Examples with AccountVO com.netsteadfast.greenstep.vo.AccountVO used on opensource projects

Example 1 with AccountVO

use of com.netsteadfast.greenstep.vo.AccountVO in project bamboobsc by billchen198318.

the class UserLoginInterceptor method getUserCurrentCookie.

/**
	 * 取出core-web 登入後產生的cookie, 這個cookie放了 account 與 current-id
	 * 拿這兩個去 TB_SYS_USESS 查看有沒有在core-web有登入過
	 * 如果有在core-web登入, 產生 AccountVO 與回傳 true
	 * 
	 * @param actionContext
	 * @return
	 * @throws Exception
	 */
private boolean getUserCurrentCookie(ActionContext actionContext) throws Exception {
    Map<String, String> dataMap = UserCurrentCookie.getCurrentData((HttpServletRequest) actionContext.get(StrutsStatics.HTTP_REQUEST));
    String account = StringUtils.defaultString(dataMap.get("account"));
    String currentId = StringUtils.defaultString(dataMap.get("currentId"));
    //String sessionId = StringUtils.defaultString( dataMap.get("sessionId") );
    if (StringUtils.isBlank(account) || currentId.length() != 36) /*|| StringUtils.isBlank(sessionId)*/
    {
        return false;
    }
    // 發現有時 UserCurrentCookie 寫入的 sessionId 與當前 sessionId 會不一樣
    if (this.uSessLogHelper.countByCurrent(account, currentId) > 0) {
        // this.uSessLogHelper.countByCurrent(account, currentId, sessionId) >0 		 	
        accountObj = new AccountVO();
        ((AccountVO) accountObj).setAccount(account);
        DefaultResult<AccountVO> result = this.accountService.findByUK(((AccountVO) accountObj));
        if (result.getValue() == null) {
            accountObj = null;
        } else {
            accountObj = result.getValue();
        }
    }
    return (accountObj != null && !StringUtils.isBlank(accountObj.getAccount()));
}

Example 2 with AccountVO

use of com.netsteadfast.greenstep.vo.AccountVO in project bamboobsc by billchen198318.

the class UserLoginInterceptor method intercept.

@Override
public String intercept(ActionInvocation actionInvocation) throws Exception {
    ActionContext actionContext = actionInvocation.getInvocationContext();
    Map<String, Object> session = actionContext.getSession();
    this.accountObj = (AccountObj) session.get(Constants.SESS_ACCOUNT);
    boolean fromCookieCheckOrRetySubjectLogin = false;
    // 有 sysCurrentId 的 cookie, 但用這個cookie資料count tb_sys_usess 又與 core-web 的資料不符
    boolean getUserCurrentCookieFail = false;
    String contextPath = ServletActionContext.getServletContext().getContextPath();
    if (!contextPath.endsWith(ApplicationSiteUtils.getContextPathFromMap(Constants.getMainSystem()))) {
        /**
			 * 1. 先用admin登入
			 * 2. 登出admin 改用 tester登入
			 * 這樣的話 gsbsc-web 的 http-session 還是admin , 所以非core-web 要檢查當前CURRENT cookie 中的帳戶是否與 gsbsc-web 一樣
			 * 要是不同的話就讓這個 http-session 失效掉
			 */
        this.invalidCurrentSessionForDifferentAccount(actionContext);
        SecurityUtils.setSecurityManager((DefaultSecurityManager) AppContext.getBean("securityManager"));
        Subject subject = SecurityUtils.getSubject();
        if (accountObj == null) {
            fromCookieCheckOrRetySubjectLogin = getUserCurrentCookie(actionContext);
            if (!fromCookieCheckOrRetySubjectLogin && UserCurrentCookie.foundCurrent((HttpServletRequest) actionContext.get(StrutsStatics.HTTP_REQUEST))) {
                // 有 sysCurrentId 的 cookie, 但用這個cookie資料count tb_sys_usess 又與 core-web 的資料不符
                getUserCurrentCookieFail = true;
            }
        }
        if (accountObj != null && !subject.isAuthenticated()) {
            fromCookieCheckOrRetySubjectLogin = true;
        }
    }
    if (accountObj != null && !StringUtils.isBlank(accountObj.getAccount())) {
        if (uSessLogHelper.countByAccount(accountObj.getAccount()) < 1) {
            return this.redirectLogin(session, getUserCurrentCookieFail);
        }
        if (fromCookieCheckOrRetySubjectLogin) {
            // core-web 有 session了, 但gsbsc-web 沒有session, 所以產生gsbsc-web 的 http session		
            SecurityUtils.setSecurityManager((DefaultSecurityManager) AppContext.getBean("securityManager"));
            Subject subject = SecurityUtils.getSubject();
            GreenStepBaseUsernamePasswordToken token = new GreenStepBaseUsernamePasswordToken();
            token.setRememberMe(false);
            token.setCaptcha("");
            token.setUsername(accountObj.getAccount());
            token.setPassword(((AccountVO) accountObj).getPassword().toCharArray());
            if (!subject.isAuthenticated()) {
                subject.login(token);
            }
            UserAccountHttpSessionSupport.create(actionContext, accountObj);
        }
        return actionInvocation.invoke();
    }
    return this.redirectLogin(session, getUserCurrentCookieFail);
}

Example 3 with AccountVO

use of com.netsteadfast.greenstep.vo.AccountVO in project bamboobsc by billchen198318.

the class GreenStepBaseFormAuthenticationFilter method executeLogin.

protected boolean executeLogin(ServletRequest request, ServletResponse response) throws Exception {
    GreenStepBaseUsernamePasswordToken token = (GreenStepBaseUsernamePasswordToken) this.createToken(request, response);
    try {
        this.doCaptchaValidate((HttpServletRequest) request, token);
        AccountVO account = this.queryUser(token.getUsername());
        this.userValidate(account);
        Subject subject = this.getSubject(request, response);
        subject.login(token);
        // set session
        this.setUserSession((HttpServletRequest) request, (HttpServletResponse) response, account);
        return this.onLoginSuccess(token, subject, request, response);
    } catch (AuthenticationException e) {
        // clear session	
        UserAccountHttpSessionSupport.remove((HttpServletRequest) request);
        this.getSubject(request, response).logout();
        return this.onLoginFailure(token, e, request, response);
    }
}

Example 4 with AccountVO

use of com.netsteadfast.greenstep.vo.AccountVO in project bamboobsc by billchen198318.

the class GreenStepMobileFormAuthenticationFilter method executeLogin.

protected boolean executeLogin(ServletRequest request, ServletResponse response) throws Exception {
    GreenStepBaseUsernamePasswordToken token = (GreenStepBaseUsernamePasswordToken) this.createToken(request, response);
    try {
        this.doCaptchaValidate((HttpServletRequest) request, token);
        ShiroLoginSupport loginSupport = new ShiroLoginSupport();
        AccountVO account = loginSupport.queryUserValidate(token.getUsername());
        Subject subject = this.getSubject(request, response);
        subject.login(token);
        // set session
        this.setUserSession((HttpServletRequest) request, (HttpServletResponse) response, account);
        return this.onLoginSuccess(token, subject, request, response);
    } catch (AuthenticationException e) {
        // clear session	
        UserAccountHttpSessionSupport.remove((HttpServletRequest) request);
        this.getSubject(request, response).logout();
        return this.onLoginFailure(token, e, request, response);
    }
}

Example 5 with AccountVO

use of com.netsteadfast.greenstep.vo.AccountVO in project bamboobsc by billchen198318.

the class ShiroLoginSupport method queryUserValidate.

public AccountVO queryUserValidate(String account) throws Exception {
    AccountVO accountObj = this.queryUser(account);
    this.userValidate(accountObj);
    return accountObj;
}