Java Code Examples for org.apache.shiro.web.util.WebUtils#getCleanParam()
The following examples show how to use
org.apache.shiro.web.util.WebUtils#getCleanParam() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: CentralAuthenticatorEndpoint.java From super-cloudops with Apache License 2.0 | 6 votes |
|
/**
* Secondary certification validation
*
* @param request
* @return
*/
@PostMapping(URI_S_SECOND_VALIDATE)
@ResponseBody
public RespBase<SecondAuthcAssertModel> secondaryValidate(HttpServletRequest request) {
log.info("Secondary validating, sessionId: {} <= {}", getSessionId(), getFullRequestURL(request));
RespBase<SecondAuthcAssertModel> resp = new RespBase<>();
// Requires parameters
String secondAuthCode = WebUtils.getCleanParam(request, config.getParam().getSecondaryAuthCode());
String fromAppName = WebUtils.getCleanParam(request, config.getParam().getApplication());
// Secondary authentication assertion.
resp.setData(authHandler.secondaryValidate(secondAuthCode, fromAppName));
log.info("Secondary validated. => {}", resp);
return resp;
}
Example 2
| Source File: JsetsFormAuthenticationFilter.java From jsets-shiro-spring-boot-starter with Apache License 2.0 | 6 votes |
|
protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {
if (isLoginRequest(request, response)) {
if (isLoginSubmission(request, response)) {//是否登陆请求
// 是否启用验证码
if(this.properties.isJcaptchaEnable()){
String jcaptcha = WebUtils.getCleanParam(request, ShiroProperties.PARAM_JCAPTCHA);
if(Strings.isNullOrEmpty(jcaptcha)){
return onJcaptchaFailure(request, response,this.properties.getMsgCaptchaEmpty());
}
if(!this.captchaProvider.validateCaptcha(WebUtils.toHttp(request), jcaptcha)){
return onJcaptchaFailure(request, response,this.properties.getMsgCaptchaError());
}
}
return executeLogin(request, response);
} else {
//allow them to see the login page ;)
return true;
}
} else {
saveRequestAndRedirectToLogin(request, response);
return false;
}
}
Example 3
| Source File: FormAuthenticationFilter.java From frpMgr with MIT License | 5 votes |
|
/**
* 获取登录验证码
*/
protected String getCaptcha(ServletRequest request) {
String captcha = WebUtils.getCleanParam(request, DEFAULT_CAPTCHA_PARAM);
if (StringUtils.isBlank(captcha)){
captcha = ObjectUtils.toString(request.getAttribute(DEFAULT_CAPTCHA_PARAM), StringUtils.EMPTY);
}
// 登录用户名解密(解决登录用户名明文传输安全问题)
String secretKey = Global.getProperty("shiro.loginSubmit.secretKey");
if (StringUtils.isNotBlank(secretKey)){
captcha = DesUtils.decode(captcha, secretKey);
}
return captcha;
}
Example 4
| Source File: SessionAuthenticationFilter.java From nexus-public with Eclipse Public License 1.0 | 5 votes |
|
private String decodeBase64Param(final ServletRequest request, final String name) {
String encoded = WebUtils.getCleanParam(request, name);
if (encoded != null) {
return Strings2.decodeBase64(encoded);
}
return null;
}
Example 5
| Source File: AppUserController.java From Shop-for-JavaWeb with MIT License | 5 votes |
|
/**
* 注册 - 提交手机号码、密码
*/
@RequestMapping(value = "/register-step2-post")
public String registerStep2(HttpServletRequest request, HttpServletResponse response) {
if (!isValidApp(request)) {
return renderInvalidApp(response);
}
boolean result;
String message;
Map<String, Object> data = Maps.newHashMap();
String username = WebUtils.getCleanParam(request, FormAuthenticationFilter.DEFAULT_USERNAME_PARAM);
String password = WebUtils.getCleanParam(request, FormAuthenticationFilter.DEFAULT_PASSWORD_PARAM);
data.put("userLoginName", username);
data.put("userPassword", password);
if (ValidateUtils.isMobile(username) && ValidateUtils.isPassword(password)) {
result = true;
message = "";
} else {
result = false;
message = ValidateUtils.getErrMsg();
}
User user = userService.getByLoginName2(username);
if (user != null && StringUtils.isNotBlank(user.getId())) {
result = false;
message = "电话号码已存在";
}
return renderString(response, result, message, data);
}
Example 6
| Source File: AppUserController.java From Shop-for-JavaWeb with MIT License | 5 votes |
|
/**
* 注册 - 提交手机号码
*/
@RequestMapping(value = "/register-step1-post")
public String registerStep1(HttpServletRequest request, HttpServletResponse response) {
if (!isValidApp(request)) {
return renderInvalidApp(response);
}
boolean result;
String message;
Map<String, Object> data = Maps.newHashMap();
String username = WebUtils.getCleanParam(request, FormAuthenticationFilter.DEFAULT_USERNAME_PARAM);
data.put("userLoginName", username);
if (ValidateUtils.isMobile(username)) {
result = true;
message = "";
} else {
result = false;
message = ValidateUtils.getErrMsg();
}
User user = userService.getByLoginName2(username);
if (user != null && StringUtils.isNotBlank(user.getId())) {
result = false;
message = "电话号码已存在";
} else {
//发送手机验证码
SmsUtils.sendRegisterCode(username);
}
return renderString(response, result, message, data);
}
Example 7
| Source File: FormAuthenticationCaptchaFilter.java From cms with Apache License 2.0 | 5 votes |
|
/**
* 获得用户类型
*
* @param request
* @return
*/
protected String getStype(ServletRequest request) {
String stype = WebUtils.getCleanParam(request, getStypeParam());
if (StringUtils.isBlank(stype)) {
stype = getStype();
}
return stype;
}
Example 8
| Source File: FormAuthenticationFilter.java From easyweb with Apache License 2.0 | 4 votes |
|
protected String getCaptcha(ServletRequest request) {
return WebUtils.getCleanParam(request, getCaptchaParam());
}
Example 9
| Source File: AppUserController.java From Shop-for-JavaWeb with MIT License | 4 votes |
|
/**
* 自建会话系统给app用
* 判断用户是否登录的条件:user.id + user.app_login_token
* 如果用户登录则重新生成app_login_token,实现单点登录,手机掉了只要再次登录,掉了的手机就不能登录了
*/
@RequestMapping(value = "/login-post", method = RequestMethod.POST)
public String loginPost(HttpServletRequest request, HttpServletResponse response) {
if (!isValidApp(request)) {
return renderInvalidApp(response);
}
boolean result;
String message;
Map<String, Object> data = Maps.newHashMap();
String username = WebUtils.getCleanParam(request, FormAuthenticationFilter.DEFAULT_USERNAME_PARAM);
String password = WebUtils.getCleanParam(request, FormAuthenticationFilter.DEFAULT_PASSWORD_PARAM);
//不能为空
if (StringUtils.isBlank(username) || StringUtils.isBlank(password)) {
result = false;
message = "手机号和密码不能为空";
return renderString(response, result, message, data);
}
//登录
// UsernamePasswordToken token = new UsernamePasswordToken();
// token.setUsername(username);
// token.setPassword(password.toCharArray());
// token.setRememberMe(true);
// try {
// SecurityUtils.getSubject().login(token);
// }
// catch (AuthenticationException e) {
// logger.debug("/app/user/login-post throw AuthenticationException: {}", e.getMessage());
// result = false;
// message = "用户名或密码错误";
// return renderString(response, result, message, data);
// }
// catch (Exception e) {
// logger.debug("/app/user/login-post throw Exception: {}", e.getMessage());
// result = false;
// message = e.getMessage();
// return renderString(response, result, message, data);
// }
User user = _login(username, password);
if (user == null) {
result = false;
message = "用户名或密码错误";
return renderString(response, result, message, data);
}
//转移购物车项给用户
String userId = user.getId();
String appCartCookieId = getAppCartCookieId(request);
if (StringUtils.isNotBlank(appCartCookieId)) {
List<CartItem> cartItemList = cartItemService.findByAppCartCookieId(appCartCookieId, null);
if (cartItemList != null && !cartItemList.isEmpty()) {
Cart cart = cartService.getByUserId(userId);
if (cart != null) { //清空用户的购物车项
cartItemService.clearByUserId(userId);
} else { //创建用户购物车
cart = new Cart();
cart.setUser(user);
cartService.save(cart);
}
//把产品转给该用户
for (CartItem cartItem : cartItemList) {
cartItem.setUserId(userId);
cartItemService.save(cartItem);
}
}
}
//重新为客户端生成appCartCookieId
String oAppCartCookieId = IdGen.uuid();
//为了app能获得更好的体验,为app的购物车页面准备数据,app从购物车页面跳转到登录页时用
//代码来自AppCartController.index
int oCountUsefulCoupon = couponUserService.countUsefulCoupon(userId);
data = cartItemService.findByUserIdWithCount4Json(userId, null);
data.put("isLoggedIn", true);
data.put("countUsefulCoupon", oCountUsefulCoupon);
Map<String, Object> oUser = user.toSimpleObj();
result = true;
message = "成功登录";
data.put("user", oUser);
data.put("appCartCookieId", oAppCartCookieId);
return renderString(response, result, message, data);
}
Example 10
| Source File: KaptchaFilter.java From SpringBootBucket with MIT License | 4 votes |
|
protected String getCaptcha(ServletRequest request) {
return WebUtils.getCleanParam(request, getCaptchaParam());
}
Example 11
| Source File: LoginController.java From Shop-for-JavaWeb with MIT License | 4 votes |
|
/**
* 登录失败,真正登录的POST请求由Filter完成
*/
@RequestMapping(value = "${adminPath}/login", method = RequestMethod.POST)
public String loginFail(HttpServletRequest request, HttpServletResponse response, Model model) {
String from = request.getParameter("from");
SystemAuthorizingRealm.Principal principal = UserUtils.getPrincipal();
// 如果已经登录,则跳转到管理首页
if(principal != null){
if (from != null && from.equals("app"))
return "redirect:/app/user.html";
else
return "redirect:" + adminPath;
}
String username = WebUtils.getCleanParam(request, FormAuthenticationFilter.DEFAULT_USERNAME_PARAM);
boolean rememberMe = WebUtils.isTrue(request, FormAuthenticationFilter.DEFAULT_REMEMBER_ME_PARAM);
boolean mobile = WebUtils.isTrue(request, FormAuthenticationFilter.DEFAULT_MOBILE_PARAM);
String exception = (String)request.getAttribute(FormAuthenticationFilter.DEFAULT_ERROR_KEY_ATTRIBUTE_NAME);
String message = (String)request.getAttribute(FormAuthenticationFilter.DEFAULT_MESSAGE_PARAM);
if (StringUtils.isBlank(message) || StringUtils.equals(message, "null")){
message = "用户或密码错误, 请重试.";
}
model.addAttribute(FormAuthenticationFilter.DEFAULT_USERNAME_PARAM, username);
model.addAttribute(FormAuthenticationFilter.DEFAULT_REMEMBER_ME_PARAM, rememberMe);
model.addAttribute(FormAuthenticationFilter.DEFAULT_MOBILE_PARAM, mobile);
model.addAttribute(FormAuthenticationFilter.DEFAULT_ERROR_KEY_ATTRIBUTE_NAME, exception);
model.addAttribute(FormAuthenticationFilter.DEFAULT_MESSAGE_PARAM, message);
if (logger.isDebugEnabled()){
logger.debug("login fail, active session size: {}, message: {}, exception: {}",
sessionDAO.getActiveSessions(false).size(), message, exception);
}
// 非授权异常,登录失败,验证码加1。
if (!UnauthorizedException.class.getName().equals(exception)){
model.addAttribute("isValidateCodeLogin", isValidateCodeLogin(username, true, false));
}
// 验证失败清空验证码
request.getSession().setAttribute(ValidateCodeServlet.VALIDATE_CODE, IdGen.uuid());
// 如果是手机登录,则返回JSON字符串
if (mobile){
return renderString(response, model);
}
if (from != null && from.equals("app"))
return "modules/app/user/login";
else
return "modules/sys/sysLogin";
}
Example 12
| Source File: FormAuthenticationFilter.java From Shop-for-JavaWeb with MIT License | 4 votes |
|
protected String getCaptcha(ServletRequest request) {
return WebUtils.getCleanParam(request, getCaptchaParam());
}
Example 13
| Source File: GreenStepBaseFormAuthenticationFilter.java From bamboobsc with Apache License 2.0 | 4 votes |
|
protected String getCaptcha(ServletRequest request) {
return WebUtils.getCleanParam(request, this.getCaptchaParam());
}
Example 14
| Source File: GreenStepMobileFormAuthenticationFilter.java From bamboobsc with Apache License 2.0 | 4 votes |
|
protected String getCaptcha(ServletRequest request) {
return WebUtils.getCleanParam(request, this.getCaptchaParam());
}
Example 15
| Source File: CaptchaFormAuthenticationFilter.java From dubai with MIT License | 4 votes |
|
protected String getCaptcha(ServletRequest request) {
return WebUtils.getCleanParam(request, getCaptchaParam());
}
Example 16
| Source File: LoginController.java From frpMgr with MIT License | 4 votes |
|
/**
* 登录失败,真正登录的POST请求由Filter完成
*/
@RequestMapping(value = "login", method = RequestMethod.POST)
public String loginFailure(HttpServletRequest request, HttpServletResponse response, Model model) {
LoginInfo loginInfo = UserUtils.getLoginInfo();
// 如果已经登录,则跳转到管理首页
if(loginInfo != null){
String queryString = request.getQueryString();
queryString = queryString == null ? "" : "?" + queryString;
String indexUrl = adminPath + "/index" + queryString;
if (ServletUtils.isAjaxRequest(request)){
try {
request.getRequestDispatcher(indexUrl).forward(request, response); // AJAX不支持Redirect改用Forward
} catch (Exception ex) {
logger.error(ex.getMessage(), ex);
}
return null;
}
return REDIRECT + indexUrl;
}
String username = WebUtils.getCleanParam(request, FormAuthenticationFilter.DEFAULT_USERNAME_PARAM);
boolean rememberMe = WebUtils.isTrue(request, FormAuthenticationFilter.DEFAULT_REMEMBER_ME_PARAM);
boolean rememberUserCode = WebUtils.isTrue(request, FormAuthenticationFilter.DEFAULT_REMEMBER_USERCODE_PARAM);
String params = WebUtils.getCleanParam(request, FormAuthenticationFilter.DEFAULT_PARAMS_PARAM);
String exception = (String)request.getAttribute(FormAuthenticationFilter.DEFAULT_ERROR_KEY_ATTRIBUTE_NAME);
String message = (String)request.getAttribute(FormAuthenticationFilter.DEFAULT_MESSAGE_PARAM);
model.addAttribute(FormAuthenticationFilter.DEFAULT_USERNAME_PARAM, username);
model.addAttribute(FormAuthenticationFilter.DEFAULT_REMEMBER_ME_PARAM, rememberMe);
model.addAttribute(FormAuthenticationFilter.DEFAULT_REMEMBER_USERCODE_PARAM, rememberUserCode);
model.addAttribute(FormAuthenticationFilter.DEFAULT_PARAMS_PARAM, params);
Map<String, Object> paramMap = ServletUtils.getExtParams(request);
for (Entry<String, Object> entry : paramMap.entrySet()){
model.addAttribute(FormAuthenticationFilter.DEFAULT_PARAM_PREFIX_PARAM + entry.getKey(), entry.getValue());
}
model.addAttribute(FormAuthenticationFilter.DEFAULT_ERROR_KEY_ATTRIBUTE_NAME, exception);
// 如果登录设置了语言,则切换语言
if (paramMap.get("lang") != null){
Global.setLang((String)paramMap.get("lang"), request, response);
}
model.addAttribute(FormAuthenticationFilter.DEFAULT_MESSAGE_PARAM, text(message));
// 非授权异常,登录失败,验证码加1。
if (!UnauthorizedException.class.getName().equals(exception)){
model.addAttribute("isValidCodeLogin", BaseAuthorizingRealm.isValidCodeLogin(username, (String)paramMap.get("deviceType"), "failed"));
}
//获取当前会话对象
Session session = UserUtils.getSession();
model.addAttribute("sessionid", (String)session.getId());
// 登录操作如果是Ajax操作,直接返回登录信息字符串。
if (ServletUtils.isAjaxRequest(request)){
model.addAttribute("result", Global.FALSE);
return ServletUtils.renderObject(response, model);
}
// 返回指定用户类型的登录页视图
String userType = (String)paramMap.get("userType");
if (StringUtils.isNotBlank(userType)){
String view = UserUtils.getUserTypeValue(userType, "loginView");
if(StringUtils.isNotBlank(view)){
return view;
}
}
return "modules/sys/sysLogin";
}
Example 17
| Source File: FormAuthenticationFilter.java From tapestry-security with Apache License 2.0 | 4 votes |
|
protected String getUsername(ServletRequest request) {
return WebUtils.getCleanParam(request, getUsernameParam());
}
Example 18
| Source File: CaptchaAuthenticationFilter.java From base-framework with Apache License 2.0 | 2 votes |
|
/**
* 获取用户输入的验证码
*
* @param request ServletRequest
*
* @return String
*/
public String getCaptcha(ServletRequest request) {
return WebUtils.getCleanParam(request, getCaptchaParam());
}
Example 19
| Source File: CaptchaFormAuthenticationFilter.java From MultimediaDesktop with Apache License 2.0 | 2 votes |
|
protected String getCaptcha(ServletRequest request) {
return WebUtils.getCleanParam(request, KAPTCHA_REQUEST_KEY);
}
Example 20
| Source File: FormAuthenticationCaptchaFilter.java From cms with Apache License 2.0 | votes |
|
/**
* 获得验证码
*
* @param request
* @return
*/
protected String getCaptcha(ServletRequest request) {
return WebUtils.getCleanParam(request, getCaptchaParam());
}
