Esempio n. 1
0
  @RequestMapping("to_login")
  public String ToLogin(HttpServletRequest request, ModelMap map) throws WebException {
    try {
      // X509Certificate[] clientCertChain = (X509Certificate[])
      // request.getAttribute("javax.servlet.request.X509Certificate");
      String certString = request.getHeader("client-cert");
      if (StringUtils.isEmpty(certString)) {
        return LOGINPAGER;
      }
      certString = certString.replaceAll("\t", "\n");
      X509Certificate clientCertChain =
          (X509Certificate) new PEMReader(new StringReader(certString), null, "SUN").readObject();
      if (clientCertChain == null) {
        return LOGINPAGER;
      } else {
        Principal dn = clientCertChain.getSubjectDN();
        X500Name x509Principal = (X500Name) dn;
        String uid = x509Principal.getGivenName();
        if (StringUtils.isNotEmpty(uid)) {
          String[] uids = uid.split(",");
          map.put("accountName", uids[1]);
          map.put("memberName", uids[0]);
        }
      }

      return LOGINPAGER;
    } catch (Exception e) {
      throw new WebException("系统错误", e);
    }
  }
Esempio n. 2
0
  @RequestMapping(value = "login", method = RequestMethod.POST)
  public String login(
      String memberName,
      String accountName,
      String password,
      HttpSession session,
      HttpServletRequest request,
      ModelMap map) {
    map.put("accountName", accountName);
    map.put("memberName", memberName);
    SupervisorSiteToken token = null;
    SupervisorPrincipal userBean = null;
    AccountEntity account = null;
    if (StringUtils.isNotEmpty(memberName) && StringUtils.isNotEmpty(accountName)) {
      MemberEntity member = memberService.getMemberByName(memberName);
      if (member == null) {
        map.put("message", "会员不存在");
        return LOGIN;
      }
      if (!member.getName().equals(memberName)) {
        map.put("message", "会员名错误");
        return LOGIN;
      }
      if (MemberCheckStateEnum.UNAUDITED.equals(member.getCheckState())) {
        map.put("message", "会员未审核");
        return LOGIN;
      }
      if (MemberStatesEnum.STOP.equals(member.getState())) {
        map.put("message", "会员已冻结");
        return LOGIN;
      }

      account = accountService.getAccountByName(accountName, member.getMemberNo());
      if (account == null) {
        map.put("amessage", "会员子账户不存在");
        return LOGIN;
      }
      if (AccountStatesEnum.STOP.equals(account.getState())) {
        map.put("amessage", "会员子账户已冻结");
        return LOGIN;
      }

      userBean = new SupervisorPrincipal();
      userBean.setAccount(account);
      userBean.setMember(member);
      token = new SupervisorSiteToken(userBean, password);
    } else if (StringUtils.isNotEmpty(memberName) && StringUtils.isEmpty(accountName)) {
      MemberEntity member = memberService.getMemberByName(memberName);
      if (member == null) {
        map.put("message", "会员不存在");
        return LOGIN;
      }
      if (MemberCheckStateEnum.UNAUDITED.equals(member.getCheckState())) {
        map.put("message", "会员未审核");
        return LOGIN;
      }
      if (MemberStatesEnum.STOP.equals(member.getState())) {
        map.put("message", "会员已冻结");
        return LOGIN;
      }
      userBean = new SupervisorPrincipal();
      userBean.setMember(member);
      token = new SupervisorSiteToken(userBean, password);
    } else {
      map.put("message", "公司名称和密码不能为空");
      // map.put("pmessage", "密码不能为空");
      return LOGIN;
    }
    Subject currentUser = SecurityUtils.getSubject();
    try {
      currentUser.login(token);
      PrincipalCollection principals = currentUser.getPrincipals();
      if (userBean.getAccount() != null) {
        SupervisorShiroRedisCache.addToMap(userBean.getAccount().getId(), principals);
      } else {
        SupervisorShiroRedisCache.addToMap(userBean.getMember().getMemberNo(), principals);
      }
    } catch (AuthenticationException e) {
      SxjLogger.error("登陆失败", e, this.getClass());
      map.put("pmessage", "密码错误");
      return LOGIN;
    }
    if (currentUser.isAuthenticated()) {
      session.setAttribute("userinfo", userBean);
      if (account != null) {
        accountService.edit_Login(account.getId());
      }
      return "redirect:" + getBasePath(request) + "index.htm";
    } else {
      map.put("message", "登陆失败");
      return LOGIN;
    }
  }