实现拦截器:
1 package com.zqc.share.framework.interceptor; 2 3 import javax.annotation.Resource; 4 import javax.servlet.http.HttpServletRequest; 5 import javax.servlet.http.HttpServletResponse; 6 7 import org.springframework.web.servlet.HandlerInterceptor; 8 import org.springframework.web.servlet.ModelAndView; 9 10 import com.zqc.share.framework.security.RequestContextValidate; 11 12 public class TokenValidateInterceptor implements HandlerInterceptor { 13 14 @Resource(name="requestContextValidate") 15 RequestContextValidate requestContextValidate; 16 17 @Override 18 public void afterCompletion(HttpServletRequest arg0, 19 HttpServletResponse arg1, Object arg2, Exception arg3) 20 throws Exception { 21 // TODO Auto-generated method stub 22 23 } 24 25 @Override 26 public void postHandle(HttpServletRequest arg0, HttpServletResponse arg1, 27 Object arg2, ModelAndView arg3) throws Exception { 28 29 } 30 31 @Override 32 public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, 33 Object arg2) throws Exception { 34 // TODO Auto-generated method stub 35 String str = (String)httpServletRequest.getParameter("p"); 36 if(requestContextValidate.validate(str))return true; 37 else 38 return false; 39 } 40 41 }
Validate实现:
1 package com.zqc.share.framework.security; 2 3 4 import javax.annotation.Resource; 5 6 import org.springframework.stereotype.Service; 7 8 import com.zqc.share.dao.service.ServiceDao; 9 import com.zqc.share.framework.cache.CacheManager; 10 import com.zqc.share.framework.model.ServiceAccountItemCache; 11 import com.zqc.share.model.service.ServiceAccountItem; 12 13 @Service 14 public class RequestContextValidate { 15 16 @Resource(name="serviceDao") 17 ServiceDao serviceDao; 18 19 @Resource(name="cacheManager") 20 CacheManager cacheManager; 21 22 public boolean validate(String str){ 23 String[] strs = str.split("\\|"); 24 String keystr = strs[0]; 25 String token = strs[1]; 26 ServiceAccountItemCache serviceAccountItemCache; 27 28 serviceAccountItemCache = cacheManager.serviceAccountMap.get(keystr); 29 30 if(serviceAccountItemCache == null){ 31 ServiceAccountItem serviceAccountItem = serviceDao.getAccountItem(keystr); 32 if(serviceAccountItem == null)return false; 33 if(token.equals(serviceAccountItem.getToken())){ 34 cacheManager.insert(keystr,serviceAccountItem); 35 System.out.println("第一次访问"); 36 return true; 37 } 38 else 39 return false; 40 } 41 else { 42 cacheManager.update(keystr); 43 System.out.println("已经访问过"); 44 return true; 45 } 46 47 48 } 49 50 }
其中CacheManager用于管理cache
1 package com.zqc.share.framework.cache; 2 3 import java.util.Date; 4 import java.util.HashMap; 5 6 7 8 import org.springframework.stereotype.Service; 9 10 import com.zqc.share.framework.model.ServiceAccountItemCache; 11 import com.zqc.share.model.service.ServiceAccountItem; 12 13 @Service 14 public class CacheManager { 15 16 public HashMap<String,ServiceAccountItemCache> serviceAccountMap = new HashMap<String,ServiceAccountItemCache>(); 17 18 public void insert(String keystr,ServiceAccountItem serviceAccountItem){ 19 ServiceAccountItemCache serviceAccountItemCache = new ServiceAccountItemCache(); 20 serviceAccountItemCache.setServiceAccountItem(serviceAccountItem); 21 serviceAccountItemCache.setCreatetime(new Date()); 22 serviceAccountMap.put(keystr,serviceAccountItemCache); 23 } 24 25 public void update(String keystr){ 26 ServiceAccountItemCache serviceAccountItemCache = serviceAccountMap.get(keystr); 27 serviceAccountItemCache.setCreatetime(new Date()); 28 } 29 30 31 }
ServiceAccountItemCache用于缓存ServiceAccountItem,以下是model:
1 package com.zqc.share.framework.model; 2 3 import java.util.Date; 4 5 import com.zqc.share.model.service.ServiceAccountItem; 6 7 public class ServiceAccountItemCache { 8 9 private ServiceAccountItem serviceAccountItem; 10 private Date createtime; 11 private int lifetime; 12 13 14 public ServiceAccountItem getServiceAccountItem() { 15 return serviceAccountItem; 16 } 17 public void setServiceAccountItem(ServiceAccountItem serviceAccountItem) { 18 this.serviceAccountItem = serviceAccountItem; 19 } 20 public Date getCreatetime() { 21 return createtime; 22 } 23 public void setCreatetime(Date createtime) { 24 this.createtime = createtime; 25 } 26 public int getLifetime() { 27 return lifetime; 28 } 29 public void setLifetime(int lifetime) { 30 this.lifetime = lifetime; 31 } 32 }
1 package com.zqc.share.model.service; 2 3 public class ServiceAccountItem { 4 5 private int id; 6 private String keystr; 7 private String token; 8 9 public String getKeystr() { 10 return keystr; 11 } 12 public void setKeystr(String keystr) { 13 this.keystr = keystr; 14 } 15 public int getId() { 16 return id; 17 } 18 public void setId(int id) { 19 this.id = id; 20 } 21 22 public String getToken() { 23 return token; 24 } 25 public void setToken(String token) { 26 this.token = token; 27 } 28 29 }
以下是加密解密工具类,根据情况自行决定加密位置:
1 package com.zqc.share.framework.security; 2 3 import java.io.UnsupportedEncodingException; 4 import java.security.InvalidKeyException; 5 import java.security.NoSuchAlgorithmException; 6 import java.security.SecureRandom; 7 8 import javax.crypto.BadPaddingException; 9 import javax.crypto.Cipher; 10 import javax.crypto.IllegalBlockSizeException; 11 import javax.crypto.KeyGenerator; 12 import javax.crypto.NoSuchPaddingException; 13 import javax.crypto.SecretKey; 14 import javax.crypto.spec.SecretKeySpec; 15 16 17 public class AESManager { 18 19 public static String password = "our project is share"; 20 21 /** 22 * 加密 23 * 24 * @param content 需要加密的内容 25 * @param password 加密密码 26 * @return 27 */ 28 public static byte[] encrypt(String content, String password) { 29 try { 30 KeyGenerator kgen = KeyGenerator.getInstance("AES"); 31 kgen.init(128, new SecureRandom(password.getBytes())); 32 SecretKey secretKey = kgen.generateKey(); 33 byte[] enCodeFormat = secretKey.getEncoded(); 34 SecretKeySpec key = new SecretKeySpec(enCodeFormat, "AES"); 35 Cipher cipher = Cipher.getInstance("AES");// 创建密码器 36 byte[] byteContent = content.getBytes("utf-8"); 37 cipher.init(Cipher.ENCRYPT_MODE, key);// 初始化 38 byte[] result = cipher.doFinal(byteContent); 39 return result; // 加密 40 } catch (NoSuchAlgorithmException e) { 41 e.printStackTrace(); 42 } catch (NoSuchPaddingException e) { 43 e.printStackTrace(); 44 } catch (InvalidKeyException e) { 45 e.printStackTrace(); 46 } catch (UnsupportedEncodingException e) { 47 e.printStackTrace(); 48 } catch (IllegalBlockSizeException e) { 49 e.printStackTrace(); 50 } catch (BadPaddingException e) { 51 e.printStackTrace(); 52 } 53 return null; 54 } 55 56 57 /**解密 58 * @param content 待解密内容 59 * @param password 解密密钥 60 * @return 61 */ 62 public static byte[] decrypt(byte[] content, String password) { 63 try { 64 KeyGenerator kgen = KeyGenerator.getInstance("AES"); 65 kgen.init(128, new SecureRandom(password.getBytes())); 66 SecretKey secretKey = kgen.generateKey(); 67 byte[] enCodeFormat = secretKey.getEncoded(); 68 SecretKeySpec key = new SecretKeySpec(enCodeFormat, "AES"); 69 Cipher cipher = Cipher.getInstance("AES");// 创建密码器 70 cipher.init(Cipher.DECRYPT_MODE, key);// 初始化 71 byte[] result = cipher.doFinal(content); 72 return result; // 加密 73 } catch (NoSuchAlgorithmException e) { 74 e.printStackTrace(); 75 } catch (NoSuchPaddingException e) { 76 e.printStackTrace(); 77 } catch (InvalidKeyException e) { 78 e.printStackTrace(); 79 } catch (IllegalBlockSizeException e) { 80 e.printStackTrace(); 81 } catch (BadPaddingException e) { 82 e.printStackTrace(); 83 } 84 return null; 85 } 86 87 /**将二进制转换成16进制 88 * @param buf 89 * @return 90 */ 91 public static String parseByte2HexStr(byte buf[]) { 92 StringBuffer sb = new StringBuffer(); 93 for (int i = 0; i < buf.length; i++) { 94 String hex = Integer.toHexString(buf[i] & 0xFF); 95 if (hex.length() == 1) { 96 hex = '0' + hex; 97 } 98 sb.append(hex.toUpperCase()); 99 } 100 return sb.toString(); 101 } 102 103 /**将16进制转换为二进制 104 * @param hexStr 105 * @return 106 */ 107 public static byte[] parseHexStr2Byte(String hexStr) { 108 if (hexStr.length() < 1) 109 return null; 110 byte[] result = new byte[hexStr.length()/2]; 111 for (int i = 0;i< hexStr.length()/2; i++) { 112 int high = Integer.parseInt(hexStr.substring(i*2, i*2+1), 16); 113 int low = Integer.parseInt(hexStr.substring(i*2+1, i*2+2), 16); 114 result[i] = (byte) (high * 16 + low); 115 } 116 return result; 117 } 118 119 }
浙公网安备 33010602011771号