Esempio n. 1
0
 private void loadmodule(HttpServletRequest request, HttpServletResponse response)
     throws IOException, ServletException {
   long s = System.currentTimeMillis();
   String modid = (String) request.getParameter("modid");
   this.modulesMap = this.systemMgm.getModulesMap();
   // modname = new String(modname.getBytes("ISO-8859-1"),
   // Constant.ENCODING);
   RockPower module = (RockPower) this.modulesMap.get(modid);
   HttpSession session = request.getSession();
   RockUser user = (RockUser) session.getAttribute(Constant.USER);
   StringBuffer url = new StringBuffer("/");
   if (module != null && user != null) {
     String id = module.getPowerpk();
     HashMap userModMap = (HashMap) session.getAttribute(Constant.USERMODULES);
     RockPower userMod = (RockPower) userModMap.get(id);
     if (userMod != null) {
       HashMap moduleActions = this.systemMgm.getUserModuleActions(userModMap, id);
       session.setAttribute(Constant.ModuleLVL, String.valueOf(userMod.getLvl()));
       session.setAttribute(Constant.ModuleActions, moduleActions);
       Map map = request.getParameterMap();
       String temp = userMod.getUrl();
       if (Constant.propsMap.get("IS_ADD_USEROPERATEMODULELOG") != null
           && Constant.propsMap.get("IS_ADD_USEROPERATEMODULELOG").equals("1")) {
         this.systemMgm.saveUserOperateModule(user.getUserid(), this.getIpAddr(request), id);
       }
       if (temp != null && (temp.startsWith("/") || temp.toLowerCase().startsWith("http"))) {
         String remoteURL = temp;
         if (temp.startsWith("/")) {
           remoteURL =
               request.getScheme()
                   + "://"
                   + request.getServerName()
                   + ":"
                   + request.getServerPort()
                   + temp;
         }
         response.setHeader("Location", remoteURL);
         response.sendRedirect(remoteURL);
       } else {
         temp = temp == null ? Constant.TODOPAGE : temp;
         url.append(temp);
         if (temp.indexOf("?") > -1) url.append("&modid=");
         else url.append("?modid=");
         url.append(id);
         Iterator itr = map.entrySet().iterator();
         while (itr.hasNext()) {
           Map.Entry entry = (Map.Entry) itr.next();
           url.append("&");
           url.append((String) entry.getKey());
           url.append("=");
           String vl = request.getParameter((String) entry.getKey());
           // vl = new String(vl.getBytes("ISO-8859-1"),
           // Constant.ENCODING);
           url.append(vl);
         }
         request.getRequestDispatcher(url.toString()).forward(request, response);
       }
     }
   } else {
     request.getRequestDispatcher(Constant.LOGINURL).forward(request, response);
   }
   long e = System.currentTimeMillis();
   log.info("------loadModule costs " + (e - s) + "ms");
 }
Esempio n. 2
0
  public void authentication(HttpServletRequest request, HttpServletResponse response)
      throws IOException {
    String msg = Constant.SUCCESS;
    String stackTrace = "";
    String username = request.getParameter("username");
    String password = request.getParameter("password");
    String verifyCode = request.getParameter("verifycode");
    // 中煤物资采购系统需要用到验证码
    Object codeObject = request.getSession().getAttribute("verifyCode");
    /*String sessionCode = (String) request.getSession().getAttribute(
    		"verifyCode");

    if (loginAudit.get(username) == null) {
    	LoginEvent event = new LoginEvent();
    	event.count = 0;
    	loginAudit.put(username, event);
    } else {
    	System.out.println("The count is "
    			+ (loginAudit.get(username)).count);
    }
    int failCount = (loginAudit.get(username)).count;
    int LOGIN_FAIL_LIMIT = BusinessConstants.LOGIN_FAIL_LIMIT;*/

    try {
      /*if (failCount > LOGIN_FAIL_LIMIT) {
      	Date lasttime = (loginAudit.get(username)).time;
      	Date now = new Date();
      	String str = "";
      	if ((now.getTime() - lasttime.getTime()) > 86400000
      			|| username.equals("system")
      			|| username.equals("Administrator")) {
      		(loginAudit.get(username)).count = 0;
      		failCount = 0;
      		str = "连续登陆失败次数超过" + LOGIN_FAIL_LIMIT + "次,今日内不允许登陆!";
      	} else {
      		(loginAudit.get(username)).time = new Date();
      		System.out.println("The lock is "
      				+ (loginAudit.get(username)).locked);
      		if (!(loginAudit.get(username)).locked)
      			this.systemMgm.lockUser(username);
      		str = "连续登陆失败次数超过" + LOGIN_FAIL_LIMIT + "次,用户已经被锁定!";
      	}
      	throw new BusinessException(str);
      }

      if (verifyCode == null || !verifyCode.equals(sessionCode)) {
      	// (loginAudit.get(username)).count += 1;
      	throw new BusinessException(BusinessConstants.MSG_USER_VERITY);
      }*/
      // 只有系统配置了NEED_VERIFY_CODE=1才会进行验证码校验,目前用于中煤物资采购系统
      if (Constant.propsMap.get("NEED_VERIFY_CODE") != null
          && Constant.propsMap.get("NEED_VERIFY_CODE").equals("1")) {
        String sessionCode = (String) codeObject;
        if (verifyCode == null || !verifyCode.equals(sessionCode)) {
          throw new BusinessException(BusinessConstants.MSG_USER_VERITY);
        }
      }
      RockUser user = this.systemMgm.authentication(username, password);
      SgccIniUnit unit = this.systemMgm.getUnitById(user.getPosid());

      String unitid = user.getUnitid();
      String unitname = this.systemMgm.getUserUnitName(user);
      SgccIniUnit belongUnit = this.systemMgm.getBelongUnit(user.getUnitid());
      String roles = this.systemMgm.getUserRoleType(user);

      this.systemMgm.userLogon(user);
      this.systemMgm.saveUserLoginTimeAndIp(user.getUserid(), this.getIpAddr(request));

      HttpSession s = request.getSession();
      s.setAttribute(Constant.USER, user);
      s.setAttribute(Constant.USERID, user.getUserid());
      s.setAttribute(Constant.USERNAME, user.getRealname());
      s.setAttribute(Constant.USERACCOUNT, username);
      s.setAttribute(Constant.UNITTYPE, unit.getUnitTypeId());
      s.setAttribute(Constant.USERUNITID, unitid);
      s.setAttribute(Constant.USERUNITNAME, unitname);
      s.setAttribute(Constant.USERBELONGUNITID, belongUnit.getUnitid());
      s.setAttribute(Constant.USERBELONGUNITNAME, belongUnit.getUnitname());
      s.setAttribute(Constant.USERBELONGUNITTYPEID, belongUnit.getUnitTypeId());
      // liangwj(2011-10-24):系统业务不支持用户归属于多个部门,所以所在部门及岗位信息直接从rock_user中读取,而不再从rock_user2dept表中读取
      s.setAttribute(
          Constant.USERDEPTID, (user.getDeptId() == null ? user.getUnitid() : user.getDeptId()));
      s.setAttribute(
          Constant.USERPOSID, (user.getPosid() == null ? user.getUnitid() : user.getPosid()));

      s.setAttribute(Constant.USERMODULES, this.systemMgm.getUserModules(user));
      s.setAttribute(Constant.ROLETYPE, roles.split("`")[0]);
      s.setAttribute(Constant.ISLEADER, roles.split("`")[1]);

      if (unitid.equals(user.getDeptId()) && unitid.equals(user.getPosid())) {
        s.setAttribute(Constant.USERDEPTPOSNAME, unitname);
      } else {
        s.setAttribute(Constant.USERDEPTPOSNAME, this.systemMgm.getUserDeptPosInfo(user));
      }

      if (roles.split("`")[0].equals("0")) {
        s.setAttribute(Constant.APPOrgRootID, Constant.DefaultOrgRootID);
        s.setAttribute(Constant.APPOrgRootNAME, Constant.DefaultOrgRootNAME);
      } else {
        s.setAttribute(Constant.APPOrgRootID, unitid);
        s.setAttribute(Constant.APPOrgRootNAME, unitname);
      }
      // 设置当前项目单位及可管理的项目单位
      List<SgccIniUnit> pids = this.systemMgm.getPidsByUnitid(belongUnit.getUnitid());
      StringBuilder USERPIDS = new StringBuilder();
      StringBuilder USERPNAMES = new StringBuilder();

      for (int i = 0, j = pids.size(); i < j; i++) {
        SgccIniUnit hbm = pids.get(i);
        if (i == 0) {
          s.setAttribute(Constant.CURRENTAPPPID, hbm.getUnitid());
          s.setAttribute(Constant.CURRENTAPPPNAME, hbm.getUnitname());
        } else {
          if ((hbm.getUnitid()).equals(belongUnit.getUnitid())) {
            s.setAttribute(Constant.CURRENTAPPPID, hbm.getUnitid());
            s.setAttribute(Constant.CURRENTAPPPNAME, hbm.getUnitname());
          }
        }
        USERPIDS.append(hbm.getUnitid()).append(",");
        USERPNAMES.append(hbm.getUnitname()).append(",");
      }
      if (pids.size() > 0) {
        String userpids = USERPIDS.toString();
        String userpnames = USERPNAMES.toString();
        s.setAttribute(Constant.USERPIDS, userpids.substring(0, userpids.length() - 1));
        s.setAttribute(Constant.USERPNAMES, userpnames.substring(0, userpnames.length() - 1));
      } else {
        s.setAttribute(Constant.USERPIDS, null);
        s.setAttribute(Constant.USERPNAMES, null);
        s.setAttribute(Constant.CURRENTAPPPID, null);
        s.setAttribute(Constant.CURRENTAPPPNAME, null);
      }
      // 只有系统配置了NEED_OPERATE_HISTORY=1才会启用日志添加操作,目前用于中煤物资采购系统
      if (Constant.propsMap.get("NEED_OPERATE_HISTORY") != null
          && Constant.propsMap.get("NEED_OPERATE_HISTORY").equals("1")) {
        OperateHistoryService operateHistoryService =
            (OperateHistoryService) this.wac.getBean("operateHistoryService");
        operateHistoryService.addOperateHistory(
            user.getUserid(),
            user.getUnitid(),
            "LOGIN",
            "登录" + Constant.DefaultModuleRootName + "成功",
            "SUCCESS");
      }
      log.info("===== [" + username + " : " + user.getRealname() + "] =========");
    } catch (Exception e) {
      /*failCount++;
      (loginAudit.get(username)).count = failCount;
      (loginAudit.get(username)).time = new Date();*/
      msg = getSQLErrorMsg(e);
      stackTrace = getStackTrace(e);
    }

    if (request.getParameter("target") != null) {

      StringBuffer sbf = new StringBuffer("");
      if (msg.equals(Constant.SUCCESS)) {
        /*
         * sbf.append(Constant.HTMLMETAHEADER); sbf.append("<script>");
         * sbf.append(request.getParameter("target"));
         * sbf.append(".location.href='");
         */

        // (loginAudit.get(username)).count = 0;

        if (Constant.indexType == null
            || Constant.indexType.equals("")
            || Constant.indexType.equals("0")) {
          sbf.append(Constant.APPINDEXPAGE + ".jsp");
        } else {
          sbf.append(Constant.APPINDEXPAGE + Constant.indexType + ".jsp");
        }
        sendMsgResponseLogin(msg, stackTrace, sbf.toString(), response);
        // sbf.append("';</script>");
      } else {
        /*
         * sbf.append(Constant.HTMLMETAHEADER); sbf.append("<script>alert('");
         * sbf.append(msg); sbf.append("');history.back();</script>");
         */
        sendMsgResponse(msg, stackTrace, 0, response);
      }
      // outputString(response, sbf.toString());
    } else {
      sendMsgResponse(msg, stackTrace, 0, response);
    }
  }
Esempio n. 3
0
  public void authenticationPortal(
      HttpServletRequest request, HttpServletResponse response, boolean chkPwd) throws IOException {
    String msg = Constant.SUCCESS;
    String stackTrace = "";
    String username = request.getParameter("username");
    String password = request.getParameter("password");

    try {

      RockUser user = this.systemMgm.authenticationPortal(username, password, chkPwd);
      SgccIniUnit unit = this.systemMgm.getUnitById(user.getPosid());

      this.systemMgm.userLogon(user);
      this.systemMgm.saveUserLoginTimeAndIp(user.getUserid(), this.getIpAddr(request));

      HttpSession s = request.getSession();
      s.setAttribute(Constant.USER, user);
      s.setAttribute(Constant.USERID, user.getUserid());
      s.setAttribute(Constant.USERNAME, user.getRealname());
      s.setAttribute(Constant.USERACCOUNT, username);
      s.setAttribute(Constant.UNITTYPE, unit.getUnitTypeId());
      String unitid = user.getUnitid();
      String unitname = this.systemMgm.getUserUnitName(user);
      s.setAttribute(Constant.USERUNITID, unitid);
      s.setAttribute(Constant.USERUNITNAME, unitname);

      if (unitid.equals(user.getDeptId()) && unitid.equals(user.getPosid())) {
        s.setAttribute(Constant.USERDEPTPOSNAME, "");
      } else {
        s.setAttribute(Constant.USERDEPTPOSNAME, this.systemMgm.getUserDeptPosInfo(user));
      }
      // liangwj(2011-10-24):系统业务不支持用户归属于多个部门,所以所在部门及岗位信息直接从rock_user中读取,而不再从rock_user2dept表中读取
      s.setAttribute(
          Constant.USERDEPTID, (user.getDeptId() == null ? user.getUnitid() : user.getDeptId()));
      s.setAttribute(
          Constant.USERPOSID, (user.getPosid() == null ? user.getUnitid() : user.getPosid()));

      s.setAttribute(Constant.USERMODULES, this.systemMgm.getUserModules(user));
      String roles = this.systemMgm.getUserRoleType(user);
      s.setAttribute(Constant.ROLETYPE, roles.split("`")[0]);
      s.setAttribute(Constant.ISLEADER, roles.split("`")[1]);
      // Constant.APPOrgRootID = Constant.DefaultOrgRootID;
      if (roles.split("`")[0].equals("0")) {
        // s.setAttribute(Constant.APPOrgRootID,
        // Constant.DefaultOrgRootID);
        // s.setAttribute(Constant.APPOrgRootNAME,
        // Constant.DefaultOrgRootNAME);
        Constant.APPOrgRootID = Constant.DefaultOrgRootID;
        Constant.APPOrgRootNAME = Constant.DefaultOrgRootNAME;
      } else {
        // s.setAttribute(Constant.APPOrgRootID, unitid);
        // s.setAttribute(Constant.APPOrgRootNAME, unitname);
        Constant.APPOrgRootID = unitid;
        Constant.APPOrgRootNAME = unitname;
      }

      log.info("===== [" + username + " : " + user.getRealname() + "] =========");
    } catch (Exception e) {
      msg = getSQLErrorMsg(e);
      stackTrace = getStackTrace(e);
    }

    if (request.getParameter("target") != null) {

      StringBuffer sbf = new StringBuffer("");
      if (msg.equals(Constant.SUCCESS)) {
        /*
         * sbf.append(Constant.HTMLMETAHEADER); sbf.append("<script>");
         * sbf.append(request.getParameter("target"));
         * sbf.append(".location.href='");
         */

        // (loginAudit.get(username)).count = 0;

        if (Constant.indexType == null
            || Constant.indexType.equals("")
            || Constant.indexType.equals("0")) {
          sbf.append(Constant.APPINDEXPAGE + ".jsp");
        } else {
          sbf.append(Constant.APPINDEXPAGE + Constant.indexType + ".jsp");
        }
        sendMsgResponseLogin(msg, stackTrace, sbf.toString(), response);
        // sbf.append("';</script>");
      } else {
        /*
         * sbf.append(Constant.HTMLMETAHEADER); sbf.append("<script>alert('");
         * sbf.append(msg); sbf.append("');history.back();</script>");
         */
        sendMsgResponse(msg, stackTrace, 0, response);
      }
      // outputString(response, sbf.toString());
    } else {
      sendMsgResponse(msg, stackTrace, 0, response);
    }
  }