public void authentication(HttpServletRequest request, HttpServletResponse response)
throws IOException {
String msg = Constant.SUCCESS;
String stackTrace = "";
String username = request.getParameter("username");
String password = request.getParameter("password");
String verifyCode = request.getParameter("verifycode");
// 中煤物资采购系统需要用到验证码
Object codeObject = request.getSession().getAttribute("verifyCode");
/*String sessionCode = (String) request.getSession().getAttribute(
"verifyCode");
if (loginAudit.get(username) == null) {
LoginEvent event = new LoginEvent();
event.count = 0;
loginAudit.put(username, event);
} else {
System.out.println("The count is "
+ (loginAudit.get(username)).count);
}
int failCount = (loginAudit.get(username)).count;
int LOGIN_FAIL_LIMIT = BusinessConstants.LOGIN_FAIL_LIMIT;*/
try {
/*if (failCount > LOGIN_FAIL_LIMIT) {
Date lasttime = (loginAudit.get(username)).time;
Date now = new Date();
String str = "";
if ((now.getTime() - lasttime.getTime()) > 86400000
|| username.equals("system")
|| username.equals("Administrator")) {
(loginAudit.get(username)).count = 0;
failCount = 0;
str = "连续登陆失败次数超过" + LOGIN_FAIL_LIMIT + "次,今日内不允许登陆!";
} else {
(loginAudit.get(username)).time = new Date();
System.out.println("The lock is "
+ (loginAudit.get(username)).locked);
if (!(loginAudit.get(username)).locked)
this.systemMgm.lockUser(username);
str = "连续登陆失败次数超过" + LOGIN_FAIL_LIMIT + "次,用户已经被锁定!";
}
throw new BusinessException(str);
}
if (verifyCode == null || !verifyCode.equals(sessionCode)) {
// (loginAudit.get(username)).count += 1;
throw new BusinessException(BusinessConstants.MSG_USER_VERITY);
}*/
// 只有系统配置了NEED_VERIFY_CODE=1才会进行验证码校验,目前用于中煤物资采购系统
if (Constant.propsMap.get("NEED_VERIFY_CODE") != null
&& Constant.propsMap.get("NEED_VERIFY_CODE").equals("1")) {
String sessionCode = (String) codeObject;
if (verifyCode == null || !verifyCode.equals(sessionCode)) {
throw new BusinessException(BusinessConstants.MSG_USER_VERITY);
}
}
RockUser user = this.systemMgm.authentication(username, password);
SgccIniUnit unit = this.systemMgm.getUnitById(user.getPosid());
String unitid = user.getUnitid();
String unitname = this.systemMgm.getUserUnitName(user);
SgccIniUnit belongUnit = this.systemMgm.getBelongUnit(user.getUnitid());
String roles = this.systemMgm.getUserRoleType(user);
this.systemMgm.userLogon(user);
this.systemMgm.saveUserLoginTimeAndIp(user.getUserid(), this.getIpAddr(request));
HttpSession s = request.getSession();
s.setAttribute(Constant.USER, user);
s.setAttribute(Constant.USERID, user.getUserid());
s.setAttribute(Constant.USERNAME, user.getRealname());
s.setAttribute(Constant.USERACCOUNT, username);
s.setAttribute(Constant.UNITTYPE, unit.getUnitTypeId());
s.setAttribute(Constant.USERUNITID, unitid);
s.setAttribute(Constant.USERUNITNAME, unitname);
s.setAttribute(Constant.USERBELONGUNITID, belongUnit.getUnitid());
s.setAttribute(Constant.USERBELONGUNITNAME, belongUnit.getUnitname());
s.setAttribute(Constant.USERBELONGUNITTYPEID, belongUnit.getUnitTypeId());
// liangwj(2011-10-24):系统业务不支持用户归属于多个部门,所以所在部门及岗位信息直接从rock_user中读取,而不再从rock_user2dept表中读取
s.setAttribute(
Constant.USERDEPTID, (user.getDeptId() == null ? user.getUnitid() : user.getDeptId()));
s.setAttribute(
Constant.USERPOSID, (user.getPosid() == null ? user.getUnitid() : user.getPosid()));
s.setAttribute(Constant.USERMODULES, this.systemMgm.getUserModules(user));
s.setAttribute(Constant.ROLETYPE, roles.split("`")[0]);
s.setAttribute(Constant.ISLEADER, roles.split("`")[1]);
if (unitid.equals(user.getDeptId()) && unitid.equals(user.getPosid())) {
s.setAttribute(Constant.USERDEPTPOSNAME, unitname);
} else {
s.setAttribute(Constant.USERDEPTPOSNAME, this.systemMgm.getUserDeptPosInfo(user));
}
if (roles.split("`")[0].equals("0")) {
s.setAttribute(Constant.APPOrgRootID, Constant.DefaultOrgRootID);
s.setAttribute(Constant.APPOrgRootNAME, Constant.DefaultOrgRootNAME);
} else {
s.setAttribute(Constant.APPOrgRootID, unitid);
s.setAttribute(Constant.APPOrgRootNAME, unitname);
}
// 设置当前项目单位及可管理的项目单位
List<SgccIniUnit> pids = this.systemMgm.getPidsByUnitid(belongUnit.getUnitid());
StringBuilder USERPIDS = new StringBuilder();
StringBuilder USERPNAMES = new StringBuilder();
for (int i = 0, j = pids.size(); i < j; i++) {
SgccIniUnit hbm = pids.get(i);
if (i == 0) {
s.setAttribute(Constant.CURRENTAPPPID, hbm.getUnitid());
s.setAttribute(Constant.CURRENTAPPPNAME, hbm.getUnitname());
} else {
if ((hbm.getUnitid()).equals(belongUnit.getUnitid())) {
s.setAttribute(Constant.CURRENTAPPPID, hbm.getUnitid());
s.setAttribute(Constant.CURRENTAPPPNAME, hbm.getUnitname());
}
}
USERPIDS.append(hbm.getUnitid()).append(",");
USERPNAMES.append(hbm.getUnitname()).append(",");
}
if (pids.size() > 0) {
String userpids = USERPIDS.toString();
String userpnames = USERPNAMES.toString();
s.setAttribute(Constant.USERPIDS, userpids.substring(0, userpids.length() - 1));
s.setAttribute(Constant.USERPNAMES, userpnames.substring(0, userpnames.length() - 1));
} else {
s.setAttribute(Constant.USERPIDS, null);
s.setAttribute(Constant.USERPNAMES, null);
s.setAttribute(Constant.CURRENTAPPPID, null);
s.setAttribute(Constant.CURRENTAPPPNAME, null);
}
// 只有系统配置了NEED_OPERATE_HISTORY=1才会启用日志添加操作,目前用于中煤物资采购系统
if (Constant.propsMap.get("NEED_OPERATE_HISTORY") != null
&& Constant.propsMap.get("NEED_OPERATE_HISTORY").equals("1")) {
OperateHistoryService operateHistoryService =
(OperateHistoryService) this.wac.getBean("operateHistoryService");
operateHistoryService.addOperateHistory(
user.getUserid(),
user.getUnitid(),
"LOGIN",
"登录" + Constant.DefaultModuleRootName + "成功",
"SUCCESS");
}
log.info("===== [" + username + " : " + user.getRealname() + "] =========");
} catch (Exception e) {
/*failCount++;
(loginAudit.get(username)).count = failCount;
(loginAudit.get(username)).time = new Date();*/
msg = getSQLErrorMsg(e);
stackTrace = getStackTrace(e);
}
if (request.getParameter("target") != null) {
StringBuffer sbf = new StringBuffer("");
if (msg.equals(Constant.SUCCESS)) {
/*
* sbf.append(Constant.HTMLMETAHEADER); sbf.append("<script>");
* sbf.append(request.getParameter("target"));
* sbf.append(".location.href='");
*/
// (loginAudit.get(username)).count = 0;
if (Constant.indexType == null
|| Constant.indexType.equals("")
|| Constant.indexType.equals("0")) {
sbf.append(Constant.APPINDEXPAGE + ".jsp");
} else {
sbf.append(Constant.APPINDEXPAGE + Constant.indexType + ".jsp");
}
sendMsgResponseLogin(msg, stackTrace, sbf.toString(), response);
// sbf.append("';</script>");
} else {
/*
* sbf.append(Constant.HTMLMETAHEADER); sbf.append("<script>alert('");
* sbf.append(msg); sbf.append("');history.back();</script>");
*/
sendMsgResponse(msg, stackTrace, 0, response);
}
// outputString(response, sbf.toString());
} else {
sendMsgResponse(msg, stackTrace, 0, response);
}
}
public void authenticationPortal(
HttpServletRequest request, HttpServletResponse response, boolean chkPwd) throws IOException {
String msg = Constant.SUCCESS;
String stackTrace = "";
String username = request.getParameter("username");
String password = request.getParameter("password");
try {
RockUser user = this.systemMgm.authenticationPortal(username, password, chkPwd);
SgccIniUnit unit = this.systemMgm.getUnitById(user.getPosid());
this.systemMgm.userLogon(user);
this.systemMgm.saveUserLoginTimeAndIp(user.getUserid(), this.getIpAddr(request));
HttpSession s = request.getSession();
s.setAttribute(Constant.USER, user);
s.setAttribute(Constant.USERID, user.getUserid());
s.setAttribute(Constant.USERNAME, user.getRealname());
s.setAttribute(Constant.USERACCOUNT, username);
s.setAttribute(Constant.UNITTYPE, unit.getUnitTypeId());
String unitid = user.getUnitid();
String unitname = this.systemMgm.getUserUnitName(user);
s.setAttribute(Constant.USERUNITID, unitid);
s.setAttribute(Constant.USERUNITNAME, unitname);
if (unitid.equals(user.getDeptId()) && unitid.equals(user.getPosid())) {
s.setAttribute(Constant.USERDEPTPOSNAME, "");
} else {
s.setAttribute(Constant.USERDEPTPOSNAME, this.systemMgm.getUserDeptPosInfo(user));
}
// liangwj(2011-10-24):系统业务不支持用户归属于多个部门,所以所在部门及岗位信息直接从rock_user中读取,而不再从rock_user2dept表中读取
s.setAttribute(
Constant.USERDEPTID, (user.getDeptId() == null ? user.getUnitid() : user.getDeptId()));
s.setAttribute(
Constant.USERPOSID, (user.getPosid() == null ? user.getUnitid() : user.getPosid()));
s.setAttribute(Constant.USERMODULES, this.systemMgm.getUserModules(user));
String roles = this.systemMgm.getUserRoleType(user);
s.setAttribute(Constant.ROLETYPE, roles.split("`")[0]);
s.setAttribute(Constant.ISLEADER, roles.split("`")[1]);
// Constant.APPOrgRootID = Constant.DefaultOrgRootID;
if (roles.split("`")[0].equals("0")) {
// s.setAttribute(Constant.APPOrgRootID,
// Constant.DefaultOrgRootID);
// s.setAttribute(Constant.APPOrgRootNAME,
// Constant.DefaultOrgRootNAME);
Constant.APPOrgRootID = Constant.DefaultOrgRootID;
Constant.APPOrgRootNAME = Constant.DefaultOrgRootNAME;
} else {
// s.setAttribute(Constant.APPOrgRootID, unitid);
// s.setAttribute(Constant.APPOrgRootNAME, unitname);
Constant.APPOrgRootID = unitid;
Constant.APPOrgRootNAME = unitname;
}
log.info("===== [" + username + " : " + user.getRealname() + "] =========");
} catch (Exception e) {
msg = getSQLErrorMsg(e);
stackTrace = getStackTrace(e);
}
if (request.getParameter("target") != null) {
StringBuffer sbf = new StringBuffer("");
if (msg.equals(Constant.SUCCESS)) {
/*
* sbf.append(Constant.HTMLMETAHEADER); sbf.append("<script>");
* sbf.append(request.getParameter("target"));
* sbf.append(".location.href='");
*/
// (loginAudit.get(username)).count = 0;
if (Constant.indexType == null
|| Constant.indexType.equals("")
|| Constant.indexType.equals("0")) {
sbf.append(Constant.APPINDEXPAGE + ".jsp");
} else {
sbf.append(Constant.APPINDEXPAGE + Constant.indexType + ".jsp");
}
sendMsgResponseLogin(msg, stackTrace, sbf.toString(), response);
// sbf.append("';</script>");
} else {
/*
* sbf.append(Constant.HTMLMETAHEADER); sbf.append("<script>alert('");
* sbf.append(msg); sbf.append("');history.back();</script>");
*/
sendMsgResponse(msg, stackTrace, 0, response);
}
// outputString(response, sbf.toString());
} else {
sendMsgResponse(msg, stackTrace, 0, response);
}
}