From 7c19f9863b386ddc853cddd352b1b07438a16fc2 Mon Sep 17 00:00:00 2001 From: Rinjae Date: Wed, 26 Nov 2025 21:28:10 +0900 Subject: [PATCH] =?UTF-8?q?sso=20=ED=85=8C=EC=8A=A4=ED=8A=B8=20=EC=BD=94?= =?UTF-8?q?=EB=93=9C=20=EC=A0=81=EC=9A=A9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- WebContent/sso/app01.jsp | 48 +++ WebContent/sso/config.jsp | 295 ++++++++++++++++++ WebContent/sso/login_exec.jsp | 69 ++++ .../eai/rms/ext/kjb/sso/SsoController.java | 68 ++++ .../ext/kjb/util/KjbPropertyInjector.java | 4 + 5 files changed, 484 insertions(+) create mode 100644 WebContent/sso/app01.jsp create mode 100644 WebContent/sso/config.jsp create mode 100644 WebContent/sso/login_exec.jsp create mode 100644 src/main/java/com/eactive/eai/rms/ext/kjb/sso/SsoController.java diff --git a/WebContent/sso/app01.jsp b/WebContent/sso/app01.jsp new file mode 100644 index 0000000..e75459c --- /dev/null +++ b/WebContent/sso/app01.jsp @@ -0,0 +1,48 @@ +<%@ page language="java" contentType="text/html; charset=EUC-KR" + pageEncoding="EUC-KR"%> + + +<% + String user_id = (String)session.getAttribute("SSO_ID"); + String app_id = (String)session.getAttribute("APP_ID"); + String ext_info = (String)session.getAttribute("EXT_INFO"); + String retCode = (String)session.getAttribute("RET_CODE"); + +%> + + + +Insert title here + + +

Single Sign On [<%=user_id %>]

+ + [ ý - (SAMPLE_APP)] + + + + + + + + + + + + + + + + + + + + + + + + +
* ID<%=user_id%>
* SERVICE_NAME<%=app_id%>
* Ȯ<%=ext_info%>
* ū retCode = [<%=retCode%>] (1000:, 1001:ð, 1002:)
+
+ + \ No newline at end of file diff --git a/WebContent/sso/config.jsp b/WebContent/sso/config.jsp new file mode 100644 index 0000000..653d772 --- /dev/null +++ b/WebContent/sso/config.jsp @@ -0,0 +1,295 @@ +<%@ page + import="sun.misc.*, + java.util.*, + java.math.*, + java.net.*, + com.initech.eam.nls.*, + com.initech.eam.api.*, + com.initech.eam.base.*, + com.initech.eam.nls.command.*, + com.initech.eam.smartenforcer.*, + examples.api.*" +%> +<%@page import="com.initech.eam.nls.CookieManager"%> +<%! +/**[INISAFE NEXESS JAVA AGENT]********************************************************************** +* 업무시스템 설정 사항 (업무 환경에 맞게 변경) +***************************************************************************************************/ + + +/***[SERVICE CONFIGURATION]***********************************************************************/ + private String SERVICE_NAME = "Web"; + private String SERVER_URL = "http://test.kjbank.com"; + private String SERVER_PORT = "8080"; + private String ASCP_URL = SERVER_URL + ":" + SERVER_PORT + "/se/login_exec.jsp"; +/*************************************************************************************************/ + + +/***[SSO CONFIGURATION]**]***********************************************************************/ + private String NLS_URL = "http://sso.kjbank.com"; + private String NLS_PORT = "13890"; + private String NLS_LOGIN_URL = NLS_URL + ":" + NLS_PORT + "/nls3/clientLogin.jsp"; + private String NLS_LOGOUT_URL= NLS_URL + ":" + NLS_PORT + "/nls3/NCLogout.jsp"; + private String NLS_ERROR_URL = NLS_URL + ":" + NLS_PORT + "/nls3/error.jsp"; + +/***[SSO ND LIST 운영]**]***********************************************************************/ + private static String ND_URL1 = "http://sso.kjbank.com:5480"; + + + private static Vector PROVIDER_LIST = new Vector(); + + private static final int COOKIE_SESSTION_TIME_OUT = 3000000; + + // 인증 타입 (ID/PW 방식 : 1, 인증서 : 3) + private String TOA = "1"; + private String SSO_DOMAIN = ".kjbank.com"; + + private static final int timeout = 15000; + private static NXContext context = null; + static{ + List serverurlList = new ArrayList(); + serverurlList.add(ND_URL1); + + context = new NXContext(serverurlList,timeout); + CookieManager.setEncStatus(true); + + PROVIDER_LIST.add("sso.kjbank.com"); + SECode.setCookiePadding("_V42"); + } + + // by Kang + public NXContext getContext() + { + NXContext context = null; + try + { + List serverurlList = new ArrayList(); + serverurlList.add(ND_URL1); + context = new NXContext(serverurlList); + CookieManager.setEncStatus(true); + + PROVIDER_LIST.add("sso.kjbank.com"); + //NLS3 web.xml의 CookiePadding 값과 같아야 한다. 안그럼 검증 페일남 + SECode.setCookiePadding("_V42"); + } + catch (Exception e) + { + e.printStackTrace(); + } + return context; + } + + // 통합 SSO ID 조회 + public String getSsoId(HttpServletRequest request) { + String sso_id = null; + sso_id = CookieManager.getCookieValue(SECode.USER_ID, request); + return sso_id; + } + + public String getSystemAccount(String sso_id) { + NXContext context = null; + NXUserAPI userAPI = null; + String retValue = null; + + try { + context = getContext(); + userAPI = new NXUserAPI(context); + System.out.println("##############################################"); + System.out.println("sso_id 2: "+sso_id); + System.out.println("SERVICE_NAME : "+SERVICE_NAME); + System.out.println("##############################################"); + NXAccount account = userAPI.getUserAccount(sso_id, SERVICE_NAME); + System.out.println(account.toString()); + retValue = account.getAccountName(); + System.out.println("retValue = " + retValue); + } catch (Exception e) { + e.printStackTrace(); + } + return retValue; + } + + // 통합 SSO 로그인페이지 이동 + public void goLoginPage(HttpServletResponse response, String uurl) + throws Exception { + com.initech.eam.nls.CookieManager.addCookie(SECode.USER_URL, uurl, SSO_DOMAIN, response); + com.initech.eam.nls.CookieManager.addCookie(SECode.R_TOA, TOA, SSO_DOMAIN, response); + response.sendRedirect(NLS_LOGIN_URL + "?UURL=" + uurl); + } + + // 통합 SSO 로그인페이지 이동 + public void goLoginPage(HttpServletResponse response)throws Exception { + CookieManager.addCookie(SECode.USER_URL, ASCP_URL, SSO_DOMAIN, response); + CookieManager.addCookie(SECode.R_TOA, TOA, SSO_DOMAIN, response); + response.sendRedirect(NLS_LOGIN_URL); + } + + // 통합인증 세션을 체크 하기 위하여 사용되는 API + public String getEamSessionCheck(HttpServletRequest request,HttpServletResponse response){ + String retCode = ""; + try { + retCode = CookieManager.verifyNexessCookie(request, response, 10, COOKIE_SESSTION_TIME_OUT,PROVIDER_LIST); + } catch(Exception npe) { + npe.printStackTrace(); + } + return retCode; + } + + //ND API를 사용해서 쿠키검증하는것(현재 표준에서는 사용안함, 근데 해도 되기는 함) + public String getEamSessionCheck2(HttpServletRequest request,HttpServletResponse response) + { + String retCode = ""; + try { + NXNLSAPI nxNLSAPI = new NXNLSAPI(context); + retCode = nxNLSAPI.readNexessCookie(request, response, 0, 0); + } catch(Exception npe) { + npe.printStackTrace(); + } + return retCode; + } + + // SSO 에러페이지 URL + public void goErrorPage(HttpServletResponse response, int error_code)throws Exception { + CookieManager.removeNexessCookie(SSO_DOMAIN, response); + CookieManager.addCookie(SECode.USER_URL, ASCP_URL, SSO_DOMAIN, response); + response.sendRedirect(NLS_ERROR_URL + "?errorCode=" + error_code); + } + + /** + * 사용자 기본정보 가져오기. + * @param String userid + * @return Properties + */ + public Properties getUserInfos(String userid) throws Exception { + + NXContext context = null; + context = getContext(); + + NXUserAPI userAPI = new NXUserAPI(context); + Properties propt = null; + + if (userid==null || userid.length() <= 0) + return propt; + + try { + NXUserInfo userInfo = userAPI.getUserInfo(userid); + propt = new Properties(); + //System.out.println("userInfo.getName()=["+userInfo.getName()+"]"); + propt.setProperty("USERID", userInfo.getUserId()); + propt.setProperty("EMAIL", userInfo.getEmail()); + propt.setProperty("ENABLE", String.valueOf(userInfo.getEnable())); + propt.setProperty("STARTVALID", userInfo.getStartValid()); + propt.setProperty("ENDVALID", userInfo.getEndValid()); + propt.setProperty("NAME", userInfo.getName()); + propt.setProperty("ENCPASSWD", userInfo.getEncpasswd()); + propt.setProperty("LASTPASSWDCHANGE", userInfo.getLastpasswdchange()); + propt.setProperty("LastLoginIP", userInfo.getLastLoginIp()); + propt.setProperty("LastLoginTime", userInfo.getLastLoginTime()); + propt.setProperty("LastLoginAuthLevel", userInfo.getLastLoginAuthLevel()); + + } catch (EmptyResultException e) { + e.printStackTrace(); + } catch (APIException e) { + e.printStackTrace(); + } catch (Exception e) { + e.printStackTrace(); + } + return propt; + } + + /** + * 사용자의 기본정보 중에서 입력된 키 값만 가지고 온다. + * @param String userid + * @param String key + * @return String + */ + public String getUserInfo(String userid, String key) throws Exception { + if(userid==null||userid.length()<1) return null; + + String userInfo = ""; + + try{ + Properties propt = getUserInfos(userid); + userInfo = propt.getProperty(key); + } catch (Exception e) { + //throw e; + e.printStackTrace(); + } + return userInfo; + } + + /** + * 사용자 확장정보 조회 + * return : Properties + * 사용자가 존재하지 않거나 확장필드가 없다면 return null + */ + public Properties getUserExFields(String userid) + throws Exception { + NXContext context = getContext(); + NXUserAPI userAPI = new NXUserAPI(context); + Properties prop = null; + NXExternalFieldSet nxefs = null; + + try { + nxefs = userAPI.getUserExternalFields(userid); + prop = new Properties(); + + if (nxefs != null) { + Iterator iter = nxefs.iterator(); + while(iter.hasNext()) { + NXExternalField nxef = (NXExternalField) iter.next(); + if(nxef.getName().equals("PASSINIT")){ + String sPassintVal = (String) nxef.getValue(); + prop.setProperty(nxef.getName(), sPassintVal.equals("") ? "0" : sPassintVal); + } + else + prop.setProperty(nxef.getName(), (String) nxef.getValue()); + //System.out.println("확장 필드 " + nxef.getName() + " : " + nxef.getValue()); + } + } else { + // prop is null + } + } catch (EmptyResultException e) { + // 사용자가 존재하지 않거나 확장필드가 없음 + } catch (APIException e) { + throw e; + //e.printStackTrace(); + } + //System.out.println("getUserExFields:[" + prop + "]"); + return prop; + } + + /** + * 사용자의 특정 확장 필드 정보 조회 + * return : String + * 사용자가 존재하지 않거나 확장필드가 없다면 return null + */ + public String getUserExField(String userid, String exName) + throws Exception { + NXContext context = getContext(); + NXUserAPI userAPI = new NXUserAPI(context); + NXExternalField nxef = null; + String returnValue = null; + + try { + +System.out.println("getUserExField==="+ userid ) ; + nxef = userAPI.getUserExternalField(userid, exName); +System.out.println("nxef==="+ (String) nxef.getValue() ) ; + returnValue = (String) nxef.getValue(); + } catch (EmptyResultException e) { + // 사용자가 존재하지 않거나 확장필드가 없음 + } catch (APIException e) { + throw e; + //e.printStackTrace(); + } catch (IllegalArgumentException e) { + throw e; + //e.printStackTrace(); + } + /* + System.out.println("getUserExField:[" + userid + ":" + + exName + ":" + returnValue+ "]"); + */ + return returnValue; + } + +%> diff --git a/WebContent/sso/login_exec.jsp b/WebContent/sso/login_exec.jsp new file mode 100644 index 0000000..a089483 --- /dev/null +++ b/WebContent/sso/login_exec.jsp @@ -0,0 +1,69 @@ +<%@ page language="java" contentType="text/html;charset=EUC-KR" %> +<%@ include file="./config.jsp" %> +<% + + String uurl = null; + String sso_id = null; + String service_id = null; + String ext_info = null; + String retCode = null; + //http://test.kjbank.com:8080/se/login_exec.jsp : ȣؾ ȴ. + //1.SSO ID + sso_id = getSsoId(request); + + // 2. UURL + uurl = request.getParameter("UURL"); + + if (sso_id == null) { + //uurl ٸ, ٵ ⼭ uurl üũϴ°? uurl test.kjbank.com:8080/se/login_exec.jsp ִ±. + if (uurl == null) uurl = ASCP_URL; + + // 3. SSO α ̵ + goLoginPage(response, uurl); + return; + } else { + + //4.Ű ȿ Ȯ :0() + retCode = getEamSessionCheck(request,response); + + if(!retCode.equals("0")){ + goErrorPage(response, Integer.parseInt(retCode)); + return; + } + /*********************************************************************************** + * < TO-DO > + * SSO ϷǾǷ, ý α dzʶٵ ڵ带 մϴ. + * SSO sso_id Ǿ ֽϴ. + * ýۿ ʿ ϴ ڵ带 ⿡ ۼմϴ. + ************************************************************************************/ + + //5 Ȯ ȸ + ext_info = getUserExField(sso_id, "CELLPHONENO"); + service_id = SERVICE_NAME; + System.out.println ("SERVICE_NAME : " + service_id); + // + //6.ýۿ ̵ + /* + String EAM_ID = (String)session.getAttribute("SSO_ID"); + if(EAM_ID == null || EAM_ID.equals("")) { + session.setAttribute("SSO_ID", sso_id); + session.setAttribute("APP_ID", service_id); + session.setAttribute("EXT_INFO", ext_info); + session.setAttribute("RET_CODE", retCode); + } + */ + + + /* */ + if(!sso_id.replace(" ", "").equals("")) { + session.setAttribute("SSO_ID", sso_id); + session.setAttribute("APP_ID", service_id); + session.setAttribute("EXT_INFO", ext_info); + session.setAttribute("RET_CODE", retCode); + } + + //7.ý ȣ( Ǵ ) --> ýۿ ° URL ! + response.sendRedirect(SERVER_URL + ":" + SERVER_PORT + "/se/app01.jsp"); + } +%> + diff --git a/src/main/java/com/eactive/eai/rms/ext/kjb/sso/SsoController.java b/src/main/java/com/eactive/eai/rms/ext/kjb/sso/SsoController.java new file mode 100644 index 0000000..6a2a14c --- /dev/null +++ b/src/main/java/com/eactive/eai/rms/ext/kjb/sso/SsoController.java @@ -0,0 +1,68 @@ +package com.eactive.eai.rms.ext.kjb.sso; + +import com.eactive.eai.rms.data.entity.man.monitoringProperty.service.MonitoringPropertyService; +import com.eactive.ext.kjb.common.KjbProperty; +import com.eactive.ext.kjb.sso.ExtendedInfo; +import com.eactive.ext.kjb.sso.KjbSsoModule; +import com.eactive.ext.kjb.util.KjbPropertyInjector; +import lombok.extern.slf4j.Slf4j; +import org.apache.commons.lang3.StringUtils; +import org.springframework.stereotype.Controller; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestParam; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.util.Arrays; +import java.util.Properties; + +@Slf4j +@Controller +public class SsoController { + public static final String PROP_GORUP_ID = "Monitoring"; + + private final KjbPropertyInjector kjbPropertyInjector; + + private final KjbSsoModule ssoModule; + private final KjbProperty prop; + + + public SsoController(MonitoringPropertyService monitoringPropertyService) { + this.kjbPropertyInjector = new KjbPropertyInjector(monitoringPropertyService, PROP_GORUP_ID); + prop = kjbPropertyInjector.inject(new KjbProperty()); + this.ssoModule = KjbSsoModule.getInstance(prop); + } + + @RequestMapping(value = "/sso/login.do") + public String login(HttpServletRequest req, HttpServletResponse res, + @RequestParam("UURL") String uurl) throws Exception { + String ssoId = ssoModule.getSsoId(req); + + log.debug("ssoId : {}", ssoId); + log.debug("uurl : {}", uurl); + + if (StringUtils.isEmpty(uurl)) { + uurl = ssoModule.getAscpUrl(); + } + + if (ssoId == null) { + ssoModule.goLoginPage(res, uurl); + return null; + } else { + String retCode = ssoModule.getEamSessionCheck(req, res); + log.debug("retCode : {}", retCode); + + if ("0".equalsIgnoreCase(retCode)) { + ssoModule.goErrorPage(res, Integer.parseInt(retCode)); + return null; + } + + Properties extendedInfo = ssoModule.getUserExFields(ssoId); + extendedInfo.keySet().forEach( k -> { + log.debug("{} : {}", k, extendedInfo.get(k)); + }); + + return "redirect:/main.do"; + } + } +} diff --git a/src/main/java/com/eactive/ext/kjb/util/KjbPropertyInjector.java b/src/main/java/com/eactive/ext/kjb/util/KjbPropertyInjector.java index 8b4ac6c..b87061c 100644 --- a/src/main/java/com/eactive/ext/kjb/util/KjbPropertyInjector.java +++ b/src/main/java/com/eactive/ext/kjb/util/KjbPropertyInjector.java @@ -19,6 +19,10 @@ public class KjbPropertyInjector { this.groupId = groupId; } + public KjbProperty inject() { + return inject(new KjbProperty()); + } + public T inject(T property) { Class clazz = property.getClass();