diff --git a/build.gradle b/build.gradle
index d9e6691..f484f2c 100644
--- a/build.gradle
+++ b/build.gradle
@@ -19,6 +19,8 @@ dependencies {
api 'com.eactive.elink.common:elink-common-data:4.5.5'
+ api fileTree(dir: "ext-libs/api", include: ["*.jar"])
+
// api "org.springframework:spring-context:${springVersion}"
// api "org.springframework:spring-webmvc:${springVersion}"
// api "org.springframework.security.oauth:spring-security-oauth2:2.3.8.RELEASE"
@@ -27,12 +29,16 @@ dependencies {
implementation "org.apache.httpcomponents.client5:httpclient5:5.1"
+ compileOnly group: 'javax.servlet', name: 'javax.servlet-api', version: '4.0.1'
+
compileOnly 'org.slf4j:jul-to-slf4j:1.7.35'
compileOnly 'org.slf4j:jcl-over-slf4j:1.7.35'
compileOnly 'org.slf4j:log4j-over-slf4j:1.7.35'
compileOnly 'org.slf4j:slf4j-api:1.7.35'
- compileOnly fileTree(dir: "ext-libs/compileOnly", include: ["*.jar"])
+ compileOnly "org.jdom:jdom:1.1"
+
+ compileOnly fileTree(dir: "ext-libs/compileOnly", include: ["*.jar"])
testAnnotationProcessor "org.projectlombok:lombok:1.18.28"
diff --git a/ext-libs/api/external_v4.2.0.02.jar b/ext-libs/api/external_v4.2.0.02.jar
new file mode 100644
index 0000000..99afc6c
Binary files /dev/null and b/ext-libs/api/external_v4.2.0.02.jar differ
diff --git a/ext-libs/api/jdom.jar b/ext-libs/api/jdom.jar
new file mode 100644
index 0000000..4736a4e
Binary files /dev/null and b/ext-libs/api/jdom.jar differ
diff --git a/ext-libs/api/poolit.jar b/ext-libs/api/poolit.jar
new file mode 100644
index 0000000..272db37
Binary files /dev/null and b/ext-libs/api/poolit.jar differ
diff --git a/ext-libs/api/xercesImpl.jar b/ext-libs/api/xercesImpl.jar
new file mode 100644
index 0000000..33990e8
Binary files /dev/null and b/ext-libs/api/xercesImpl.jar differ
diff --git a/kjb-docs/sso/WEB-INF/lib/INICrypto_v4.0.12.jar b/kjb-docs/sso/WEB-INF/lib/INICrypto_v4.0.12.jar
new file mode 100644
index 0000000..09636c9
Binary files /dev/null and b/kjb-docs/sso/WEB-INF/lib/INICrypto_v4.0.12.jar differ
diff --git a/kjb-docs/sso/WEB-INF/lib/external_v4.2.0.02.jar b/kjb-docs/sso/WEB-INF/lib/external_v4.2.0.02.jar
new file mode 100644
index 0000000..99afc6c
Binary files /dev/null and b/kjb-docs/sso/WEB-INF/lib/external_v4.2.0.02.jar differ
diff --git a/kjb-docs/sso/WEB-INF/lib/jdom.jar b/kjb-docs/sso/WEB-INF/lib/jdom.jar
new file mode 100644
index 0000000..4736a4e
Binary files /dev/null and b/kjb-docs/sso/WEB-INF/lib/jdom.jar differ
diff --git a/kjb-docs/sso/WEB-INF/lib/log4j-1.2.16.jar b/kjb-docs/sso/WEB-INF/lib/log4j-1.2.16.jar
new file mode 100644
index 0000000..3f9d847
Binary files /dev/null and b/kjb-docs/sso/WEB-INF/lib/log4j-1.2.16.jar differ
diff --git a/kjb-docs/sso/WEB-INF/lib/poolit.jar b/kjb-docs/sso/WEB-INF/lib/poolit.jar
new file mode 100644
index 0000000..272db37
Binary files /dev/null and b/kjb-docs/sso/WEB-INF/lib/poolit.jar differ
diff --git a/kjb-docs/sso/WEB-INF/lib/xercesImpl.jar b/kjb-docs/sso/WEB-INF/lib/xercesImpl.jar
new file mode 100644
index 0000000..33990e8
Binary files /dev/null and b/kjb-docs/sso/WEB-INF/lib/xercesImpl.jar differ
diff --git a/kjb-docs/sso/app01.jsp b/kjb-docs/sso/app01.jsp
new file mode 100644
index 0000000..0a8e495
--- /dev/null
+++ b/kjb-docs/sso/app01.jsp
@@ -0,0 +1,48 @@
+<%@ page language="java" contentType="text/html; charset=EUC-KR"
+ pageEncoding="EUC-KR"%>
+
+
+<%
+ String user_id = (String)session.getAttribute("SSO_ID");
+ String app_id = (String)session.getAttribute("APP_ID");
+ String ext_info = (String)session.getAttribute("EXT_INFO");
+ String retCode = (String)session.getAttribute("RET_CODE");
+
+%>
+
+
+
+Insert title here
+
+
+ Single Sign On [<%=user_id %>]
+
+ [ 업무시스템 - (SAMPLE_APP)]
+
+
+
+
+ | * 사용자ID |
+ <%=user_id%> |
+
+
+
+
+ | * SERVICE_NAME |
+ <%=app_id%> |
+
+
+
+ | * 확장정보 |
+ <%=ext_info%> |
+
+
+
+ | * 인증토큰 상태 |
+ retCode = [<%=retCode%>] (1000:누락, 1001:시간, 1002:비정상) |
+
+
+
+
+
+
\ No newline at end of file
diff --git a/kjb-docs/sso/config.jsp b/kjb-docs/sso/config.jsp
new file mode 100644
index 0000000..653d772
--- /dev/null
+++ b/kjb-docs/sso/config.jsp
@@ -0,0 +1,295 @@
+<%@ page
+ import="sun.misc.*,
+ java.util.*,
+ java.math.*,
+ java.net.*,
+ com.initech.eam.nls.*,
+ com.initech.eam.api.*,
+ com.initech.eam.base.*,
+ com.initech.eam.nls.command.*,
+ com.initech.eam.smartenforcer.*,
+ examples.api.*"
+%>
+<%@page import="com.initech.eam.nls.CookieManager"%>
+<%!
+/**[INISAFE NEXESS JAVA AGENT]**********************************************************************
+* 업무시스템 설정 사항 (업무 환경에 맞게 변경)
+***************************************************************************************************/
+
+
+/***[SERVICE CONFIGURATION]***********************************************************************/
+ private String SERVICE_NAME = "Web";
+ private String SERVER_URL = "http://test.kjbank.com";
+ private String SERVER_PORT = "8080";
+ private String ASCP_URL = SERVER_URL + ":" + SERVER_PORT + "/se/login_exec.jsp";
+/*************************************************************************************************/
+
+
+/***[SSO CONFIGURATION]**]***********************************************************************/
+ private String NLS_URL = "http://sso.kjbank.com";
+ private String NLS_PORT = "13890";
+ private String NLS_LOGIN_URL = NLS_URL + ":" + NLS_PORT + "/nls3/clientLogin.jsp";
+ private String NLS_LOGOUT_URL= NLS_URL + ":" + NLS_PORT + "/nls3/NCLogout.jsp";
+ private String NLS_ERROR_URL = NLS_URL + ":" + NLS_PORT + "/nls3/error.jsp";
+
+/***[SSO ND LIST 운영]**]***********************************************************************/
+ private static String ND_URL1 = "http://sso.kjbank.com:5480";
+
+
+ private static Vector PROVIDER_LIST = new Vector();
+
+ private static final int COOKIE_SESSTION_TIME_OUT = 3000000;
+
+ // 인증 타입 (ID/PW 방식 : 1, 인증서 : 3)
+ private String TOA = "1";
+ private String SSO_DOMAIN = ".kjbank.com";
+
+ private static final int timeout = 15000;
+ private static NXContext context = null;
+ static{
+ List serverurlList = new ArrayList();
+ serverurlList.add(ND_URL1);
+
+ context = new NXContext(serverurlList,timeout);
+ CookieManager.setEncStatus(true);
+
+ PROVIDER_LIST.add("sso.kjbank.com");
+ SECode.setCookiePadding("_V42");
+ }
+
+ // by Kang
+ public NXContext getContext()
+ {
+ NXContext context = null;
+ try
+ {
+ List serverurlList = new ArrayList();
+ serverurlList.add(ND_URL1);
+ context = new NXContext(serverurlList);
+ CookieManager.setEncStatus(true);
+
+ PROVIDER_LIST.add("sso.kjbank.com");
+ //NLS3 web.xml의 CookiePadding 값과 같아야 한다. 안그럼 검증 페일남
+ SECode.setCookiePadding("_V42");
+ }
+ catch (Exception e)
+ {
+ e.printStackTrace();
+ }
+ return context;
+ }
+
+ // 통합 SSO ID 조회
+ public String getSsoId(HttpServletRequest request) {
+ String sso_id = null;
+ sso_id = CookieManager.getCookieValue(SECode.USER_ID, request);
+ return sso_id;
+ }
+
+ public String getSystemAccount(String sso_id) {
+ NXContext context = null;
+ NXUserAPI userAPI = null;
+ String retValue = null;
+
+ try {
+ context = getContext();
+ userAPI = new NXUserAPI(context);
+ System.out.println("##############################################");
+ System.out.println("sso_id 2: "+sso_id);
+ System.out.println("SERVICE_NAME : "+SERVICE_NAME);
+ System.out.println("##############################################");
+ NXAccount account = userAPI.getUserAccount(sso_id, SERVICE_NAME);
+ System.out.println(account.toString());
+ retValue = account.getAccountName();
+ System.out.println("retValue = " + retValue);
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+ return retValue;
+ }
+
+ // 통합 SSO 로그인페이지 이동
+ public void goLoginPage(HttpServletResponse response, String uurl)
+ throws Exception {
+ com.initech.eam.nls.CookieManager.addCookie(SECode.USER_URL, uurl, SSO_DOMAIN, response);
+ com.initech.eam.nls.CookieManager.addCookie(SECode.R_TOA, TOA, SSO_DOMAIN, response);
+ response.sendRedirect(NLS_LOGIN_URL + "?UURL=" + uurl);
+ }
+
+ // 통합 SSO 로그인페이지 이동
+ public void goLoginPage(HttpServletResponse response)throws Exception {
+ CookieManager.addCookie(SECode.USER_URL, ASCP_URL, SSO_DOMAIN, response);
+ CookieManager.addCookie(SECode.R_TOA, TOA, SSO_DOMAIN, response);
+ response.sendRedirect(NLS_LOGIN_URL);
+ }
+
+ // 통합인증 세션을 체크 하기 위하여 사용되는 API
+ public String getEamSessionCheck(HttpServletRequest request,HttpServletResponse response){
+ String retCode = "";
+ try {
+ retCode = CookieManager.verifyNexessCookie(request, response, 10, COOKIE_SESSTION_TIME_OUT,PROVIDER_LIST);
+ } catch(Exception npe) {
+ npe.printStackTrace();
+ }
+ return retCode;
+ }
+
+ //ND API를 사용해서 쿠키검증하는것(현재 표준에서는 사용안함, 근데 해도 되기는 함)
+ public String getEamSessionCheck2(HttpServletRequest request,HttpServletResponse response)
+ {
+ String retCode = "";
+ try {
+ NXNLSAPI nxNLSAPI = new NXNLSAPI(context);
+ retCode = nxNLSAPI.readNexessCookie(request, response, 0, 0);
+ } catch(Exception npe) {
+ npe.printStackTrace();
+ }
+ return retCode;
+ }
+
+ // SSO 에러페이지 URL
+ public void goErrorPage(HttpServletResponse response, int error_code)throws Exception {
+ CookieManager.removeNexessCookie(SSO_DOMAIN, response);
+ CookieManager.addCookie(SECode.USER_URL, ASCP_URL, SSO_DOMAIN, response);
+ response.sendRedirect(NLS_ERROR_URL + "?errorCode=" + error_code);
+ }
+
+ /**
+ * 사용자 기본정보 가져오기.
+ * @param String userid
+ * @return Properties
+ */
+ public Properties getUserInfos(String userid) throws Exception {
+
+ NXContext context = null;
+ context = getContext();
+
+ NXUserAPI userAPI = new NXUserAPI(context);
+ Properties propt = null;
+
+ if (userid==null || userid.length() <= 0)
+ return propt;
+
+ try {
+ NXUserInfo userInfo = userAPI.getUserInfo(userid);
+ propt = new Properties();
+ //System.out.println("userInfo.getName()=["+userInfo.getName()+"]");
+ propt.setProperty("USERID", userInfo.getUserId());
+ propt.setProperty("EMAIL", userInfo.getEmail());
+ propt.setProperty("ENABLE", String.valueOf(userInfo.getEnable()));
+ propt.setProperty("STARTVALID", userInfo.getStartValid());
+ propt.setProperty("ENDVALID", userInfo.getEndValid());
+ propt.setProperty("NAME", userInfo.getName());
+ propt.setProperty("ENCPASSWD", userInfo.getEncpasswd());
+ propt.setProperty("LASTPASSWDCHANGE", userInfo.getLastpasswdchange());
+ propt.setProperty("LastLoginIP", userInfo.getLastLoginIp());
+ propt.setProperty("LastLoginTime", userInfo.getLastLoginTime());
+ propt.setProperty("LastLoginAuthLevel", userInfo.getLastLoginAuthLevel());
+
+ } catch (EmptyResultException e) {
+ e.printStackTrace();
+ } catch (APIException e) {
+ e.printStackTrace();
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+ return propt;
+ }
+
+ /**
+ * 사용자의 기본정보 중에서 입력된 키 값만 가지고 온다.
+ * @param String userid
+ * @param String key
+ * @return String
+ */
+ public String getUserInfo(String userid, String key) throws Exception {
+ if(userid==null||userid.length()<1) return null;
+
+ String userInfo = "";
+
+ try{
+ Properties propt = getUserInfos(userid);
+ userInfo = propt.getProperty(key);
+ } catch (Exception e) {
+ //throw e;
+ e.printStackTrace();
+ }
+ return userInfo;
+ }
+
+ /**
+ * 사용자 확장정보 조회
+ * return : Properties
+ * 사용자가 존재하지 않거나 확장필드가 없다면 return null
+ */
+ public Properties getUserExFields(String userid)
+ throws Exception {
+ NXContext context = getContext();
+ NXUserAPI userAPI = new NXUserAPI(context);
+ Properties prop = null;
+ NXExternalFieldSet nxefs = null;
+
+ try {
+ nxefs = userAPI.getUserExternalFields(userid);
+ prop = new Properties();
+
+ if (nxefs != null) {
+ Iterator iter = nxefs.iterator();
+ while(iter.hasNext()) {
+ NXExternalField nxef = (NXExternalField) iter.next();
+ if(nxef.getName().equals("PASSINIT")){
+ String sPassintVal = (String) nxef.getValue();
+ prop.setProperty(nxef.getName(), sPassintVal.equals("") ? "0" : sPassintVal);
+ }
+ else
+ prop.setProperty(nxef.getName(), (String) nxef.getValue());
+ //System.out.println("확장 필드 " + nxef.getName() + " : " + nxef.getValue());
+ }
+ } else {
+ // prop is null
+ }
+ } catch (EmptyResultException e) {
+ // 사용자가 존재하지 않거나 확장필드가 없음
+ } catch (APIException e) {
+ throw e;
+ //e.printStackTrace();
+ }
+ //System.out.println("getUserExFields:[" + prop + "]");
+ return prop;
+ }
+
+ /**
+ * 사용자의 특정 확장 필드 정보 조회
+ * return : String
+ * 사용자가 존재하지 않거나 확장필드가 없다면 return null
+ */
+ public String getUserExField(String userid, String exName)
+ throws Exception {
+ NXContext context = getContext();
+ NXUserAPI userAPI = new NXUserAPI(context);
+ NXExternalField nxef = null;
+ String returnValue = null;
+
+ try {
+
+System.out.println("getUserExField==="+ userid ) ;
+ nxef = userAPI.getUserExternalField(userid, exName);
+System.out.println("nxef==="+ (String) nxef.getValue() ) ;
+ returnValue = (String) nxef.getValue();
+ } catch (EmptyResultException e) {
+ // 사용자가 존재하지 않거나 확장필드가 없음
+ } catch (APIException e) {
+ throw e;
+ //e.printStackTrace();
+ } catch (IllegalArgumentException e) {
+ throw e;
+ //e.printStackTrace();
+ }
+ /*
+ System.out.println("getUserExField:[" + userid + ":"
+ + exName + ":" + returnValue+ "]");
+ */
+ return returnValue;
+ }
+
+%>
diff --git a/kjb-docs/sso/login_exec.jsp b/kjb-docs/sso/login_exec.jsp
new file mode 100644
index 0000000..2d2b41f
--- /dev/null
+++ b/kjb-docs/sso/login_exec.jsp
@@ -0,0 +1,69 @@
+<%@ page language="java" contentType="text/html;charset=EUC-KR" %>
+<%@ include file="./config.jsp" %>
+<%
+
+ String uurl = null;
+ String sso_id = null;
+ String service_id = null;
+ String ext_info = null;
+ String retCode = null;
+ //http://test.kjbank.com:8080/se/login_exec.jsp : 꼭 도메인으로 호출해야 된다.
+ //1.SSO ID 수신
+ sso_id = getSsoId(request);
+
+ // 2. UURL 수신
+ uurl = request.getParameter("UURL");
+
+ if (sso_id == null) {
+ //uurl 이 없다면, 근데 여기서 uurl 은 뭘 체크하는거지? uurl 에 test.kjbank.com:8080/se/login_exec.jsp 를 넣는구나.
+ if (uurl == null) uurl = ASCP_URL;
+
+ // 3. SSO 인증 정보가 없으면 통합 로그인 페이지로 이동
+ goLoginPage(response, uurl);
+ return;
+ } else {
+
+ //4.쿠키 유효성 확인 :0(정상)
+ retCode = getEamSessionCheck(request,response);
+
+ if(!retCode.equals("0")){
+ goErrorPage(response, Integer.parseInt(retCode));
+ return;
+ }
+ /***********************************************************************************
+ * < TO-DO >
+ * SSO 통합 인증이 완료되었으므로, 업무 시스템 로그인은 건너뛰도록 코드를 수정합니다.
+ * SSO 에서 제공한 사번은 sso_id 변수에 저장되어 있습니다.
+ * 시스템에서 필요로 하는 세션 정보를 세팅 코드를 여기에 작성합니다.
+ ************************************************************************************/
+
+ //5 확장 정보 조회
+ ext_info = getUserExField(sso_id, "CELLPHONENO");
+ service_id = SERVICE_NAME;
+ System.out.println ("SERVICE_NAME : " + service_id);
+ //
+ //6.업무시스템에 읽을 사용자 아이디를 세션으로 생성
+ /* 변경 전
+ String EAM_ID = (String)session.getAttribute("SSO_ID");
+ if(EAM_ID == null || EAM_ID.equals("")) {
+ session.setAttribute("SSO_ID", sso_id);
+ session.setAttribute("APP_ID", service_id);
+ session.setAttribute("EXT_INFO", ext_info);
+ session.setAttribute("RET_CODE", retCode);
+ }
+ */
+
+
+ /*변경 후*/
+ if(!sso_id.replace(" ", "").equals("")) {
+ session.setAttribute("SSO_ID", sso_id);
+ session.setAttribute("APP_ID", service_id);
+ session.setAttribute("EXT_INFO", ext_info);
+ session.setAttribute("RET_CODE", retCode);
+ }
+
+ //7.업무시스템 페이지 호출(세션 페이지 또는 메인페이지 지정) --> 업무시스템에 맞게 URL 수정!
+ response.sendRedirect(SERVER_URL + ":" + SERVER_PORT + "/se/app01.jsp");
+ }
+%>
+
diff --git a/kjb-docs/sso/광주은행_SSO연동가이드.zip b/kjb-docs/sso/광주은행_SSO연동가이드.zip
new file mode 100644
index 0000000..6e533e9
Binary files /dev/null and b/kjb-docs/sso/광주은행_SSO연동가이드.zip differ
diff --git a/src/main/java/com/eactive/ext/kjb/common/KjbProperty.java b/src/main/java/com/eactive/ext/kjb/common/KjbProperty.java
index 7b3459b..8e14209 100644
--- a/src/main/java/com/eactive/ext/kjb/common/KjbProperty.java
+++ b/src/main/java/com/eactive/ext/kjb/common/KjbProperty.java
@@ -73,7 +73,7 @@ public class KjbProperty {
@KjbPropertyValue(key = "kjb.obp.url")
@Pattern(regexp = "^(https?://[^\\s/$.?#][^\\s]*)|\\s*$", message = "kjb.obp.url 는 유효한 URL 형식이거나 공백이어야 합니다. 예: http://example.com/api")
- private int obpUrl;
+ private String obpUrl;
@KjbPropertyValue(key = "kjb.obp.trust_system.key", defaultValue = "x-obp-trust-system")
@NotEmpty
@@ -103,6 +103,37 @@ public class KjbProperty {
@KjbPropertyValue(key = "kjb.obp.url.organization_fmt", defaultValue = "/api/customer/findCustomerByBusinessManRegistrationNo/%s")
@NotEmpty
private String obpUrlOrganizationFmt = "/api/customer/findCustomerByBusinessManRegistrationNo/%s";
+
+
+ // 광주은행 SSO
+
+ @KjbPropertyValue(key = "kjb.url", defaultValue = "https://manage-eapim.kjbank.com")
+ @NotEmpty
+ private String url = "https://manage-eapim.kjbank.com";
+
+ @KjbPropertyValue(key = "kjb.sso.ascp_url", defaultValue = "/sso/login.do")
+ @NotEmpty
+ private String ssoAscpUri = "/sso/login.do";
+
+// @KjbPropertyValue(key = "kjb.sso.domain", defaultValue = "sso.kjbank.com")
+// @NotEmpty
+// private String ssoDomain = "sso.kjbank.com";
+//
+// @KjbPropertyValue(key = "kjb.sso.nd_server", defaultValue = "http://sso.kjbank.com:5480")
+// @NotEmpty
+// private String ssoNdServer = "http://sso.kjbank.com:5480";
+//
+// @KjbPropertyValue(key = "kjb.sso.timeout", defaultValue = "15000")
+// @Min(1)
+// private int ssoTimeout = 15000;
+//
+// @KjbPropertyValue(key = "kjb.sso.cookie_padding", defaultValue = "_V42")
+// @Min(1)
+// private String ssoCookiePadding = "_V42";
+//
+// @KjbPropertyValue(key = "kjb.sso.service_name", defaultValue = "eapim-admin")
+// @Min(1)
+// private String ssoServiceName = "eapim-admin";
}
diff --git a/src/main/java/com/eactive/ext/kjb/sso/ExtendedInfo.java b/src/main/java/com/eactive/ext/kjb/sso/ExtendedInfo.java
new file mode 100644
index 0000000..686012f
--- /dev/null
+++ b/src/main/java/com/eactive/ext/kjb/sso/ExtendedInfo.java
@@ -0,0 +1,38 @@
+package com.eactive.ext.kjb.sso;
+
+import lombok.Getter;
+
+public enum ExtendedInfo {
+ DATEOFBIRTH("생년월일 + 성별"),
+ CELLPHONENO("핸드폰"),
+ UPPERTCODE("모점점번코드"),
+ PARTCODE("소속부점코드"),
+ LEGACYDEPTCODE("인사부서코드"),
+ LEGACYDEPTNAME("인사부서명"),
+ LEGACYPOSITIONCODE("인사직위코드"),
+ LEGACYPOSITIONNAME("인사직위명"),
+ LEGACYFUNCTIONCODE("인사직책코드"),
+ LEGACYFUNCTIONNAME("인사직책명"),
+ LEGACYROLLCODE("인사직무코드"),
+ LEGACYROLLNAME("인사직무명"),
+ LEGACYOFCLEVELCODE("인사직급코드"),
+ LEGACYOFCLEVELNAME("인사직급명"),
+ PART_GBN("본부(1), 영업점(2)"),
+ STATUS("재직(1),휴가(2),퇴직(9)"),
+ CEF_APPOINTDATE("최종방령일"),
+ OTHERDEPTCODE("겸직/파견 부서코드"),
+ OTHERDEPTNAME("겸직/파견 부서명"),
+ OTHERPOSITIONCODE("겸직/파견 직위코드"),
+ OTHERFIUNCTIONCODE("겸직/파견 직책코드"),
+ OTHERROLLCODE("겸직/파견 직무코드"),
+ OTHEROFCLEVELCODE("겸직/파견 직급코드")
+ ;
+
+
+ @Getter
+ private final String description;
+
+ ExtendedInfo(String description) {
+ this.description = description;
+ }
+}
diff --git a/src/main/java/com/eactive/ext/kjb/sso/KjbSsoModule.java b/src/main/java/com/eactive/ext/kjb/sso/KjbSsoModule.java
new file mode 100644
index 0000000..7d1b6df
--- /dev/null
+++ b/src/main/java/com/eactive/ext/kjb/sso/KjbSsoModule.java
@@ -0,0 +1,302 @@
+package com.eactive.ext.kjb.sso;
+
+import com.eactive.ext.kjb.common.KjbProperty;
+import com.initech.eam.api.*;
+import com.initech.eam.base.APIException;
+import com.initech.eam.base.EmptyResultException;
+import com.initech.eam.nls.CookieManager;
+import com.initech.eam.smartenforcer.SECode;
+import lombok.Getter;
+import lombok.extern.slf4j.Slf4j;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.util.Collections;
+import java.util.Iterator;
+import java.util.Properties;
+import java.util.Vector;
+
+@Slf4j
+public class KjbSsoModule {
+ private static KjbSsoModule instance;
+
+ private KjbProperty prop;
+ private final NXContext context;
+ @Getter
+ private final Vector providerList;
+
+
+ /***[SERVICE CONFIGURATION]***********************************************************************/
+ private final String SERVICE_NAME = "eapim-admin";
+ @Getter
+ private final String ascpUrl;
+
+ /***[SSO CONFIGURATION]**]***********************************************************************/
+ private final String NLS_URL = "http://sso.kjbank.com";
+ private final String NLS_PORT = "13890";
+ private final String NLS_LOGIN_URL = NLS_URL + ":" + NLS_PORT + "/nls3/clientLogin.jsp";
+ private final String NLS_LOGOUT_URL= NLS_URL + ":" + NLS_PORT + "/nls3/NCLogout.jsp";
+ private final String NLS_ERROR_URL = NLS_URL + ":" + NLS_PORT + "/nls3/error.jsp";
+
+ /***[SSO ND LIST 운영]**]***********************************************************************/
+ private final static String ND_URL1 = "http://sso.kjbank.com:5480";
+ private final static Vector PROVIDER_LIST = new Vector();
+ private final static int COOKIE_SESSTION_TIME_OUT = 3000000;
+
+ // 인증 타입 (ID/PW 방식 : 1, 인증서 : 3)
+ private final String TOA = "1";
+ private final String PROVIDER_DOMAIN = "sso.kjbank.com";
+ private final String SSO_DOMAIN = ".kjbank.com";
+ private final String COOKIE_PADDING = "_V42";
+
+ private static final int timeout = 15000;
+
+
+ public synchronized static KjbSsoModule getInstance(KjbProperty kjbProperty) {
+ if (instance == null) {
+ instance = new KjbSsoModule(kjbProperty);
+ }
+ return instance;
+ }
+
+ private KjbSsoModule(KjbProperty kjbProperty) {
+ this.prop = kjbProperty;
+
+ context = new NXContext(Collections.singletonList(ND_URL1), timeout);
+
+ ascpUrl = prop.getUrl() + prop.getSsoAscpUri();
+
+ this.providerList = new Vector<>();
+ providerList.add(PROVIDER_DOMAIN);
+
+ CookieManager.setEncStatus(true);
+ SECode.setCookiePadding(COOKIE_PADDING);
+ }
+
+
+ /**
+ * 통합 SSO ID 조회
+ * @param request
+ * @return
+ */
+ public String getSsoId(HttpServletRequest request) {
+ String sso_id = null;
+ sso_id = CookieManager.getCookieValue(SECode.USER_ID, request);
+ return sso_id;
+ }
+
+ public String getSystemAccount(String sso_id) {
+ NXUserAPI userAPI = null;
+ String retValue = null;
+
+ try {
+ userAPI = new NXUserAPI(context);
+ log.info("##############################################");
+ log.info("sso_id 2: "+sso_id);
+ log.info("SERVICE_NAME : "+ SERVICE_NAME);
+ log.info("##############################################");
+ NXAccount account = userAPI.getUserAccount(sso_id, SERVICE_NAME);
+ log.info(account.toString());
+ retValue = account.getAccountName();
+ log.info("retValue = " + retValue);
+ } catch (Exception e) {
+ log.error("KjbSsoModule Exception", e);
+ }
+ return retValue;
+ }
+
+ /**
+ * 통합 SSO 로그인페이지 이동
+ * @param response
+ * @param uurl
+ * @throws Exception
+ */
+ public void goLoginPage(HttpServletResponse response, String uurl)
+ throws Exception {
+ CookieManager.addCookie(SECode.USER_URL, uurl, ".kjbank.com", response);
+ CookieManager.addCookie(SECode.R_TOA, TOA, ".kjbank.com", response);
+ response.sendRedirect(NLS_LOGIN_URL + "?UURL=" + uurl);
+ }
+
+ /**
+ * 통합 SSO 로그인페이지 이동
+ * @param response
+ * @throws Exception
+ */
+ public void goLoginPage(HttpServletResponse response) throws Exception {
+ CookieManager.addCookie(SECode.USER_URL, ascpUrl, SSO_DOMAIN, response);
+ CookieManager.addCookie(SECode.R_TOA, TOA, SSO_DOMAIN, response);
+ response.sendRedirect(NLS_LOGIN_URL);
+ }
+
+ /**
+ * 통합인증 세션을 체크 하기 위하여 사용되는 API
+ * @param request
+ * @param response
+ * @return
+ */
+ public String getEamSessionCheck(HttpServletRequest request,HttpServletResponse response){
+ String retCode = "";
+ try {
+ retCode = CookieManager.verifyNexessCookie(request, response, 10, COOKIE_SESSTION_TIME_OUT,PROVIDER_LIST);
+ } catch(Exception npe) {
+ npe.printStackTrace();
+ }
+ return retCode;
+ }
+
+ /**
+ * ND API를 사용해서 쿠키검증하는것(현재 표준에서는 사용안함, 근데 해도 되기는 함)
+ * @param request
+ * @param response
+ * @return
+ */
+ public String getEamSessionCheck2(HttpServletRequest request,HttpServletResponse response)
+ {
+ String retCode = "";
+ try {
+ NXNLSAPI nxNLSAPI = new NXNLSAPI(context);
+ retCode = nxNLSAPI.readNexessCookie(request, response, 0, 0);
+ } catch(Exception npe) {
+ log.error("KjbSsoModule-getEamSessionCheck2 Exception", npe);
+ }
+ return retCode;
+ }
+
+ /**
+ * SSO 에러페이지 URL
+ * @param response
+ * @param error_code
+ * @throws Exception
+ */
+ public void goErrorPage(HttpServletResponse response, int error_code)throws Exception {
+ CookieManager.removeNexessCookie(SSO_DOMAIN, response);
+ CookieManager.addCookie(SECode.USER_URL, ascpUrl, SSO_DOMAIN, response);
+ response.sendRedirect(NLS_ERROR_URL + "?errorCode=" + error_code);
+ }
+
+ /**
+ * 사용자 기본정보 가져오기.
+ * @param userid
+ * @return Properties
+ */
+ public Properties getUserInfos(String userid) throws Exception {
+ NXUserAPI userAPI = new NXUserAPI(context);
+ Properties propt = null;
+
+ if (userid==null || userid.length() <= 0)
+ return propt;
+
+ try {
+ NXUserInfo userInfo = userAPI.getUserInfo(userid);
+ propt = new Properties();
+ propt.setProperty("USERID", userInfo.getUserId());
+ propt.setProperty("EMAIL", userInfo.getEmail());
+ propt.setProperty("ENABLE", String.valueOf(userInfo.getEnable()));
+ propt.setProperty("STARTVALID", userInfo.getStartValid());
+ propt.setProperty("ENDVALID", userInfo.getEndValid());
+ propt.setProperty("NAME", userInfo.getName());
+ propt.setProperty("ENCPASSWD", userInfo.getEncpasswd());
+ propt.setProperty("LASTPASSWDCHANGE", userInfo.getLastpasswdchange());
+ propt.setProperty("LastLoginIP", userInfo.getLastLoginIp());
+ propt.setProperty("LastLoginTime", userInfo.getLastLoginTime());
+ propt.setProperty("LastLoginAuthLevel", userInfo.getLastLoginAuthLevel());
+
+ } catch (Exception e) {
+ log.error("KjbSsoModule-getUserInfos Exception", e);
+ throw e;
+ }
+
+ return propt;
+ }
+
+ /**
+ * 사용자의 기본정보 중에서 입력된 키 값만 가지고 온다.
+ * @param userid
+ * @param key
+ * @return
+ * @throws Exception
+ */
+ public String getUserInfo(String userid, String key) throws Exception {
+ if(userid==null|| userid.isEmpty()) return null;
+
+ String userInfo = "";
+
+ try{
+ Properties propt = getUserInfos(userid);
+ userInfo = propt.getProperty(key);
+ } catch (Exception e) {
+ log.error("KjbSsoModule-getUserInfos Exception", e);
+ throw e;
+ }
+ return userInfo;
+ }
+
+ /**
+ * 사용자 확장정보 조회
+ * return : Properties
+ * 사용자가 존재하지 않거나 확장필드가 없다면 return null
+ */
+ @SuppressWarnings("rawtypes")
+ public Properties getUserExFields(String userid)
+ throws Exception {
+ NXUserAPI userAPI = new NXUserAPI(context);
+ Properties prop = null;
+ NXExternalFieldSet nxefs = null;
+
+ try {
+ nxefs = userAPI.getUserExternalFields(userid);
+ prop = new Properties();
+
+ if (nxefs != null) {
+ Iterator iter = nxefs.iterator();
+ while(iter.hasNext()) {
+ NXExternalField nxef = (NXExternalField) iter.next();
+ if(nxef.getName().equals("PASSINIT")){
+ String sPassintVal = (String) nxef.getValue();
+ prop.setProperty(nxef.getName(), sPassintVal.equals("") ? "0" : sPassintVal);
+ }
+ else
+ prop.setProperty(nxef.getName(), (String) nxef.getValue());
+ //System.out.println("확장 필드 " + nxef.getName() + " : " + nxef.getValue());
+ }
+ } else {
+ // prop is null
+ log.debug("KjbSsoModule-getUserExFields property is null");
+ }
+ } catch (EmptyResultException e) {
+ // 사용자가 존재하지 않거나 확장필드가 없음
+ } catch (APIException e) {
+ throw e;
+ //e.printStackTrace();
+ }
+ //System.out.println("getUserExFields:[" + prop + "]");
+ return prop;
+ }
+
+ /**
+ * 사용자의 특정 확장 필드 정보 조회
+ * return : String
+ * 사용자가 존재하지 않거나 확장필드가 없다면 return null
+ */
+ public String getUserExField(String userid, String exName)
+ throws Exception {
+ NXUserAPI userAPI = new NXUserAPI(context);
+ NXExternalField nxef = null;
+ String returnValue = null;
+
+ try {
+ log.debug("KjbSsoModule-getUserExField userid : {}", userid);
+ nxef = userAPI.getUserExternalField(userid, exName);
+ log.debug("KjbSsoModule-getUserExField nxef === {}", nxef.getValue());
+ returnValue = (String) nxef.getValue();
+ } catch (EmptyResultException e) {
+ // 사용자가 존재하지 않거나 확장필드가 없음
+ } catch (Exception e) {
+ log.error("KjbSsoModule-getUserExField Exception", e);
+ throw e;
+ }
+
+ return returnValue;
+ }
+}