Home Explore Help
Register Sign In
usoft
/
platform-b2b
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

git-svn-id: svn+ssh://10.10.101.21/source/platform/platform-b2b@225 f3bf4e98-0cf0-11e4-a00c-a99a8b9d557d

administrator 11 years ago
parent
cfa0e66d88
commit
f2091739fd
1 changed files with 7 additions and 11 deletions
Split View Show Diff Stats
  1. 7 11
      src/main/java/com/uas/platform/b2b/filter/SecurityInterceptor.java

+ 7 - 11
src/main/java/com/uas/platform/b2b/filter/SecurityInterceptor.java
View File 

@@ -19,7 +19,6 @@ import org.springframework.security.access.intercept.InterceptorStatusToken;
 
 import org.springframework.security.authentication.AuthenticationManager;

 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;

 import org.springframework.security.core.Authentication;

-import org.springframework.security.core.AuthenticationException;

 import org.springframework.security.core.GrantedAuthority;

 import org.springframework.security.core.authority.SimpleGrantedAuthority;

 import org.springframework.security.core.context.SecurityContextHolder;

@@ -32,6 +31,7 @@ import org.springframework.util.StringUtils;
 
 import com.uas.platform.b2b.model.User;

 import com.uas.platform.b2b.service.UserService;

 import com.uas.platform.b2b.support.SystemSession;

+import com.uas.platform.core.util.encry.Md5Utils;

 

 /**

  * 

@@ -137,20 +137,16 @@ public class SecurityInterceptor extends AbstractSecurityInterceptor implements
 
 			} else if (username.matches(UU_REGEXP)) {

 				user = userService.findUserByUserUU(Long.parseLong(username));

 			}

-			if (user != null) {

+			if (user != null && user.getUserPwd().equals(Md5Utils.encode(password, user.getUserUU()))) {

 				ArrayList<GrantedAuthority> array = new ArrayList<GrantedAuthority>();

 				array.add(new SimpleGrantedAuthority(ROLE_USER));

 				UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(user.getUserUU(), password, array);

-				try {

-					Authentication authenticatedUser = authenticationManager.authenticate(token);

-					SecurityContextHolder.getContext().setAuthentication(authenticatedUser);

-					request.getSession().setAttribute(HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY,

-							SecurityContextHolder.getContext());

-				} catch (AuthenticationException e) {

-					throw new UsernameNotFoundException("密码错误");

-				}

+				Authentication authenticatedUser = authenticationManager.authenticate(token);

+				SecurityContextHolder.getContext().setAuthentication(authenticatedUser);

+				request.getSession().setAttribute(HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY,

+						SecurityContextHolder.getContext());

 			} else

-				throw new UsernameNotFoundException(username + "账号不存在");

+				throw new UsernameNotFoundException(username + " 账号或密码错误");

 		}

 	}