系统安全性优化,登陆Token写Cookie时进行MD5加密,同时Cookie启用HttpOnly;
This commit is contained in:
parent
3569b1422c
commit
badcf6e3cb
|
@ -1101,7 +1101,7 @@ Tips: 历史版本(V1.3.x)目前已经Release至稳定版本, 进入维护阶段
|
|||
- 24、Log地址格式兼容,支持非"/"结尾路径配置;
|
||||
- 25、底层系统日志级别规范调整,清理遗留代码;
|
||||
- 26、建表SQL优化,支持同步创建制定编码的库和表;
|
||||
- 27、系统安全性优化,登陆Token写Cookie时进行MD5加密;
|
||||
- 27、系统安全性优化,登陆Token写Cookie时进行MD5加密,同时Cookie启用HttpOnly;
|
||||
|
||||
|
||||
### TODO LIST
|
||||
|
|
|
@ -18,6 +18,7 @@ import java.math.BigInteger;
|
|||
*/
|
||||
public class PermissionInterceptor extends HandlerInterceptorAdapter {
|
||||
|
||||
|
||||
public static final String LOGIN_IDENTITY_KEY = "XXL_JOB_LOGIN_IDENTITY";
|
||||
public static final String LOGIN_IDENTITY_TOKEN;
|
||||
static {
|
||||
|
@ -31,6 +32,8 @@ public class PermissionInterceptor extends HandlerInterceptorAdapter {
|
|||
LOGIN_IDENTITY_TOKEN = tokenTmp;
|
||||
}
|
||||
|
||||
|
||||
|
||||
public static boolean login(HttpServletResponse response, String username, String password, boolean ifRemember){
|
||||
|
||||
// login token
|
||||
|
@ -56,6 +59,8 @@ public class PermissionInterceptor extends HandlerInterceptorAdapter {
|
|||
return true;
|
||||
}
|
||||
|
||||
|
||||
|
||||
@Override
|
||||
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
|
||||
|
||||
|
|
|
@ -6,9 +6,11 @@ import javax.servlet.http.HttpServletResponse;
|
|||
|
||||
/**
|
||||
* Cookie.Util
|
||||
*
|
||||
* @author xuxueli 2015-12-12 18:01:06
|
||||
*/
|
||||
public class CookieUtil {
|
||||
|
||||
// 默认缓存时间,单位/秒, 2H
|
||||
private static final int COOKIE_MAX_AGE = 60 * 60 * 2;
|
||||
// 保存路径,根路径
|
||||
|
@ -16,43 +18,39 @@ public class CookieUtil {
|
|||
|
||||
/**
|
||||
* 保存
|
||||
*
|
||||
* @param response
|
||||
* @param key
|
||||
* @param value
|
||||
* @param ifRemember
|
||||
*/
|
||||
public static void set(HttpServletResponse response, String key, String value, boolean ifRemember) {
|
||||
|
||||
int age = COOKIE_MAX_AGE;
|
||||
if (ifRemember) {
|
||||
age = COOKIE_MAX_AGE;
|
||||
} else {
|
||||
age = -1;
|
||||
}
|
||||
|
||||
Cookie cookie = new Cookie(key, value);
|
||||
cookie.setMaxAge(age); // Cookie过期时间,单位/秒
|
||||
cookie.setPath(COOKIE_PATH); // Cookie适用的路径
|
||||
response.addCookie(cookie);
|
||||
int age = ifRemember?COOKIE_MAX_AGE:-1;
|
||||
set(response, key, value, null, COOKIE_PATH, age, true);
|
||||
}
|
||||
|
||||
/**
|
||||
* 保存
|
||||
*
|
||||
* @param response
|
||||
* @param key
|
||||
* @param value
|
||||
* @param maxAge
|
||||
*/
|
||||
private static void set(HttpServletResponse response,
|
||||
String key, String value, int maxAge, String path) {
|
||||
private static void set(HttpServletResponse response, String key, String value, String domain, String path, int maxAge, boolean isHttpOnly) {
|
||||
Cookie cookie = new Cookie(key, value);
|
||||
cookie.setMaxAge(maxAge); // Cookie过期时间,单位/秒
|
||||
cookie.setPath(path); // Cookie适用的路径
|
||||
if (domain != null) {
|
||||
cookie.setDomain(domain);
|
||||
}
|
||||
cookie.setPath(path);
|
||||
cookie.setMaxAge(maxAge);
|
||||
cookie.setHttpOnly(isHttpOnly);
|
||||
response.addCookie(cookie);
|
||||
}
|
||||
|
||||
/**
|
||||
* 查询value
|
||||
*
|
||||
* @param request
|
||||
* @param key
|
||||
* @return
|
||||
|
@ -67,6 +65,7 @@ public class CookieUtil {
|
|||
|
||||
/**
|
||||
* 查询Cookie
|
||||
*
|
||||
* @param request
|
||||
* @param key
|
||||
*/
|
||||
|
@ -84,6 +83,7 @@ public class CookieUtil {
|
|||
|
||||
/**
|
||||
* 删除Cookie
|
||||
*
|
||||
* @param request
|
||||
* @param response
|
||||
* @param key
|
||||
|
@ -91,7 +91,7 @@ public class CookieUtil {
|
|||
public static void remove(HttpServletRequest request, HttpServletResponse response, String key) {
|
||||
Cookie cookie = get(request, key);
|
||||
if (cookie != null) {
|
||||
set(response, key, "", 0, COOKIE_PATH);
|
||||
set(response, key, "", null, COOKIE_PATH, 0, true);
|
||||
}
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue