Example 1 with SigningServerException
use of com.itrus.cryptorole.SigningServerException in project portal by ixinportal.
the class BindCertWebController method loginCertSendCode.
/**
* 证书登陆绑定手机,发送验证码 szy 2016年8月18日 下午3:54:40
*
* @param mPhone
* 手机号
* @param projectId
* 项目id
* @param productId
* 产品id
* @param code
* 短信验证码
* @param certBase64
* 证书信息
* @return Map<String,Object> retCode -1失败,0成功,1该证书已经绑定过用户 hasUserInfo -1
* 没有用户, 0 有用户
*/
@RequestMapping("/loginCertSendCode")
@ResponseBody
public Map<String, Object> loginCertSendCode(@RequestParam(value = "mPhone", required = true) String mPhone, @RequestParam(value = "productId", required = false) Long productId, @RequestParam(value = "projectId", required = false) Long projectId, @RequestParam(value = "certBase64", required = true) String certBase64, @RequestParam(value = "enterpriseName", required = true) String enterpriseName, HttpSession session) {
Map<String, Object> retMap = new HashMap<String, Object>();
// 默认发送失败
retMap.put("retCode", -1);
// 查询使用手机号mPhone注册的用户
UserInfo userInfo = userInfoService.getUserInfoByMphone(mPhone);
// -1表示没有用户
retMap.put("hasUserInfo", -1);
try {
if (null != userInfo) {
// 0表示有用户
retMap.put("hasUserInfo", 0);
// false 是未关联, true已经关联
if (userCertService.isBindCert(userInfo.getId(), certBase64)) {
retMap.put("retCode", 1);
retMap.put("retMsg", "该证书已绑定过用户");
return retMap;
}
}
if (null != projectId && null != productId) {
session.setAttribute("webnoProduct", false);
} else {
Product product = getProjectByCertBase64(certBase64);
projectId = product.getProject();
productId = product.getId();
session.setAttribute("webnoProduct", true);
}
// 发送验证码
// ZSBD表示短信模版类型为‘绑定证书’。
dynamicCodeService.sendCode(mPhone, projectId, "ZSBD");
// 发送成功
retMap.put("retCode", 0);
// 返回企業信息
Enterprise et = enterpriseService.getEntByName(enterpriseName);
retMap.put("enterprise", et);
// 将productId, projectId放入session
session.setAttribute("webproductId", productId);
session.setAttribute("webprojectId", projectId);
// session.setAttribute("certBase64", certBase64);
retMap.put("productId", productId);
retMap.put("projectId", projectId);
} catch (CertificateException e) {
retMap.put("retMsg", e.getMessage());
return retMap;
} catch (SigningServerException e) {
retMap.put("retMsg", e.getMessage());
return retMap;
} catch (UserInfoServiceException e) {
retMap.put("retMsg", e.getMessage());
return retMap;
}
return retMap;
}
Also used :
HashMap(java.util.HashMap)
Enterprise(com.itrus.portal.db.Enterprise)
Product(com.itrus.portal.db.Product)
SigningServerException(com.itrus.cryptorole.SigningServerException)
UserInfo(com.itrus.portal.db.UserInfo)
CertificateException(java.security.cert.CertificateException)
UserInfoServiceException(com.itrus.portal.exception.UserInfoServiceException)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
ResponseBody(org.springframework.web.bind.annotation.ResponseBody)
Example 2 with SigningServerException
use of com.itrus.cryptorole.SigningServerException in project portal by ixinportal.
the class BindCertWebController method bindPageDo.
/**
* 验证证书有效性(进入绑定证书页面前调用)
*
* @param certBase64
* @param session
* @param uiModel
* @return
*/
@RequestMapping("/bindCertDo")
@ResponseBody
public Map<String, Object> bindPageDo(@RequestParam(value = "certBase64", required = true) String certBase64, HttpSession session, Model uiModel) {
Map<String, Object> retMap = new HashMap<String, Object>();
// 0标识发送验证码失败,1标识成功
retMap.put("retCode", 0);
try {
// 得到证书信息
UserCert userCert = userCertService.getUserCert(certBase64);
retMap.put("retCode", 1);
retMap.put("certSn", userCert.getCertSn());
} catch (CertificateException e) {
retMap.put("retMsg", e.getMessage());
return retMap;
} catch (SigningServerException e) {
retMap.put("retMsg", e.getMessage());
return retMap;
} catch (Exception e) {
retMap.put("retMsg", e.getMessage());
return retMap;
}
return retMap;
}
Also used :
HashMap(java.util.HashMap)
SigningServerException(com.itrus.cryptorole.SigningServerException)
CertificateException(java.security.cert.CertificateException)
JsonGenerationException(org.codehaus.jackson.JsonGenerationException)
JsonMappingException(org.codehaus.jackson.map.JsonMappingException)
IOException(java.io.IOException)
CertificateException(java.security.cert.CertificateException)
SigningServerException(com.itrus.cryptorole.SigningServerException)
UserInfoServiceException(com.itrus.portal.exception.UserInfoServiceException)
UserCert(com.itrus.portal.db.UserCert)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
ResponseBody(org.springframework.web.bind.annotation.ResponseBody)
Example 3 with SigningServerException
use of com.itrus.cryptorole.SigningServerException in project portal by ixinportal.
the class UserFromClientLoginController method loginByCert.
/**
* retCode:
* 0.表示错误,弹出错误提示 1.表示证书登录成功,并且已经绑定了用户,跳转首页 2.表示证书未绑定用户,需要先进行用户绑定,跳转证书绑定页面
*
* @param pkcs7
* @param keySn
* @param session
* @return
*/
@RequestMapping("/loginByCert")
@ResponseBody
public Map<String, Object> loginByCert(@RequestParam("pkcs7") String pkcs7, @RequestParam("keySn") String keySn, @RequestParam("enterpriseName") String enterpriseName, HttpSession session) {
Map<String, Object> retMap = new HashMap<String, Object>();
retMap.put("retCode", 0);
if (StringUtils.isBlank(pkcs7) || StringUtils.isBlank(keySn) || StringUtils.isBlank(enterpriseName)) {
retMap.put("retMsg", "缺少请求参数,请重新尝试");
return retMap;
}
// 验证签名
String webrandom = (String) session.getAttribute("webrandom");
// 验证签名
X509Certificate cert;
try {
cert = X509Certificate.getInstance(SVM.verifySignature("LOGONDATA:" + webrandom, pkcs7));
// 获得证书信息
UserCert userCert = userCertService.getUserCert(cert);
if (StringUtils.isBlank(userCert.getKeySn()) || !userCert.getKeySn().equals(keySn)) {
userCert.setKeySn(keySn);
// 更新证书对应的keysn
sqlSession.update("com.itrus.portal.db.UserCertMapper.updateByPrimaryKey", userCert);
}
if (null != userCert.getIsValid() && userCert.getIsValid().equals(0)) {
retMap.put("retMsg", "该证书已过期,请使用更新后的证书登录");
return retMap;
}
Long userid = userCert.getUserinfo();
UserInfo userInfo = null;
if (null != userid) {
UserInfoExample example = new UserInfoExample();
UserInfoExample.Criteria criteria = example.or();
criteria.andIdEqualTo(userid);
userInfo = sqlSession.selectOne("com.itrus.portal.db.UserInfoMapper.selectByExample", example);
}
retMap.put("has_userInfo", 1);
if (userInfo == null) {
// 证书不存在绑定的用户,需要跳转用户绑定页面
retMap.put("has_userInfo", 0);
}
Enterprise enterprise = null;
if (null != userCert.getEnterprise()) {
enterprise = enterpriseService.getEnterpriseById(userCert.getEnterprise());
}
retMap.put("has_enterpriseInfo", 1);
if (null == enterprise) {
// 证书不存在企业信息,需要补充企业信息
retMap.put("has_enterpriseInfo", 0);
}
// 设置session
// 验证码验证通过
session.setAttribute(ComNames.WEB_VERIFY_CODE_STATUS, true);
session.setAttribute(ComNames.WEB_USER_INFO, userInfo);
session.setAttribute(ComNames.WEB_ENTERPRISE, enterprise);
if (null == userInfo || null == enterprise) {
// 证书不存在企业信息,需要补充企业信息
retMap.put("retCode", 2);
return retMap;
}
// 成功
retMap.put("retCode", 1);
// 记录日志
UserLog userlog = new UserLog();
userlog.setProject(userInfo.getProject());
userlog.setType("客户端证书登录");
userlog.setInfo("证书登录成功");
userlog.setHostId("未知");
userlog.setSn(null == userInfo.getUniqueId() ? null : userInfo.getUniqueId());
LogUtil.userlog(sqlSession, userlog);
} catch (CertificateException e) {
retMap.put("retMsg", e.getMessage());
return retMap;
} catch (SigningServerException e) {
retMap.put("retMsg", e.getMessage());
return retMap;
} catch (Exception e) {
retMap.put("retMsg", "服务端出现未知异常,请联系管理员");
String info = "证书登录失败,原因:" + e.getMessage();
LogUtil.syslog(sqlSession, "证书登录", info);
return retMap;
}
return retMap;
}
Also used :
CertificateException(java.security.cert.CertificateException)
X509Certificate(com.itrus.cert.X509Certificate)
JsonMappingException(org.codehaus.jackson.map.JsonMappingException)
ParseException(java.text.ParseException)
JsonGenerationException(org.codehaus.jackson.JsonGenerationException)
IOException(java.io.IOException)
CertificateException(java.security.cert.CertificateException)
SigningServerException(com.itrus.cryptorole.SigningServerException)
UserInfoServiceException(com.itrus.portal.exception.UserInfoServiceException)
SigningServerException(com.itrus.cryptorole.SigningServerException)
Example 4 with SigningServerException
use of com.itrus.cryptorole.SigningServerException in project portal by ixinportal.
the class UserFromClientLoginController method loginCertBind.
/**
* 证书绑定.
* retCode.0为失败,弹出错误信息.1为成功,跳转首页
* @param has_userInfo
* @param has_enterpriseInfo
* @param certSn
* @param keySn
* @param mPhone
* @param password
* @param code
* @param certBase64
* @param enterprise
* @param session
* @return
*/
@RequestMapping("/loginCertBind")
@ResponseBody
public Map<String, Object> loginCertBind(@RequestParam(value = "has_userInfo", required = true) Integer has_userInfo, @RequestParam(value = "has_enterpriseInfo", required = true) Integer has_enterpriseInfo, @RequestParam(value = "certSn", required = true) String certSn, @RequestParam(value = "keySn", required = true) String keySn, @RequestParam(value = "mPhone", required = true) String mPhone, @RequestParam(value = "code", required = true) String code, @RequestParam(value = "password", required = false) String password, @RequestParam(value = "certBase64", required = true) String certBase64, @ModelAttribute("enterprise") Enterprise enterprise, HttpSession session) {
Map<String, Object> retMap = new HashMap<String, Object>();
// 错误
retMap.put("retCode", 0);
DefaultTransactionDefinition def = new DefaultTransactionDefinition();
def.setPropagationBehavior(TransactionDefinition.PROPAGATION_REQUIRED);
TransactionStatus status = transactionManager.getTransaction(def);
try {
ProjectKeyInfo projectKeyInfo = cacheCustomer.findProjectByKey(keySn);
if (null == projectKeyInfo) {
retMap.put("retMsg", "无法识别Key序列号:" + keySn + ",所属的项目,请联系系统管理员配置");
}
Project project = projectService.selectByPrimaryKey(projectKeyInfo.getProject());
// 验证动态码,
if (!dynamicCodeService.verifyCode(mPhone, code)) {
retMap.put("retMsg", "动态码验证失败");
return retMap;
}
UserInfo userInfo = userInfoService.getUserInfoByMphone(mPhone);
if (null != has_userInfo && has_userInfo.equals(0)) {
// 绑定用户和证书
if (null == userInfo) {
if (StringUtils.isBlank(password)) {
retMap.put("retMsg", "请先设置登录口令");
return retMap;
}
if (project != null) {
// 先自动创建用户
userInfo = userInfoService.registerUserInfo(mPhone, password, project.getId());
// 记录系统日志
String info = mPhone + "注册成功";
LogUtil.syslog(sqlSession, "注册用户", info);
}
}
}
if (null != has_enterpriseInfo && has_enterpriseInfo.equals(0)) {
// 没有企业,则新建企业信息
if (null == enterprise || StringUtils.isBlank(enterprise.getEnterpriseSn()) || StringUtils.isBlank(enterprise.getEnterpriseName()) || null == enterprise.getEnterpriseNature() || null == enterprise.getOrgIndustry()) {
retMap.put("retMsg", "您提交的企业信息不完整");
return retMap;
}
// 校验企业信息
enterpriseValidator.validator(enterprise);
enterprise = enterpriseService.addEnterPrise(enterprise);
}
if ((null == enterprise || null == enterprise.getId()) && null != has_enterpriseInfo && has_enterpriseInfo.equals(1)) {
enterprise = (Enterprise) session.getAttribute(ComNames.WEB_ENTERPRISE);
}
// 添加企业-代理人关联关系
UserinfoEnterprise userinfoEnterprise = userInfoEnterpriseServiceImpl.selectOne(enterprise.getId(), userInfo.getId());
if (null == userinfoEnterprise) {
userInfoEnterpriseServiceImpl.saveUserInfoEnterprise(userInfo.getId(), enterprise.getId());
}
// 获取证书
UserCert userCert = userCertService.getUserCert(certBase64);
// 判断是否已和证书绑定
if (userCertService.isBindCert(userInfo.getId(), certBase64)) {
retMap.put("retMsg", "该证书已绑定过用户");
return retMap;
}
// key序列号
if (StringUtils.isNotBlank(keySn)) {
userCert.setKeySn(keySn);
}
// 绑定证书与用户关系
userCert.setUserinfo(userInfo.getId());
userCert.setEnterprise(enterprise.getId());
sqlSession.update("com.itrus.portal.db.UserCertMapper.updateByPrimaryKey", userCert);
session.setAttribute(ComNames.WEB_USER_INFO, userInfo);
session.setAttribute(ComNames.WEB_ENTERPRISE, enterprise);
session.setAttribute(ComNames.WEB_VERIFY_CODE_STATUS, true);
transactionManager.commit(status);
// 返回绑定成功
retMap.put("retCode", 1);
} catch (CertificateException e) {
if (!status.isCompleted())
transactionManager.rollback(status);
retMap.put("retMsg", e.getMessage());
return retMap;
} catch (UserInfoServiceException e) {
if (!status.isCompleted())
transactionManager.rollback(status);
retMap.put("retMsg", e.getMessage());
return retMap;
} catch (SigningServerException e) {
if (!status.isCompleted())
transactionManager.rollback(status);
retMap.put("retMsg", e.getMessage());
return retMap;
} catch (Exception e) {
if (!status.isCompleted())
transactionManager.rollback(status);
retMap.put("retMsg", "服务端出现未知异常,请联系管理员");
String info = mPhone + "绑定证书失败,原因:" + e.getMessage();
LogUtil.syslog(sqlSession, "绑定证书", info);
return retMap;
} finally {
if (!status.isCompleted())
transactionManager.rollback(status);
}
return retMap;
}
Also used :
DefaultTransactionDefinition(org.springframework.transaction.support.DefaultTransactionDefinition)
TransactionStatus(org.springframework.transaction.TransactionStatus)
CertificateException(java.security.cert.CertificateException)
UserInfoServiceException(com.itrus.portal.exception.UserInfoServiceException)
JsonMappingException(org.codehaus.jackson.map.JsonMappingException)
ParseException(java.text.ParseException)
JsonGenerationException(org.codehaus.jackson.JsonGenerationException)
IOException(java.io.IOException)
CertificateException(java.security.cert.CertificateException)
SigningServerException(com.itrus.cryptorole.SigningServerException)
UserInfoServiceException(com.itrus.portal.exception.UserInfoServiceException)
SigningServerException(com.itrus.cryptorole.SigningServerException)
Example 5 with SigningServerException
use of com.itrus.cryptorole.SigningServerException in project portal by ixinportal.
the class ApplicationInfoController method update.
// 修改处理
@RequestMapping(method = RequestMethod.PUT, produces = "text/html")
public String update(@Valid ApplicationInfo applicationInfo, Long isupdate, BindingResult bindingResult, Model uiModel, HttpServletRequest httpServletRequest) {
if (bindingResult.hasErrors()) {
uiModel.addAttribute("applicationInfo", applicationInfo);
return "applicationinfo/update";
}
ApplicationInfo applicationInfo0 = applicationInfoService.selectById(applicationInfo.getId());
applicationInfo.setAppId(applicationInfo0.getAppId());
applicationInfo.setSecretKey(applicationInfo0.getSecretKey());
applicationInfo.setAppServiceItems(applicationInfo0.getAppServiceItems());
applicationInfo.setCreator(applicationInfo0.getCreator());
applicationInfo.setCreateTime(applicationInfo0.getCreateTime());
applicationInfo.setModifier(getAdmin().getId());
applicationInfo.setModifyTime(new Date());
applicationInfo.setAppId2(applicationInfo0.getAppId2());
applicationInfo.setSecretKey2(applicationInfo0.getSecretKey2());
// applicationInfo.setCallback(applicationInfo0.getCallback());
EvidenceCert cert = new EvidenceCert();
if (isupdate == null) {
if (!"applicationinfo.certBase64".equals(applicationInfo.getCertBase64())) {
String result = null;
try {
sun.misc.BASE64Decoder decoder = new sun.misc.BASE64Decoder();
byte[] bt = decoder.decodeBuffer(applicationInfo.getCertBase64());
result = new String(bt, "utf-8");
UserCert userCert = CertUtil.getCertFromBase64(result);
cert.setCreateTime(new Date());
result = result.replaceAll("-----BEGIN CERTIFICATE-----", "").replaceAll("-----END CERTIFICATE-----", "").replaceAll("\r", "").replaceAll("\n", "");
cert.setCertBase64(result);
cert.setStartTime(userCert.getCertStartTime());
cert.setEndTime(userCert.getCertEndTime());
cert.setCertSerialnumber(userCert.getCertSn());
cert.setIssuerdn(userCert.getIssuerDn());
cert.setSubjectdn(userCert.getCertDn());
/*if(userCert.getCertBuf()!=null){
cert.setEvidenceBuf(userCert.getCertBuf().toString());
}*/
sqlSession.insert("com.itrus.portal.db.EvidenceCertMapper.insert", cert);
String certDn = userCert.getCertDn();
// applicationInfo.setCertBase64(cert.getId().toString());
applicationInfo.setCertBase64(cert.getId().toString());
applicationInfo.setCertDn(certDn);
applicationInfo.setCertCn(EvidenceSaveServiceApi.getCertCn(certDn));
// applicationInfo.setCertBase64(result);
/*UserCert userCert = CertUtil.getCertFromBase64(result);
String certDn = userCert.getCertDn();
applicationInfo.setCertDn(certDn);
applicationInfo.setCertCn(EvidenceSaveServiceApi.getCertCn(certDn));*/
} catch (CertificateException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (SigningServerException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (UnsupportedEncodingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
} else {
applicationInfo.setCertBase64(null);
}
applicationInfoService.updateByApplicationInfo(applicationInfo);
} else {
applicationInfo.setCertBase64(applicationInfo0.getCertBase64());
applicationInfo.setCertDn(applicationInfo0.getCertDn());
applicationInfo.setCertCn(applicationInfo0.getCertCn());
applicationInfoService.updateByApplicationInfo(applicationInfo);
}
/*else if(isupdate==1){
try {
applicationInfo.setCertBase64(applicationInfo0.getCertBase64());
UserCert userCert = CertUtil.getCertFromBase64(applicationInfo0.getCertBase64());
String certDn = userCert.getCertDn();
applicationInfo.setCertDn(certDn);
applicationInfo.setCertCn(EvidenceSaveServiceApi.getCertCn(certDn));
} catch (CertificateException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (SigningServerException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}*/
String oper = "修改应用";
String info = "应用名称: " + applicationInfo.getName();
LogUtil.adminlog(sqlSession, oper, info);
return "redirect:applicationinfo/" + applicationInfo.getId();
}
Also used :
ApplicationInfo(com.itrus.portal.db.ApplicationInfo)
UnsupportedEncodingException(java.io.UnsupportedEncodingException)
CertificateException(java.security.cert.CertificateException)
IOException(java.io.IOException)
Date(java.util.Date)
EvidenceCert(com.itrus.portal.db.EvidenceCert)
SigningServerException(com.itrus.cryptorole.SigningServerException)
UserCert(com.itrus.portal.db.UserCert)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Aggregations
SigningServerException (com.itrus.cryptorole.SigningServerException)15
CertificateException (java.security.cert.CertificateException)13
IOException (java.io.IOException)10
UserInfoServiceException (com.itrus.portal.exception.UserInfoServiceException)9
RequestMapping (org.springframework.web.bind.annotation.RequestMapping)9
UserCert (com.itrus.portal.db.UserCert)7
HashMap (java.util.HashMap)6
JsonGenerationException (org.codehaus.jackson.JsonGenerationException)6
JsonMappingException (org.codehaus.jackson.map.JsonMappingException)6
ResponseBody (org.springframework.web.bind.annotation.ResponseBody)6
UnsupportedEncodingException (java.io.UnsupportedEncodingException)5
Date (java.util.Date)5
UserInfo (com.itrus.portal.db.UserInfo)4
X509Certificate (com.itrus.cert.X509Certificate)3
Enterprise (com.itrus.portal.db.Enterprise)3
EvidenceCert (com.itrus.portal.db.EvidenceCert)3
ParseException (java.text.ParseException)3
TransactionStatus (org.springframework.transaction.TransactionStatus)3
DefaultTransactionDefinition (org.springframework.transaction.support.DefaultTransactionDefinition)3
Product (com.itrus.portal.db.Product)2
