Esempio n. 1
0
  private void logout(HttpServletRequest request, HttpServletResponse response) throws IOException {
    HttpSession s = request.getSession();
    // 只有系统配置了NEED_OPERATE_HISTORY=1才会启用日志添加操作,目前用于中煤物资采购系统
    if (Constant.propsMap.get("NEED_OPERATE_HISTORY") != null
        && Constant.propsMap.get("NEED_OPERATE_HISTORY").equals("1")) {
      OperateHistoryService operateHistoryService =
          (OperateHistoryService) this.wac.getBean("operateHistoryService");
      operateHistoryService.addOperateHistory(
          (String) s.getAttribute(Constant.USERID),
          (String) s.getAttribute(Constant.USERUNITID),
          "LOGOUT",
          "注销" + Constant.DefaultModuleRootName + "成功",
          "SUCCESS");
    }
    s.removeAttribute(Constant.USER);
    s.removeAttribute(Constant.USERACCOUNT);
    s.removeAttribute(Constant.USERID);
    s.removeAttribute(Constant.USERNAME);
    s.removeAttribute(Constant.USERDEPTPOSNAME);
    s.removeAttribute(Constant.USERDEPTID);
    s.removeAttribute(Constant.USERUNITID);
    s.removeAttribute(Constant.USERPOSID);
    s.removeAttribute(Constant.USERUNITNAME);
    s.removeAttribute(Constant.APPOrgRootID);
    s.removeAttribute(Constant.APPOrgRootNAME);
    s.removeAttribute(Constant.USERBELONGUNITID);
    s.removeAttribute(Constant.USERBELONGUNITNAME);
    s.removeAttribute(Constant.USERBELONGUNITTYPEID);
    s.removeAttribute(Constant.USERPIDS);
    s.removeAttribute(Constant.USERPNAMES);
    s.removeAttribute(Constant.CURRENTAPPPID);
    s.removeAttribute(Constant.CURRENTAPPPNAME);

    response.sendRedirect(Constant.AppRoot);
  }
Esempio n. 2
0
  public void authentication(HttpServletRequest request, HttpServletResponse response)
      throws IOException {
    String msg = Constant.SUCCESS;
    String stackTrace = "";
    String username = request.getParameter("username");
    String password = request.getParameter("password");
    String verifyCode = request.getParameter("verifycode");
    // 中煤物资采购系统需要用到验证码
    Object codeObject = request.getSession().getAttribute("verifyCode");
    /*String sessionCode = (String) request.getSession().getAttribute(
    		"verifyCode");

    if (loginAudit.get(username) == null) {
    	LoginEvent event = new LoginEvent();
    	event.count = 0;
    	loginAudit.put(username, event);
    } else {
    	System.out.println("The count is "
    			+ (loginAudit.get(username)).count);
    }
    int failCount = (loginAudit.get(username)).count;
    int LOGIN_FAIL_LIMIT = BusinessConstants.LOGIN_FAIL_LIMIT;*/

    try {
      /*if (failCount > LOGIN_FAIL_LIMIT) {
      	Date lasttime = (loginAudit.get(username)).time;
      	Date now = new Date();
      	String str = "";
      	if ((now.getTime() - lasttime.getTime()) > 86400000
      			|| username.equals("system")
      			|| username.equals("Administrator")) {
      		(loginAudit.get(username)).count = 0;
      		failCount = 0;
      		str = "连续登陆失败次数超过" + LOGIN_FAIL_LIMIT + "次,今日内不允许登陆!";
      	} else {
      		(loginAudit.get(username)).time = new Date();
      		System.out.println("The lock is "
      				+ (loginAudit.get(username)).locked);
      		if (!(loginAudit.get(username)).locked)
      			this.systemMgm.lockUser(username);
      		str = "连续登陆失败次数超过" + LOGIN_FAIL_LIMIT + "次,用户已经被锁定!";
      	}
      	throw new BusinessException(str);
      }

      if (verifyCode == null || !verifyCode.equals(sessionCode)) {
      	// (loginAudit.get(username)).count += 1;
      	throw new BusinessException(BusinessConstants.MSG_USER_VERITY);
      }*/
      // 只有系统配置了NEED_VERIFY_CODE=1才会进行验证码校验,目前用于中煤物资采购系统
      if (Constant.propsMap.get("NEED_VERIFY_CODE") != null
          && Constant.propsMap.get("NEED_VERIFY_CODE").equals("1")) {
        String sessionCode = (String) codeObject;
        if (verifyCode == null || !verifyCode.equals(sessionCode)) {
          throw new BusinessException(BusinessConstants.MSG_USER_VERITY);
        }
      }
      RockUser user = this.systemMgm.authentication(username, password);
      SgccIniUnit unit = this.systemMgm.getUnitById(user.getPosid());

      String unitid = user.getUnitid();
      String unitname = this.systemMgm.getUserUnitName(user);
      SgccIniUnit belongUnit = this.systemMgm.getBelongUnit(user.getUnitid());
      String roles = this.systemMgm.getUserRoleType(user);

      this.systemMgm.userLogon(user);
      this.systemMgm.saveUserLoginTimeAndIp(user.getUserid(), this.getIpAddr(request));

      HttpSession s = request.getSession();
      s.setAttribute(Constant.USER, user);
      s.setAttribute(Constant.USERID, user.getUserid());
      s.setAttribute(Constant.USERNAME, user.getRealname());
      s.setAttribute(Constant.USERACCOUNT, username);
      s.setAttribute(Constant.UNITTYPE, unit.getUnitTypeId());
      s.setAttribute(Constant.USERUNITID, unitid);
      s.setAttribute(Constant.USERUNITNAME, unitname);
      s.setAttribute(Constant.USERBELONGUNITID, belongUnit.getUnitid());
      s.setAttribute(Constant.USERBELONGUNITNAME, belongUnit.getUnitname());
      s.setAttribute(Constant.USERBELONGUNITTYPEID, belongUnit.getUnitTypeId());
      // liangwj(2011-10-24):系统业务不支持用户归属于多个部门,所以所在部门及岗位信息直接从rock_user中读取,而不再从rock_user2dept表中读取
      s.setAttribute(
          Constant.USERDEPTID, (user.getDeptId() == null ? user.getUnitid() : user.getDeptId()));
      s.setAttribute(
          Constant.USERPOSID, (user.getPosid() == null ? user.getUnitid() : user.getPosid()));

      s.setAttribute(Constant.USERMODULES, this.systemMgm.getUserModules(user));
      s.setAttribute(Constant.ROLETYPE, roles.split("`")[0]);
      s.setAttribute(Constant.ISLEADER, roles.split("`")[1]);

      if (unitid.equals(user.getDeptId()) && unitid.equals(user.getPosid())) {
        s.setAttribute(Constant.USERDEPTPOSNAME, unitname);
      } else {
        s.setAttribute(Constant.USERDEPTPOSNAME, this.systemMgm.getUserDeptPosInfo(user));
      }

      if (roles.split("`")[0].equals("0")) {
        s.setAttribute(Constant.APPOrgRootID, Constant.DefaultOrgRootID);
        s.setAttribute(Constant.APPOrgRootNAME, Constant.DefaultOrgRootNAME);
      } else {
        s.setAttribute(Constant.APPOrgRootID, unitid);
        s.setAttribute(Constant.APPOrgRootNAME, unitname);
      }
      // 设置当前项目单位及可管理的项目单位
      List<SgccIniUnit> pids = this.systemMgm.getPidsByUnitid(belongUnit.getUnitid());
      StringBuilder USERPIDS = new StringBuilder();
      StringBuilder USERPNAMES = new StringBuilder();

      for (int i = 0, j = pids.size(); i < j; i++) {
        SgccIniUnit hbm = pids.get(i);
        if (i == 0) {
          s.setAttribute(Constant.CURRENTAPPPID, hbm.getUnitid());
          s.setAttribute(Constant.CURRENTAPPPNAME, hbm.getUnitname());
        } else {
          if ((hbm.getUnitid()).equals(belongUnit.getUnitid())) {
            s.setAttribute(Constant.CURRENTAPPPID, hbm.getUnitid());
            s.setAttribute(Constant.CURRENTAPPPNAME, hbm.getUnitname());
          }
        }
        USERPIDS.append(hbm.getUnitid()).append(",");
        USERPNAMES.append(hbm.getUnitname()).append(",");
      }
      if (pids.size() > 0) {
        String userpids = USERPIDS.toString();
        String userpnames = USERPNAMES.toString();
        s.setAttribute(Constant.USERPIDS, userpids.substring(0, userpids.length() - 1));
        s.setAttribute(Constant.USERPNAMES, userpnames.substring(0, userpnames.length() - 1));
      } else {
        s.setAttribute(Constant.USERPIDS, null);
        s.setAttribute(Constant.USERPNAMES, null);
        s.setAttribute(Constant.CURRENTAPPPID, null);
        s.setAttribute(Constant.CURRENTAPPPNAME, null);
      }
      // 只有系统配置了NEED_OPERATE_HISTORY=1才会启用日志添加操作,目前用于中煤物资采购系统
      if (Constant.propsMap.get("NEED_OPERATE_HISTORY") != null
          && Constant.propsMap.get("NEED_OPERATE_HISTORY").equals("1")) {
        OperateHistoryService operateHistoryService =
            (OperateHistoryService) this.wac.getBean("operateHistoryService");
        operateHistoryService.addOperateHistory(
            user.getUserid(),
            user.getUnitid(),
            "LOGIN",
            "登录" + Constant.DefaultModuleRootName + "成功",
            "SUCCESS");
      }
      log.info("===== [" + username + " : " + user.getRealname() + "] =========");
    } catch (Exception e) {
      /*failCount++;
      (loginAudit.get(username)).count = failCount;
      (loginAudit.get(username)).time = new Date();*/
      msg = getSQLErrorMsg(e);
      stackTrace = getStackTrace(e);
    }

    if (request.getParameter("target") != null) {

      StringBuffer sbf = new StringBuffer("");
      if (msg.equals(Constant.SUCCESS)) {
        /*
         * sbf.append(Constant.HTMLMETAHEADER); sbf.append("<script>");
         * sbf.append(request.getParameter("target"));
         * sbf.append(".location.href='");
         */

        // (loginAudit.get(username)).count = 0;

        if (Constant.indexType == null
            || Constant.indexType.equals("")
            || Constant.indexType.equals("0")) {
          sbf.append(Constant.APPINDEXPAGE + ".jsp");
        } else {
          sbf.append(Constant.APPINDEXPAGE + Constant.indexType + ".jsp");
        }
        sendMsgResponseLogin(msg, stackTrace, sbf.toString(), response);
        // sbf.append("';</script>");
      } else {
        /*
         * sbf.append(Constant.HTMLMETAHEADER); sbf.append("<script>alert('");
         * sbf.append(msg); sbf.append("');history.back();</script>");
         */
        sendMsgResponse(msg, stackTrace, 0, response);
      }
      // outputString(response, sbf.toString());
    } else {
      sendMsgResponse(msg, stackTrace, 0, response);
    }
  }