base}/webapps/examples.war*/-" {
270 | // };
271 | //
272 | // The permissions granted to a specific JAR
273 | // grant codeBase "war:file:${catalina.base}/webapps/examples.war*/WEB-INF/lib/foo.jar" {
274 | // };
275 |
--------------------------------------------------------------------------------
/Servers/Tomcat v9.0 Server at localhost-config/catalina.properties:
--------------------------------------------------------------------------------
1 | # Licensed to the Apache Software Foundation (ASF) under one or more
2 | # contributor license agreements. See the NOTICE file distributed with
3 | # this work for additional information regarding copyright ownership.
4 | # The ASF licenses this file to You under the Apache License, Version 2.0
5 | # (the "License"); you may not use this file except in compliance with
6 | # the License. You may obtain a copy of the License at
7 | #
8 | # http://www.apache.org/licenses/LICENSE-2.0
9 | #
10 | # Unless required by applicable law or agreed to in writing, software
11 | # distributed under the License is distributed on an "AS IS" BASIS,
12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | # See the License for the specific language governing permissions and
14 | # limitations under the License.
15 |
16 | #
17 | # List of comma-separated packages that start with or equal this string
18 | # will cause a security exception to be thrown when
19 | # passed to checkPackageAccess unless the
20 | # corresponding RuntimePermission ("accessClassInPackage."+package) has
21 | # been granted.
22 | package.access=sun.,org.apache.catalina.,org.apache.coyote.,org.apache.jasper.,org.apache.tomcat.
23 | #
24 | # List of comma-separated packages that start with or equal this string
25 | # will cause a security exception to be thrown when
26 | # passed to checkPackageDefinition unless the
27 | # corresponding RuntimePermission ("defineClassInPackage."+package) has
28 | # been granted.
29 | #
30 | # by default, no packages are restricted for definition, and none of
31 | # the class loaders supplied with the JDK call checkPackageDefinition.
32 | #
33 | package.definition=sun.,java.,org.apache.catalina.,org.apache.coyote.,\
34 | org.apache.jasper.,org.apache.naming.,org.apache.tomcat.
35 |
36 | #
37 | #
38 | # List of comma-separated paths defining the contents of the "common"
39 | # classloader. Prefixes should be used to define what is the repository type.
40 | # Path may be relative to the CATALINA_HOME or CATALINA_BASE path or absolute.
41 | # If left as blank,the JVM system loader will be used as Catalina's "common"
42 | # loader.
43 | # Examples:
44 | # "foo": Add this folder as a class repository
45 | # "foo/*.jar": Add all the JARs of the specified folder as class
46 | # repositories
47 | # "foo/bar.jar": Add bar.jar as a class repository
48 | #
49 | # Note: Values are enclosed in double quotes ("...") in case either the
50 | # ${catalina.base} path or the ${catalina.home} path contains a comma.
51 | # Because double quotes are used for quoting, the double quote character
52 | # may not appear in a path.
53 | common.loader="${catalina.base}/lib","${catalina.base}/lib/*.jar","${catalina.home}/lib","${catalina.home}/lib/*.jar"
54 |
55 | #
56 | # List of comma-separated paths defining the contents of the "server"
57 | # classloader. Prefixes should be used to define what is the repository type.
58 | # Path may be relative to the CATALINA_HOME or CATALINA_BASE path or absolute.
59 | # If left as blank, the "common" loader will be used as Catalina's "server"
60 | # loader.
61 | # Examples:
62 | # "foo": Add this folder as a class repository
63 | # "foo/*.jar": Add all the JARs of the specified folder as class
64 | # repositories
65 | # "foo/bar.jar": Add bar.jar as a class repository
66 | #
67 | # Note: Values may be enclosed in double quotes ("...") in case either the
68 | # ${catalina.base} path or the ${catalina.home} path contains a comma.
69 | # Because double quotes are used for quoting, the double quote character
70 | # may not appear in a path.
71 | server.loader=
72 |
73 | #
74 | # List of comma-separated paths defining the contents of the "shared"
75 | # classloader. Prefixes should be used to define what is the repository type.
76 | # Path may be relative to the CATALINA_BASE path or absolute. If left as blank,
77 | # the "common" loader will be used as Catalina's "shared" loader.
78 | # Examples:
79 | # "foo": Add this folder as a class repository
80 | # "foo/*.jar": Add all the JARs of the specified folder as class
81 | # repositories
82 | # "foo/bar.jar": Add bar.jar as a class repository
83 | # Please note that for single jars, e.g. bar.jar, you need the URL form
84 | # starting with file:.
85 | #
86 | # Note: Values may be enclosed in double quotes ("...") in case either the
87 | # ${catalina.base} path or the ${catalina.home} path contains a comma.
88 | # Because double quotes are used for quoting, the double quote character
89 | # may not appear in a path.
90 | shared.loader=
91 |
92 | # Default list of JAR files that should not be scanned using the JarScanner
93 | # functionality. This is typically used to scan JARs for configuration
94 | # information. JARs that do not contain such information may be excluded from
95 | # the scan to speed up the scanning process. This is the default list. JARs on
96 | # this list are excluded from all scans. The list must be a comma separated list
97 | # of JAR file names.
98 | # The list of JARs to skip may be over-ridden at a Context level for individual
99 | # scan types by configuring a JarScanner with a nested JarScanFilter.
100 | # The JARs listed below include:
101 | # - Tomcat Bootstrap JARs
102 | # - Tomcat API JARs
103 | # - Catalina JARs
104 | # - Jasper JARs
105 | # - Tomcat JARs
106 | # - Common non-Tomcat JARs
107 | # - Test JARs (JUnit, Cobertura and dependencies)
108 | tomcat.util.scan.StandardJarScanFilter.jarsToSkip=\
109 | bootstrap.jar,commons-daemon.jar,tomcat-juli.jar,\
110 | annotations-api.jar,el-api.jar,jsp-api.jar,servlet-api.jar,websocket-api.jar,\
111 | jaspic-api.jar,\
112 | catalina.jar,catalina-ant.jar,catalina-ha.jar,catalina-storeconfig.jar,\
113 | catalina-tribes.jar,\
114 | jasper.jar,jasper-el.jar,ecj-*.jar,\
115 | tomcat-api.jar,tomcat-util.jar,tomcat-util-scan.jar,tomcat-coyote.jar,\
116 | tomcat-dbcp.jar,tomcat-jni.jar,tomcat-websocket.jar,\
117 | tomcat-i18n-en.jar,tomcat-i18n-es.jar,tomcat-i18n-fr.jar,tomcat-i18n-ja.jar,\
118 | tomcat-juli-adapters.jar,catalina-jmx-remote.jar,catalina-ws.jar,\
119 | tomcat-jdbc.jar,\
120 | tools.jar,\
121 | commons-beanutils*.jar,commons-codec*.jar,commons-collections*.jar,\
122 | commons-dbcp*.jar,commons-digester*.jar,commons-fileupload*.jar,\
123 | commons-httpclient*.jar,commons-io*.jar,commons-lang*.jar,commons-logging*.jar,\
124 | commons-math*.jar,commons-pool*.jar,\
125 | jstl.jar,taglibs-standard-spec-*.jar,\
126 | geronimo-spec-jaxrpc*.jar,wsdl4j*.jar,\
127 | ant.jar,ant-junit*.jar,aspectj*.jar,jmx.jar,h2*.jar,hibernate*.jar,httpclient*.jar,\
128 | jmx-tools.jar,jta*.jar,log4j*.jar,mail*.jar,slf4j*.jar,\
129 | xercesImpl.jar,xmlParserAPIs.jar,xml-apis.jar,\
130 | junit.jar,junit-*.jar,hamcrest-*.jar,easymock-*.jar,cglib-*.jar,\
131 | objenesis-*.jar,ant-launcher.jar,\
132 | cobertura-*.jar,asm-*.jar,dom4j-*.jar,icu4j-*.jar,jaxen-*.jar,jdom-*.jar,\
133 | jetty-*.jar,oro-*.jar,servlet-api-*.jar,tagsoup-*.jar,xmlParserAPIs-*.jar,\
134 | xom-*.jar
135 |
136 | # Default list of JAR files that should be scanned that overrides the default
137 | # jarsToSkip list above. This is typically used to include a specific JAR that
138 | # has been excluded by a broad file name pattern in the jarsToSkip list.
139 | # The list of JARs to scan may be over-ridden at a Context level for individual
140 | # scan types by configuring a JarScanner with a nested JarScanFilter.
141 | tomcat.util.scan.StandardJarScanFilter.jarsToScan=\
142 | log4j-web*.jar,log4j-taglib*.jar,log4javascript*.jar,slf4j-taglib*.jar
143 |
144 | # String cache configuration.
145 | tomcat.util.buf.StringCache.byte.enabled=true
146 | #tomcat.util.buf.StringCache.char.enabled=true
147 | #tomcat.util.buf.StringCache.trainThreshold=500000
148 | #tomcat.util.buf.StringCache.cacheSize=5000
149 |
--------------------------------------------------------------------------------
/Servers/Tomcat v9.0 Server at localhost-config/context.xml:
--------------------------------------------------------------------------------
1 |
2 |
18 |
19 |
20 |
21 | WEB-INF/web.xml
22 | WEB-INF/tomcat-web.xml
23 | ${catalina.base}/conf/web.xml
24 |
25 |
26 |
29 |
--------------------------------------------------------------------------------
/Servers/Tomcat v9.0 Server at localhost-config/server.xml:
--------------------------------------------------------------------------------
1 |
2 |
21 |
22 |
25 |
26 |
27 |
28 |
29 |
30 |
31 |
32 |
35 |
36 |
39 |
40 |
41 |
42 |
47 |
48 |
49 |
50 |
54 |
55 |
56 |
63 |
64 |
65 |
71 |
79 |
88 |
94 |
106 |
107 |
108 |
109 |
110 |
111 |
116 |
117 |
120 |
121 |
122 |
125 |
128 |
129 |
131 |
132 |
136 |
137 |
138 |
139 |
140 |
141 |
143 |
146 |
147 |
150 |
151 |
152 |
153 |
154 |
155 |
--------------------------------------------------------------------------------
/Servers/Tomcat v9.0 Server at localhost-config/tomcat-users.xml:
--------------------------------------------------------------------------------
1 |
2 |
18 |
26 |
33 |
40 |
--------------------------------------------------------------------------------