sso 테스트 코드 적용

This commit is contained in:
Rinjae
2025-11-26 21:28:10 +09:00
parent 0f760aeb42
commit 7c19f9863b
5 changed files with 484 additions and 0 deletions
+48
View File
@@ -0,0 +1,48 @@
<%@ page language="java" contentType="text/html; charset=EUC-KR"
pageEncoding="EUC-KR"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<%
String user_id = (String)session.getAttribute("SSO_ID");
String app_id = (String)session.getAttribute("APP_ID");
String ext_info = (String)session.getAttribute("EXT_INFO");
String retCode = (String)session.getAttribute("RET_CODE");
%>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=EUC-KR">
<title>Insert title here</title>
</head>
<body>
<h4>Single Sign On [<%=user_id %>]</h4>
<font size=2>
<b>[ 업무시스템 - (SAMPLE_APP)]</b>
</font>
<table border=0 width=700 cellpadding=4 cellspacing=1 style="border: solid 1px;">
<tr>
<td width=200 bgcolor=#C3C3C3><font size=2>* 사용자ID</font></td>
<td><font size=2><%=user_id%></font></td>
</tr>
<tr>
<td width=200 bgcolor=#C3C3C3><font size=2>* SERVICE_NAME</font></td>
<td><font size=2><%=app_id%></font></td>
</tr>
<tr>
<td width=200 bgcolor=#C3C3C3><font size=2>* 확장정보</font></td>
<td><font size=2><%=ext_info%></font></td>
</tr>
<tr>
<td width=200 bgcolor=#C3C3C3><font size=2>* 인증토큰 상태</font></td>
<td><font size=2>retCode = [<%=retCode%>] (1000:누락, 1001:시간, 1002:비정상)</font></td>
</tr>
</table>
<hr width=700 align=left>
</body>
</html>
+295
View File
@@ -0,0 +1,295 @@
<%@ page
import="sun.misc.*,
java.util.*,
java.math.*,
java.net.*,
com.initech.eam.nls.*,
com.initech.eam.api.*,
com.initech.eam.base.*,
com.initech.eam.nls.command.*,
com.initech.eam.smartenforcer.*,
examples.api.*"
%>
<%@page import="com.initech.eam.nls.CookieManager"%>
<%!
/**[INISAFE NEXESS JAVA AGENT]**********************************************************************
* 업무시스템 설정 사항 (업무 환경에 맞게 변경)
***************************************************************************************************/
/***[SERVICE CONFIGURATION]***********************************************************************/
private String SERVICE_NAME = "Web";
private String SERVER_URL = "http://test.kjbank.com";
private String SERVER_PORT = "8080";
private String ASCP_URL = SERVER_URL + ":" + SERVER_PORT + "/se/login_exec.jsp";
/*************************************************************************************************/
/***[SSO CONFIGURATION]**]***********************************************************************/
private String NLS_URL = "http://sso.kjbank.com";
private String NLS_PORT = "13890";
private String NLS_LOGIN_URL = NLS_URL + ":" + NLS_PORT + "/nls3/clientLogin.jsp";
private String NLS_LOGOUT_URL= NLS_URL + ":" + NLS_PORT + "/nls3/NCLogout.jsp";
private String NLS_ERROR_URL = NLS_URL + ":" + NLS_PORT + "/nls3/error.jsp";
/***[SSO ND LIST 운영]**]***********************************************************************/
private static String ND_URL1 = "http://sso.kjbank.com:5480";
private static Vector PROVIDER_LIST = new Vector();
private static final int COOKIE_SESSTION_TIME_OUT = 3000000;
// 인증 타입 (ID/PW 방식 : 1, 인증서 : 3)
private String TOA = "1";
private String SSO_DOMAIN = ".kjbank.com";
private static final int timeout = 15000;
private static NXContext context = null;
static{
List<String> serverurlList = new ArrayList<String>();
serverurlList.add(ND_URL1);
context = new NXContext(serverurlList,timeout);
CookieManager.setEncStatus(true);
PROVIDER_LIST.add("sso.kjbank.com");
SECode.setCookiePadding("_V42");
}
// by Kang
public NXContext getContext()
{
NXContext context = null;
try
{
List serverurlList = new ArrayList();
serverurlList.add(ND_URL1);
context = new NXContext(serverurlList);
CookieManager.setEncStatus(true);
PROVIDER_LIST.add("sso.kjbank.com");
//NLS3 web.xml의 CookiePadding 값과 같아야 한다. 안그럼 검증 페일남
SECode.setCookiePadding("_V42");
}
catch (Exception e)
{
e.printStackTrace();
}
return context;
}
// 통합 SSO ID 조회
public String getSsoId(HttpServletRequest request) {
String sso_id = null;
sso_id = CookieManager.getCookieValue(SECode.USER_ID, request);
return sso_id;
}
public String getSystemAccount(String sso_id) {
NXContext context = null;
NXUserAPI userAPI = null;
String retValue = null;
try {
context = getContext();
userAPI = new NXUserAPI(context);
System.out.println("##############################################");
System.out.println("sso_id 2: "+sso_id);
System.out.println("SERVICE_NAME : "+SERVICE_NAME);
System.out.println("##############################################");
NXAccount account = userAPI.getUserAccount(sso_id, SERVICE_NAME);
System.out.println(account.toString());
retValue = account.getAccountName();
System.out.println("retValue = " + retValue);
} catch (Exception e) {
e.printStackTrace();
}
return retValue;
}
// 통합 SSO 로그인페이지 이동
public void goLoginPage(HttpServletResponse response, String uurl)
throws Exception {
com.initech.eam.nls.CookieManager.addCookie(SECode.USER_URL, uurl, SSO_DOMAIN, response);
com.initech.eam.nls.CookieManager.addCookie(SECode.R_TOA, TOA, SSO_DOMAIN, response);
response.sendRedirect(NLS_LOGIN_URL + "?UURL=" + uurl);
}
// 통합 SSO 로그인페이지 이동
public void goLoginPage(HttpServletResponse response)throws Exception {
CookieManager.addCookie(SECode.USER_URL, ASCP_URL, SSO_DOMAIN, response);
CookieManager.addCookie(SECode.R_TOA, TOA, SSO_DOMAIN, response);
response.sendRedirect(NLS_LOGIN_URL);
}
// 통합인증 세션을 체크 하기 위하여 사용되는 API
public String getEamSessionCheck(HttpServletRequest request,HttpServletResponse response){
String retCode = "";
try {
retCode = CookieManager.verifyNexessCookie(request, response, 10, COOKIE_SESSTION_TIME_OUT,PROVIDER_LIST);
} catch(Exception npe) {
npe.printStackTrace();
}
return retCode;
}
//ND API를 사용해서 쿠키검증하는것(현재 표준에서는 사용안함, 근데 해도 되기는 함)
public String getEamSessionCheck2(HttpServletRequest request,HttpServletResponse response)
{
String retCode = "";
try {
NXNLSAPI nxNLSAPI = new NXNLSAPI(context);
retCode = nxNLSAPI.readNexessCookie(request, response, 0, 0);
} catch(Exception npe) {
npe.printStackTrace();
}
return retCode;
}
// SSO 에러페이지 URL
public void goErrorPage(HttpServletResponse response, int error_code)throws Exception {
CookieManager.removeNexessCookie(SSO_DOMAIN, response);
CookieManager.addCookie(SECode.USER_URL, ASCP_URL, SSO_DOMAIN, response);
response.sendRedirect(NLS_ERROR_URL + "?errorCode=" + error_code);
}
/**
* 사용자 기본정보 가져오기.
* @param String userid
* @return Properties
*/
public Properties getUserInfos(String userid) throws Exception {
NXContext context = null;
context = getContext();
NXUserAPI userAPI = new NXUserAPI(context);
Properties propt = null;
if (userid==null || userid.length() <= 0)
return propt;
try {
NXUserInfo userInfo = userAPI.getUserInfo(userid);
propt = new Properties();
//System.out.println("userInfo.getName()=["+userInfo.getName()+"]");
propt.setProperty("USERID", userInfo.getUserId());
propt.setProperty("EMAIL", userInfo.getEmail());
propt.setProperty("ENABLE", String.valueOf(userInfo.getEnable()));
propt.setProperty("STARTVALID", userInfo.getStartValid());
propt.setProperty("ENDVALID", userInfo.getEndValid());
propt.setProperty("NAME", userInfo.getName());
propt.setProperty("ENCPASSWD", userInfo.getEncpasswd());
propt.setProperty("LASTPASSWDCHANGE", userInfo.getLastpasswdchange());
propt.setProperty("LastLoginIP", userInfo.getLastLoginIp());
propt.setProperty("LastLoginTime", userInfo.getLastLoginTime());
propt.setProperty("LastLoginAuthLevel", userInfo.getLastLoginAuthLevel());
} catch (EmptyResultException e) {
e.printStackTrace();
} catch (APIException e) {
e.printStackTrace();
} catch (Exception e) {
e.printStackTrace();
}
return propt;
}
/**
* 사용자의 기본정보 중에서 입력된 키 값만 가지고 온다.
* @param String userid
* @param String key
* @return String
*/
public String getUserInfo(String userid, String key) throws Exception {
if(userid==null||userid.length()<1) return null;
String userInfo = "";
try{
Properties propt = getUserInfos(userid);
userInfo = propt.getProperty(key);
} catch (Exception e) {
//throw e;
e.printStackTrace();
}
return userInfo;
}
/**
* 사용자 확장정보 조회
* return : Properties
* 사용자가 존재하지 않거나 확장필드가 없다면 return null
*/
public Properties getUserExFields(String userid)
throws Exception {
NXContext context = getContext();
NXUserAPI userAPI = new NXUserAPI(context);
Properties prop = null;
NXExternalFieldSet nxefs = null;
try {
nxefs = userAPI.getUserExternalFields(userid);
prop = new Properties();
if (nxefs != null) {
Iterator iter = nxefs.iterator();
while(iter.hasNext()) {
NXExternalField nxef = (NXExternalField) iter.next();
if(nxef.getName().equals("PASSINIT")){
String sPassintVal = (String) nxef.getValue();
prop.setProperty(nxef.getName(), sPassintVal.equals("") ? "0" : sPassintVal);
}
else
prop.setProperty(nxef.getName(), (String) nxef.getValue());
//System.out.println("확장 필드 " + nxef.getName() + " : " + nxef.getValue());
}
} else {
// prop is null
}
} catch (EmptyResultException e) {
// 사용자가 존재하지 않거나 확장필드가 없음
} catch (APIException e) {
throw e;
//e.printStackTrace();
}
//System.out.println("getUserExFields:[" + prop + "]");
return prop;
}
/**
* 사용자의 특정 확장 필드 정보 조회
* return : String
* 사용자가 존재하지 않거나 확장필드가 없다면 return null
*/
public String getUserExField(String userid, String exName)
throws Exception {
NXContext context = getContext();
NXUserAPI userAPI = new NXUserAPI(context);
NXExternalField nxef = null;
String returnValue = null;
try {
System.out.println("getUserExField==="+ userid ) ;
nxef = userAPI.getUserExternalField(userid, exName);
System.out.println("nxef==="+ (String) nxef.getValue() ) ;
returnValue = (String) nxef.getValue();
} catch (EmptyResultException e) {
// 사용자가 존재하지 않거나 확장필드가 없음
} catch (APIException e) {
throw e;
//e.printStackTrace();
} catch (IllegalArgumentException e) {
throw e;
//e.printStackTrace();
}
/*
System.out.println("getUserExField:[" + userid + ":"
+ exName + ":" + returnValue+ "]");
*/
return returnValue;
}
%>
+69
View File
@@ -0,0 +1,69 @@
<%@ page language="java" contentType="text/html;charset=EUC-KR" %>
<%@ include file="./config.jsp" %>
<%
String uurl = null;
String sso_id = null;
String service_id = null;
String ext_info = null;
String retCode = null;
//http://test.kjbank.com:8080/se/login_exec.jsp : 꼭 도메인으로 호출해야 된다.
//1.SSO ID 수신
sso_id = getSsoId(request);
// 2. UURL 수신
uurl = request.getParameter("UURL");
if (sso_id == null) {
//uurl 이 없다면, 근데 여기서 uurl 은 뭘 체크하는거지? uurl 에 test.kjbank.com:8080/se/login_exec.jsp 를 넣는구나.
if (uurl == null) uurl = ASCP_URL;
// 3. SSO 인증 정보가 없으면 통합 로그인 페이지로 이동
goLoginPage(response, uurl);
return;
} else {
//4.쿠키 유효성 확인 :0(정상)
retCode = getEamSessionCheck(request,response);
if(!retCode.equals("0")){
goErrorPage(response, Integer.parseInt(retCode));
return;
}
/***********************************************************************************
* < TO-DO >
* SSO 통합 인증이 완료되었으므로, 업무 시스템 로그인은 건너뛰도록 코드를 수정합니다.
* SSO 에서 제공한 사번은 sso_id 변수에 저장되어 있습니다.
* 시스템에서 필요로 하는 세션 정보를 세팅 코드를 여기에 작성합니다.
************************************************************************************/
//5 확장 정보 조회
ext_info = getUserExField(sso_id, "CELLPHONENO");
service_id = SERVICE_NAME;
System.out.println ("SERVICE_NAME : " + service_id);
//
//6.업무시스템에 읽을 사용자 아이디를 세션으로 생성
/* 변경 전
String EAM_ID = (String)session.getAttribute("SSO_ID");
if(EAM_ID == null || EAM_ID.equals("")) {
session.setAttribute("SSO_ID", sso_id);
session.setAttribute("APP_ID", service_id);
session.setAttribute("EXT_INFO", ext_info);
session.setAttribute("RET_CODE", retCode);
}
*/
/*변경 후*/
if(!sso_id.replace(" ", "").equals("")) {
session.setAttribute("SSO_ID", sso_id);
session.setAttribute("APP_ID", service_id);
session.setAttribute("EXT_INFO", ext_info);
session.setAttribute("RET_CODE", retCode);
}
//7.업무시스템 페이지 호출(세션 페이지 또는 메인페이지 지정) --> 업무시스템에 맞게 URL 수정!
response.sendRedirect(SERVER_URL + ":" + SERVER_PORT + "/se/app01.jsp");
}
%>
@@ -0,0 +1,68 @@
package com.eactive.eai.rms.ext.kjb.sso;
import com.eactive.eai.rms.data.entity.man.monitoringProperty.service.MonitoringPropertyService;
import com.eactive.ext.kjb.common.KjbProperty;
import com.eactive.ext.kjb.sso.ExtendedInfo;
import com.eactive.ext.kjb.sso.KjbSsoModule;
import com.eactive.ext.kjb.util.KjbPropertyInjector;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang3.StringUtils;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.Arrays;
import java.util.Properties;
@Slf4j
@Controller
public class SsoController {
public static final String PROP_GORUP_ID = "Monitoring";
private final KjbPropertyInjector kjbPropertyInjector;
private final KjbSsoModule ssoModule;
private final KjbProperty prop;
public SsoController(MonitoringPropertyService monitoringPropertyService) {
this.kjbPropertyInjector = new KjbPropertyInjector(monitoringPropertyService, PROP_GORUP_ID);
prop = kjbPropertyInjector.inject(new KjbProperty());
this.ssoModule = KjbSsoModule.getInstance(prop);
}
@RequestMapping(value = "/sso/login.do")
public String login(HttpServletRequest req, HttpServletResponse res,
@RequestParam("UURL") String uurl) throws Exception {
String ssoId = ssoModule.getSsoId(req);
log.debug("ssoId : {}", ssoId);
log.debug("uurl : {}", uurl);
if (StringUtils.isEmpty(uurl)) {
uurl = ssoModule.getAscpUrl();
}
if (ssoId == null) {
ssoModule.goLoginPage(res, uurl);
return null;
} else {
String retCode = ssoModule.getEamSessionCheck(req, res);
log.debug("retCode : {}", retCode);
if ("0".equalsIgnoreCase(retCode)) {
ssoModule.goErrorPage(res, Integer.parseInt(retCode));
return null;
}
Properties extendedInfo = ssoModule.getUserExFields(ssoId);
extendedInfo.keySet().forEach( k -> {
log.debug("{} : {}", k, extendedInfo.get(k));
});
return "redirect:/main.do";
}
}
}
@@ -19,6 +19,10 @@ public class KjbPropertyInjector {
this.groupId = groupId;
}
public KjbProperty inject() {
return inject(new KjbProperty());
}
public <T> T inject(T property) {
Class<?> clazz = property.getClass();