shiro优化

7 years ago · d9ea77507f
parent 537e5791c5
commit d9ea77507f
20 changed files with 53 additions and 861 deletions
--- a/modules/i3plus-core-api/src/main/java/cn/estsh/i3plus/core/api/iservice/base/ISystemLoginService.java
+++ b/modules/i3plus-core-api/src/main/java/cn/estsh/i3plus/core/api/iservice/base/ISystemLoginService.java
@ -1,23 +1,20 @@
-package cn.estsh.i3plus.core.api.iservice.busi;
+package cn.estsh.i3plus.core.api.iservice.base;
-import cn.estsh.i3plus.core.api.token.AdminToken;
+import cn.estsh.i3plus.pojo.base.shirotoken.AdminToken;
-import cn.estsh.i3plus.core.api.token.SaAdminToken;
+import cn.estsh.i3plus.pojo.base.shirotoken.SaAdminToken;
-import cn.estsh.i3plus.core.api.token.UserToken;
+import cn.estsh.i3plus.pojo.base.shirotoken.UserToken;
 import cn.estsh.i3plus.pojo.model.common.Pager;
 import cn.estsh.i3plus.pojo.platform.bean.SessionUser;
 import cn.estsh.i3plus.pojo.platform.bean.SysLocaleLanguage;
 import cn.estsh.i3plus.pojo.platform.bean.SysLocaleResource;
 import java.util.List;
 /**
- * @Description : 用户功能方法，包含权限、角色等
+ * @Description : 用户登陆方法，平台统一登陆
 * @Reference :
 * @Author : alwaysfrin
 * @CreateDate : 2018-10-11 16:59
 * @Modify:
 **/
-public interface ISystemUserService {
+public interface ISystemLoginService {
    SessionUser queryUserLogin(String loginName, String s, String languageCode);
--- a/modules/i3plus-core-api/src/main/java/cn/estsh/i3plus/core/api/token/AdminToken.java
+++ b/modules/i3plus-core-api/src/main/java/cn/estsh/i3plus/core/api/token/AdminToken.java
@ -1,15 +0,0 @@
 package cn.estsh.i3plus.core.api.token;
 /**
 * @Description : 管理员token
 * @Reference :
 * @Author : alwaysfrin
 * @CreateDate : 2018-10-13 18:00
 * @Modify:
 **/
 public class AdminToken extends BaseToken {
    public AdminToken(String loginName, String loginPwd, String languageCode) {
        super(loginName, loginPwd, languageCode);
    }
 }
--- a/modules/i3plus-core-api/src/main/java/cn/estsh/i3plus/core/api/token/BaseToken.java
+++ b/modules/i3plus-core-api/src/main/java/cn/estsh/i3plus/core/api/token/BaseToken.java
@ -1,59 +0,0 @@
 package cn.estsh.i3plus.core.api.token;
 import org.apache.shiro.authc.AuthenticationToken;
 /**
 * @Description : 基本验证类
 * @Reference :
 * @Author : alwaysfrin
 * @CreateDate : 2018-10-13 18:00
 * @Modify:
 **/
 public class BaseToken implements AuthenticationToken {
    private String loginName;
    private String loginPwd;
    private String languageCode;
    public BaseToken(String loginName, String loginPwd, String languageCode) {
        this.loginName = loginName;
        this.loginPwd = loginPwd;
        this.languageCode = languageCode;
    }
    //身份
    @Override
    public Object getPrincipal() {
        return this.loginName;
    }
    //验证
    @Override
    public Object getCredentials() {
        return this.loginPwd;
    }
    public String getLoginName() {
        return loginName;
    }
    public void setLoginName(String loginName) {
        this.loginName = loginName;
    }
    public String getLoginPwd() {
        return loginPwd;
    }
    public void setLoginPwd(String loginPwd) {
        this.loginPwd = loginPwd;
    }
    public String getLanguageCode() {
        return languageCode;
    }
    public void setLanguageCode(String languageCode) {
        this.languageCode = languageCode;
    }
 }
--- a/modules/i3plus-core-api/src/main/java/cn/estsh/i3plus/core/api/token/SaAdminToken.java
+++ b/modules/i3plus-core-api/src/main/java/cn/estsh/i3plus/core/api/token/SaAdminToken.java
@ -1,15 +0,0 @@
 package cn.estsh.i3plus.core.api.token;
 /**
 * @Description : 超级管理员token
 * @Reference :
 * @Author : alwaysfrin
 * @CreateDate : 2018-10-13 18:00
 * @Modify:
 **/
 public class SaAdminToken extends BaseToken {
    public SaAdminToken(String loginName, String loginPwd, String languageCode) {
        super(loginName, loginPwd, languageCode);
    }
 }
--- a/modules/i3plus-core-api/src/main/java/cn/estsh/i3plus/core/api/token/UserToken.java
+++ b/modules/i3plus-core-api/src/main/java/cn/estsh/i3plus/core/api/token/UserToken.java
@ -1,15 +0,0 @@
 package cn.estsh.i3plus.core.api.token;
 /**
 * @Description : 普通用户token
 * @Reference :
 * @Author : alwaysfrin
 * @CreateDate : 2018-10-13 18:00
 * @Modify:
 **/
 public class UserToken extends BaseToken {
    public UserToken(String loginName, String loginPwd, String languageCode) {
        super(loginName, loginPwd, languageCode);
    }
 }
--- a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/AuthUtil.java
+++ b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/AuthUtil.java
@ -1,106 +0,0 @@
 package cn.estsh.i3plus.core.apiservice.auth;
 import cn.estsh.i3plus.platform.common.enumutil.CommonEnumUtil;
 import cn.estsh.i3plus.platform.common.util.CommonConstWords;
 import cn.estsh.i3plus.pojo.platform.bean.SessionUser;
 import cn.estsh.impp.framework.boot.util.ImppRedis;
 import org.apache.commons.lang3.StringUtils;
 import org.apache.commons.lang3.math.NumberUtils;
 import org.apache.shiro.SecurityUtils;
 import org.apache.shiro.authc.AuthenticationToken;
 import org.apache.shiro.session.Session;
 import org.apache.shiro.subject.Subject;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import javax.annotation.Resource;
 import javax.servlet.http.HttpServletRequest;
 /**
 * @Description : 授权会话工具类
 * @Reference :
 * @Author : alwaysfrin
 * @CreateDate : 2018-10-13 13:21
 * @Modify:
 **/
 public class AuthUtil {
    public static final Logger LOGGER = LoggerFactory.getLogger(AuthUtil.class);
    /**
     * 缓存
     */
    @Resource(name="redisSession")
    private ImppRedis redisSession;
    //登陆，保存会话对象
    public static SessionUser login(AuthenticationToken token){
        Subject subject = SecurityUtils.getSubject();
        subject.login(token);
        SessionUser sessionUser = (SessionUser) subject.getPrincipal();
        //使用了redis，此处不需要防止
        if(sessionUser != null){
            //userType为CommonEnumUtil.USER_TYPE.xxx.getCode()
            setSessionUser(sessionUser);
        }
        return sessionUser;
    }
    /**
     * 退出，移除会话中对象
     */
    public static void logout(){
        Session session = SecurityUtils.getSubject().getSession(false);
        if(session != null) {
            session.removeAttribute(CommonConstWords.SESSION_USER);
            session.touch();
            session.stop();
        }
    }
    /**
     * 保存会话中用户
     * @param user
     * @return
     */
    public static void setSessionUser(SessionUser user){
        SecurityUtils.getSubject().getSession(true).setAttribute(CommonConstWords.SESSION_USER,user);
    }
    /**
     * 获取会话中用户
     * @return
     */
    public static SessionUser getSessionUser(){
        Session session = SecurityUtils.getSubject().getSession(false);
        if(session != null){
            return (SessionUser) session.getAttribute(CommonConstWords.SESSION_USER);
        }else{
            return null;
        }
    }
    /**
     * 保存会话中对象
     * @param key   键
     * @param obj   值
     * @return
     */
    public static void setSessionObject(String key,Object obj){
        SecurityUtils.getSubject().getSession(true).setAttribute(key,obj);
    }
    /**
     * 获取会话中对象
     * @param key
     * @return
     */
    public static Object getSessionAttribute(String key){
        Session session = SecurityUtils.getSubject().getSession(false);
        if(session != null){
            return (Object) session.getAttribute(key);
        }else{
            return null;
        }
    }
 }
--- a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/ShiroSessionRedisDaoImpl.java
+++ b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/ShiroSessionRedisDaoImpl.java
@ -1,151 +0,0 @@
 package cn.estsh.i3plus.core.apiservice.auth;
 import cn.estsh.i3plus.platform.common.util.CommonConstWords;
 import cn.estsh.impp.framework.boot.util.ImppRedis;
 import com.alibaba.fastjson.JSONObject;
 import org.apache.shiro.cache.Cache;
 import org.apache.shiro.cache.CacheManager;
 import org.apache.shiro.cache.ehcache.EhCacheManager;
 import org.apache.shiro.session.Session;
 import org.apache.shiro.session.UnknownSessionException;
 import org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import javax.annotation.Resource;
 import java.io.Serializable;
 import java.util.Collection;
 import java.util.HashSet;
 import java.util.Set;
 /**
 * @Description : redisshiro保存会话
 * @Reference : 使用了ehcache做本地缓存，避免频繁读写redis，进行序列化和反序列化。
 *  但需要注意，本地缓存在微服的情况下可能会出现脏数据。建议在登陆时一次性放入，后续若修改则需要同时更新缓存。
 * @Author : alwaysfrin
 * @CreateDate : 2018-10-16 10:28
 * @Modify:
 **/
 public class ShiroSessionRedisDaoImpl extends EnterpriseCacheSessionDAO {
    public static final Logger LOGGER = LoggerFactory.getLogger(ShiroSessionRedisDaoImpl.class);
    public static final int EXPIRE_TIME = 30 * 60; //会话保存时间 单位秒
    public static final String LOCAL_SESSION_CACHE = "redis-shiro-session-cache";
    /**
     * 缓存
     */
    @Resource(name="redisSession")
    private ImppRedis redisSession;
    //本地缓存
    private Cache localCache;
    private CacheManager localCacheManager;
    public void setLocalCacheManager(CacheManager localCacheManager) {
        this.localCacheManager = localCacheManager;
        this.localCache = localCacheManager.getCache(LOCAL_SESSION_CACHE);
    }
    @Override
    public void update(Session session) throws UnknownSessionException {
        LOGGER.info("【更新缓存 : {}】{}",session,session.getId());
        this.saveSession(session);
    }
    private void saveSession(Session session) {
        if (session == null) {
            LOGGER.error("【要存入的session为空】");
        }else {
            //LOGGER.info("【保存session至redis,id:{}】{}",session.getId(),session);
            //设置会话过期时间
            redisSession.putObject(session.getId().toString(),session,EXPIRE_TIME);
            //放入本地缓存
            localCache.put(session.getId(),session);
            LOGGER.info("【保存session至redis,id:{}】{}",session.getId(),session);
        }
    }
    @Override
    protected Session getCachedSession(Serializable sessionId) {
        //先从本地获取，若本地没有，再从redis中获取
        Session s = (Session) localCache.get(sessionId);
        if(s == null) {
            s = (Session) redisSession.getObject(sessionId.toString());
            LOGGER.info("【本地缓存不存在，redis获取：{}】{}", sessionId, s);
            if(s != null) {
                //放入本地缓存
                localCache.put(sessionId, s);
                LOGGER.info("【放入本地缓存：{}】{}", sessionId, s);
            }
        }else{
            //LOGGER.info("【本地缓存获取：{}】{}", sessionId, s);
        }
        return s;
    }
    @Override
    public void delete(Session session) {
        if (session == null) {
        }else {
            LOGGER.error("【删除session-redis：{}】",session.getId());
            //redis删除
            redisSession.deleteKey(session.getId().toString());
            //本地缓存删除
            localCache.remove(session.getId());
        }
    }
    @Override
    protected Serializable doCreate(Session session) {
        LOGGER.info("【doCreate并保存：{}】",session);
        Serializable sessionId = this.generateSessionId(session);
        this.assignSessionId(session, sessionId);
        this.saveSession(session);
        return sessionId;
    }
    @Override
    protected Session doReadSession(Serializable sessionId) {
        Session session = null;
        if(sessionId != null) {
            //先从本地缓存读取
            Object obj = localCache.get(sessionId);
            if(obj == null) {
                LOGGER.info("【doReadSession-本地缓存不存在不存在：{}】", sessionId);
                obj = redisSession.getObject(sessionId.toString());
                if (obj == null) {
                    LOGGER.info("【doReadSession不存在：{}】", sessionId);
                } else {
                    LOGGER.info("【doReadSession：{}】", sessionId);
                    session =  (Session) obj;
                }
            }else{
                LOGGER.info("【doReadSession-本地缓存获取：{}】", sessionId);
                session =  (Session) obj;
            }
        }
        return session;
    }
    /**
     * 获取存活的sessions
     */
    @Override
    public Collection<Session> getActiveSessions() {
        Set<Session> sessions = new HashSet<>();
        Set<String> keys = redisSession.getKeysSet("*");
        LOGGER.info("【所有活动的key：{}】",keys.size());
        for(String key:keys){
            sessions.add((Session)redisSession.getObject(key));
        }
        return sessions;
    }
 }
--- a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/filter/AdminFilter.java
+++ b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/filter/AdminFilter.java
@ -1,71 +0,0 @@
 package cn.estsh.i3plus.core.apiservice.auth.filter;
 import cn.estsh.i3plus.core.apiservice.auth.AuthUtil;
 import cn.estsh.i3plus.core.apiservice.configuration.ShiroAuthConfiguration;
 import cn.estsh.i3plus.platform.common.enumutil.CommonEnumUtil;
 import cn.estsh.i3plus.platform.common.util.CommonConstWords;
 import cn.estsh.i3plus.pojo.model.busi.ResultBean;
 import cn.estsh.i3plus.pojo.platform.bean.SessionUser;
 import com.alibaba.fastjson.JSONObject;
 import org.apache.shiro.web.filter.AccessControlFilter;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import javax.servlet.ServletRequest;
 import javax.servlet.ServletResponse;
 import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
 import java.io.PrintWriter;
 /**
 * @Description : 管理员授权路径过滤
 * @Reference :
 * @Author : alwaysfrin
 * @CreateDate : 2018-10-13 19:17
 * @Modify:
 **/
 public class AdminFilter extends AccessControlFilter {
    public static final Logger LOGGER = LoggerFactory.getLogger(AdminFilter.class);
    @Override
    protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) throws Exception {
        SessionUser sessionUser = AuthUtil.getSessionUser();
        if(sessionUser != null && CommonEnumUtil.USER_TYPE.ADMIN.getCode().equals(sessionUser.getUserType())){
            return true;
        }else{
            return false;
        }
    }
    @Override
    protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {
        if (response instanceof HttpServletResponse) {
            HttpServletResponse httpServletResponse = (HttpServletResponse)response;
            httpServletResponse.setHeader("Content-Type", "application/json;charset=UTF-8");
            httpServletResponse.setContentType("application/json;charset=UTF-8");
            PrintWriter out = null;
            try {
                ResultBean result = new ResultBean();
                result.setSuccess(false);
                result.setErrorMsg("未登录");
                result.setCode("need-login");
                result.setUrl(ShiroAuthConfiguration.ADMIN_LOGIN_URI);
                out = response.getWriter();
                out.print(JSONObject.toJSONString(result));
                out.flush();
            } catch (IOException var11) {
                LOGGER.error(var11.getMessage(), var11);
            } finally {
                if (out != null) {
                    out.close();
                }
            }
        }
        return false;
    }
 }
--- a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/filter/SaAdminFilter.java
+++ b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/filter/SaAdminFilter.java
@ -1,71 +0,0 @@
 package cn.estsh.i3plus.core.apiservice.auth.filter;
 import cn.estsh.i3plus.core.apiservice.auth.AuthUtil;
 import cn.estsh.i3plus.core.apiservice.configuration.ShiroAuthConfiguration;
 import cn.estsh.i3plus.platform.common.enumutil.CommonEnumUtil;
 import cn.estsh.i3plus.platform.common.util.CommonConstWords;
 import cn.estsh.i3plus.pojo.model.busi.ResultBean;
 import cn.estsh.i3plus.pojo.platform.bean.SessionUser;
 import com.alibaba.fastjson.JSONObject;
 import org.apache.shiro.web.filter.AccessControlFilter;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import javax.servlet.ServletRequest;
 import javax.servlet.ServletResponse;
 import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
 import java.io.PrintWriter;
 /**
 * @Description : 超级管理员授权路径过滤
 * @Reference :
 * @Author : alwaysfrin
 * @CreateDate : 2018-10-13 19:17
 * @Modify:
 **/
 public class SaAdminFilter extends AccessControlFilter {
    public static final Logger LOGGER = LoggerFactory.getLogger(SaAdminFilter.class);
    @Override
    protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) throws Exception {
        SessionUser sessionUser = AuthUtil.getSessionUser();
        if(sessionUser != null && CommonEnumUtil.USER_TYPE.SA.getCode().equals(sessionUser.getUserType())){
            return true;
        }else{
            return false;
        }
    }
    @Override
    protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {
        if (response instanceof HttpServletResponse) {
            HttpServletResponse httpServletResponse = (HttpServletResponse)response;
            httpServletResponse.setHeader("Content-Type", "application/json;charset=UTF-8");
            httpServletResponse.setContentType("application/json;charset=UTF-8");
            PrintWriter out = null;
            try {
                ResultBean result = new ResultBean();
                result.setSuccess(false);
                result.setErrorMsg("未登录");
                result.setCode("need-login");
                result.setUrl(ShiroAuthConfiguration.SAADMIN_LOGIN_URI);
                out = response.getWriter();
                out.print(JSONObject.toJSONString(result));
                out.flush();
            } catch (IOException var11) {
                LOGGER.error(var11.getMessage(), var11);
            } finally {
                if (out != null) {
                    out.close();
                }
            }
        }
        return false;
    }
 }
--- a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/filter/UserFilter.java
+++ b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/filter/UserFilter.java
@ -1,75 +0,0 @@
 package cn.estsh.i3plus.core.apiservice.auth.filter;
 import cn.estsh.i3plus.core.apiservice.auth.AuthUtil;
 import cn.estsh.i3plus.core.apiservice.configuration.ShiroAuthConfiguration;
 import cn.estsh.i3plus.platform.common.enumutil.CommonEnumUtil;
 import cn.estsh.i3plus.platform.common.util.CommonConstWords;
 import cn.estsh.i3plus.pojo.model.busi.ResultBean;
 import cn.estsh.i3plus.pojo.platform.bean.SessionUser;
 import com.alibaba.fastjson.JSONObject;
 import org.apache.shiro.web.filter.AccessControlFilter;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import javax.servlet.ServletRequest;
 import javax.servlet.ServletResponse;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
 import java.io.PrintWriter;
 /**
 * @Description : 用户授权路径过滤
 * @Reference :
 * @Author : alwaysfrin
 * @CreateDate : 2018-10-13 19:17
 * @Modify:
 **/
 public class UserFilter extends AccessControlFilter {
    public static final Logger LOGGER = LoggerFactory.getLogger(UserFilter.class);
    @Override
    protected boolean isAccessAllowed(ServletRequest servletRequest, ServletResponse response, Object mappedValue) throws Exception {
        SessionUser sessionUser = AuthUtil.getSessionUser();
        if (sessionUser != null) {
            LOGGER.info("===用户已登陆==={}",sessionUser);
            return true;
        } else {
            LOGGER.info("===用户未登陆==={}",sessionUser);
            return false;
        }
    }
    @Override
    protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {
        if (response instanceof HttpServletResponse) {
            LOGGER.info("===请求拒绝===请求路径：{}",((HttpServletRequest)request).getRequestURL());
            HttpServletResponse httpServletResponse = (HttpServletResponse)response;
            httpServletResponse.setHeader("Content-Type", "application/json;charset=UTF-8");
            httpServletResponse.setContentType("application/json;charset=UTF-8");
            PrintWriter out = null;
            try {
                ResultBean result = new ResultBean();
                result.setSuccess(false);
                result.setErrorMsg("未登录");
                result.setCode("need-login");
                result.setUrl(ShiroAuthConfiguration.USER_LOGIN_URI);
                out = response.getWriter();
                out.print(JSONObject.toJSONString(result));
                out.flush();
            } catch (IOException var11) {
                LOGGER.error(var11.getMessage(), var11);
            } finally {
                if (out != null) {
                    out.close();
                }
            }
        }
        return false;
    }
 }
--- a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/realm/AdminAuthRealm.java
+++ b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/realm/AdminAuthRealm.java
@ -1,9 +1,7 @@
 package cn.estsh.i3plus.core.apiservice.auth.realm;
-import cn.estsh.i3plus.core.api.iservice.busi.ISystemUserService;
+import cn.estsh.i3plus.core.api.iservice.base.ISystemLoginService;
-import cn.estsh.i3plus.core.api.token.AdminToken;
+import cn.estsh.i3plus.pojo.base.shirotoken.AdminToken;
 import cn.estsh.i3plus.core.api.token.SaAdminToken;
 import cn.estsh.i3plus.core.api.token.UserToken;
 import cn.estsh.i3plus.pojo.platform.bean.SessionUser;
 import org.apache.shiro.authc.AuthenticationException;
 import org.apache.shiro.authc.AuthenticationInfo;
@ -28,7 +26,7 @@ public class AdminAuthRealm extends AuthorizingRealm {
    public static final Logger LOGGER = LoggerFactory.getLogger(AdminAuthRealm.class);
    @Autowired
-    private ISystemUserService systemUserService;
+    private ISystemLoginService systemLoginService;
    public AdminAuthRealm(){
        //添加支持的token
@ -45,7 +43,7 @@ public class AdminAuthRealm extends AuthorizingRealm {
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        //管理员令牌
-        SessionUser sessionUser = systemUserService.queryCheckAdminLogin((AdminToken) authenticationToken);
+        SessionUser sessionUser = systemLoginService.queryCheckAdminLogin((AdminToken) authenticationToken);
        LOGGER.info("管理员令牌验证：{}",sessionUser);
        return new SimpleAuthenticationInfo(sessionUser,((AdminToken) authenticationToken).getLoginPwd(),this.getName());
    }
--- a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/realm/DefaultModularRealm.java
+++ b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/realm/DefaultModularRealm.java
@ -1,10 +1,10 @@
 package cn.estsh.i3plus.core.apiservice.auth.realm;
 import cn.estsh.i3plus.core.api.token.AdminToken;
 import cn.estsh.i3plus.core.api.token.SaAdminToken;
 import cn.estsh.i3plus.core.api.token.UserToken;
 import cn.estsh.i3plus.core.apiservice.controller.DemoAuthController;
 import cn.estsh.i3plus.platform.common.enumutil.CommonEnumUtil;
 import cn.estsh.i3plus.pojo.base.shirotoken.AdminToken;
 import cn.estsh.i3plus.pojo.base.shirotoken.SaAdminToken;
 import cn.estsh.i3plus.pojo.base.shirotoken.UserToken;
 import org.apache.shiro.authc.AuthenticationException;
 import org.apache.shiro.authc.AuthenticationInfo;
 import org.apache.shiro.authc.AuthenticationToken;
--- a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/realm/SaAuthRealm.java
+++ b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/realm/SaAuthRealm.java
@ -1,8 +1,7 @@
 package cn.estsh.i3plus.core.apiservice.auth.realm;
-import cn.estsh.i3plus.core.api.iservice.busi.ISystemUserService;
+import cn.estsh.i3plus.core.api.iservice.base.ISystemLoginService;
-import cn.estsh.i3plus.core.api.token.SaAdminToken;
+import cn.estsh.i3plus.pojo.base.shirotoken.SaAdminToken;
 import cn.estsh.i3plus.core.api.token.UserToken;
 import cn.estsh.i3plus.pojo.platform.bean.SessionUser;
 import org.apache.shiro.authc.AuthenticationException;
 import org.apache.shiro.authc.AuthenticationInfo;
@ -27,7 +26,7 @@ public class SaAuthRealm extends AuthorizingRealm {
    public static final Logger LOGGER = LoggerFactory.getLogger(SaAuthRealm.class);
    @Autowired
-    private ISystemUserService systemUserService;
+    private ISystemLoginService systemLoginService;
    public SaAuthRealm(){
        //添加支持的token
@ -44,7 +43,7 @@ public class SaAuthRealm extends AuthorizingRealm {
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        //管理员令牌
-        SessionUser sessionUser = systemUserService.queryCheckSaAdminLogin((SaAdminToken) authenticationToken);
+        SessionUser sessionUser = systemLoginService.queryCheckSaAdminLogin((SaAdminToken) authenticationToken);
        LOGGER.info("超级管理员令牌验证：{}",sessionUser);
        return new SimpleAuthenticationInfo(sessionUser,((SaAdminToken) authenticationToken).getLoginPwd(),this.getName());
    }
--- a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/realm/UserAuthRealm.java
+++ b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/realm/UserAuthRealm.java
@ -1,7 +1,7 @@
 package cn.estsh.i3plus.core.apiservice.auth.realm;
-import cn.estsh.i3plus.core.api.iservice.busi.ISystemUserService;
+import cn.estsh.i3plus.core.api.iservice.base.ISystemLoginService;
-import cn.estsh.i3plus.core.api.token.UserToken;
+import cn.estsh.i3plus.pojo.base.shirotoken.UserToken;
 import cn.estsh.i3plus.pojo.platform.bean.SessionUser;
 import org.apache.shiro.authc.AuthenticationException;
 import org.apache.shiro.authc.AuthenticationInfo;
@ -17,7 +17,7 @@ import org.springframework.beans.factory.annotation.Autowired;
 /**
 * @Description : 验证规则
- * @Reference :
+ * @Reference :-
 * @Author : alwaysfrin
 * @CreateDate : 2018-10-13 14:04
 * @Modify:
@ -26,7 +26,7 @@ public class UserAuthRealm extends AuthorizingRealm {
    public static final Logger LOGGER = LoggerFactory.getLogger(UserAuthRealm.class);
    @Autowired
-    private ISystemUserService systemUserService;
+    private ISystemLoginService systemLoginService;
    public UserAuthRealm(){
        //添加支持的token
@ -43,7 +43,7 @@ public class UserAuthRealm extends AuthorizingRealm {
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        //管理员令牌
-        SessionUser sessionUser = systemUserService.queryCheckUserLogin((UserToken) authenticationToken);
+        SessionUser sessionUser = systemLoginService.queryCheckUserLogin((UserToken) authenticationToken);
        LOGGER.info("{}-用户令牌验证：{}",this.getName(),sessionUser);
        return new SimpleAuthenticationInfo(sessionUser,((UserToken) authenticationToken).getLoginPwd(),this.getName());
    }
--- a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/configuration/ShiroAuthConfiguration.java
+++ b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/configuration/ShiroAuthConfiguration.java
@ -1,230 +0,0 @@
 package cn.estsh.i3plus.core.apiservice.configuration;
 import cn.estsh.i3plus.core.apiservice.auth.ShiroSessionRedisDaoImpl;
 import cn.estsh.i3plus.core.apiservice.auth.filter.AdminFilter;
 import cn.estsh.i3plus.core.apiservice.auth.filter.SaAdminFilter;
 import cn.estsh.i3plus.core.apiservice.auth.filter.UserFilter;
 import cn.estsh.i3plus.core.apiservice.auth.realm.AdminAuthRealm;
 import cn.estsh.i3plus.core.apiservice.auth.realm.DefaultModularRealm;
 import cn.estsh.i3plus.core.apiservice.auth.realm.SaAuthRealm;
 import cn.estsh.i3plus.core.apiservice.auth.realm.UserAuthRealm;
 import cn.estsh.i3plus.platform.common.enumutil.CommonEnumUtil;
 import cn.estsh.impp.framework.boot.configuration.RedisConfig;
 import org.apache.shiro.authc.pam.ModularRealmAuthenticator;
 import org.apache.shiro.cache.Cache;
 import org.apache.shiro.cache.CacheManager;
 import org.apache.shiro.cache.ehcache.EhCacheManager;
 import org.apache.shiro.codec.Base64;
 import org.apache.shiro.realm.Realm;
 import org.apache.shiro.session.mgt.ExecutorServiceSessionValidationScheduler;
 import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
 import org.apache.shiro.web.mgt.CookieRememberMeManager;
 import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
 import org.apache.shiro.mgt.SecurityManager;
 import org.apache.shiro.web.servlet.SimpleCookie;
 import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.boot.autoconfigure.AutoConfigureAfter;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.DependsOn;
 import org.springframework.core.annotation.Order;
 import javax.crypto.KeyGenerator;
 import javax.crypto.SecretKey;
 import javax.servlet.Filter;
 import java.security.NoSuchAlgorithmException;
 import java.util.HashMap;
 import java.util.LinkedHashMap;
 import java.util.Map;
 /**
 * @Description : shiro权限配置
 * @Reference :
 * @Author : alwaysfrin
 * @CreateDate : 2018-10-13 18:25
 * @Modify:
 **/
@Configuration
@AutoConfigureAfter(RedisConfig.class)       //2类配置，延后加载
 public class ShiroAuthConfiguration {
    public static final Logger LOGGER = LoggerFactory.getLogger(ShiroAuthConfiguration.class);
    //三种登陆请求
    public static String USER_LOGIN_URI = "/login";
    public static String USER_FILTER_URI = "/operate/*";
    public static String ADMIN_LOGIN_URI = "/adlogin";
    public static String ADMIN_FILTER_URI = "/adoerate/*";
    public static String SAADMIN_LOGIN_URI = "/salogin";
    public static String SAADMIN_FILTER_URI = "/saoerate/*";
    @Bean
    public AdminAuthRealm adminAuthRealm(){
        return new AdminAuthRealm();
    }
    @Bean
    public SaAuthRealm saAuthRealm(){
        return new SaAuthRealm();
    }
    @Bean
    public UserAuthRealm userAuthRealm(){
        return new UserAuthRealm();
    }
    public Map<String,Realm> supportRealmMap(){
        //支持的授权规则
        Map<String,Realm> realms = new HashMap();
        realms.put(CommonEnumUtil.USER_TYPE.USER.getCode(),userAuthRealm());
        realms.put(CommonEnumUtil.USER_TYPE.ADMIN.getCode(),adminAuthRealm());
        realms.put(CommonEnumUtil.USER_TYPE.SA.getCode(),saAuthRealm());
        return realms;
    }
    @Bean
    public ModularRealmAuthenticator modularRealmAuthenticator(){
        return  new DefaultModularRealm(supportRealmMap());
    }
    @Bean
    //@DependsOn("redisUtil")
    public SecurityManager securityManager(){
        LOGGER.info("【shiro-加载securityManager】");
        DefaultWebSecurityManager securityManager =  new DefaultWebSecurityManager();
        securityManager.setAuthenticator(modularRealmAuthenticator());
        securityManager.setRealms(supportRealmMap().values());
        securityManager.setCacheManager(getEhCacheManage());    //缓存管理
        securityManager.setSessionManager(getSessionManage());  //会话管理
        //securityManager.setRememberMeManager(getRememberManager());
        return securityManager;
    }
    /*@Bean
    public CookieRememberMeManager getRememberManager(){
        //rememberme cookie加密的密钥 建议每个项目都不一样 默认AES算法 密钥长度（128 256 512 位），通过以下代码可以获取
        //KeyGenerator keygen = KeyGenerator.getInstance("AES");
        //SecretKey deskey = keygen.generateKey();
        //System.out.println(Base64.encodeToString(deskey.getEncoded()));
        CookieRememberMeManager meManager = new CookieRememberMeManager();
        meManager.setCipherKey(Base64.decode("+vCeyY0qiyO1NdpOX9zX7w=="));
        meManager.setCookie(rememberMeCookie());
        return meManager;
    }
    *//**
     * 获取CipherKey
     *//*
    public static void main(String[] args){
        KeyGenerator keygen = null;
        try {
            keygen = KeyGenerator.getInstance("AES");
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
        }
        SecretKey deskey = keygen.generateKey();
        System.out.println(Base64.encodeToString(deskey.getEncoded()));
    }
    @Bean
    public SimpleCookie rememberMeCookie(){
        //这个参数是cookie的名称，对应前端的checkbox的name = rememberMe
        SimpleCookie simpleCookie = new SimpleCookie("impp_remember_me");
        //如果httyOnly设置为true，则客户端不会暴露给客户端脚本代码，使用HttpOnly cookie有助于减少某些类型的跨站点脚本攻击；
        simpleCookie.setHttpOnly(true);
        //记住我cookie生效时间,默认30天 ,单位秒：60 * 60 * 24 * 30
        simpleCookie.setMaxAge(259200);
        return simpleCookie;
    }*/
    @Bean
    public ShiroFilterFactoryBean shirFilter(SecurityManager securityManager) {
        ShiroFilterFactoryBean factoryBean = new ShiroFilterFactoryBean();
        factoryBean.setSecurityManager(securityManager);
        Map<String, Filter> filterMap = new HashMap();
        filterMap.put("user_filter", new UserFilter());
        filterMap.put("admin_filter", new AdminFilter());
        filterMap.put("saadmin_filter", new SaAdminFilter());
        factoryBean.setFilters(filterMap);
        Map<String, String> filterChain = new LinkedHashMap();
        //不需要过滤的路径，直接通过
        filterChain.put(USER_LOGIN_URI, "anon");
        filterChain.put(ADMIN_LOGIN_URI, "anon");
        filterChain.put(SAADMIN_LOGIN_URI, "anon");
        //需要过滤的路径
        filterChain.put(USER_FILTER_URI, "user_filter");
        filterChain.put(ADMIN_FILTER_URI, "admin_filter");
        filterChain.put(SAADMIN_FILTER_URI, "saadmin_filter");
        factoryBean.setFilterChainDefinitionMap(filterChain);
        LOGGER.info("【shiro过滤】加载完成...");
        return factoryBean;
    }
    /**
     * 缓存管理
     * @return
     */
    @Bean(name = "ehCacheManager")
    public CacheManager getEhCacheManage() {
        LOGGER.info("【shiro-加载缓存cacheManager】");
        EhCacheManager em = new EhCacheManager();
        em.setCacheManagerConfigFile("classpath:cache_session.xml");
        return em;
    }
    @Bean(name = "sessionManager")
    public DefaultWebSessionManager getSessionManage() {
        LOGGER.info("【shiro-加载sessionManager】");
        DefaultWebSessionManager sessionManager = new DefaultWebSessionManager();
        sessionManager.setSessionValidationScheduler(getExecutorServiceSessionValidationScheduler());
        sessionManager.setSessionValidationSchedulerEnabled(true);
        sessionManager.setDeleteInvalidSessions(true);
        sessionManager.setSessionIdCookieEnabled(true);
        sessionManager.setSessionIdCookie(getSessionIdCookie());
        sessionManager.setSessionDAO(getShiroSessionRedisDaoImpl());
        sessionManager.setGlobalSessionTimeout(30 * 60 * 1000); //30分钟有效期(以sessionDao中的有效时间为准)
        // 可以添加session 创建、删除的监听器
        return sessionManager;
    }
    @Bean
    public ShiroSessionRedisDaoImpl getShiroSessionRedisDaoImpl(){
        LOGGER.info("【shiro-加载缓存redisSessionManager】");
        ShiroSessionRedisDaoImpl shiroSessionRedisDao = new ShiroSessionRedisDaoImpl();
        LOGGER.info("【shiro-加载缓存cacheManager】");
        shiroSessionRedisDao.setLocalCacheManager(getEhCacheManage() );
        return shiroSessionRedisDao;
    }
    /**
     * 授权验证监听任务
     * @return
     */
    @Bean(name = "sessionValidationScheduler")
    public ExecutorServiceSessionValidationScheduler getExecutorServiceSessionValidationScheduler() {
        LOGGER.info("【shiro-加载sessionValidationScheduler】");
        ExecutorServiceSessionValidationScheduler scheduler = new ExecutorServiceSessionValidationScheduler();
        scheduler.setInterval(3 * 60 * 1000);   //每3分钟执行一次验证
        return scheduler;
    }
    @Bean(name = "sessionIdCookie")
    public SimpleCookie getSessionIdCookie() {
        LOGGER.info("【shiro-加载sessionIdCookie】");
        SimpleCookie cookie = new SimpleCookie("sid");
        cookie.setHttpOnly(true);
        cookie.setMaxAge(-1);
        return cookie;
    }
 }
--- a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/controller/DemoAuthController.java
+++ b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/controller/DemoAuthController.java
@ -1,12 +1,10 @@
 package cn.estsh.i3plus.core.apiservice.controller;
-import cn.estsh.i3plus.core.api.iservice.busi.ISystemUserService;
+import cn.estsh.i3plus.core.api.iservice.base.ISystemLoginService;
 import cn.estsh.i3plus.core.apiservice.auth.AuthUtil;
 import cn.estsh.i3plus.platform.common.tool.EncryptTool;
 import cn.estsh.i3plus.platform.common.util.CommonConstWords;
 import cn.estsh.i3plus.pojo.factory.bean.MachineFactory;
 import cn.estsh.i3plus.pojo.model.busi.ResultBean;
 import cn.estsh.i3plus.pojo.platform.bean.SessionUser;
 import cn.estsh.impp.framework.boot.auth.AuthUtil;
 import cn.estsh.impp.framework.boot.exception.ImppBusiException;
 import cn.estsh.impp.framework.boot.util.ImppRedis;
 import io.swagger.annotations.Api;
@ -14,13 +12,10 @@ import io.swagger.annotations.ApiOperation;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RestController;
 import javax.annotation.Resource;
 import java.io.UnsupportedEncodingException;
 import java.security.NoSuchAlgorithmException;
 /**
 * @Description :
@ -34,7 +29,7 @@ import java.security.NoSuchAlgorithmException;
 public class DemoAuthController {
    public static final Logger LOGGER = LoggerFactory.getLogger(DemoAuthController.class);
    @Autowired
-    private ISystemUserService systemUserService;
+    private ISystemLoginService systemLoginService;
    /**
     * 缓存
     */
@ -46,7 +41,7 @@ public class DemoAuthController {
    public ResultBean login(String loginName,String loginPwd,String languageCode){
        LOGGER.info("用户登陆：{},{},{}",loginName,loginPwd,languageCode);
        try {
-            SessionUser sUser = systemUserService.queryUserLogin(loginName,loginPwd,languageCode);
+            SessionUser sUser = systemLoginService.queryUserLogin(loginName,loginPwd,languageCode);
            LOGGER.info("会员登陆：{}",sUser);
            AuthUtil.setSessionObject("languageCode",languageCode);
@ -97,7 +92,7 @@ public class DemoAuthController {
        LOGGER.info("管理员登陆：{},{},{}",loginName,loginPwd,languageCode);
        try {
-            systemUserService.queryAdminLogin(loginName,EncryptTool.hexMD5(loginPwd),languageCode);
+            systemLoginService.queryAdminLogin(loginName,EncryptTool.hexMD5(loginPwd),languageCode);
            return new ResultBean(true,"");
        } catch (Exception e) {
--- a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/serviceimpl/base/SystemLoginService.java
+++ b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/serviceimpl/base/SystemLoginService.java
@ -1,35 +1,31 @@
-package cn.estsh.i3plus.core.apiservice.serviceimpl.busi;
+package cn.estsh.i3plus.core.apiservice.serviceimpl.base;
-import cn.estsh.i3plus.core.api.iservice.busi.ISystemUserService;
+import cn.estsh.i3plus.core.api.iservice.base.ISystemLoginService;
 import cn.estsh.i3plus.core.api.token.AdminToken;
 import cn.estsh.i3plus.core.api.token.SaAdminToken;
 import cn.estsh.i3plus.core.api.token.UserToken;
 import cn.estsh.i3plus.core.apiservice.auth.AuthUtil;
 import cn.estsh.i3plus.core.apiservice.controller.DemoAuthController;
 import cn.estsh.i3plus.platform.common.enumutil.CommonEnumUtil;
 import cn.estsh.i3plus.pojo.base.shirotoken.AdminToken;
 import cn.estsh.i3plus.pojo.base.shirotoken.SaAdminToken;
 import cn.estsh.i3plus.pojo.base.shirotoken.UserToken;
 import cn.estsh.i3plus.pojo.platform.bean.SessionUser;
 import cn.estsh.i3plus.pojo.platform.bean.SysUser;
 import cn.estsh.i3plus.pojo.platform.repository.SysUserRepository;
 import cn.estsh.impp.framework.boot.auth.AuthUtil;
 import cn.estsh.impp.framework.boot.exception.ImppExceptionBuilder;
 import cn.estsh.impp.framework.boot.exception.ImppExceptionEnum;
 import org.apache.commons.lang3.StringUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 import javax.websocket.Session;
 /**
- * @Description : 用户系统方法
+ * @Description : 用户登陆方法
 * @Reference :
 * @Author : alwaysfrin
 * @CreateDate : 2018-10-13 17:18
 * @Modify:
 **/
@Service
-public class SystemUserService implements ISystemUserService {
+public class SystemLoginService implements ISystemLoginService {
-    private static final Logger LOGGER = LoggerFactory.getLogger(SystemUserService.class);
+    private static final Logger LOGGER = LoggerFactory.getLogger(SystemLoginService.class);
    @Autowired
    private SysUserRepository sysUserRDao;
--- a/modules/i3plus-core-apiservice/src/main/resources/application-dev.properties
+++ b/modules/i3plus-core-apiservice/src/main/resources/application-dev.properties
@ -1,3 +1,17 @@
 #用户登陆路径
 filter.shiro.user.loginuri = /login
 #系统管理员登陆路径
 filter.shiro.admin.loginuri = /salogin
 #运维人员登陆路径
 filter.shiro.saadmin.loginuri = /salogin
 #用户授权过滤路径
 filter.shiro.user.filteruri = /operate/*
 #用户授权过滤路径
 filter.shiro.admin.filteruri = /adoperate/*
 #用户授权过滤路径
 filter.shiro.saadmin.filteruri = /saoperate/*
 ################ 主数据源 ################
 # mysql
 #spring.datasource.driver-class-name=com.mysql.jdbc.Driver
--- a/modules/i3plus-core-apiservice/src/main/resources/application.properties
+++ b/modules/i3plus-core-apiservice/src/main/resources/application.properties
@ -1,7 +1,7 @@
 #项目名称
 spring.application.name=${project.name}
 #项目端口
-server.port=8080
+server.port=8081
 #使用配置
 spring.profiles.active=dev
--- a/modules/i3plus-core-apiservice/src/main/resources/log4j2.xml
+++ b/modules/i3plus-core-apiservice/src/main/resources/log4j2.xml
@ -2,7 +2,8 @@
 <configuration status="WARN">
    <!--全局参数-->
    <Properties>
-        <Property name="pattern">%d{yyyy-MM-dd HH:mm:ss,SSS} %5p %c{1}:%L - %m%n</Property>
+        <!-- %d{yyyy-MM-dd HH:mm:ss,SSS} %5p %c{1}:%L - %m%n -->
        <Property name="pattern">[%-5p] %d{yyyy-MM-dd HH:mm:ss-SSS} %l:%m%n</Property>
    </Properties>
    <Loggers>
        <Root level="${log4j2.level}">