mirror of
https://github.com/ctripcorp/zeus.git
synced 2024-09-22 00:26:05 +08:00
integrate sso and authorization part
This commit is contained in:
parent
95626bf0bd
commit
d1076a3db6
10
pom.xml
10
pom.xml
|
@ -111,16 +111,6 @@
|
||||||
<version>${spring.version}</version>
|
<version>${spring.version}</version>
|
||||||
<scope>test</scope>
|
<scope>test</scope>
|
||||||
</dependency>
|
</dependency>
|
||||||
<dependency>
|
|
||||||
<groupId>org.springframework.security</groupId>
|
|
||||||
<artifactId>spring-security-web</artifactId>
|
|
||||||
<version>4.0.0.RELEASE</version>
|
|
||||||
</dependency>
|
|
||||||
<dependency>
|
|
||||||
<groupId>org.springframework.security</groupId>
|
|
||||||
<artifactId>spring-security-config</artifactId>
|
|
||||||
<version>4.0.0.RELEASE</version>
|
|
||||||
</dependency>
|
|
||||||
|
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>junit</groupId>
|
<groupId>junit</groupId>
|
||||||
|
|
30
src/main/java/com/ctrip/zeus/auth/Authorize.java
Normal file
30
src/main/java/com/ctrip/zeus/auth/Authorize.java
Normal file
|
@ -0,0 +1,30 @@
|
||||||
|
package com.ctrip.zeus.auth;
|
||||||
|
|
||||||
|
import com.ctrip.zeus.auth.impl.UriResGroupProvider;
|
||||||
|
|
||||||
|
import java.lang.annotation.*;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* User: mag
|
||||||
|
* Date: 4/22/2015
|
||||||
|
* Time: 2:36 PM
|
||||||
|
*/
|
||||||
|
@Inherited
|
||||||
|
@Target({ElementType.TYPE, ElementType.METHOD})
|
||||||
|
@Retention(RetentionPolicy.RUNTIME)
|
||||||
|
@Documented
|
||||||
|
public @interface Authorize {
|
||||||
|
String name();
|
||||||
|
Class<? extends ResourceGroupProvider> groupProvider() default UriResGroupProvider.class;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* indicate the resource group is in which part of the uri.
|
||||||
|
* for example, when uri is: /api/app/get/app1 and the group hint is set to 3,
|
||||||
|
* then the resource group will be "app1". By default the value is 0, which means
|
||||||
|
* the group will be parsed from the path annotation from the Resource api,
|
||||||
|
* for example, if the Path is set to "/get/{appName}", then the {appName} part in
|
||||||
|
* the uri will be used as resource group. When it is set to -1, it means no group.
|
||||||
|
* @return
|
||||||
|
*/
|
||||||
|
int uriGroupHint() default 0;
|
||||||
|
}
|
20
src/main/java/com/ctrip/zeus/auth/Authorizer.java
Normal file
20
src/main/java/com/ctrip/zeus/auth/Authorizer.java
Normal file
|
@ -0,0 +1,20 @@
|
||||||
|
package com.ctrip.zeus.auth;
|
||||||
|
|
||||||
|
import com.ctrip.zeus.auth.impl.AuthorizeException;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* User: mag
|
||||||
|
* Date: 4/22/2015
|
||||||
|
* Time: 1:41 PM
|
||||||
|
*/
|
||||||
|
public interface Authorizer {
|
||||||
|
/**
|
||||||
|
* Check whether the user has the authorization to access the resource
|
||||||
|
* in the specified group or not. If not throw
|
||||||
|
* @param userName
|
||||||
|
* @param resourceName
|
||||||
|
* @param resGroup
|
||||||
|
* @throws com.ctrip.zeus.auth.impl.AuthorizeException
|
||||||
|
*/
|
||||||
|
void authorize(String userName, String resourceName, String resGroup) throws AuthorizeException;
|
||||||
|
}
|
18
src/main/java/com/ctrip/zeus/auth/ResourceGroupProvider.java
Normal file
18
src/main/java/com/ctrip/zeus/auth/ResourceGroupProvider.java
Normal file
|
@ -0,0 +1,18 @@
|
||||||
|
package com.ctrip.zeus.auth;
|
||||||
|
import javax.servlet.http.HttpServletRequest;
|
||||||
|
import java.lang.reflect.Method;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* User: mag
|
||||||
|
* Date: 4/22/2015
|
||||||
|
* Time: 2:47 PM
|
||||||
|
*/
|
||||||
|
public interface ResourceGroupProvider {
|
||||||
|
/**
|
||||||
|
* Provide the resource group name what the request belongs to.
|
||||||
|
* @param
|
||||||
|
* @param request
|
||||||
|
* @return
|
||||||
|
*/
|
||||||
|
String provideResourceGroup(Method method,HttpServletRequest request);
|
||||||
|
}
|
|
@ -0,0 +1,27 @@
|
||||||
|
package com.ctrip.zeus.auth.impl;
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* User: mag
|
||||||
|
* Date: 4/22/2015
|
||||||
|
* Time: 1:43 PM
|
||||||
|
*/
|
||||||
|
public class AuthorizeException extends Exception{
|
||||||
|
public AuthorizeException(){
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
public AuthorizeException(String message){
|
||||||
|
super(message);
|
||||||
|
}
|
||||||
|
|
||||||
|
public AuthorizeException(String message, Throwable t){
|
||||||
|
super(message, t);
|
||||||
|
}
|
||||||
|
|
||||||
|
public AuthorizeException(Throwable t){
|
||||||
|
super(t);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
}
|
|
@ -0,0 +1,95 @@
|
||||||
|
package com.ctrip.zeus.auth.impl;
|
||||||
|
|
||||||
|
import com.ctrip.zeus.auth.Authorizer;
|
||||||
|
import com.ctrip.zeus.dal.core.*;
|
||||||
|
import org.springframework.stereotype.Component;
|
||||||
|
import org.unidal.dal.jdbc.DalException;
|
||||||
|
|
||||||
|
import javax.annotation.Resource;
|
||||||
|
import java.util.ArrayList;
|
||||||
|
import java.util.List;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* User: mag
|
||||||
|
* Date: 4/22/2015
|
||||||
|
* Time: 1:44 PM
|
||||||
|
*/
|
||||||
|
@Component("authorizer")
|
||||||
|
public class DefaultAuthorizer implements Authorizer {
|
||||||
|
private static final String SUPER_ADMIN = "SuperAdmin";
|
||||||
|
private static final String SLB_USER = "SlbUser";
|
||||||
|
|
||||||
|
@Resource
|
||||||
|
private AuthUserRoleDao userRoleDao;
|
||||||
|
|
||||||
|
@Resource
|
||||||
|
private AuthResourceRoleDao resRoleDao;
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void authorize(String userName, String resourceName, String resGroup) throws AuthorizeException {
|
||||||
|
try {
|
||||||
|
//TODO add some cache
|
||||||
|
List<AuthUserRoleDo> userRoles = getUserRoles(userName);
|
||||||
|
List<AuthResourceRoleDo> resRoles = resRoleDao.findByResourceName(resourceName,AuthResourceRoleEntity.READSET_FULL);
|
||||||
|
|
||||||
|
//Super Admin has all authorities.
|
||||||
|
//If resource role is not config, any role can access it.
|
||||||
|
if (isSuperAdmin(userRoles) || resRoles.isEmpty()){
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
List<AuthUserRoleDo> rolesInCommon = findCommonRoles(userRoles, resRoles);
|
||||||
|
// if resource group is empty and there is some common roles, then check success.
|
||||||
|
if ((resGroup == null || resGroup.isEmpty()) && rolesInCommon.size() > 0){
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
for (AuthUserRoleDo userRoleDo : rolesInCommon) {
|
||||||
|
if (groupMatch(userRoleDo.getGroup(), resGroup)){
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
} catch (Exception e) {
|
||||||
|
throw new AuthorizeException(e);
|
||||||
|
}
|
||||||
|
throw new AuthorizeException("The user:" + userName + " is not authorized.");
|
||||||
|
}
|
||||||
|
|
||||||
|
private boolean groupMatch(String userGroup, String resGroup) {
|
||||||
|
return resGroup.matches(userGroup);
|
||||||
|
}
|
||||||
|
|
||||||
|
private List<AuthUserRoleDo> getUserRoles(String userName) throws DalException {
|
||||||
|
List<AuthUserRoleDo> result = userRoleDao.findByUserName(userName, AuthUserRoleEntity.READSET_FULL);
|
||||||
|
if (result == null){
|
||||||
|
result = new ArrayList<>();
|
||||||
|
}
|
||||||
|
// add slb user role
|
||||||
|
result.add(new AuthUserRoleDo().setUserName(userName)
|
||||||
|
.setRoleName(SLB_USER)
|
||||||
|
.setGroup(".*"));
|
||||||
|
return result;
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
private boolean isSuperAdmin(List<AuthUserRoleDo> userRoles) {
|
||||||
|
for (AuthUserRoleDo userRole : userRoles) {
|
||||||
|
if (SUPER_ADMIN.equals(userRole.getRoleName())){
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
private List<AuthUserRoleDo> findCommonRoles(List<AuthUserRoleDo> userRoles, List<AuthResourceRoleDo> resRoles) {
|
||||||
|
List<AuthUserRoleDo> result = new ArrayList<>();
|
||||||
|
|
||||||
|
for (AuthUserRoleDo userRole : userRoles) {
|
||||||
|
for (AuthResourceRoleDo resRole : resRoles) {
|
||||||
|
if (userRole.getRoleName().equals(resRole.getRoleName())) {
|
||||||
|
result.add(userRole);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return result;
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,118 @@
|
||||||
|
package com.ctrip.zeus.auth.impl;
|
||||||
|
|
||||||
|
import com.netflix.config.DynamicPropertyFactory;
|
||||||
|
import com.netflix.config.DynamicStringProperty;
|
||||||
|
import org.jasig.cas.client.util.AbstractCasFilter;
|
||||||
|
import org.jasig.cas.client.validation.Assertion;
|
||||||
|
import org.jasig.cas.client.validation.AssertionImpl;
|
||||||
|
import org.slf4j.Logger;
|
||||||
|
import org.slf4j.LoggerFactory;
|
||||||
|
|
||||||
|
import javax.servlet.*;
|
||||||
|
import javax.servlet.http.HttpServletRequest;
|
||||||
|
import javax.servlet.http.HttpServletResponse;
|
||||||
|
import javax.servlet.http.HttpSession;
|
||||||
|
import java.io.IOException;
|
||||||
|
import java.util.HashMap;
|
||||||
|
import java.util.Map;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Authenticate with ip.
|
||||||
|
*
|
||||||
|
* User: mag
|
||||||
|
* Date: 4/21/2015
|
||||||
|
* Time: 3:00 PM
|
||||||
|
*/
|
||||||
|
public class IPAuthenticationFilter implements Filter{
|
||||||
|
private static final Logger logger = LoggerFactory.getLogger(IPAuthenticationFilter.class);
|
||||||
|
DynamicStringProperty ipUserStr = DynamicPropertyFactory.getInstance().getStringProperty("ip.authentication", "127.0.0.1,172.16.144.61=releaseSys");
|
||||||
|
|
||||||
|
private volatile Map<String, String> ipUserMap = new HashMap<>();
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void init(FilterConfig filterConfig) {
|
||||||
|
ipUserMap = parseIpUserStr(ipUserStr.get());
|
||||||
|
ipUserStr.addCallback(new Runnable() {
|
||||||
|
@Override
|
||||||
|
public void run() {
|
||||||
|
ipUserMap = parseIpUserStr(ipUserStr.get());
|
||||||
|
}
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
public final void doFilter(final ServletRequest servletRequest, final ServletResponse servletResponse, final FilterChain filterChain) throws IOException, ServletException {
|
||||||
|
final HttpServletRequest request = (HttpServletRequest) servletRequest;
|
||||||
|
final HttpServletResponse response = (HttpServletResponse) servletResponse;
|
||||||
|
final HttpSession session = request.getSession(false);
|
||||||
|
Assertion assertion = session != null ? (Assertion) session.getAttribute(AbstractCasFilter.CONST_CAS_ASSERTION) : null;
|
||||||
|
|
||||||
|
if (assertion != null) {
|
||||||
|
filterChain.doFilter(request, response);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
// if the request is from in ip white list, then authenticate it using the ip white list.
|
||||||
|
String clientIP = getClientIP(request);
|
||||||
|
String ipUser = getIpUser(clientIP);
|
||||||
|
if (ipUser != null){
|
||||||
|
logger.info("Authenticated by IP: " + clientIP + " Assigned userName:" + ipUser);
|
||||||
|
assertion = new AssertionImpl(ipUser);
|
||||||
|
request.setAttribute(AbstractCasFilter.CONST_CAS_ASSERTION, assertion);
|
||||||
|
request.getSession().setAttribute(AbstractCasFilter.CONST_CAS_ASSERTION, assertion);
|
||||||
|
}
|
||||||
|
filterChain.doFilter(request,response);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void destroy() {
|
||||||
|
// nothing to do
|
||||||
|
}
|
||||||
|
|
||||||
|
private Map<String,String> parseIpUserStr(String ipConfig){
|
||||||
|
Map<String, String> result = new HashMap<>();
|
||||||
|
if (ipConfig == null || ipConfig.isEmpty()) {
|
||||||
|
return result;
|
||||||
|
}
|
||||||
|
String[] configs = ipConfig.split("#");
|
||||||
|
for(String config : configs) {
|
||||||
|
String[] parts = config.split("=", -1);
|
||||||
|
if (parts == null || parts.length != 2){
|
||||||
|
logger.error("fail to parse {}", config);
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
String[] ips = parts[0].split(",");
|
||||||
|
String userName = parts[1];
|
||||||
|
for (String ip : ips) {
|
||||||
|
result.put(ip,userName);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return result;
|
||||||
|
}
|
||||||
|
|
||||||
|
private String getIpUser(String clientIP) {
|
||||||
|
String user = ipUserMap.get(clientIP);
|
||||||
|
return user;
|
||||||
|
}
|
||||||
|
|
||||||
|
private String getClientIP(HttpServletRequest request) {
|
||||||
|
String ip = request.getHeader("X-Forwarded-For");
|
||||||
|
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
|
||||||
|
ip = request.getHeader("Proxy-Client-IP");
|
||||||
|
}
|
||||||
|
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
|
||||||
|
ip = request.getHeader("WL-Proxy-Client-IP");
|
||||||
|
}
|
||||||
|
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
|
||||||
|
ip = request.getHeader("HTTP_CLIENT_IP");
|
||||||
|
}
|
||||||
|
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
|
||||||
|
ip = request.getHeader("HTTP_X_FORWARDED_FOR");
|
||||||
|
}
|
||||||
|
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
|
||||||
|
ip = request.getRemoteAddr();
|
||||||
|
}
|
||||||
|
return ip;
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
|
@ -0,0 +1,89 @@
|
||||||
|
package com.ctrip.zeus.auth.impl;
|
||||||
|
|
||||||
|
import com.ctrip.zeus.auth.Authorize;
|
||||||
|
import com.ctrip.zeus.auth.ResourceGroupProvider;
|
||||||
|
|
||||||
|
import javax.servlet.http.HttpServletRequest;
|
||||||
|
import javax.ws.rs.Path;
|
||||||
|
import java.lang.reflect.Method;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* User: mag
|
||||||
|
* Date: 4/22/2015
|
||||||
|
* Time: 2:51 PM
|
||||||
|
*/
|
||||||
|
public class UriResGroupProvider implements ResourceGroupProvider {
|
||||||
|
@Override
|
||||||
|
public String provideResourceGroup(Method method, HttpServletRequest request) {
|
||||||
|
if (request == null){
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
int groupHint = getGroupHintFromMethod(method);
|
||||||
|
String uriTemplate = getTemplateFromMethod(method);
|
||||||
|
|
||||||
|
String uri = request.getRequestURI();
|
||||||
|
String[] uriParts = uri.split("/");
|
||||||
|
if (uriParts.length < groupHint || groupHint < 0){
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
if (groupHint == 0){
|
||||||
|
return findGroupFromTemplate(uri, uriTemplate);
|
||||||
|
}
|
||||||
|
|
||||||
|
return uriParts[groupHint];
|
||||||
|
}
|
||||||
|
|
||||||
|
private String getTemplateFromMethod(Method method) {
|
||||||
|
Class declaredClass = method.getDeclaringClass();
|
||||||
|
Path pathAnno = method.getAnnotation(Path.class);
|
||||||
|
Path classPathAnno = (Path)declaredClass.getAnnotation(Path.class);
|
||||||
|
|
||||||
|
if (classPathAnno == null || pathAnno == null){
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
return classPathAnno.value() + pathAnno.value();
|
||||||
|
}
|
||||||
|
|
||||||
|
private int getGroupHintFromMethod(Method method) {
|
||||||
|
Authorize authorize = method.getAnnotation(Authorize.class);
|
||||||
|
if (authorize == null){
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
return authorize.uriGroupHint();
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
private String findGroupFromTemplate(String uri, String uriTemplate) {
|
||||||
|
if (uriTemplate == null || uriTemplate.isEmpty()
|
||||||
|
|| uri == null || uri.isEmpty()) {
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
|
||||||
|
int bracketStart = uriTemplate.indexOf("{");
|
||||||
|
if (bracketStart == -1){
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
String templPrefix = uriTemplate.substring(0, bracketStart);
|
||||||
|
int uriTemplIdx = uri.indexOf(templPrefix);
|
||||||
|
if (uriTemplIdx == -1){
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
int groupStart = uriTemplIdx + templPrefix.length();
|
||||||
|
|
||||||
|
StringBuffer groupBuf = new StringBuffer();
|
||||||
|
for (int i = groupStart;i<uri.length();i++){
|
||||||
|
char gChar = uri.charAt(i);
|
||||||
|
if (gChar == '/'){
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
groupBuf.append(gChar);
|
||||||
|
}
|
||||||
|
return groupBuf.toString();
|
||||||
|
}
|
||||||
|
|
||||||
|
public static void main(String[] args) {
|
||||||
|
UriResGroupProvider provider = new UriResGroupProvider();
|
||||||
|
String group = provider.findGroupFromTemplate("/api/app/app12345","/app/{appName:[a-zA-Z0-9_-]+}");
|
||||||
|
System.out.println(group);
|
||||||
|
}
|
||||||
|
}
|
|
@ -8,7 +8,6 @@ import com.ctrip.zeus.model.transform.DefaultJsonParser;
|
||||||
import com.ctrip.zeus.model.transform.DefaultSaxParser;
|
import com.ctrip.zeus.model.transform.DefaultSaxParser;
|
||||||
import com.ctrip.zeus.restful.message.ResponseHandler;
|
import com.ctrip.zeus.restful.message.ResponseHandler;
|
||||||
import com.ctrip.zeus.service.model.AppRepository;
|
import com.ctrip.zeus.service.model.AppRepository;
|
||||||
import org.springframework.security.access.prepost.PreAuthorize;
|
|
||||||
import org.springframework.stereotype.Component;
|
import org.springframework.stereotype.Component;
|
||||||
|
|
||||||
import javax.annotation.Resource;
|
import javax.annotation.Resource;
|
||||||
|
|
|
@ -1,5 +1,6 @@
|
||||||
package com.ctrip.zeus.restful.resource;
|
package com.ctrip.zeus.restful.resource;
|
||||||
|
|
||||||
|
import com.ctrip.zeus.auth.Authorize;
|
||||||
import com.ctrip.zeus.auth.entity.Role;
|
import com.ctrip.zeus.auth.entity.Role;
|
||||||
import com.ctrip.zeus.auth.entity.RoleList;
|
import com.ctrip.zeus.auth.entity.RoleList;
|
||||||
import com.ctrip.zeus.auth.entity.User;
|
import com.ctrip.zeus.auth.entity.User;
|
||||||
|
@ -10,6 +11,7 @@ import com.ctrip.zeus.service.auth.AuthorizationService;
|
||||||
import org.springframework.stereotype.Component;
|
import org.springframework.stereotype.Component;
|
||||||
|
|
||||||
import javax.annotation.Resource;
|
import javax.annotation.Resource;
|
||||||
|
import javax.servlet.http.HttpServletRequest;
|
||||||
import javax.ws.rs.*;
|
import javax.ws.rs.*;
|
||||||
import javax.ws.rs.core.Context;
|
import javax.ws.rs.core.Context;
|
||||||
import javax.ws.rs.core.HttpHeaders;
|
import javax.ws.rs.core.HttpHeaders;
|
||||||
|
@ -31,7 +33,8 @@ public class AuthResource {
|
||||||
@GET
|
@GET
|
||||||
@Path("/role")
|
@Path("/role")
|
||||||
@Produces({MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML})
|
@Produces({MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML})
|
||||||
public Response allRoles(@Context HttpHeaders hh) throws Exception {
|
@Authorize(name="getAuth")
|
||||||
|
public Response allRoles(@Context HttpServletRequest request, @Context HttpHeaders hh) throws Exception {
|
||||||
List<Role> roles = authService.getAllRoles();
|
List<Role> roles = authService.getAllRoles();
|
||||||
RoleList roleList = new RoleList();
|
RoleList roleList = new RoleList();
|
||||||
for (Role role : roles) {
|
for (Role role : roles) {
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
package com.ctrip.zeus.restful.resource;
|
package com.ctrip.zeus.restful.resource;
|
||||||
|
|
||||||
import com.ctrip.zeus.exceptions.ValidationException;
|
import com.ctrip.zeus.auth.Authorize;
|
||||||
import com.ctrip.zeus.lock.DbLockFactory;
|
import com.ctrip.zeus.lock.DbLockFactory;
|
||||||
import com.ctrip.zeus.lock.DistLock;
|
import com.ctrip.zeus.lock.DistLock;
|
||||||
import com.ctrip.zeus.model.entity.Slb;
|
import com.ctrip.zeus.model.entity.Slb;
|
||||||
|
@ -10,17 +10,14 @@ import com.ctrip.zeus.model.transform.DefaultSaxParser;
|
||||||
import com.ctrip.zeus.restful.message.ResponseHandler;
|
import com.ctrip.zeus.restful.message.ResponseHandler;
|
||||||
import com.ctrip.zeus.service.model.SlbRepository;
|
import com.ctrip.zeus.service.model.SlbRepository;
|
||||||
import org.springframework.stereotype.Component;
|
import org.springframework.stereotype.Component;
|
||||||
import org.springframework.web.bind.annotation.ResponseBody;
|
|
||||||
import org.xml.sax.SAXException;
|
|
||||||
|
|
||||||
import javax.annotation.Resource;
|
import javax.annotation.Resource;
|
||||||
|
import javax.servlet.http.HttpServletRequest;
|
||||||
import javax.ws.rs.*;
|
import javax.ws.rs.*;
|
||||||
import javax.ws.rs.core.Context;
|
import javax.ws.rs.core.Context;
|
||||||
import javax.ws.rs.core.HttpHeaders;
|
import javax.ws.rs.core.HttpHeaders;
|
||||||
import javax.ws.rs.core.MediaType;
|
import javax.ws.rs.core.MediaType;
|
||||||
import javax.ws.rs.core.Response;
|
import javax.ws.rs.core.Response;
|
||||||
import java.io.IOException;
|
|
||||||
import java.util.List;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @author:xingchaowang
|
* @author:xingchaowang
|
||||||
|
@ -50,7 +47,8 @@ public class SlbResource {
|
||||||
@GET
|
@GET
|
||||||
@Path("/get/{slbName:[a-zA-Z0-9_-]+}")
|
@Path("/get/{slbName:[a-zA-Z0-9_-]+}")
|
||||||
@Produces({MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML})
|
@Produces({MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML})
|
||||||
public Response getBySlbName(@Context HttpHeaders hh, @PathParam("slbName") String slbName) throws Exception {
|
@Authorize(name="getSlb")
|
||||||
|
public Response getBySlbName(@Context HttpHeaders hh, @Context HttpServletRequest request, @PathParam("slbName") String slbName) throws Exception {
|
||||||
Slb slb = slbRepository.get(slbName);
|
Slb slb = slbRepository.get(slbName);
|
||||||
return responseHandler.handle(slb, hh.getMediaType());
|
return responseHandler.handle(slb, hh.getMediaType());
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,6 +1,8 @@
|
||||||
package com.ctrip.zeus.server;
|
package com.ctrip.zeus.server;
|
||||||
|
|
||||||
|
import com.ctrip.zeus.auth.impl.IPAuthenticationFilter;
|
||||||
import com.ctrip.zeus.restful.resource.SlbResourcePackage;
|
import com.ctrip.zeus.restful.resource.SlbResourcePackage;
|
||||||
|
import com.netflix.config.DynamicBooleanProperty;
|
||||||
import com.netflix.config.DynamicIntProperty;
|
import com.netflix.config.DynamicIntProperty;
|
||||||
import com.netflix.config.DynamicPropertyFactory;
|
import com.netflix.config.DynamicPropertyFactory;
|
||||||
import com.netflix.config.DynamicStringProperty;
|
import com.netflix.config.DynamicStringProperty;
|
||||||
|
@ -21,7 +23,6 @@ import org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter
|
||||||
import org.slf4j.Logger;
|
import org.slf4j.Logger;
|
||||||
import org.slf4j.LoggerFactory;
|
import org.slf4j.LoggerFactory;
|
||||||
import org.springframework.web.context.ContextLoaderListener;
|
import org.springframework.web.context.ContextLoaderListener;
|
||||||
import org.springframework.web.filter.DelegatingFilterProxy;
|
|
||||||
|
|
||||||
import javax.servlet.DispatcherType;
|
import javax.servlet.DispatcherType;
|
||||||
import java.io.File;
|
import java.io.File;
|
||||||
|
@ -48,6 +49,11 @@ public class SlbAdminServer extends AbstractServer {
|
||||||
DynamicIntProperty serverPort = DynamicPropertyFactory.getInstance().getIntProperty("server.port", 8099);
|
DynamicIntProperty serverPort = DynamicPropertyFactory.getInstance().getIntProperty("server.port", 8099);
|
||||||
DynamicStringProperty wwwBaseDir = DynamicPropertyFactory.getInstance().getStringProperty("server.www.base-dir", ".");
|
DynamicStringProperty wwwBaseDir = DynamicPropertyFactory.getInstance().getStringProperty("server.www.base-dir", ".");
|
||||||
DynamicStringProperty springContextFile = DynamicPropertyFactory.getInstance().getStringProperty("server.spring.context-file", "spring-context.xml");
|
DynamicStringProperty springContextFile = DynamicPropertyFactory.getInstance().getStringProperty("server.spring.context-file", "spring-context.xml");
|
||||||
|
DynamicBooleanProperty enableAuthenticate = DynamicPropertyFactory.getInstance().getBooleanProperty("server.authentication.enable", false);
|
||||||
|
DynamicStringProperty casServerLoginUrl = DynamicPropertyFactory.getInstance().getStringProperty("server.sso.casServer.login.url", "");
|
||||||
|
DynamicStringProperty casServerUrlPrefix = DynamicPropertyFactory.getInstance().getStringProperty("server.sso.casServer.url.prefix", "");
|
||||||
|
DynamicStringProperty serverName = DynamicPropertyFactory.getInstance().getStringProperty("server.sso.server.name", "");
|
||||||
|
|
||||||
|
|
||||||
//Config Jersey
|
//Config Jersey
|
||||||
ResourceConfig config = new ResourceConfig();
|
ResourceConfig config = new ResourceConfig();
|
||||||
|
@ -80,21 +86,23 @@ public class SlbAdminServer extends AbstractServer {
|
||||||
handler.addFilter(GzipFilter.class, "/*", EnumSet.of(DispatcherType.REQUEST))
|
handler.addFilter(GzipFilter.class, "/*", EnumSet.of(DispatcherType.REQUEST))
|
||||||
.setInitParameter("mimeTypes", "application/json, application/xml,text/xml, text/html");
|
.setInitParameter("mimeTypes", "application/json, application/xml,text/xml, text/html");
|
||||||
|
|
||||||
//handler.addFilter(new FilterHolder(new DelegatingFilterProxy("springSecurityFilterChain")), "/*", EnumSet.of(DispatcherType.REQUEST));
|
|
||||||
|
|
||||||
//SSO filter
|
//SSO filter
|
||||||
|
if (enableAuthenticate.get()) {
|
||||||
handler.addFilter(SingleSignOutFilter.class, "/*", EnumSet.of(DispatcherType.REQUEST));
|
handler.addFilter(SingleSignOutFilter.class, "/*", EnumSet.of(DispatcherType.REQUEST));
|
||||||
|
|
||||||
|
handler.addFilter(IPAuthenticationFilter.class, "/*", EnumSet.of(DispatcherType.REQUEST));
|
||||||
|
|
||||||
FilterHolder af = handler.addFilter(AuthenticationFilter.class, "/*", EnumSet.of(DispatcherType.REQUEST));
|
FilterHolder af = handler.addFilter(AuthenticationFilter.class, "/*", EnumSet.of(DispatcherType.REQUEST));
|
||||||
af.setInitParameter("casServerLoginUrl","https://cas.uat.qa.nt.ctripcorp.com/caso/login");
|
af.setInitParameter("casServerLoginUrl", casServerLoginUrl.get());
|
||||||
af.setInitParameter("serverName","http://localhost:8099");
|
af.setInitParameter("serverName", serverName.get());
|
||||||
|
|
||||||
FilterHolder validateFilter = handler.addFilter(Cas20ProxyReceivingTicketValidationFilter.class, "/*", EnumSet.of(DispatcherType.REQUEST));
|
FilterHolder validateFilter = handler.addFilter(Cas20ProxyReceivingTicketValidationFilter.class, "/*", EnumSet.of(DispatcherType.REQUEST));
|
||||||
validateFilter.setInitParameter("casServerUrlPrefix", "https://cas.uat.qa.nt.ctripcorp.com/caso");
|
validateFilter.setInitParameter("casServerUrlPrefix", casServerUrlPrefix.get());
|
||||||
validateFilter.setInitParameter("serverName", "http://localhost:8099");
|
validateFilter.setInitParameter("serverName", serverName.get());
|
||||||
validateFilter.setInitParameter("encoding", "UTF-8");
|
validateFilter.setInitParameter("encoding", "UTF-8");
|
||||||
|
|
||||||
handler.addFilter(HttpServletRequestWrapperFilter.class, "/*", EnumSet.of(DispatcherType.REQUEST));
|
handler.addFilter(HttpServletRequestWrapperFilter.class, "/*", EnumSet.of(DispatcherType.REQUEST));
|
||||||
|
}
|
||||||
|
|
||||||
//Config Servlet
|
//Config Servlet
|
||||||
handler.addServlet(jerseyServletHolder, "/api/*");
|
handler.addServlet(jerseyServletHolder, "/api/*");
|
||||||
|
|
|
@ -0,0 +1,81 @@
|
||||||
|
package com.ctrip.zeus.service.aop;
|
||||||
|
|
||||||
|
import com.ctrip.zeus.auth.Authorize;
|
||||||
|
import com.ctrip.zeus.auth.Authorizer;
|
||||||
|
import com.ctrip.zeus.auth.ResourceGroupProvider;
|
||||||
|
import com.ctrip.zeus.restful.message.impl.ErrorResponseHandler;
|
||||||
|
import com.netflix.config.DynamicBooleanProperty;
|
||||||
|
import com.netflix.config.DynamicPropertyFactory;
|
||||||
|
import org.aspectj.lang.JoinPoint;
|
||||||
|
import org.aspectj.lang.ProceedingJoinPoint;
|
||||||
|
import org.aspectj.lang.annotation.Around;
|
||||||
|
import org.aspectj.lang.annotation.Aspect;
|
||||||
|
import org.aspectj.lang.annotation.Before;
|
||||||
|
import org.aspectj.lang.reflect.MethodSignature;
|
||||||
|
import org.glassfish.jersey.server.ContainerRequest;
|
||||||
|
import org.slf4j.Logger;
|
||||||
|
import org.slf4j.LoggerFactory;
|
||||||
|
import org.springframework.core.Ordered;
|
||||||
|
import org.springframework.stereotype.Component;
|
||||||
|
|
||||||
|
import javax.annotation.Resource;
|
||||||
|
import javax.servlet.http.HttpServletRequest;
|
||||||
|
import javax.ws.rs.Path;
|
||||||
|
import javax.ws.rs.core.MediaType;
|
||||||
|
import java.lang.annotation.Annotation;
|
||||||
|
import java.lang.reflect.InvocationTargetException;
|
||||||
|
import java.lang.reflect.Method;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* User: mag
|
||||||
|
* Date: 4/22/2015
|
||||||
|
* Time: 2:59 PM
|
||||||
|
*/
|
||||||
|
@Aspect
|
||||||
|
@Component
|
||||||
|
public class AuthorizationAspect implements Ordered{
|
||||||
|
|
||||||
|
private DynamicBooleanProperty enableAuthorize = DynamicPropertyFactory.getInstance().getBooleanProperty("server.authorization.enable", false);
|
||||||
|
|
||||||
|
@Resource
|
||||||
|
private Authorizer authorizer;
|
||||||
|
|
||||||
|
@Before("execution(* com.ctrip.zeus.restful.resource.*Resource.*(..))")
|
||||||
|
public void interceptAuthorize(JoinPoint point) throws Throwable {
|
||||||
|
if (!enableAuthorize.get()){
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
MethodSignature signature = (MethodSignature)point.getSignature();
|
||||||
|
Method method = signature.getMethod();
|
||||||
|
Authorize authorize = method.getAnnotation(Authorize.class);
|
||||||
|
if (authorize != null){
|
||||||
|
String resourceName = authorize.name();
|
||||||
|
HttpServletRequest request = findRequestArg(point);
|
||||||
|
// not found request parameter
|
||||||
|
if (request == null){
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
Class<? extends ResourceGroupProvider> groupProviderClass = authorize.groupProvider();
|
||||||
|
ResourceGroupProvider groupProvider = groupProviderClass.newInstance();
|
||||||
|
|
||||||
|
String resourceGroup = groupProvider.provideResourceGroup(method, request);
|
||||||
|
String userName = request.getRemoteUser();
|
||||||
|
authorizer.authorize(userName,resourceName,resourceGroup);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
private HttpServletRequest findRequestArg(JoinPoint point) {
|
||||||
|
Object[] args = point.getArgs();
|
||||||
|
for (Object arg : args) {
|
||||||
|
if (arg instanceof HttpServletRequest){
|
||||||
|
return (HttpServletRequest)arg;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public int getOrder() {
|
||||||
|
return 100;
|
||||||
|
}
|
||||||
|
}
|
|
@ -9,6 +9,7 @@ import org.aspectj.lang.annotation.Aspect;
|
||||||
import org.glassfish.jersey.server.ContainerRequest;
|
import org.glassfish.jersey.server.ContainerRequest;
|
||||||
import org.slf4j.Logger;
|
import org.slf4j.Logger;
|
||||||
import org.slf4j.LoggerFactory;
|
import org.slf4j.LoggerFactory;
|
||||||
|
import org.springframework.core.Ordered;
|
||||||
import org.springframework.stereotype.Component;
|
import org.springframework.stereotype.Component;
|
||||||
|
|
||||||
import javax.annotation.Resource;
|
import javax.annotation.Resource;
|
||||||
|
@ -20,7 +21,7 @@ import java.lang.reflect.InvocationTargetException;
|
||||||
*/
|
*/
|
||||||
@Aspect
|
@Aspect
|
||||||
@Component
|
@Component
|
||||||
public class ExceptionAspect {
|
public class ExceptionAspect implements Ordered{
|
||||||
@Resource
|
@Resource
|
||||||
private ErrorResponseHandler errorResponseHandler;
|
private ErrorResponseHandler errorResponseHandler;
|
||||||
private Logger logger = LoggerFactory.getLogger(this.getClass());
|
private Logger logger = LoggerFactory.getLogger(this.getClass());
|
||||||
|
@ -59,4 +60,9 @@ public class ExceptionAspect {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public int getOrder() {
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
}
|
}
|
|
@ -1,6 +1,6 @@
|
||||||
<?xml version="1.0" encoding="UTF-8"?>
|
<?xml version="1.0" encoding="UTF-8"?>
|
||||||
<entities do-package="com.ctrip.zeus.dal.core" gen="true" do-class-suffix="Do">
|
<entities do-package="com.ctrip.zeus.dal.core" gen="true" do-class-suffix="Do">
|
||||||
<entity name="auth-user" table="auth-user" alias="au" do-class="AuthUserDo">
|
<entity name="auth-user" table="auth_user" alias="au" do-class="AuthUserDo">
|
||||||
<query-defs>
|
<query-defs>
|
||||||
<query name="update-by-name" type="UPDATE">
|
<query name="update-by-name" type="UPDATE">
|
||||||
<param user-name="user-name"/>
|
<param user-name="user-name"/>
|
||||||
|
@ -41,7 +41,7 @@
|
||||||
</query>
|
</query>
|
||||||
</query-defs>
|
</query-defs>
|
||||||
</entity>
|
</entity>
|
||||||
<entity name="auth-user-role" table="auth-user-role" alias="aur" do-class="AuthUserRoleDo">
|
<entity name="auth-user-role" table="auth_user_role" alias="aur" do-class="AuthUserRoleDo">
|
||||||
<query-defs>
|
<query-defs>
|
||||||
<query name="find-by-user-name" type="SELECT" multiple="true">
|
<query name="find-by-user-name" type="SELECT" multiple="true">
|
||||||
<param name="user-name"/>
|
<param name="user-name"/>
|
||||||
|
@ -77,7 +77,7 @@
|
||||||
</query-defs>
|
</query-defs>
|
||||||
</entity>
|
</entity>
|
||||||
|
|
||||||
<entity name="auth-role" table="auth-role" alias="ar" do-class="AuthRoleDo">
|
<entity name="auth-role" table="auth_role" alias="ar" do-class="AuthRoleDo">
|
||||||
<query-defs>
|
<query-defs>
|
||||||
<query name="find-all" type="SELECT" multiple="true">
|
<query name="find-all" type="SELECT" multiple="true">
|
||||||
<statement>
|
<statement>
|
||||||
|
@ -100,7 +100,7 @@
|
||||||
</query-defs>
|
</query-defs>
|
||||||
</entity>
|
</entity>
|
||||||
|
|
||||||
<entity name="auth-resource" table="auth-resource" alias="ares" do-class="AuthResourceDo">
|
<entity name="auth-resource" table="auth_resource" alias="ares" do-class="AuthResourceDo">
|
||||||
<query-defs>
|
<query-defs>
|
||||||
<query name="find-all" type="SELECT" multiple="true">
|
<query name="find-all" type="SELECT" multiple="true">
|
||||||
<statement>
|
<statement>
|
||||||
|
@ -143,7 +143,7 @@
|
||||||
</query-defs>
|
</query-defs>
|
||||||
</entity>
|
</entity>
|
||||||
|
|
||||||
<entity name="auth-resource-role" table="auth-resource-role" alias="arr" do-class="AuthResourceRoleDo">
|
<entity name="auth-resource-role" table="auth_resource_role" alias="arr" do-class="AuthResourceRoleDo">
|
||||||
<query-defs>
|
<query-defs>
|
||||||
<query name="find-by-resource-name" type="SELECT" multiple="true">
|
<query name="find-by-resource-name" type="SELECT" multiple="true">
|
||||||
<param name="resource-name"/>
|
<param name="resource-name"/>
|
||||||
|
|
|
@ -293,7 +293,7 @@
|
||||||
<member name="resource-type" field="resource_type" value-type="String" length="50" />
|
<member name="resource-type" field="resource_type" value-type="String" length="50" />
|
||||||
<member name="description" field="description" value-type="String" length="100" />
|
<member name="description" field="description" value-type="String" length="100" />
|
||||||
<member name="created-time" field="created_time" value-type="Date" />
|
<member name="created-time" field="created_time" value-type="Date" />
|
||||||
<member name="last-modified" field="last_modified" value-type="Date" nullable="false" />
|
<member name="data-change-last-time" field="DataChange_LastTime" value-type="Date" nullable="false" />
|
||||||
<var name="key-id" value-type="int" key-member="id" />
|
<var name="key-id" value-type="int" key-member="id" />
|
||||||
<primary-key name="PRIMARY" members="id" />
|
<primary-key name="PRIMARY" members="id" />
|
||||||
<readsets>
|
<readsets>
|
||||||
|
@ -331,7 +331,7 @@
|
||||||
<member name="resource-name" field="resource_name" value-type="String" length="50" nullable="false" />
|
<member name="resource-name" field="resource_name" value-type="String" length="50" nullable="false" />
|
||||||
<member name="role-name" field="role_name" value-type="String" length="50" nullable="false" />
|
<member name="role-name" field="role_name" value-type="String" length="50" nullable="false" />
|
||||||
<member name="created-time" field="created_time" value-type="Date" />
|
<member name="created-time" field="created_time" value-type="Date" />
|
||||||
<member name="last-modified" field="last_modified" value-type="Date" nullable="false" />
|
<member name="data-change-last-time" field="DataChange_LastTime" value-type="Date" nullable="false" />
|
||||||
<var name="key-id" value-type="int" key-member="id" />
|
<var name="key-id" value-type="int" key-member="id" />
|
||||||
<primary-key name="PRIMARY" members="id" />
|
<primary-key name="PRIMARY" members="id" />
|
||||||
<index name="role_idx" members="role_name ASC" />
|
<index name="role_idx" members="role_name ASC" />
|
||||||
|
@ -371,7 +371,7 @@
|
||||||
<member name="role-name" field="role_name" value-type="String" length="50" nullable="false" />
|
<member name="role-name" field="role_name" value-type="String" length="50" nullable="false" />
|
||||||
<member name="description" field="description" value-type="String" length="100" />
|
<member name="description" field="description" value-type="String" length="100" />
|
||||||
<member name="created-time" field="created_time" value-type="Date" />
|
<member name="created-time" field="created_time" value-type="Date" />
|
||||||
<member name="last-modified" field="last_modified" value-type="Date" nullable="false" />
|
<member name="data-change-last-time" field="DataChange_LastTime" value-type="Date" nullable="false" />
|
||||||
<var name="key-id" value-type="int" key-member="id" />
|
<var name="key-id" value-type="int" key-member="id" />
|
||||||
<primary-key name="PRIMARY" members="id" />
|
<primary-key name="PRIMARY" members="id" />
|
||||||
<index name="role_idx" unique="true" members="role_name ASC" />
|
<index name="role_idx" unique="true" members="role_name ASC" />
|
||||||
|
@ -409,6 +409,8 @@
|
||||||
<member name="id" field="id" value-type="int" length="10" nullable="false" key="true" auto-increment="true" />
|
<member name="id" field="id" value-type="int" length="10" nullable="false" key="true" auto-increment="true" />
|
||||||
<member name="user-name" field="user_name" value-type="String" length="50" nullable="false" />
|
<member name="user-name" field="user_name" value-type="String" length="50" nullable="false" />
|
||||||
<member name="description" field="description" value-type="String" length="100" />
|
<member name="description" field="description" value-type="String" length="100" />
|
||||||
|
<member name="created-time" field="created_time" value-type="Date" />
|
||||||
|
<member name="data-change-last-time" field="DataChange_LastTime" value-type="Date" nullable="false" />
|
||||||
<var name="key-id" value-type="int" key-member="id" />
|
<var name="key-id" value-type="int" key-member="id" />
|
||||||
<primary-key name="PRIMARY" members="id" />
|
<primary-key name="PRIMARY" members="id" />
|
||||||
<index name="usr_name_idx" unique="true" members="user_name ASC" />
|
<index name="usr_name_idx" unique="true" members="user_name ASC" />
|
||||||
|
@ -448,7 +450,7 @@
|
||||||
<member name="role-name" field="role_name" value-type="String" length="50" nullable="false" />
|
<member name="role-name" field="role_name" value-type="String" length="50" nullable="false" />
|
||||||
<member name="group" field="group" value-type="String" length="50" nullable="false" />
|
<member name="group" field="group" value-type="String" length="50" nullable="false" />
|
||||||
<member name="created-time" field="created_time" value-type="Date" />
|
<member name="created-time" field="created_time" value-type="Date" />
|
||||||
<member name="last-modified" field="last_modified" value-type="Date" nullable="false" />
|
<member name="data-change-last-time" field="DataChange_LastTime" value-type="Date" nullable="false" />
|
||||||
<var name="key-id" value-type="int" key-member="id" />
|
<var name="key-id" value-type="int" key-member="id" />
|
||||||
<primary-key name="PRIMARY" members="id" />
|
<primary-key name="PRIMARY" members="id" />
|
||||||
<index name="usr_role_idx" unique="true" members="user_name ASC" />
|
<index name="usr_role_idx" unique="true" members="user_name ASC" />
|
||||||
|
|
|
@ -84,7 +84,7 @@
|
||||||
<implementation>org.unidal.dal.jdbc.mapping.SimpleTableProvider</implementation>
|
<implementation>org.unidal.dal.jdbc.mapping.SimpleTableProvider</implementation>
|
||||||
<configuration>
|
<configuration>
|
||||||
<logical-table-name>auth-resource</logical-table-name>
|
<logical-table-name>auth-resource</logical-table-name>
|
||||||
<physical-table-name>auth-resource</physical-table-name>
|
<physical-table-name>auth_resource</physical-table-name>
|
||||||
<data-source-name>zeus</data-source-name>
|
<data-source-name>zeus</data-source-name>
|
||||||
</configuration>
|
</configuration>
|
||||||
</component>
|
</component>
|
||||||
|
@ -94,7 +94,7 @@
|
||||||
<implementation>org.unidal.dal.jdbc.mapping.SimpleTableProvider</implementation>
|
<implementation>org.unidal.dal.jdbc.mapping.SimpleTableProvider</implementation>
|
||||||
<configuration>
|
<configuration>
|
||||||
<logical-table-name>auth-resource-role</logical-table-name>
|
<logical-table-name>auth-resource-role</logical-table-name>
|
||||||
<physical-table-name>auth-resource-role</physical-table-name>
|
<physical-table-name>auth_resource_role</physical-table-name>
|
||||||
<data-source-name>zeus</data-source-name>
|
<data-source-name>zeus</data-source-name>
|
||||||
</configuration>
|
</configuration>
|
||||||
</component>
|
</component>
|
||||||
|
@ -104,7 +104,7 @@
|
||||||
<implementation>org.unidal.dal.jdbc.mapping.SimpleTableProvider</implementation>
|
<implementation>org.unidal.dal.jdbc.mapping.SimpleTableProvider</implementation>
|
||||||
<configuration>
|
<configuration>
|
||||||
<logical-table-name>auth-role</logical-table-name>
|
<logical-table-name>auth-role</logical-table-name>
|
||||||
<physical-table-name>auth-role</physical-table-name>
|
<physical-table-name>auth_role</physical-table-name>
|
||||||
<data-source-name>zeus</data-source-name>
|
<data-source-name>zeus</data-source-name>
|
||||||
</configuration>
|
</configuration>
|
||||||
</component>
|
</component>
|
||||||
|
@ -114,7 +114,7 @@
|
||||||
<implementation>org.unidal.dal.jdbc.mapping.SimpleTableProvider</implementation>
|
<implementation>org.unidal.dal.jdbc.mapping.SimpleTableProvider</implementation>
|
||||||
<configuration>
|
<configuration>
|
||||||
<logical-table-name>auth-user</logical-table-name>
|
<logical-table-name>auth-user</logical-table-name>
|
||||||
<physical-table-name>auth-user</physical-table-name>
|
<physical-table-name>auth_user</physical-table-name>
|
||||||
<data-source-name>zeus</data-source-name>
|
<data-source-name>zeus</data-source-name>
|
||||||
</configuration>
|
</configuration>
|
||||||
</component>
|
</component>
|
||||||
|
@ -124,7 +124,7 @@
|
||||||
<implementation>org.unidal.dal.jdbc.mapping.SimpleTableProvider</implementation>
|
<implementation>org.unidal.dal.jdbc.mapping.SimpleTableProvider</implementation>
|
||||||
<configuration>
|
<configuration>
|
||||||
<logical-table-name>auth-user-role</logical-table-name>
|
<logical-table-name>auth-user-role</logical-table-name>
|
||||||
<physical-table-name>auth-user-role</physical-table-name>
|
<physical-table-name>auth_user_role</physical-table-name>
|
||||||
<data-source-name>zeus</data-source-name>
|
<data-source-name>zeus</data-source-name>
|
||||||
</configuration>
|
</configuration>
|
||||||
</component>
|
</component>
|
||||||
|
|
Loading…
Reference in a new issue