单点登录完成

4 years ago · 4193e956ab
parent 1f2b304968
commit 4193e956ab
16 changed files with 591 additions and 296 deletions
--- a/modules/i3plus-core-api/src/main/java/cn/estsh/i3plus/core/api/iservice/base/ISystemLoginService.java
+++ b/modules/i3plus-core-api/src/main/java/cn/estsh/i3plus/core/api/iservice/base/ISystemLoginService.java
@ -66,6 +66,30 @@ public interface ISystemLoginService {
     */
    @ApiOperation(value = "封装用户", notes = "封装超级管理员信息")
    SessionUser queryCheckSaAdminLogin(SaAdminToken authenticationToken);
    /**
     * E9用户单点登录
     *
     * @param userToken 用户token
     * @return 用户会话
     */
    @ApiOperation(value = "封装用户", notes = "封装普通用户信息")
    SessionUser queryCheckE9UserLogin(UserToken userToken);
    /**
     * E9Admin单点登录
     *
     * @param adminToken admin token
     * @return 用户会话
     */
    @ApiOperation(value = "封装用户", notes = "封装管理员信息")
    SessionUser queryCheckE9AdminLogin(AdminToken adminToken);
    /**
     * E9 SA单点登录
     * @param saAdminToken sa token
     * @return 用户会话
     */
    @ApiOperation(value = "封装用户", notes = "封装超级管理员信息")
    SessionUser queryCheckE9SaAdminLogin(SaAdminToken saAdminToken);
    /**
     * 记录登录错误
--- a/modules/i3plus-core-api/src/main/java/cn/estsh/i3plus/core/api/iservice/busi/ISysUserService.java
+++ b/modules/i3plus-core-api/src/main/java/cn/estsh/i3plus/core/api/iservice/busi/ISysUserService.java
@ -20,19 +20,21 @@ public interface ISysUserService {
    /**
     * 账号登录
     *
     * @param loginName    登录名
     * @param password     登录密码
     * @param languageCode 界面语言
     * @return
     */
    @ApiOperation(value = "账号登录", notes = "普通账号登录功能")
-    SessionUser queryUserLogin(String loginName, String password, String languageCode,Integer loginPlatform,String deviceId) throws AuthenticationException;
+    SessionUser loginUser(String loginName, String password, String languageCode, Integer loginPlatform, String deviceId) throws AuthenticationException;
    @ApiOperation(value = "获取Token", notes = "根据登录名判断是否是管理员")
    BaseToken getToken(String loginName, String password, String languageCode, Integer loginPlatform);
    /**
     * 修改状态
     *
     * @param id     修改账号状态
     * @param status 状态
     * @param user   当前会话账号
@ -46,6 +48,7 @@ public interface ISysUserService {
    /**
     * 批量修改账号状态
     *
     * @param ids
     * @param status
     * @param user
@ -55,6 +58,7 @@ public interface ISysUserService {
    /**
     * 修改账号信息
     *
     * @param sysUser
     */
    @ApiOperation(value = "修改账号信息", notes = "修改账号信息")
@ -62,6 +66,7 @@ public interface ISysUserService {
    /**
     * 修改账号密码
     *
     * @param userId   需要修改的账号ID
     * @param password 旧密码
     * @param newPwd   新密码
@ -71,6 +76,7 @@ public interface ISysUserService {
    /**
     * 刷新账号登录信息
     *
     * @param userId
     */
    @ApiOperation(value = "刷新账号", notes = "刷新账号登录信息")
@ -78,6 +84,7 @@ public interface ISysUserService {
    /**
     * 新增账号信息
     *
     * @param sysUser 新增账号
     * @return
     */
@ -86,6 +93,7 @@ public interface ISysUserService {
    /**
     * 添加 账号登录信息
     *
     * @param sysLogUserLogin
     * @return
     */
@ -94,6 +102,7 @@ public interface ISysUserService {
    /**
     * 刷新账号角色关系
     *
     * @param sysUser
     * @param roleIds
     * @param userName
@ -103,6 +112,7 @@ public interface ISysUserService {
    /**
     * 根据Key 删除数据
     *
     * @param id
     * @return
     */
@ -111,6 +121,7 @@ public interface ISysUserService {
    /**
     * 批量删除账号 逻辑删除
     *
     * @param ids  需要删除的账号ID
     * @param user 当前会话账号
     */
@ -119,6 +130,7 @@ public interface ISysUserService {
    /**
     * 查询所有数据
     *
     * @return
     */
    @ApiOperation(value = "查询所有", notes = "查询所有账号信息")
@ -126,6 +138,7 @@ public interface ISysUserService {
    /**
     * 查询所有数据
     *
     * @return
     */
    @ApiOperation(value = "查询所有", notes = "查询所有账号信息")
@ -133,6 +146,7 @@ public interface ISysUserService {
    /**
     * 根据角色查询用户信息
     *
     * @param roleId 角色ID
     * @return 获取用户ID 集合
     */
@ -149,6 +163,7 @@ public interface ISysUserService {
    /**
     * 复杂查询
     *
     * @param user
     * @param pager
     * @return
@ -161,6 +176,7 @@ public interface ISysUserService {
    /**
     * 根据id 数据
     *
     * @param id
     * @return
     */
@ -169,6 +185,7 @@ public interface ISysUserService {
    /**
     * 获取账号详细信息
     *
     * @param id
     * @return
     */
@ -177,6 +194,7 @@ public interface ISysUserService {
    /**
     * 根据登录名称 获取账号信息
     *
     * @param loginName
     * @return
     */
@ -185,6 +203,7 @@ public interface ISysUserService {
    /**
     * 根据手机号查询账号
     *
     * @param email
     * @return
     */
@ -193,6 +212,7 @@ public interface ISysUserService {
    /**
     * 根据手机号查询账号
     *
     * @param phone
     * @return
     */
@ -201,6 +221,7 @@ public interface ISysUserService {
    /**
     * 查出账号角色关系
     *
     * @param userId
     * @return
     */
@ -209,6 +230,7 @@ public interface ISysUserService {
    /**
     * 判断账号名是否存在
     *
     * @param userLoginName
     * @param id
     * @return
@ -218,6 +240,7 @@ public interface ISysUserService {
    /**
     * 判断邮箱是否存在
     *
     * @param email
     * @param id
     * @return
@ -227,6 +250,7 @@ public interface ISysUserService {
    /**
     * 判断手机是否存在
     *
     * @param phone
     * @param id
     * @return
@ -236,6 +260,7 @@ public interface ISysUserService {
    /**
     * 账号唯一教研
     *
     * @param user
     */
    @ApiOperation(value = "账号检查", notes = "检查账号信息唯一(登录名、邮箱、手机号)")
@ -243,6 +268,7 @@ public interface ISysUserService {
    /**
     * 获取用户数量
     *
     * @return 用户数量
     */
    @ApiOperation(value = "查询账户数量")
@ -250,6 +276,7 @@ public interface ISysUserService {
    /**
     * 登录封装账号信息
     *
     * @param sessionUser
     * @param user
     * @param userType
@ -267,6 +294,7 @@ public interface ISysUserService {
    /**
     * 根据id查询用户信息
     *
     * @param ids 用户id
     * @return 查询结果
     */
--- a/modules/i3plus-core-apiservice/pom.xml
+++ b/modules/i3plus-core-apiservice/pom.xml
@ -225,6 +225,12 @@
            <artifactId>elasticsearch</artifactId>
            <version>7.5.1</version>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-data-elasticsearch</artifactId>
            <version>2.4.2</version>
        </dependency>
    </dependencies>
    <build>
--- a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/ShiroAuthConfiguration.java
+++ b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/ShiroAuthConfiguration.java
@ -4,8 +4,13 @@ import cn.estsh.i3plus.core.apiservice.auth.realm.AdminAuthRealm;
 import cn.estsh.i3plus.core.apiservice.auth.realm.DefaultModularRealm;
 import cn.estsh.i3plus.core.apiservice.auth.realm.SaAuthRealm;
 import cn.estsh.i3plus.core.apiservice.auth.realm.UserAuthRealm;
 import cn.estsh.i3plus.core.apiservice.auth.realm.strategy.e9.E9AdminAuthRealm;
 import cn.estsh.i3plus.core.apiservice.auth.realm.strategy.e9.E9SaAuthRealm;
 import cn.estsh.i3plus.core.apiservice.auth.realm.strategy.e9.E9UserAuthRealm;
 import cn.estsh.i3plus.platform.common.util.CommonConstWords;
 import cn.estsh.i3plus.pojo.base.enumutil.CommonEnumUtil;
 import cn.estsh.i3plus.pojo.base.enumutil.ImppEnumUtil;
 import cn.estsh.i3plus.pojo.model.platform.RoleRealmModel;
 import cn.estsh.impp.framework.boot.auth.filter.AdminFilter;
 import cn.estsh.impp.framework.boot.auth.filter.SaAdminFilter;
 import cn.estsh.impp.framework.boot.auth.filter.UserFilter;
@ -26,9 +31,13 @@ import org.springframework.context.annotation.Configuration;
 import javax.annotation.Resource;
 import javax.servlet.Filter;
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.HashMap;
 import java.util.LinkedHashMap;
 import java.util.List;
 import java.util.Map;
 import java.util.stream.Collectors;
 /**
 * @Description : shiro权限配置
@ -83,12 +92,36 @@ public class ShiroAuthConfiguration {
        return new UserAuthRealm();
    }
-    public Map<String,Realm> supportRealmMap(){
+    @Bean
    public E9AdminAuthRealm e9AdminAuthRealm() {
        return new E9AdminAuthRealm();
    }
    @Bean
    public E9SaAuthRealm e9SaAuthRealm() {
        return new E9SaAuthRealm();
    }
    @Bean
    public E9UserAuthRealm e9UserAuthRealm() {
        return new E9UserAuthRealm();
    }
    public Map<String, RoleRealmModel> supportRealmMap() {
        //支持的授权规则
-        Map<String,Realm> realms = new HashMap(8);
+        Map<String, RoleRealmModel> realms = new HashMap(8);
-        realms.put(CommonEnumUtil.USER_TYPE.USER.getCode(),userAuthRealm());
+
-        realms.put(CommonEnumUtil.USER_TYPE.ADMIN.getCode(),adminAuthRealm());
+        RoleRealmModel defaultRoleRealmModel = RoleRealmModel.builder()
-        realms.put(CommonEnumUtil.USER_TYPE.SA.getCode(),saAuthRealm());
+                .userRealm(userAuthRealm())
                .adminRealm(adminAuthRealm())
                .saRealm(saAuthRealm()).build();
        realms.put(ImppEnumUtil.AUTH_LOGIN_STRATEGY.ACCOUNT.getCode(), defaultRoleRealmModel);
        RoleRealmModel e9RoleRealmModel = RoleRealmModel.builder()
                .userRealm(e9UserAuthRealm())
                .adminRealm(e9AdminAuthRealm())
                .saRealm(e9SaAuthRealm()).build();
        realms.put(ImppEnumUtil.AUTH_LOGIN_STRATEGY.E9.getCode(), e9RoleRealmModel);
        return realms;
    }
@ -103,7 +136,14 @@ public class ShiroAuthConfiguration {
        LOGGER.info("【app-shiro-加载securityManager】");
        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        securityManager.setAuthenticator(modularRealmAuthenticator());
-        securityManager.setRealms(supportRealmMap().values());
+
        List<Realm> allRealmBeans = new ArrayList<>();
        supportRealmMap().values().forEach(d -> {
            allRealmBeans.add(d.getUserRealm());
            allRealmBeans.add(d.getAdminRealm());
            allRealmBeans.add(d.getSaRealm());
        });
        securityManager.setRealms(allRealmBeans);
        securityManager.setCacheManager(getEhCacheManage);    //缓存管理
        securityManager.setSessionManager(getSessionManage);  //会话管理
        //securityManager.setRememberMeManager(getRememberManager());
--- a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/realm/DefaultModularRealm.java
+++ b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/realm/DefaultModularRealm.java
@ -2,10 +2,12 @@ package cn.estsh.i3plus.core.apiservice.auth.realm;
 import cn.estsh.i3plus.platform.common.util.PlatformConstWords;
 import cn.estsh.i3plus.pojo.base.bean.BaseThreadLocal;
-import cn.estsh.i3plus.pojo.base.enumutil.CommonEnumUtil;
+import cn.estsh.i3plus.pojo.base.enumutil.ImppEnumUtil;
 import cn.estsh.i3plus.pojo.base.shirotoken.AdminToken;
 import cn.estsh.i3plus.pojo.base.shirotoken.SaAdminToken;
 import cn.estsh.i3plus.pojo.base.shirotoken.UserToken;
 import cn.estsh.i3plus.pojo.model.platform.RoleRealmModel;
 import org.apache.commons.lang3.StringUtils;
 import org.apache.shiro.authc.AuthenticationException;
 import org.apache.shiro.authc.AuthenticationInfo;
 import org.apache.shiro.authc.AuthenticationToken;
@ -26,9 +28,10 @@ import java.util.Map;
 **/
 public class DefaultModularRealm extends ModularRealmAuthenticator {
    private static final Logger LOGGER = LoggerFactory.getLogger(DefaultModularRealm.class);
    private Map<String, Realm> definedRealms;
-    public DefaultModularRealm(Map<String, Realm> definedRealms) {
+    private Map<String, RoleRealmModel> definedRealms;
    public DefaultModularRealm(Map<String, RoleRealmModel> definedRealms) {
        this.definedRealms = definedRealms;
    }
@ -37,36 +40,38 @@ public class DefaultModularRealm extends ModularRealmAuthenticator {
        return super.doMultiRealmAuthentication(realms, token);
    }
-    public Map<String, Realm> getDefinedRealms() {
+    @Override
-        return this.definedRealms;
+    protected AuthenticationInfo doAuthenticate(AuthenticationToken token) throws AuthenticationException {
        Realm realm;
        RoleRealmModel roleRealmModel;
        String realmStrategy = (String) BaseThreadLocal.getData(PlatformConstWords.AUTH_LOGIN_STRATEGY);
        if (StringUtils.isEmpty(realmStrategy)) {
            roleRealmModel = this.definedRealms.get(ImppEnumUtil.AUTH_LOGIN_STRATEGY.ACCOUNT.getCode());
        } else {
            roleRealmModel = this.definedRealms.get(realmStrategy);
        }
-    public void setDefinedRealms(Map<String, Realm> definedRealms) {
+        realm = chooseRealmByUserType(token, roleRealmModel);
-        this.definedRealms = definedRealms;
+
        return this.doSingleRealmAuthentication(realm, token);
    }
-    @Override
+    private Realm chooseRealmByUserType(AuthenticationToken token, RoleRealmModel roleRealmModel) {
    protected AuthenticationInfo doAuthenticate(AuthenticationToken token) throws AuthenticationException {
        Realm realm;
        String realmStrategy = (String) BaseThreadLocal.getData(PlatformConstWords.AUTH_REALM_CHOOSE);
 //        if (!StringUtils.isEmpty(realmStrategy)) {
 //            realm = (Realm) SpringContextsUtil.getBean(realmStrategy);
 //        } else {
        if (token instanceof SaAdminToken) {
            //超级管理员
-                realm = (Realm) this.definedRealms.get(CommonEnumUtil.USER_TYPE.SA.getCode());
+            realm = roleRealmModel.getSaRealm();
        } else if (token instanceof AdminToken) {
            //管理员
-                realm = (Realm) this.definedRealms.get(CommonEnumUtil.USER_TYPE.ADMIN.getCode());
+            realm = roleRealmModel.getAdminRealm();
        } else if (token instanceof UserToken) {
            //用户
-                realm = (Realm) this.definedRealms.get(CommonEnumUtil.USER_TYPE.USER.getCode());
+            realm = roleRealmModel.getUserRealm();
        } else {
            throw new AuthenticationException("不存在TOKEN，请联系管理员（" + token + "）");
        }
-//        }
+        return realm;
        return this.doSingleRealmAuthentication(realm, token);
    }
    @Override
--- a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/realm/strategy/e9/E9AdminAuthRealm.java
+++ b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/realm/strategy/e9/E9AdminAuthRealm.java
@ -1,7 +1,9 @@
-package cn.estsh.i3plus.core.apiservice.auth.realm.strategy;
+package cn.estsh.i3plus.core.apiservice.auth.realm.strategy.e9;
 import cn.estsh.i3plus.core.api.iservice.base.ISystemLoginService;
 import cn.estsh.i3plus.pojo.base.shirotoken.AdminToken;
 import cn.estsh.i3plus.pojo.platform.bean.SessionUser;
 import org.apache.shiro.authc.AuthenticationException;
 import org.apache.shiro.authc.AuthenticationInfo;
 import org.apache.shiro.authc.AuthenticationToken;
 import org.apache.shiro.authc.SimpleAuthenticationInfo;
@ -12,33 +14,42 @@ import org.apache.shiro.subject.PrincipalCollection;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
 /**
- * @author Wynne.Lu
+ * @Description : 验证规则
- * @date 2021/1/18 下午2:32
+ * @Reference :
- * @desc
+ * @Author : alwaysfrin
- */
+ * @CreateDate : 2018-10-13 14:04
-@Component
+ * @Modify:
-public class E9AuthRealm extends AuthorizingRealm {
+ **/
-
+public class E9AdminAuthRealm extends AuthorizingRealm {
-    public static final Logger LOGGER = LoggerFactory.getLogger(E9AuthRealm.class);
+    public static final Logger LOGGER = LoggerFactory.getLogger(E9AdminAuthRealm.class);
    @Autowired
    private ISystemLoginService systemLoginService;
-     public E9AuthRealm(){
+    public E9AdminAuthRealm() {
        //添加支持的token
        this.setAuthenticationTokenClass(AdminToken.class);
    }
    //权限验证
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        return new SimpleAuthorizationInfo();
    }
    //令牌确认
    @Override
-    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) {
+    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
-        return new SimpleAuthenticationInfo();
+        try {
            //管理员令牌
            SessionUser sessionUser = systemLoginService.queryCheckE9AdminLogin((AdminToken) authenticationToken);
            LOGGER.info("管理员令牌验证：{}", sessionUser);
            return new SimpleAuthenticationInfo(sessionUser, ((AdminToken) authenticationToken).getLoginName(), this.getName());
        } catch (Exception e) {
            e.printStackTrace();
            throw new AuthenticationException(e.getMessage());
        }
    }
 }
--- a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/realm/strategy/e9/E9SaAuthRealm.java
+++ b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/realm/strategy/e9/E9SaAuthRealm.java
@ -0,0 +1,50 @@
 package cn.estsh.i3plus.core.apiservice.auth.realm.strategy.e9;
 import cn.estsh.i3plus.core.api.iservice.base.ISystemLoginService;
 import cn.estsh.i3plus.pojo.base.shirotoken.SaAdminToken;
 import cn.estsh.i3plus.pojo.platform.bean.SessionUser;
 import org.apache.shiro.authc.AuthenticationException;
 import org.apache.shiro.authc.AuthenticationInfo;
 import org.apache.shiro.authc.AuthenticationToken;
 import org.apache.shiro.authc.SimpleAuthenticationInfo;
 import org.apache.shiro.authz.AuthorizationInfo;
 import org.apache.shiro.authz.SimpleAuthorizationInfo;
 import org.apache.shiro.realm.AuthorizingRealm;
 import org.apache.shiro.subject.PrincipalCollection;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 /**
 * @Description : 验证规则
 * @Reference :
 * @Author : alwaysfrin
 * @CreateDate : 2018-10-13 14:04
 * @Modify:
 **/
 public class E9SaAuthRealm extends AuthorizingRealm {
    public static final Logger LOGGER = LoggerFactory.getLogger(E9SaAuthRealm.class);
    @Autowired
    private ISystemLoginService systemLoginService;
    public E9SaAuthRealm() {
        //添加支持的token
        this.setAuthenticationTokenClass(SaAdminToken.class);
    }
    //权限验证
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        return new SimpleAuthorizationInfo();
    }
    //令牌确认
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        //管理员令牌
        SessionUser sessionUser = systemLoginService.queryCheckE9SaAdminLogin((SaAdminToken) authenticationToken);
        LOGGER.info("超级管理员令牌验证：{}", sessionUser);
        return new SimpleAuthenticationInfo(sessionUser, ((SaAdminToken) authenticationToken).getLoginName(), this.getName());
    }
 }
--- a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/realm/strategy/e9/E9UserAuthRealm.java
+++ b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/realm/strategy/e9/E9UserAuthRealm.java
@ -0,0 +1,57 @@
 package cn.estsh.i3plus.core.apiservice.auth.realm.strategy.e9;
 import cn.estsh.i3plus.core.api.iservice.base.ISystemLoginService;
 import cn.estsh.i3plus.pojo.base.shirotoken.AdminToken;
 import cn.estsh.i3plus.pojo.base.shirotoken.UserToken;
 import cn.estsh.i3plus.pojo.platform.bean.SessionUser;
 import org.apache.shiro.authc.AuthenticationException;
 import org.apache.shiro.authc.AuthenticationInfo;
 import org.apache.shiro.authc.AuthenticationToken;
 import org.apache.shiro.authc.SimpleAuthenticationInfo;
 import org.apache.shiro.authz.AuthorizationInfo;
 import org.apache.shiro.authz.SimpleAuthorizationInfo;
 import org.apache.shiro.realm.AuthorizingRealm;
 import org.apache.shiro.subject.PrincipalCollection;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
 /**
 * @Description : 验证规则
 * @Reference :-
 * @Author : alwaysfrin
 * @CreateDate : 2018-10-13 14:04
 * @Modify:
 **/
 public class E9UserAuthRealm extends AuthorizingRealm {
    public static final Logger LOGGER = LoggerFactory.getLogger(E9UserAuthRealm.class);
    @Autowired
    private ISystemLoginService systemLoginService;
    public E9UserAuthRealm() {
        //添加支持的token
        this.setAuthenticationTokenClass(UserToken.class);
    }
    //权限验证
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        return new SimpleAuthorizationInfo();
    }
    //令牌确认
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        try {
            //管理员令牌
            SessionUser sessionUser = systemLoginService.queryCheckE9UserLogin((UserToken) authenticationToken);
            LOGGER.info("用户令牌验证：{}", sessionUser);
            return new SimpleAuthenticationInfo(sessionUser, ((UserToken) authenticationToken).getLoginName(), this.getName());
        } catch (Exception e) {
            e.printStackTrace();
            throw new AuthenticationException(e.getMessage());
        }
    }
 }
--- a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/controller/base/WhiteController.java
+++ b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/controller/base/WhiteController.java
@ -49,8 +49,10 @@ import cn.estsh.impp.framework.boot.util.RedisCacheTool;
 import cn.estsh.impp.framework.boot.util.ResultBean;
 import cn.estsh.impp.framework.boot.util.SpringContextsUtil;
 import cn.estsh.impp.framework.boot.util.ValidatorBean;
 import com.alibaba.fastjson.JSONObject;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import org.apache.commons.lang3.StringUtils;
 import org.apache.shiro.authc.AuthenticationException;
 import org.apache.shiro.authc.CredentialsException;
 import org.apache.shiro.authc.IncorrectCredentialsException;
@ -78,6 +80,7 @@ import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
 import java.util.Objects;
 import java.util.Optional;
 import java.util.Set;
 import java.util.function.BiFunction;
 import java.util.stream.Collectors;
@ -193,27 +196,57 @@ public class WhiteController extends CoreBaseController {
        }
    }
-    @GetMapping(value = "/auth/oss-login")
+    @GetMapping(value = "/auth/{loginStrategy}/sso-login")
    @ApiOperation(value = "登录", notes = "登录")
-    public ResultBean ossLogin(HttpServletRequest request, SystemLoginModel loginModel) throws NoSuchFieldException {
+    public ResultBean ssoLogin(HttpServletRequest request, @PathVariable(name = "loginStrategy") String loginStrategy) throws NoSuchFieldException {
        String fieldMapping = RedisCacheTool.getSysConfigStrVal(PlatformConstWords.SSO_REQUEST_MAPPING);
        if (StringUtils.isEmpty(fieldMapping)) {
            return ResultBean.fail("请在平台数据库中配置表添加字段映射配置");
        }
        SystemLoginModel loginModel = assembleLoginModelByRequest(request, fieldMapping);
        loginModel.setLoginStrategy(loginStrategy);
        ValidatorBean.beginValid(loginModel)
                .notNull("loginStrategy", loginModel.getLoginStrategy())
                .notNull("loginName", loginModel.getLoginName());
        String beanName = ImppEnumUtil.AUTH_LOGIN_STRATEGY.codeOfStrategyName(loginModel.getLoginStrategy());
        ISystemLoginStrategyService loginStrategyService = (ISystemLoginStrategyService) SpringContextsUtil.getBean(beanName);
-        BaseThreadLocal.setData(PlatformConstWords.IS_OSS_LOGIN, true);
+        BaseThreadLocal.setData(PlatformConstWords.IS_SSO_LOGIN, true);
        return loginByStrategy(request, loginModel, loginStrategyService.login());
    }
    private SystemLoginModel assembleLoginModelByRequest(HttpServletRequest request, String fieldMapping) {
        JSONObject mappingObject = (JSONObject) JSONObject.parse(fieldMapping);
        SystemLoginModel loginModel = new SystemLoginModel();
        getJsonObjectParameterFromRequest("loginName", request, mappingObject).ifPresent(d -> loginModel.setLoginName(d.toString()));
        getJsonObjectParameterFromRequest("loginPwd", request, mappingObject).ifPresent(d -> loginModel.setLoginPwd(d.toString()));
        getJsonObjectParameterFromRequest("appId", request, mappingObject).ifPresent(d -> loginModel.setAppId(d.toString()));
        getJsonObjectParameterFromRequest("languageCode", request, mappingObject).ifPresent(d -> loginModel.setLanguageCode(d.toString()));
        getJsonObjectParameterFromRequest("deviceId", request, mappingObject).ifPresent(d -> loginModel.setDeviceId(d.toString()));
        return loginModel;
    }
    private Optional<Object> getJsonObjectParameterFromRequest(String key, HttpServletRequest request, JSONObject mappingObject) {
        Object data = request.getParameter(mappingObject.get(key) == null ? "" : mappingObject.get(key).toString());
        return Optional.ofNullable(data);
    }
    @GetMapping(value = "/auth/login")
    @ApiOperation(value = "登录", notes = "登录")
    public ResultBean login(HttpServletRequest request, String loginName, String loginPwd,
                            @RequestParam(required = false) String languageCode,
                            @RequestParam(required = false) String deviceId) {
-        SystemLoginModel loginModel = new SystemLoginModel(loginName, loginPwd, languageCode, deviceId, ImppEnumUtil.AUTH_LOGIN_STRATEGY.ACCOUNT.getCode());
+        SystemLoginModel loginModel = SystemLoginModel.builder()
-
+                .loginName(loginName)
                .loginPwd(loginPwd)
                .languageCode(languageCode)
                .deviceId(deviceId)
                .loginStrategy(ImppEnumUtil.AUTH_LOGIN_STRATEGY.ACCOUNT.getCode()).build();
        String beanName = ImppEnumUtil.AUTH_LOGIN_STRATEGY.codeOfStrategyName(loginModel.getLoginStrategy());
        ISystemLoginStrategyService loginStrategyService = (ISystemLoginStrategyService) SpringContextsUtil.getBean(beanName);
@ -230,7 +263,7 @@ public class WhiteController extends CoreBaseController {
        CommonEnumUtil.USER_LOGIN_STATUS userLoginStatus = CommonEnumUtil.USER_LOGIN_STATUS.LOGIN_SUCCESS;
        try {
-            loginStrategy.apply(request, loginModel);
+            result = loginStrategy.apply(request, loginModel);
        } catch (IncorrectCredentialsException e) {
            result = ResultBean.fail(ImppExceptionEnum.LOGIN_EXCEPTION_USER_PASSWORD);
            userPasswordUtil.checkLoginErrorNumber(loginModel.getLoginName(), result, e);
--- a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/serviceimpl/base/SystemLoginService.java
+++ b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/serviceimpl/base/SystemLoginService.java
@ -108,6 +108,32 @@ public class SystemLoginService implements ISystemLoginService {
    }
    @Override
    @ApiOperation(value = "封装用户", notes = "封装普通用户信息")
    public SessionUser queryCheckE9UserLogin(UserToken userToken) {
        //验证用户
        SysUser user = getUserLoginInfo(userToken.getLoginName());
        LOGGER.info("【验证用户checkUserLogin】{}", user);
        //用户单地登录
        return packSessionUser(user, CommonEnumUtil.USER_TYPE.USER.getCode(), userToken.getLanguageCode());
    }
    @Override
    @ApiOperation(value = "封装用户", notes = "封装管理员信息")
    public SessionUser queryCheckE9AdminLogin(AdminToken adminToken) {
        //验证用户
        SysUser user = getUserLoginInfo(adminToken.getLoginName());
        //未抛异常，封装用户
        return packSessionUser(user, CommonEnumUtil.USER_TYPE.ADMIN.getCode(), adminToken.getLanguageCode());
    }
    @Override
    @ApiOperation(value = "封装用户", notes = "封装超级管理员信息")
    public SessionUser queryCheckE9SaAdminLogin(SaAdminToken saAdminToken) {
        SysUser user = getUserLoginInfo(saAdminToken.getLoginName());
        return packSessionUser(user, CommonEnumUtil.USER_TYPE.SA.getCode(), saAdminToken.getLanguageCode());
    }
    @Override
    @ApiOperation(value = "登录密码错误", notes = "登录密码错误记录错误次数功能")
    public Integer doLoginPasswordError(String loginName, String sessionId) {
        SysUser user = sysUserRDao.getByProperty(new String[]{"userLoginName", "isValid"},
@ -164,17 +190,7 @@ public class SystemLoginService implements ISystemLoginService {
     * @return
     */
    public SysUser getUserLoginInfo(String loginName, String pwd) {
-        SysUser user = sysUserRDao.getByProperty(
+        SysUser user = getValidUserByName(loginName);
                new String[]{"userLoginName", "isValid"},
                new Object[]{loginName, CommonEnumUtil.IS_VAILD.VAILD.getValue()});
        if (user == null) {    //用户不存在
            throw new CredentialsException("用户不存在");
        }
        if (user.getUserStatus() != CommonEnumUtil.USER_STATUS.ENABLE.getValue()) {
            throw new LockedAccountException("账号已被锁定");
        }
        // 登录AD 域检查
        if (ImppSwitchUtil.isLoginActiveDirectory()) {
@ -218,6 +234,34 @@ public class SystemLoginService implements ISystemLoginService {
        throw new IncorrectCredentialsException("登陆密码错误");
    }
    public SysUser getUserLoginInfo(String loginName) {
        SysUser user = getValidUserByName(loginName);
        // 登录AD 域检查
        if (ImppSwitchUtil.isLoginActiveDirectory()) {
            userPasswordUtil.checkActiveDirectory(user);
            return user;
        }
        userPasswordUtil.checkSysUserLogin(user);
        return user;
    }
    public SysUser getValidUserByName(String loginName) {
        SysUser user = sysUserRDao.getByProperty(
                new String[]{"userLoginName", "isValid"},
                new Object[]{loginName, CommonEnumUtil.IS_VAILD.VAILD.getValue()});
        if (user == null) {
            throw new CredentialsException("用户不存在");
        }
        if (user.getUserStatus() != CommonEnumUtil.USER_STATUS.ENABLE.getValue()) {
            throw new LockedAccountException("账号已被锁定");
        }
        return user;
    }
    /**
     * 封装用户登陆信息
     *
--- a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/serviceimpl/base/login/strategy/DefaultLoginStrategy.java
+++ b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/serviceimpl/base/login/strategy/DefaultLoginStrategy.java
@ -66,7 +66,7 @@ public class DefaultLoginStrategy implements ISystemLoginStrategyService {
                AuthUtil.logout();
            }
-            SessionUser user = userService.queryUserLogin(
+            SessionUser user = userService.loginUser(
                    loginModel.getLoginName().trim(),
                    loginModel.getLoginPwd().trim(),
                    loginModel.getLanguageCode(),
--- a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/serviceimpl/base/login/strategy/E9LoginStrategy.java
+++ b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/serviceimpl/base/login/strategy/E9LoginStrategy.java
@ -67,16 +67,16 @@ public class E9LoginStrategy implements ISystemLoginStrategyService {
            // 设置语言代码
            BaseThreadLocal.setData(BaseThreadLocal.LANGUAGE_CODE, loginModel.getLanguageCode());
-            BaseThreadLocal.setData(PlatformConstWords.AUTH_REALM_CHOOSE, ImppEnumUtil.AUTH_REALM_STRATEGY.PANASONIC.getStrategyName());
+            BaseThreadLocal.setData(PlatformConstWords.AUTH_LOGIN_STRATEGY, ImppEnumUtil.AUTH_LOGIN_STRATEGY.E9.getCode());
            int sessionMode = RedisCacheTool.getSysConfigIntVal(CommonConstWords.CONFIG_SESSION_MODE, CommonConstWords.CONFIG_SESSION_MODE_DEFAULT);
            if (sessionMode != CommonEnumUtil.SESSION_MODE.SEIZE.getValue()) {
                AuthUtil.logout();
            }
-            SessionUser user = userService.queryUserLogin(
+            SessionUser user = userService.loginUser(
                    loginModel.getLoginName().trim(),
                    loginModel.getLoginName().trim(),
                    loginModel.getLoginPwd() == null ? null : loginModel.getLoginPwd().trim(),
                    loginModel.getLanguageCode(),
                    loginService.getLoginPlatform(request).getValue(),
                    loginModel.getDeviceId()
@ -90,13 +90,13 @@ public class E9LoginStrategy implements ISystemLoginStrategyService {
            AuthUtil.setOrganize(user.getUser().getOrganize());
-            return null;
+            return result;
        };
    }
    private boolean validateHost(HttpServletRequest request) {
        final String delimiter = ",";
-        String hostsConfig = RedisCacheTool.getSysConfigStrVal(PlatformConstWords.OSS_REQUEST_HOST);
+        String hostsConfig = RedisCacheTool.getSysConfigStrVal(PlatformConstWords.SSO_REQUEST_HOST);
        String[] hosts = hostsConfig.split(delimiter);
        String requestHost = ServletRequestTool.getRequestHost(request);
        return Arrays.stream(hosts).anyMatch(d -> requestHost.equals(d));
--- a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/serviceimpl/busi/SysUserService.java
+++ b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/serviceimpl/busi/SysUserService.java
@ -65,15 +65,6 @@ public class SysUserService implements ISysUserService {
    private SysUserInfoRepository sysUserInfoRDao;
    @Autowired
    private IUserPermissionDao userPermissionDao;
 //    @Autowired
 //    private SysOrganizeRepository organizeRDao;
 //
 //    @Autowired
 //    private SysRoleRepository sysRoleRDao;
    @Autowired
    private SysRefUserRoleRepository refUserRoleRDao;
    @Autowired
@ -83,15 +74,6 @@ public class SysUserService implements ISysUserService {
    private SysRefUserPositionRepository refUserPositionRDao;
    @Autowired
    private SysFileRepository sysFileRDao;
 //
 //    @Autowired
 //    private SysDepartmentRepository departmentRDao;
 //
 //    @Autowired
 //    private SysPositionRepository sysPositionRDao;
    @Autowired
    private ISysUserInfoService sysUserInfoService;
    @Autowired
@ -119,18 +101,13 @@ public class SysUserService implements ISysUserService {
    private ISysMenuService menuService;
    @Autowired
    private ICoreMemTreeService memTreeService;
    @Autowired
    private ISysFileService fileService;
    @Autowired
    private SysUserPasswordUtil passwordUtil;
-    @Autowired ISysUserPasswordService userPasswordService;
+    @Autowired
-
+    ISysUserPasswordService userPasswordService;
    @Resource(name = CommonConstWords.IMPP_REDIS_RES)
    private ImppRedis redisRes;
    /**
     * 缓存
@ -141,7 +118,7 @@ public class SysUserService implements ISysUserService {
    @Override
    @ApiOperation(value = "用户登录", notes = "用户登录功能实现")
    @Transactional(propagation = Propagation.REQUIRED)
-    public SessionUser queryUserLogin(String loginName, String password, String languageCode,Integer loginPlatform,String deviceId) throws AuthenticationException {
+    public SessionUser loginUser(String loginName, String password, String languageCode, Integer loginPlatform, String deviceId) throws AuthenticationException {
        LOGGER.debug("平台用户 SYS_USER loginName:{} \t password:{} \t languageCode:{}", loginName, password, languageCode);
        BaseToken token = getToken(loginName, password, languageCode, loginPlatform);
@ -741,6 +718,7 @@ public class SysUserService implements ISysUserService {
     * 序号倒叙 + 编号升序       菜单
     * 创建时间 组织升序
     * 创建时间 部门升序
     *
     * @param user
     */
    public void packSysUserSort(SysUser user) {
@ -770,6 +748,7 @@ public class SysUserService implements ISysUserService {
     * 岗位创建时间 升序
     * 部门创建时间 升序
     * 组织创建时间 升序
     *
     * @param info
     */
    public void packSysUserInfoSort(SysUserInfo info) {
@ -788,6 +767,7 @@ public class SysUserService implements ISysUserService {
    /**
     * 封装用户角色信息
     *
     * @param user
     * @return
     */
@ -805,6 +785,7 @@ public class SysUserService implements ISysUserService {
    /**
     * 封装用户 菜单信息
     *
     * @param user
     * @return
     */
@ -872,6 +853,7 @@ public class SysUserService implements ISysUserService {
    /**
     * 封装用户 部门信息封装
     *
     * @param userInfo
     * @return
     */
@ -891,6 +873,7 @@ public class SysUserService implements ISysUserService {
    /**
     * 封装用户 部门信息封装
     *
     * @param user
     * @return
     */
@ -908,6 +891,7 @@ public class SysUserService implements ISysUserService {
    /**
     * 封装用户 岗位信息封装
     *
     * @param userInfo
     * @return
     */
@ -932,6 +916,7 @@ public class SysUserService implements ISysUserService {
    /**
     * 封装用户 组织信息封装
     *
     * @param userInfo
     * @return
     */
@ -939,7 +924,8 @@ public class SysUserService implements ISysUserService {
        try {
            LOGGER.debug("平台用户 SYS_USER user id :{}", userInfo.getId());
            userInfo.setOrganize(organizeService.get(userInfo.getOrganizeId()));
-            userInfo.setOrganizeList(personnelService.findSysUserInfoOrganize(userInfo.getId()));;
+            userInfo.setOrganizeList(personnelService.findSysUserInfoOrganize(userInfo.getId()));
            ;
        } catch (Exception e) {
            LOGGER.error(" SysUser Peck Organize information Error userId : {} Exception Message : {} ", userInfo.getId(), e.getMessage());
        }
@ -947,6 +933,7 @@ public class SysUserService implements ISysUserService {
    /**
     * 封装用户 组织信息封装
     *
     * @param userInfo
     * @return
     */
@ -966,6 +953,7 @@ public class SysUserService implements ISysUserService {
    /**
     * 封装用户 组织信息封装
     *
     * @param user
     * @return
     */
@ -973,7 +961,8 @@ public class SysUserService implements ISysUserService {
        try {
            LOGGER.debug("平台用户 SYS_USER user id :{}", user.getId());
            user.setOrganize(organizeService.get(user.getOrganizeId()));
-            user.setOrganizeList(personnelService.findSysUserOrganize(user.getId()));;
+            user.setOrganizeList(personnelService.findSysUserOrganize(user.getId()));
            ;
        } catch (Exception e) {
            LOGGER.error(" SysUser Peck Organize information Error userId : {} Exception Message : {} ", user.getId(), e.getMessage());
        }
@ -981,6 +970,7 @@ public class SysUserService implements ISysUserService {
    /**
     * 获取集合中的Root Id
     *
     * @param menus
     * @return
     */
--- a/modules/i3plus-core-apiservice/src/main/resources/application-dev.properties
+++ b/modules/i3plus-core-apiservice/src/main/resources/application-dev.properties
@ -1,5 +1,5 @@
 #\u672C\u673Aip
-impp.server.ip=192.168.1.56
+impp.server.ip=192.168.3.97
 #\u9879\u76EE\u7AEF\u53E3
 server.port=8100
 #\u94FE\u8DEF\u8FFD\u8E2Azipkin\u63A7\u5236\u53F0ip\u5730\u5740
--- a/modules/i3plus-core-apiservice/src/main/resources/application.properties
+++ b/modules/i3plus-core-apiservice/src/main/resources/application.properties
@ -1,5 +1,5 @@
 #\u4F7F\u7528\u914D\u7F6E
-spring.profiles.active=docker
+spring.profiles.active=dev
 #\u9879\u76EE\u63CF\u8FF0\u4FE1\u606F\uFF08swagger\u4E2D\u663E\u5F0F\uFF09\uFF0C\u4E2D\u6587\u4F7F\u7528uncode\u8F6C\u7801
 desc.application.name=\u6838\u5FC3\u7BA1\u7406\u540E\u53F0
--- a/pom.xml
+++ b/pom.xml
@ -199,6 +199,13 @@
                <version>12.2.0.1</version>
            </dependency>
            <dependency>
                <groupId>org.springframework.boot</groupId>
                <artifactId>spring-boot-starter-data-elasticsearch</artifactId>
                <version>2.4.2</version>
            </dependency>
            <!-- sqlserver -->
            <dependency>
                <groupId>com.microsoft.sqlserver</groupId>