瀏覽代碼

v 1.5.0 RC2

v 1.5.0 RC2
shimingxy 5 年之前
父節點
當前提交
caa656191a

+ 5 - 0
maxkey-core/src/main/java/org/maxkey/authn/support/rememberme/RedisRemeberMeService.java

@@ -41,6 +41,11 @@ public class RedisRemeberMeService extends AbstractRemeberMeService {
         conn.close();
     }
 
+    public RedisRemeberMeService(RedisConnectionFactory connectionFactory) {
+        super();
+        this.connectionFactory = connectionFactory;
+    }
+
     public void setConnectionFactory(RedisConnectionFactory connectionFactory) {
         this.connectionFactory = connectionFactory;
     }

+ 89 - 1
maxkey-core/src/main/java/org/maxkey/autoconfigure/ApplicationAutoConfiguration.java

@@ -5,10 +5,17 @@ import java.io.IOException;
 import javax.sql.DataSource;
 import org.maxkey.authn.RealmAuthenticationProvider;
 import org.maxkey.authn.SavedRequestAwareAuthenticationSuccessHandler;
+import org.maxkey.authn.support.rememberme.AbstractRemeberMeService;
+import org.maxkey.authn.support.rememberme.InMemoryRemeberMeService;
+import org.maxkey.authn.support.rememberme.JdbcRemeberMeService;
+import org.maxkey.authn.support.rememberme.RedisRemeberMeService;
+import org.maxkey.crypto.keystore.KeyStoreLoader;
 import org.maxkey.crypto.password.PasswordReciprocal;
+import org.maxkey.persistence.redis.RedisConnectionFactory;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.InitializingBean;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.boot.context.properties.ConfigurationProperties;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
@@ -16,11 +23,16 @@ import org.springframework.context.annotation.Primary;
 import org.springframework.context.annotation.PropertySource;
 import org.springframework.context.support.PropertySourcesPlaceholderConfigurer;
 import org.springframework.core.io.ClassPathResource;
+import org.springframework.core.io.Resource;
 import org.springframework.jdbc.core.JdbcTemplate;
 import org.springframework.jdbc.datasource.DataSourceTransactionManager;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+
 
 @Configuration
 @PropertySource("classpath:/application.properties")
+@PropertySource("classpath:/config/applicationConfig.properties")
 public class ApplicationAutoConfiguration  implements InitializingBean {
     private static final  Logger _logger = 
             LoggerFactory.getLogger(ApplicationAutoConfiguration.class);
@@ -77,9 +89,85 @@ public class ApplicationAutoConfiguration  implements InitializingBean {
     }
     
     @Bean(name = "transactionManager")
-    DataSourceTransactionManager transactionManager(DataSource dataSource) {
+    public DataSourceTransactionManager transactionManager(DataSource dataSource) {
         return new DataSourceTransactionManager(dataSource);
     }
+    
+    /**
+     * Authentication Password Encoder .
+     * @return
+     */
+    @Bean(name = "passwordEncoder")
+    public PasswordEncoder passwordEncoder() {
+        return new BCryptPasswordEncoder();
+    }
+    
+    /**
+     * remeberMeService .
+     * @return
+     */
+    @Bean(name = "remeberMeService")
+    public AbstractRemeberMeService remeberMeService(
+            @Value("${config.server.persistence}") int persistence,
+            @Value("${config.login.remeberme.validity}") int validity,
+            JdbcTemplate jdbcTemplate,
+            RedisConnectionFactory jedisConnectionFactory) {
+        AbstractRemeberMeService remeberMeService = null;
+        if (persistence == 0) {
+            remeberMeService = new InMemoryRemeberMeService();
+            _logger.debug("InMemoryRemeberMeService");
+        } else if (persistence == 1) {
+            remeberMeService = new JdbcRemeberMeService(jdbcTemplate);
+            _logger.debug("JdbcRemeberMeService");
+        } else if (persistence == 2) {
+            remeberMeService = new RedisRemeberMeService(jedisConnectionFactory);
+            _logger.debug("RedisRemeberMeService");
+        }
+        return remeberMeService;
+    }
+    
+    /**
+     * keyStoreLoader .
+     * @return
+     */
+    @Bean(name = "keyStoreLoader")
+    public KeyStoreLoader keyStoreLoader(
+            @Value("${config.saml.v20.idp.issuing.entity.id}") String entityName,
+            @Value("${config.saml.v20.idp.keystore.password}") String keystorePassword,
+            @Value("${config.saml.v20.idp.keystore}") Resource keystoreFile) {
+        KeyStoreLoader keyStoreLoader = new KeyStoreLoader();
+        keyStoreLoader.setEntityName(entityName);
+        keyStoreLoader.setKeystorePassword(keystorePassword);
+        keyStoreLoader.setKeystoreFile(keystoreFile);
+        return keyStoreLoader;
+    }
+    
+    /**
+     * spKeyStoreLoader .
+     * @return
+     */
+    @Bean(name = "spKeyStoreLoader")
+    public KeyStoreLoader spKeyStoreLoader(
+            @Value("${config.saml.v20.sp.issuing.entity.id}") String entityName,
+            @Value("${config.saml.v20.sp.keystore.password}") String keystorePassword,
+            @Value("${config.saml.v20.sp.keystore}") Resource keystoreFile) {
+        KeyStoreLoader keyStoreLoader = new KeyStoreLoader();
+        keyStoreLoader.setEntityName(entityName);
+        keyStoreLoader.setKeystorePassword(keystorePassword);
+        keyStoreLoader.setKeystoreFile(keystoreFile);
+        return keyStoreLoader;
+    }
+    
+    /**
+     * spKeyStoreLoader .
+     * @return
+     */
+    @Bean(name = "spIssuingEntityName")
+    public String spIssuingEntityName(
+            @Value("${config.saml.v20.sp.issuing.entity.id}") String spIssuingEntityName) {
+        return spIssuingEntityName;
+    }
+
 
     @Override
     public void afterPropertiesSet() throws Exception {

+ 122 - 0
maxkey-core/src/main/java/org/maxkey/autoconfigure/JwtAuthnAutoConfiguration.java

@@ -0,0 +1,122 @@
+package org.maxkey.autoconfigure;
+
+import com.nimbusds.jose.JOSEException;
+import com.nimbusds.jose.JWEAlgorithm;
+import java.net.URI;
+import java.security.NoSuchAlgorithmException;
+import java.security.spec.InvalidKeySpecException;
+import org.maxkey.authn.support.jwt.JwtLoginService;
+import org.maxkey.config.oidc.OIDCProviderMetadataDetails;
+import org.maxkey.crypto.jose.keystore.JWKSetKeyStore;
+import org.maxkey.crypto.jwt.encryption.service.impl.DefaultJwtEncryptionAndDecryptionService;
+import org.maxkey.crypto.jwt.signer.service.impl.DefaultJwtSigningAndValidationService;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.InitializingBean;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.PropertySource;
+import org.springframework.core.io.ClassPathResource;
+
+
+@Configuration
+@PropertySource("classpath:/application.properties")
+@PropertySource("classpath:/config/applicationConfig.properties")
+public class JwtAuthnAutoConfiguration implements InitializingBean {
+    private static final  Logger _logger = LoggerFactory.getLogger(JwtAuthnAutoConfiguration.class);
+    
+    /**
+     * OIDCProviderMetadataDetails. 
+     * Self-issued Provider Metadata
+     * http://openid.net/specs/openid-connect-core-1_0.html#SelfIssued 
+     */
+    @Bean(name = "oidcProviderMetadata")
+    public OIDCProviderMetadataDetails OIDCProviderMetadataDetails(
+            @Value("${config.oidc.metadata.issuer}")
+            String issuer,
+            @Value("${config.oidc.metadata.authorizationEndpoint}")
+            URI authorizationEndpoint,
+            @Value("${config.oidc.metadata.tokenEndpoint}")
+            URI tokenEndpoint,
+            @Value("${config.oidc.metadata.userinfoEndpoint}")
+            URI userinfoEndpoint) {
+        _logger.debug("RedisConnectionFactory init .");
+        OIDCProviderMetadataDetails oidcProviderMetadata = new OIDCProviderMetadataDetails();
+        oidcProviderMetadata.setIssuer(issuer);
+        oidcProviderMetadata.setAuthorizationEndpoint(authorizationEndpoint);
+        oidcProviderMetadata.setTokenEndpoint(tokenEndpoint);
+        oidcProviderMetadata.setUserinfoEndpoint(userinfoEndpoint);
+        return oidcProviderMetadata;
+    }
+
+    /**
+     * jwtSetKeyStore.
+     * @return
+     */
+    @Bean(name = "jwkSetKeyStore")
+    public JWKSetKeyStore jwtSetKeyStore() {
+        JWKSetKeyStore jwkSetKeyStore = new JWKSetKeyStore();
+        ClassPathResource classPathResource = new ClassPathResource("/config/keystore.jwks");
+        jwkSetKeyStore.setLocation(classPathResource);
+        return jwkSetKeyStore;
+    }
+    
+    /**
+     * jwtSetKeyStore.
+     * @return
+     * @throws JOSEException
+     * @throws InvalidKeySpecException 
+     * @throws NoSuchAlgorithmException 
+     */
+    @Bean(name = "jwtSignerValidationService")
+    public DefaultJwtSigningAndValidationService jwtSignerValidationService(
+            JWKSetKeyStore jwtSetKeyStore) 
+                    throws NoSuchAlgorithmException, InvalidKeySpecException, JOSEException {
+        DefaultJwtSigningAndValidationService jwtSignerValidationService = 
+                new DefaultJwtSigningAndValidationService(jwtSetKeyStore);
+        jwtSignerValidationService.setDefaultSignerKeyId("maxkey_rsa");
+        jwtSignerValidationService.setDefaultSigningAlgorithmName("RS256");
+        return jwtSignerValidationService;
+    }
+    
+    /**
+     * jwtSetKeyStore.
+     * @return
+     * @throws JOSEException 
+     * @throws InvalidKeySpecException 
+     * @throws NoSuchAlgorithmException 
+     */
+    @Bean(name = "jwtEncryptionService")
+    public DefaultJwtEncryptionAndDecryptionService jwtEncryptionService(
+            JWKSetKeyStore jwtSetKeyStore) 
+                    throws NoSuchAlgorithmException, InvalidKeySpecException, JOSEException {
+        DefaultJwtEncryptionAndDecryptionService jwtEncryptionService = 
+                new DefaultJwtEncryptionAndDecryptionService(jwtSetKeyStore);
+        jwtEncryptionService.setDefaultAlgorithm(JWEAlgorithm.RSA1_5);//RSA1_5
+        jwtEncryptionService.setDefaultDecryptionKeyId("maxkey_rsa");
+        jwtEncryptionService.setDefaultEncryptionKeyId("maxkey_rsa");
+        return jwtEncryptionService;
+    }
+    
+    /**
+     * JwtLoginService.
+     * @return
+     */
+    @Bean(name = "jwtLoginService")
+    public JwtLoginService jwtLoginService(
+            DefaultJwtSigningAndValidationService jwtSignerValidationService,
+            OIDCProviderMetadataDetails oidcProviderMetadata) {
+        JwtLoginService jwkSetKeyStore = new JwtLoginService();
+        jwkSetKeyStore.setJwtSignerValidationService(jwtSignerValidationService);
+        jwkSetKeyStore.setJwtProviderMetadata(oidcProviderMetadata);
+        return jwkSetKeyStore;
+    }
+    
+ 
+    @Override
+    public void afterPropertiesSet() throws Exception {
+        // TODO Auto-generated method stub
+        
+    }
+}

+ 15 - 2
maxkey-web-manage/src/main/java/org/maxkey/MaxKeyMgtApplication.java

@@ -3,6 +3,7 @@ package org.maxkey;
 import java.util.Date;
 import javax.servlet.ServletException;
 import org.maxkey.web.InitializeContext;
+import org.mybatis.spring.annotation.MapperScan;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.boot.SpringApplication;
@@ -16,9 +17,22 @@ import org.springframework.context.annotation.ImportResource;
 @SpringBootApplication
 @ImportResource(locations={"classpath:spring/maxkey-mgt.xml"})
 @ComponentScan(basePackages = {
-		"org.maxkey.MaxKeyMgtConfig"
+		"org.maxkey.MaxKeyMgtConfig",
+		"org.maxkey.config",
+		"org.maxkey.domain",
+		"org.maxkey.domain.apps",
+		"org.maxkey.domain.userinfo",
+		"org.maxkey.web.endpoint",
+		"org.maxkey.web.contorller",
+		"org.maxkey.web.apps.contorller",
+		"org.maxkey.web.endpoint",
+		"org.maxkey.authn",
+		"org.maxkey.dao",
+		"org.maxkey.web",
+		"org.maxkey.web.tag"
 	}
 )
+@MapperScan("org.maxkey.dao.persistence,")
 public class MaxKeyMgtApplication extends SpringBootServletInitializer {
 	private static final Logger _logger = LoggerFactory.getLogger(MaxKeyMgtApplication.class);
 
@@ -28,7 +42,6 @@ public class MaxKeyMgtApplication extends SpringBootServletInitializer {
 		ConfigurableApplicationContext  applicationContext =SpringApplication.run(MaxKeyMgtApplication.class, args);
 		InitializeContext initWebContext=new InitializeContext(applicationContext);
 		
-		
 		try {
 			initWebContext.init(null);
 		} catch (ServletException e) {

+ 20 - 3
maxkey-web-manage/src/main/java/org/maxkey/MaxKeyMgtConfig.java

@@ -1,16 +1,19 @@
 package org.maxkey;
 
-import org.mybatis.spring.annotation.MapperScan;
+import javax.sql.DataSource;
+import org.maxkey.authz.oauth2.provider.client.JdbcClientDetailsService;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.InitializingBean;
 import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.PropertySource;
+import org.springframework.security.crypto.password.PasswordEncoder;
 
 @Configuration
 @PropertySource("classpath:/application.properties")
-@MapperScan("org.maxkey.dao.persistence,")
-public class MaxKeyMgtConfig {
+public class MaxKeyMgtConfig  implements InitializingBean {
     private static final  Logger _logger = LoggerFactory.getLogger(MaxKeyMgtConfig.class);
     
 	@Value("${server.port:8080}")
@@ -23,5 +26,19 @@ public class MaxKeyMgtConfig {
 	public void setPort(int port) {
 		this.port = port;
 	}
+	
+	@Bean(name = "oauth20JdbcClientDetailsService")
+    public JdbcClientDetailsService JdbcClientDetailsService(
+                DataSource dataSource,PasswordEncoder passwordReciprocal) {
+	    JdbcClientDetailsService clientDetailsService = new JdbcClientDetailsService(dataSource);
+	    clientDetailsService.setPasswordEncoder(passwordReciprocal);
+        return clientDetailsService;
+    }
+
+    @Override
+    public void afterPropertiesSet() throws Exception {
+        // TODO Auto-generated method stub
+        
+    }
 
 }

+ 2 - 0
maxkey-web-manage/src/main/resources/META-INF/spring.factories

@@ -3,4 +3,6 @@ org.springframework.boot.autoconfigure.EnableAutoConfiguration=\
 org.maxkey.autoconfigure.ApplicationAutoConfiguration,\
 org.maxkey.autoconfigure.KaptchaAutoConfiguration,\
 org.maxkey.autoconfigure.MvcAutoConfiguration,\
+org.maxkey.autoconfigure.JwtAuthnAutoConfiguration,\
+org.maxkey.autoconfigure.RedisAutoConfiguration,\
 org.maxkey.MaxKeyMgtConfig

+ 9 - 0
maxkey-web-manage/src/main/resources/application.properties

@@ -24,6 +24,15 @@ spring.datasource.type=com.alibaba.druid.pool.DruidDataSource
 #mybatis
 mybatis.type-aliases-package=org.maxkey.domain,org.maxkey.domain.apps,
 mybatis.mapper-locations=classpath*:/org/maxkey/dao/persistence/xml/mysql/*.xml
+#redis
+spring.redis.host=127.0.0.1
+spring.redis.port=6379
+spring.redis.password=password
+spring.redis.timeout=10000
+spring.redis.jedis.pool.max-wait=1000
+spring.redis.jedis.pool.max-idle=200
+spring.redis.lettuce.pool.max-active=-1
+spring.redis.lettuce.pool.min-idle=0
 #mail
 spring.mail.default-encoding=utf-8
 spring.mail.host=smtp.163.com

+ 3 - 1
maxkey-web-manage/src/main/resources/config/applicationConfig.properties

@@ -9,6 +9,8 @@ config.server.prefix.uri=${config.server.name}:9521/maxkey-mgt
 #default.uri
 config.server.default.uri=${config.server.prefix.uri}/main
 config.maxkey.uri=${config.server.name}/maxkey
+#InMemory 0 , jdbc  1, Redis 2 
+config.server.persistence=0
 ############################################################################
 #                Login configuration
 #enable captcha
@@ -26,7 +28,7 @@ config.login.wsfederation=false
 #remeberme
 config.login.remeberme=false
 #validity
-config.login.remeberme.validity=
+config.login.remeberme.validity=0
 #default.uri
 #to appList page
 config.login.default.uri=appList

+ 0 - 169
maxkey-web-manage/src/main/resources/spring/maxkey-mgt-security.xml

@@ -1,169 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" ?>
-<beans 	xmlns="http://www.springframework.org/schema/beans"
-		xmlns:context="http://www.springframework.org/schema/context"
-		xmlns:mvc="http://www.springframework.org/schema/mvc"
-		xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-		xmlns:p="http://www.springframework.org/schema/p"
-		xmlns:util="http://www.springframework.org/schema/util"
-		xsi:schemaLocation="
-	        http://www.springframework.org/schema/beans 
-			http://www.springframework.org/schema/beans/spring-beans.xsd
-			http://www.springframework.org/schema/context 
-			http://www.springframework.org/schema/context/spring-context.xsd
-	        http://www.springframework.org/schema/util     
-	        http://www.springframework.org/schema/util/spring-util.xsd
-	        http://www.springframework.org/schema/mvc 
-			http://www.springframework.org/schema/mvc/spring-mvc.xsd">
-			
-	<!-- enable autowire -->
-    <context:annotation-config />
-    <!-- language select must remove -->
-	<mvc:annotation-driven />
-  
-	 <!-- 
-	 * Self-issued Provider Metadata
-	 *
-	 * http://openid.net/specs/openid-connect-core-1_0.html#SelfIssued 
-	 * -->
-	<bean id="oidcProviderMetadata" class="org.maxkey.config.oidc.OIDCProviderMetadataDetails">
-		<property name="issuer" value="${config.oidc.metadata.issuer}" />
-		<property name="authorizationEndpoint" value="${config.oidc.metadata.authorizationEndpoint}" />
-		<property name="tokenEndpoint" value="${config.oidc.metadata.tokenEndpoint}" />
-		<property name="userinfoEndpoint" value="${config.oidc.metadata.userinfoEndpoint}" />
-	</bean>
-	
-	<bean id="jwkSetKeyStore" class="org.maxkey.crypto.jose.keystore.JWKSetKeyStore">
-		<property name="location" value="classpath:config/keystore.jwks" />
-	</bean>
-	
-	<bean id="jwtSignerValidationService" class="org.maxkey.crypto.jwt.signer.service.impl.DefaultJwtSigningAndValidationService">
-		<constructor-arg name="keyStore" ref="jwkSetKeyStore" />
-		<property name="defaultSignerKeyId" value="maxkey_rsa" />
- 		<property name="defaultSigningAlgorithmName" value="RS256" />
-	</bean>
-
-	<bean id="jwtEncryptionService" class="org.maxkey.crypto.jwt.encryption.service.impl.DefaultJwtEncryptionAndDecryptionService">
-		<constructor-arg name="keyStore" ref="jwkSetKeyStore" />
-		<property name="defaultAlgorithm" value="RSA1_5" />
-		<property name="defaultDecryptionKeyId" value="maxkey_rsa" />
-		<property name="defaultEncryptionKeyId" value="maxkey_rsa" />
-	</bean>
-
-	<bean id="jwtLoginService" class="org.maxkey.authn.support.jwt.JwtLoginService">
-		<property name="jwtSignerValidationService" ref="jwtSignerValidationService" />
- 		<property name="jwtProviderMetadata"  ref="oidcProviderMetadata" />
-	</bean>
-		
-	<!-- web Controller InterceptorAdapter  -->
-	<mvc:interceptors>
-		<!-- web Controller InterceptorAdapter for platform permission  -->
-		<mvc:interceptor>
-			<mvc:mapping path="/main*/**" />
-			<mvc:mapping path="/main*/**" />
-			<mvc:mapping path="/orgs*/**" />
-			<mvc:mapping path="/userinfo*/**" />
-			<mvc:mapping path="/apps*/**" />
-			<mvc:mapping path="/app*/**" />
-			<mvc:mapping path="/groups*/**" />
-			<mvc:mapping path="/groupMember*/**" />
-			<mvc:mapping path="/groupPrivileges*/**" />
-			<mvc:mapping path="/config*/**" />
-			<mvc:mapping path="/logs*/**" />
-			
-			<bean class="org.maxkey.web.interceptor.PermissionAdapter" />
-		</mvc:interceptor>	
-		<!-- web Controller InterceptorAdapter for platform log  -->
-		<mvc:interceptor>
-			<mvc:mapping path="/users/*" /> 
-			<mvc:mapping path="/userinfo/*" />
-			<mvc:mapping path="/enterprises/*" />
-			<mvc:mapping path="/employees/*" />
-			<mvc:mapping path="/authInfo/*" />
-			<mvc:mapping path="/usercenter/*"/>
-			<mvc:mapping path="/retrievePassword/*"/>
-			<mvc:mapping path="/roles/*"/>
-			<mvc:mapping path="/applications/*"/>
-			<mvc:mapping path="/approles/*"/>
-			<bean class="org.maxkey.web.interceptor.HistoryLogsAdapter" />
-		</mvc:interceptor>
-		
-		 <ref bean="localeChangeInterceptor" />
-	</mvc:interceptors>
-    <!-- 
-     <bean id="remeberMeService" class="org.maxkey.authn.support.rememberme.JdbcRemeberMeService">
-		<constructor-arg ref="jdbcTemplate"/>
-		<property name="validity" value="${config.login.remeberme.validity}"/>
-	</bean>
-	 -->
-	<bean id="remeberMeService" class="org.maxkey.authn.support.rememberme.InMemoryRemeberMeService">
-	</bean>	
-	
-	<bean id="timeBasedKeyUriFormat" class="org.maxkey.crypto.password.opt.algorithm.KeyUriFormat">
-		<property name="type" value="totp" />
-		<property name="digits" value="6" />
-		<property name="issuer" value="maxkey" />
-		<property name="domain" value="maxkey.org" />
-		<property name="period" value="30" />
-		
-	</bean>
-	
-	<bean id="tfaOptAuthn" class="org.maxkey.crypto.password.opt.impl.TimeBasedOtpAuthn">
-	</bean>
-	
-	<!-- Authentication Password Encoder Config -->
-	<bean id="passwordEncoder" class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder"></bean>   
-	
-	<!-- LDAP Realm 
-	<bean id="authenticationRealm" class="org.maxkey.web.authentication.realm.ldap.LdapAuthenticationRealm">
-		<constructor-arg ref="jdbcTemplate"/>
-		<property name="ldapServers">
-			<list>
-				<bean id="ldapServer1" class="org.maxkey.web.authentication.realm.ldap.LdapServer">
-					<property name="ldapUtils">
-						<bean id="ldapUtils" class="org.maxkey.ldap.LdapUtils">
-							<property name="providerUrl" value="ldap://localhost:389"></property>
-							<property name="principal" value="cn=root"></property>
-							<property name="credentials" value="rootroot"></property>
-							<property name="baseDN" value="dc=connsec,dc=com"></property>
-						</bean>
-					</property>
-					<property name="filterAttribute" value="uid"></property>
-				</bean>	
-			</list>
-		</property>
-	</bean> -->
-	
-	<!-- Active Directory  Realm 
-	<bean id="authenticationRealm" class="org.maxkey.web.authentication.realm.activedirectory.ActiveDirectoryAuthenticationRealm">
-		<constructor-arg ref="jdbcTemplate"/>
-		<property name="activeDirectoryServers">
-			<list>
-				<bean id="activeDirectory1" class="org.maxkey.web.authentication.realm.activedirectory.ActiveDirectoryServer">
-					<property name="activeDirectoryUtils">
-						<bean id="ldapUtils" class="org.maxkey.ldap.ActiveDirectoryUtils">
-							<property name="providerUrl" value="ldap://localhost:389"></property>
-							<property name="principal" value="cn=root"></property>
-							<property name="credentials" value="rootroot"></property>
-							<property name="domain" value="connsec"></property>
-						</bean>
-					</property>
-				</bean>	
-			</list>
-		</property>
-	</bean> -->
-	
-	<!-- Default Realm-->
-	<!-- realm use jdbc -->
-	<bean id="authenticationRealm" class="org.maxkey.authn.realm.jdbc.JdbcAuthenticationRealm">
-		<constructor-arg ref="jdbcTemplate"/>
-	</bean>
-	
-	<!-- Authentication providers -->
-    <bean id="authenticationProvider" class="org.maxkey.authn.RealmAuthenticationProvider" >
-    </bean>
-
-	<mvc:annotation-driven />
-
-	<mvc:default-servlet-handler />
-
-</beans>

+ 0 - 51
maxkey-web-manage/src/main/resources/spring/maxkey-mgt-task.xml

@@ -1,51 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" ?>
-<beans 	xmlns="http://www.springframework.org/schema/beans"
-		xmlns:context="http://www.springframework.org/schema/context"
-		xmlns:mvc="http://www.springframework.org/schema/mvc"
-		xmlns:sec="http://www.springframework.org/schema/security"
-		xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-		xmlns:p="http://www.springframework.org/schema/p"
-		xmlns:util="http://www.springframework.org/schema/util"
-		xsi:schemaLocation="
-	        http://www.springframework.org/schema/beans 
-			http://www.springframework.org/schema/beans/spring-beans.xsd
-			http://www.springframework.org/schema/context 
-			http://www.springframework.org/schema/context/spring-context.xsd
-	        http://www.springframework.org/schema/util     
-	        http://www.springframework.org/schema/util/spring-util.xsd
-	        http://www.springframework.org/schema/mvc 
-			http://www.springframework.org/schema/mvc/spring-mvc.xsd
-			http://www.springframework.org/schema/security 
-			http://www.springframework.org/schema/security/spring-security.xsd">
- 
- 	<!-- Scheduler Task  Start -->		
-	<!-- Day login report
-	<bean id="loginDayReport" class="org.maxkey.tasks.report.LoginDayReport">
-		<property name="jdbcTemplate" ref="jdbcTemplate" />
-	</bean>
-	
-	<bean id="jobDetailLoginDayReport" class="org.springframework.scheduling.quartz.MethodInvokingJobDetailFactoryBean" >
-		<property name="targetObject" ref="loginDayReport" />
-	    <property name="targetMethod" value="dayReportCount" />
-	    <property name="concurrent" value="false" />
-	</bean>
-	
-	<bean id="triggerJobDetailLoginDayReport" class="org.springframework.scheduling.quartz.CronTriggerFactoryBean">
-    	 <property name="cronExpression" value="59 59 23 * * ?" /> 
-	</bean>
-	
-	
-	<bean class="org.springframework.scheduling.quartz.SchedulerFactoryBean">
-	    <property name="triggers">
-	        <list>
-	        	<ref bean="triggerJobDetailLoginDayReport" />
- 
-	            <ref bean="cronTrigger" />
-	            <ref bean="simpleTrigger" /> 
-	        </list>
-	    </property>
-	</bean>	-->
-	
-	<!-- Scheduler Task End -->
-
-</beans>

+ 84 - 48
maxkey-web-manage/src/main/resources/spring/maxkey-mgt.xml

@@ -19,58 +19,94 @@
 	        http://www.springframework.org/schema/mvc/spring-mvc.xsd">
     <!-- enable autowire -->
     <context:annotation-config />
-    <!-- language select must remove -->
 	<mvc:annotation-driven />
-
-	<context:component-scan base-package="org.maxkey.config" />
-	<!-- Scans the classpath for annotated components that will be auto-registered as Spring beans.
-     @Controller and @Service. Make sure to set the correct base-package-->
  
-    <!-- domain bean  -->
-    <context:component-scan base-package="org.maxkey.domain" />
-    <context:component-scan base-package="org.maxkey.domain.apps" />
-    <context:component-scan base-package="org.maxkey.domain.userinfo" />
+    <!-- web Controller InterceptorAdapter  -->
+    <mvc:interceptors>
+        <!-- web Controller InterceptorAdapter for platform permission  -->
+        <mvc:interceptor>
+            <mvc:mapping path="/main*/**" />
+            <mvc:mapping path="/main*/**" />
+            <mvc:mapping path="/orgs*/**" />
+            <mvc:mapping path="/userinfo*/**" />
+            <mvc:mapping path="/apps*/**" />
+            <mvc:mapping path="/app*/**" />
+            <mvc:mapping path="/groups*/**" />
+            <mvc:mapping path="/groupMember*/**" />
+            <mvc:mapping path="/groupPrivileges*/**" />
+            <mvc:mapping path="/config*/**" />
+            <mvc:mapping path="/logs*/**" />
+            
+            <bean class="org.maxkey.web.interceptor.PermissionAdapter" />
+        </mvc:interceptor>  
+        <!-- web Controller InterceptorAdapter for platform log  -->
+        <mvc:interceptor>
+            <mvc:mapping path="/users/*" /> 
+            <mvc:mapping path="/userinfo/*" />
+            <mvc:mapping path="/enterprises/*" />
+            <mvc:mapping path="/employees/*" />
+            <mvc:mapping path="/authInfo/*" />
+            <mvc:mapping path="/usercenter/*"/>
+            <mvc:mapping path="/retrievePassword/*"/>
+            <mvc:mapping path="/roles/*"/>
+            <mvc:mapping path="/applications/*"/>
+            <mvc:mapping path="/approles/*"/>
+            <bean class="org.maxkey.web.interceptor.HistoryLogsAdapter" />
+        </mvc:interceptor>
+        
+         <ref bean="localeChangeInterceptor" />
+    </mvc:interceptors>
     
+    <bean id="tfaOptAuthn" class="org.maxkey.crypto.password.opt.impl.TimeBasedOtpAuthn">
+    </bean>
     
-    <!-- Business  Contorller -->
-    <context:component-scan base-package="org.maxkey.web.endpoint" />
-    <context:component-scan base-package="org.maxkey.web.contorller" />
-    <context:component-scan base-package="org.maxkey.web.apps.contorller" />
-    <context:component-scan base-package="org.maxkey.web.endpoint" />
-    <context:component-scan base-package="org.maxkey.authn" />
-    <context:component-scan base-package="org.maxkey.dao" />
-    <context:component-scan base-package="org.maxkey.web" />
-    <context:component-scan base-package="org.maxkey.web.tag" />
+    <!-- LDAP Realm 
+    <bean id="authenticationRealm" class="org.maxkey.web.authentication.realm.ldap.LdapAuthenticationRealm">
+        <constructor-arg ref="jdbcTemplate"/>
+        <property name="ldapServers">
+            <list>
+                <bean id="ldapServer1" class="org.maxkey.web.authentication.realm.ldap.LdapServer">
+                    <property name="ldapUtils">
+                        <bean id="ldapUtils" class="org.maxkey.ldap.LdapUtils">
+                            <property name="providerUrl" value="ldap://localhost:389"></property>
+                            <property name="principal" value="cn=root"></property>
+                            <property name="credentials" value="rootroot"></property>
+                            <property name="baseDN" value="dc=connsec,dc=com"></property>
+                        </bean>
+                    </property>
+                    <property name="filterAttribute" value="uid"></property>
+                </bean> 
+            </list>
+        </property>
+    </bean> -->
     
-	
-	<bean id="keyStoreLoader" class="org.maxkey.crypto.keystore.KeyStoreLoader">
-    	<property name="entityName" value="${config.saml.v20.idp.issuing.entity.id}" />
-		<property name="keystorePassword" value="${config.saml.v20.idp.keystore.password}" /> 
-		<property name="keystoreFile" value="${config.saml.v20.idp.keystore}"/>
-		
-	</bean>
-	
-	<bean id="spKeyStoreLoader" class="org.maxkey.crypto.keystore.KeyStoreLoader">
-    	<property name="entityName" value="${config.saml.v20.sp.issuing.entity.id}" />
-		<property name="keystorePassword" value="${config.saml.v20.sp.keystore.password}" /> 
-		<property name="keystoreFile" value="${config.saml.v20.sp.keystore}"/>
-	</bean>
-	
-	<bean id="spIssuingEntityName" class="java.lang.String" >
-		<constructor-arg value="${config.saml.v20.sp.issuing.entity.id}"/>
-	</bean>
-	
-	<bean id="maxKeyURI" class="java.lang.String" >
-		<constructor-arg value="${config.maxkey.uri}"/>
-	</bean>
-	
-	<bean id="oauth20JdbcClientDetailsService" class="org.maxkey.authz.oauth2.provider.client.JdbcClientDetailsService" >
-		<constructor-arg ref="dataSource" /> 
-		<property name="passwordEncoder" ref="passwordReciprocal"></property>
-	</bean>
-	
-	<import resource="maxkey-mgt-security.xml"/>
-	
-	<import resource="maxkey-mgt-task.xml"/>
+    <!-- Active Directory  Realm 
+    <bean id="authenticationRealm" class="org.maxkey.web.authentication.realm.activedirectory.ActiveDirectoryAuthenticationRealm">
+        <constructor-arg ref="jdbcTemplate"/>
+        <property name="activeDirectoryServers">
+            <list>
+                <bean id="activeDirectory1" class="org.maxkey.web.authentication.realm.activedirectory.ActiveDirectoryServer">
+                    <property name="activeDirectoryUtils">
+                        <bean id="ldapUtils" class="org.maxkey.ldap.ActiveDirectoryUtils">
+                            <property name="providerUrl" value="ldap://localhost:389"></property>
+                            <property name="principal" value="cn=root"></property>
+                            <property name="credentials" value="rootroot"></property>
+                            <property name="domain" value="connsec"></property>
+                        </bean>
+                    </property>
+                </bean> 
+            </list>
+        </property>
+    </bean> -->
+    
+    <!-- Default Realm-->
+    <!-- realm use jdbc -->
+    <bean id="authenticationRealm" class="org.maxkey.authn.realm.jdbc.JdbcAuthenticationRealm">
+        <constructor-arg ref="jdbcTemplate"/>
+    </bean>
+
+    <mvc:annotation-driven />
+
+    <mvc:default-servlet-handler />
 	
 </beans>

+ 21 - 1
maxkey-web-maxkey/src/main/java/org/maxkey/MaxKeyConfig.java

@@ -9,20 +9,34 @@ import org.maxkey.crypto.password.opt.algorithm.KeyUriFormat;
 import org.mybatis.spring.annotation.MapperScan;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.InitializingBean;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory;
 import org.springframework.boot.web.servlet.FilterRegistrationBean;
 import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.ComponentScan;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.ImportResource;
 import org.springframework.context.annotation.PropertySource;
 
+
+
+
 @Configuration
 @ImportResource(locations = { "classpath:spring/maxkey.xml" })
 @PropertySource("classpath:/application.properties")
 @PropertySource("classpath:/config/applicationConfig.properties")
 @MapperScan("org.maxkey.dao.persistence,")
-public class MaxKeyConfig {
+@ComponentScan(basePackages = {
+        "org.maxkey.config",
+        "org.maxkey.domain",
+        "org.maxkey.domain.apps",
+        "org.maxkey.domain.userinfo",
+        "org.maxkey.api.v1.contorller",
+        "org.maxkey.web.endpoint",
+        "org.maxkey.web.contorller"
+})
+public class MaxKeyConfig  implements InitializingBean {
     private static final  Logger _logger = LoggerFactory.getLogger(MaxKeyConfig.class);
     
     @Value("${server.port:8080}")
@@ -94,6 +108,12 @@ public class MaxKeyConfig {
         return keyUriFormat;
     }
 
+    @Override
+    public void afterPropertiesSet() throws Exception {
+        // TODO Auto-generated method stub
+        
+    }
+
 
     
 }

+ 3 - 2
maxkey-web-maxkey/src/main/resources/config/applicationConfig.properties

@@ -9,7 +9,8 @@ config.server.prefix.uri=${config.server.name}/maxkey
 #default.uri
 config.server.default.uri=${config.server.prefix.uri}/maxkey/appList
 config.server.management.uri=${config.server.name}:9521/maxkey-mgt/login
-
+#InMemory 0 , jdbc  1, Redis 2 
+config.server.persistence=0
 config.app.issuer=CN=ConSec,CN=COM,CN=SH
 ############################################################################
 #                Login configuration
@@ -28,7 +29,7 @@ config.login.wsfederation=false
 #remeberme
 config.login.remeberme=true
 #validity
-config.login.remeberme.validity=
+config.login.remeberme.validity=0
 
 #to default application web site
 config.login.default.uri=appList

+ 0 - 33
maxkey-web-maxkey/src/main/resources/spring/maxkey-protocol.xml

@@ -1,33 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" ?>
-<beans 	xmlns="http://www.springframework.org/schema/beans"
-		xmlns:context="http://www.springframework.org/schema/context"
-		xmlns:mvc="http://www.springframework.org/schema/mvc"
-		xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-		xmlns:p="http://www.springframework.org/schema/p"
-		xmlns:util="http://www.springframework.org/schema/util"
-		xsi:schemaLocation="
-	        http://www.springframework.org/schema/beans 
-			http://www.springframework.org/schema/beans/spring-beans.xsd
-			http://www.springframework.org/schema/context 
-			http://www.springframework.org/schema/context/spring-context.xsd
-	        http://www.springframework.org/schema/util     
-	        http://www.springframework.org/schema/util/spring-util.xsd
-	        http://www.springframework.org/schema/mvc 
-			http://www.springframework.org/schema/mvc/spring-mvc.xsd">
- 
-	<!-- Single Sign On for application -->
-	<context:component-scan base-package="org.maxkey.authz.endpoint" />
- 	<context:component-scan base-package="org.maxkey.authz.desktop.endpoint" />
- 	<context:component-scan base-package="org.maxkey.authz.exapi.endpoint" />
- 	<context:component-scan base-package="org.maxkey.authz.formbased.endpoint" />
- 	<context:component-scan base-package="org.maxkey.authz.ltpa.endpoint" />
- 	<context:component-scan base-package="org.maxkey.authz.token.endpoint" />
-
- 	<import resource="maxkey-protocol-cas.xml"/>
- 	
- 	<import resource="maxkey-protocol-saml.xml"/>
- 	
- 	<import resource="maxkey-protocol-oauth2.0.xml"/>
-	
-		
-</beans>

+ 0 - 149
maxkey-web-maxkey/src/main/resources/spring/maxkey-security.xml

@@ -1,149 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" ?>
-<beans 	xmlns="http://www.springframework.org/schema/beans"
-		xmlns:context="http://www.springframework.org/schema/context"
-		xmlns:mvc="http://www.springframework.org/schema/mvc"
-		xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-		xmlns:p="http://www.springframework.org/schema/p"
-		xmlns:util="http://www.springframework.org/schema/util"
-		xsi:schemaLocation="
-	        http://www.springframework.org/schema/beans 
-			http://www.springframework.org/schema/beans/spring-beans.xsd
-			http://www.springframework.org/schema/context 
-			http://www.springframework.org/schema/context/spring-context.xsd
-	        http://www.springframework.org/schema/util     
-	        http://www.springframework.org/schema/util/spring-util.xsd
-	        http://www.springframework.org/schema/mvc 
-			http://www.springframework.org/schema/mvc/spring-mvc.xsd">	
-	
-	<!-- enable autowire -->
-    <context:annotation-config />
-    
-    <!-- language select must remove -->
-	<mvc:annotation-driven />
-  
-	<!-- web Controller InterceptorAdapter  -->
-	<mvc:interceptors>
-		<!-- web Controller InterceptorAdapter for platform permission  -->
-		<mvc:interceptor>
-			<!-- for permission -->
-			<mvc:mapping path="/index*/**" />
-			<mvc:mapping path="/logs*/**" />
-			<mvc:mapping path="/userinfo*/**" />
-			<mvc:mapping path="/profile*/**" />
-			<mvc:mapping path="/safe*/**" />
-			<mvc:mapping path="/historys*/**" />
-			<mvc:mapping path="/appList*/**" />
-			<bean class="org.maxkey.web.interceptor.PermissionAdapter" />
-		</mvc:interceptor>	
-		<!-- web Controller InterceptorAdapter for platform log  -->
-		<mvc:interceptor>
-			<mvc:mapping path="/users/*" /> 
-			<mvc:mapping path="/userinfo/*" />
-			<mvc:mapping path="/authInfo/*" />
-			<mvc:mapping path="/retrievePassword/*"/>
-			<bean class="org.maxkey.web.interceptor.HistoryLogsAdapter" />
-		</mvc:interceptor>
-		<!-- web Controller sso Adapter -->
-		<mvc:interceptor>
-			<mvc:mapping path="/authz/basic/*" />
-			<mvc:mapping path="/authz/ltpa/*" />
-			<mvc:mapping path="/authz/desktop/*" />
-			<mvc:mapping path="/authz/formbased/*" />
-			<mvc:mapping path="/authz/tokenbased/*"/>
-			<mvc:mapping path="/authz/saml20/idpinit/*"/>
-			<mvc:mapping path="/authz/saml20/assertion"/>
-			<mvc:mapping path="/authz/cas/login"/>
-			<mvc:mapping path="/authz/cas/granting"/>
-			<bean class="org.maxkey.web.interceptor.PreLoginAppAdapter" />
-		</mvc:interceptor>
-		<!-- web Controller sso Adapter -->
-		<mvc:interceptor>
-			<mvc:mapping path="/authz/basic/*" />
-			<mvc:mapping path="/authz/ltpa/*" />
-			<mvc:mapping path="/authz/desktop/*" />
-			<mvc:mapping path="/authz/formbased/*" />
-			<mvc:mapping path="/authz/tokenbased/*"/>
-			<mvc:mapping path="/authz/saml20/idpinit/*"/>
-			<mvc:mapping path="/authz/saml20/assertion"/>
-			<mvc:mapping path="/authz/cas/granting"/>
-			<bean class="org.maxkey.web.interceptor.HistoryLoginAppAdapter" />
-		</mvc:interceptor>
-
-		
-		<ref bean="localeChangeInterceptor" />
-	</mvc:interceptors>
-	  
-	<bean id="remeberMeService" class="org.maxkey.authn.support.rememberme.InMemoryRemeberMeService">
-	</bean>
-	 <!--
-	<bean id="remeberMeService" class="org.maxkey.authn.support.rememberme.RedisRemeberMeService">
-	   <property name="connectionFactory" ref="redisConnectionFactory"></property>
-    </bean>
-    -->
-	<bean id="tfaOptAuthn" class="org.maxkey.crypto.password.opt.impl.TimeBasedOtpAuthn">
-	</bean>
-	<!-- 
-	<bean id="tfaOptAuthn" class="org.maxkey.crypto.password.opt.impl.sms.SmsOtpAuthnYunxin">
-	</bean>
-	-->
-	
-	<!-- for Forgot Password -->
-	<bean id="tfaMailOptAuthn" class="org.maxkey.crypto.password.opt.impl.MailOtpAuthn">
-	</bean>
-	
-	<bean id="tfaMobileOptAuthn" class="org.maxkey.crypto.password.opt.impl.sms.SmsOtpAuthnYunxin">
-	</bean>
-	 
-	<!-- Authentication Password Encoder Config -->
-	<bean id="passwordEncoder" class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder"></bean>   
-	
-	<!-- LDAP Realm 
-	<bean id="authenticationRealm" class="org.maxkey.web.authentication.realm.ldap.LdapAuthenticationRealm">
-		<constructor-arg ref="jdbcTemplate"/>
-		<property name="ldapServers">
-			<list>
-				<bean id="ldapServer1" class="org.maxkey.web.authentication.realm.ldap.LdapServer">
-					<property name="ldapUtils">
-						<bean id="ldapUtils" class="org.maxkey.ldap.LdapUtils">
-							<property name="providerUrl" value="ldap://localhost:389"></property>
-							<property name="principal" value="cn=root"></property>
-							<property name="credentials" value="rootroot"></property>
-							<property name="baseDN" value="dc=connsec,dc=com"></property>
-						</bean>
-					</property>
-					<property name="filterAttribute" value="uid"></property>
-				</bean>	
-			</list>
-		</property>
-	</bean> -->
-	
-	<!-- Active Directory  Realm 
-	<bean id="authenticationRealm" class="org.maxkey.web.authentication.realm.activedirectory.ActiveDirectoryAuthenticationRealm">
-		<constructor-arg ref="jdbcTemplate"/>
-		<property name="activeDirectoryServers">
-			<list>
-				<bean id="activeDirectory1" class="org.maxkey.web.authentication.realm.activedirectory.ActiveDirectoryServer">
-					<property name="activeDirectoryUtils">
-						<bean id="ldapUtils" class="org.maxkey.ldap.ActiveDirectoryUtils">
-							<property name="providerUrl" value="ldap://localhost:389"></property>
-							<property name="principal" value="cn=root"></property>
-							<property name="credentials" value="rootroot"></property>
-							<property name="domain" value="connsec"></property>
-						</bean>
-					</property>
-				</bean>	
-			</list>
-		</property>
-	</bean> -->
-	
-	<!-- Default Realm-->
-	<!-- realm use jdbc -->
-	<bean id="authenticationRealm" class="org.maxkey.authn.realm.jdbc.JdbcAuthenticationRealm">
-		<constructor-arg ref="jdbcTemplate"/>
-	</bean>
-   
-	<mvc:annotation-driven />
-
-	<mvc:default-servlet-handler />
-
-</beans>

+ 0 - 36
maxkey-web-maxkey/src/main/resources/spring/maxkey-support.xml

@@ -1,36 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" ?>
-<beans 	xmlns="http://www.springframework.org/schema/beans"
-		xmlns:context="http://www.springframework.org/schema/context"
-		xmlns:mvc="http://www.springframework.org/schema/mvc"
-		xmlns:sec="http://www.springframework.org/schema/security"
-		xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-		xmlns:p="http://www.springframework.org/schema/p"
-		xmlns:util="http://www.springframework.org/schema/util"
-		xsi:schemaLocation="
-	        http://www.springframework.org/schema/beans 
-			http://www.springframework.org/schema/beans/spring-beans.xsd
-			http://www.springframework.org/schema/context 
-			http://www.springframework.org/schema/context/spring-context.xsd
-	        http://www.springframework.org/schema/util     
-	        http://www.springframework.org/schema/util/spring-util.xsd
-	        http://www.springframework.org/schema/mvc 
-			http://www.springframework.org/schema/mvc/spring-mvc.xsd
-			http://www.springframework.org/schema/security 
-			http://www.springframework.org/schema/security/spring-security.xsd">
-	
-	<!-- Authentication -->
-	<import resource="maxkey-support-httpheader.xml"/>
-	
-	<import resource="maxkey-support-basic.xml"/>
-	
-	<import resource="maxkey-support-kerberos.xml"/>
-	
- 	<import resource="maxkey-support-social.xml"/>
- 	<!--  
- 	<import resource="maxkey-support-wsfederation.xml"/>
-
- 	
- 	<import resource="maxkey-support-jwt.xml"/>
- 	-->
-
-</beans>

+ 0 - 23
maxkey-web-maxkey/src/main/resources/spring/maxkey-task.xml

@@ -1,23 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" ?>
-<beans 	xmlns="http://www.springframework.org/schema/beans"
-		xmlns:context="http://www.springframework.org/schema/context"
-		xmlns:mvc="http://www.springframework.org/schema/mvc"
-		xmlns:sec="http://www.springframework.org/schema/security"
-		xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-		xmlns:p="http://www.springframework.org/schema/p"
-		xmlns:util="http://www.springframework.org/schema/util"
-		xsi:schemaLocation="
-	        http://www.springframework.org/schema/beans 
-			http://www.springframework.org/schema/beans/spring-beans.xsd
-			http://www.springframework.org/schema/context 
-			http://www.springframework.org/schema/context/spring-context.xsd
-	        http://www.springframework.org/schema/util     
-	        http://www.springframework.org/schema/util/spring-util.xsd
-	        http://www.springframework.org/schema/mvc 
-			http://www.springframework.org/schema/mvc/spring-mvc.xsd
-			http://www.springframework.org/schema/security 
-			http://www.springframework.org/schema/security/spring-security.xsd">
- 
-
-
-</beans>

+ 144 - 21
maxkey-web-maxkey/src/main/resources/spring/maxkey.xml

@@ -17,28 +17,151 @@
 	        http://www.springframework.org/schema/util/spring-util.xsd
 	        http://www.springframework.org/schema/mvc 
 	        http://www.springframework.org/schema/mvc/spring-mvc.xsd">
-	
-	<!-- Scans the classpath for annotated components that will be auto-registered as Spring beans.
- 	 @Controller and @Service. Make sure to set the correct base-package-->
- 	<context:component-scan base-package="org.maxkey.config" />
- 	<!-- domain bean  -->
- 	<context:component-scan base-package="org.maxkey.domain" />
- 	<context:component-scan base-package="org.maxkey.domain.apps" />
- 	<context:component-scan base-package="org.maxkey.domain.userinfo" />
-	<!-- REST API interface -->
-	<context:component-scan base-package="org.maxkey.api.v1.contorller" />
-	
-	<!-- Business  Contorller -->
-	<context:component-scan base-package="org.maxkey.web.endpoint" />
-	<context:component-scan base-package="org.maxkey.web.contorller" />
-	
+	        
 	<!-- authn support -->
- 	<import resource="maxkey-support.xml"/>
- 	<!-- single sign on protocol -->
- 	<import resource="maxkey-protocol.xml"/>
- 	<!-- Scheduler task  -->
- 	<import resource="maxkey-task.xml"/>
+	<!-- Authentication -->
+    <import resource="maxkey-support-httpheader.xml"/>
+    <import resource="maxkey-support-basic.xml"/>
+    <import resource="maxkey-support-kerberos.xml"/>
+    <import resource="maxkey-support-social.xml"/>
+    <!--  
+    <import resource="maxkey-support-wsfederation.xml"/>
+    <import resource="maxkey-support-jwt.xml"/>
+    -->
+    
+    <!-- single sign on protocol -->
+ 	<!-- Single Sign On for application -->
+    <context:component-scan base-package="org.maxkey.authz.endpoint" />
+    <context:component-scan base-package="org.maxkey.authz.desktop.endpoint" />
+    <context:component-scan base-package="org.maxkey.authz.exapi.endpoint" />
+    <context:component-scan base-package="org.maxkey.authz.formbased.endpoint" />
+    <context:component-scan base-package="org.maxkey.authz.ltpa.endpoint" />
+    <context:component-scan base-package="org.maxkey.authz.token.endpoint" />
+
+    <import resource="maxkey-protocol-cas.xml"/>
+    <import resource="maxkey-protocol-saml.xml"/>
+    <import resource="maxkey-protocol-oauth2.0.xml"/>
+    
 	<!-- Basic Authn  for user login -->
- 	<import resource="maxkey-security.xml"/>
+ 	<!-- enable autowire -->
+    <context:annotation-config />
+    
+    <!-- language select must remove -->
+    <mvc:annotation-driven />
+  
+    <!-- web Controller InterceptorAdapter  -->
+    <mvc:interceptors>
+        <!-- web Controller InterceptorAdapter for platform permission  -->
+        <mvc:interceptor>
+            <!-- for permission -->
+            <mvc:mapping path="/index*/**" />
+            <mvc:mapping path="/logs*/**" />
+            <mvc:mapping path="/userinfo*/**" />
+            <mvc:mapping path="/profile*/**" />
+            <mvc:mapping path="/safe*/**" />
+            <mvc:mapping path="/historys*/**" />
+            <mvc:mapping path="/appList*/**" />
+            <bean class="org.maxkey.web.interceptor.PermissionAdapter" />
+        </mvc:interceptor>  
+        <!-- web Controller InterceptorAdapter for platform log  -->
+        <mvc:interceptor>
+            <mvc:mapping path="/users/*" /> 
+            <mvc:mapping path="/userinfo/*" />
+            <mvc:mapping path="/authInfo/*" />
+            <mvc:mapping path="/retrievePassword/*"/>
+            <bean class="org.maxkey.web.interceptor.HistoryLogsAdapter" />
+        </mvc:interceptor>
+        <!-- web Controller sso Adapter -->
+        <mvc:interceptor>
+            <mvc:mapping path="/authz/basic/*" />
+            <mvc:mapping path="/authz/ltpa/*" />
+            <mvc:mapping path="/authz/desktop/*" />
+            <mvc:mapping path="/authz/formbased/*" />
+            <mvc:mapping path="/authz/tokenbased/*"/>
+            <mvc:mapping path="/authz/saml20/idpinit/*"/>
+            <mvc:mapping path="/authz/saml20/assertion"/>
+            <mvc:mapping path="/authz/cas/login"/>
+            <mvc:mapping path="/authz/cas/granting"/>
+            <bean class="org.maxkey.web.interceptor.PreLoginAppAdapter" />
+        </mvc:interceptor>
+        <!-- web Controller sso Adapter -->
+        <mvc:interceptor>
+            <mvc:mapping path="/authz/basic/*" />
+            <mvc:mapping path="/authz/ltpa/*" />
+            <mvc:mapping path="/authz/desktop/*" />
+            <mvc:mapping path="/authz/formbased/*" />
+            <mvc:mapping path="/authz/tokenbased/*"/>
+            <mvc:mapping path="/authz/saml20/idpinit/*"/>
+            <mvc:mapping path="/authz/saml20/assertion"/>
+            <mvc:mapping path="/authz/cas/granting"/>
+            <bean class="org.maxkey.web.interceptor.HistoryLoginAppAdapter" />
+        </mvc:interceptor>
+
+        
+        <ref bean="localeChangeInterceptor" />
+    </mvc:interceptors>
+
+    <bean id="tfaOptAuthn" class="org.maxkey.crypto.password.opt.impl.TimeBasedOtpAuthn">
+    </bean>
+    <!-- 
+    <bean id="tfaOptAuthn" class="org.maxkey.crypto.password.opt.impl.sms.SmsOtpAuthnYunxin">
+    </bean>
+    -->
+    
+    <!-- for Forgot Password -->
+    <bean id="tfaMailOptAuthn" class="org.maxkey.crypto.password.opt.impl.MailOtpAuthn">
+    </bean>
+    
+    <bean id="tfaMobileOptAuthn" class="org.maxkey.crypto.password.opt.impl.sms.SmsOtpAuthnYunxin">
+    </bean>
+
+    <!-- LDAP Realm 
+    <bean id="authenticationRealm" class="org.maxkey.web.authentication.realm.ldap.LdapAuthenticationRealm">
+        <constructor-arg ref="jdbcTemplate"/>
+        <property name="ldapServers">
+            <list>
+                <bean id="ldapServer1" class="org.maxkey.web.authentication.realm.ldap.LdapServer">
+                    <property name="ldapUtils">
+                        <bean id="ldapUtils" class="org.maxkey.ldap.LdapUtils">
+                            <property name="providerUrl" value="ldap://localhost:389"></property>
+                            <property name="principal" value="cn=root"></property>
+                            <property name="credentials" value="rootroot"></property>
+                            <property name="baseDN" value="dc=connsec,dc=com"></property>
+                        </bean>
+                    </property>
+                    <property name="filterAttribute" value="uid"></property>
+                </bean> 
+            </list>
+        </property>
+    </bean> -->
+    
+    <!-- Active Directory  Realm 
+    <bean id="authenticationRealm" class="org.maxkey.web.authentication.realm.activedirectory.ActiveDirectoryAuthenticationRealm">
+        <constructor-arg ref="jdbcTemplate"/>
+        <property name="activeDirectoryServers">
+            <list>
+                <bean id="activeDirectory1" class="org.maxkey.web.authentication.realm.activedirectory.ActiveDirectoryServer">
+                    <property name="activeDirectoryUtils">
+                        <bean id="ldapUtils" class="org.maxkey.ldap.ActiveDirectoryUtils">
+                            <property name="providerUrl" value="ldap://localhost:389"></property>
+                            <property name="principal" value="cn=root"></property>
+                            <property name="credentials" value="rootroot"></property>
+                            <property name="domain" value="connsec"></property>
+                        </bean>
+                    </property>
+                </bean> 
+            </list>
+        </property>
+    </bean> -->
+    
+    <!-- Default Realm-->
+    <!-- realm use jdbc -->
+    <bean id="authenticationRealm" class="org.maxkey.authn.realm.jdbc.JdbcAuthenticationRealm">
+        <constructor-arg ref="jdbcTemplate"/>
+    </bean>
+   
+    <mvc:annotation-driven />
+
+    <mvc:default-servlet-handler />
  	
 </beans>