Пример #1
0
  /**
   * 登录
   *
   * @param user
   * @param password
   */
  public void login(String user, String password) {
    // System.out.println("UserManager.login:"******"," + password);
    Session session = sessionService.getSession();
    session.setOwner(user);

    User userObj = userDao.getUniqueEntityByOneProperty("userName", user);
    if (userObj == null) throw new SmException(SmException.USER_NOT_FOUND, user);
    String serverPwd = EncryptUtils.clientPwd2ServerPwd(password);
    if (!serverPwd.equals(userObj.getPassword()))
      throw new SmException(SmException.PASSWORD_WRONG, user);

    if (userObj.getState() == User.STATE_DISABLE) throw new SmException(SmException.USER_DISABLE);

    long now = System.currentTimeMillis();
    if (userObj.getExpiredTime() != null) {
      if (now >= userObj.getExpiredTime()) {
        throw new SmException(SmException.USER_EXPIRED);
      }
    }

    if (userObj.getPasswordExpiredTime() != null) {
      if (now >= userObj.getPasswordExpiredTime()) {
        throw new SmException(SmException.PASSWORD_EXPIRED);
      }
    }

    // 更新session中的owner属性
    String clientIp = session.getIp();
    if (CollectionUtils.isNotEmpty(userObj.getIpRanges())) {
      long ip = WatchUtil.getAddrLong(clientIp);
      boolean inRange = false;
      for (IpRange ipRange : userObj.getIpRanges()) {
        if (ipRange.isInRange(ip)) {
          inRange = true;
          break;
        }
      }
      if (!inRange) throw new SmException(SmException.NOT_IN_IPRANGE);
    }

    session.setSessionState(SessionState.Active);
    // 第一次login需要初始化mgmt cache,permission cache
    Set<Long> userSessionIds = loginedUserSessions.get(user);
    if (userSessionIds == null) {
      userSessionIds = new HashSet<Long>();
      loginedUserSessions.put(user, userSessionIds);
    }
    userSessionIds.add(session.getSessionId());
    if (userSessionIds.size() == 1) {
      // 初始化2个cache
      mgmtScopeManager.setUserMgmtScope(user, userObj.getMgmtScope());
      userPermissionTree.buildUserPermissionTree(userObj);
    }
  }
Пример #2
0
  private void logoutSession(Session session) {
    if (session == null) return;
    String userName = session.getOwner();
    if (userName == null) return;
    Set<Long> userSessionIds = loginedUserSessions.get(userName);
    if (userSessionIds == null) return;

    userSessionIds.remove(session.getSessionId());
    if (userSessionIds.size() == 0) {
      // 清理该user的mgmt scope,permission cache
      loginedUserSessions.remove(userName);
      mgmtScopeManager.removeUserMgmtScope(userName);
      userPermissionTree.removeUserMoPermission(userName);
    }
  }
Пример #3
0
 /**
  * 注销
  *
  * @param sessionId
  */
 public void logout(long sessionId) {
   Session session = sessionService.getSessionById(sessionId);
   session.setSessionState(SessionState.Deactive);
   logoutSession(session);
 }