gxwebsoft/core
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

修复服务器域名白名单规则

Browse Source
This commit is contained in:
gxwebsoft
2024-03-26 21:08:31 +08:00
parent 0ecf57ab74
commit ef978d1c5d
2 changed files with 4 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/main/java/com/gxwebsoft/common/core/security/JwtAuthenticationFilter.java
View File

@@ -60,11 +60,9 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter {
final SignCheckUtil checkUtil = new SignCheckUtil(); final SignCheckUtil checkUtil = new SignCheckUtil();
String key = "WhiteDomain:" + jwtSubject.getTenantId(); String key = "WhiteDomain:" + jwtSubject.getTenantId();
List<String> whiteDomains = redisUtil.get(key, List.class); List<String> whiteDomains = redisUtil.get(key, List.class);
if (whiteDomains != null) {
if (!checkUtil.checkWhiteDomains(whiteDomains, request.getServerName())) { if (!checkUtil.checkWhiteDomains(whiteDomains, request.getServerName())) {
throw new UsernameNotFoundException("The requested domain name is not on the whitelist"); throw new UsernameNotFoundException("The requested domain name is not on the whitelist");
} }
}
User user = userService.getByUsername(jwtSubject.getUsername(), jwtSubject.getTenantId()); User user = userService.getByUsername(jwtSubject.getUsername(), jwtSubject.getTenantId());
if (user == null) { if (user == null) {

5
src/main/java/com/gxwebsoft/common/core/utils/SignCheckUtil.java
View File

@@ -183,10 +183,9 @@ public class SignCheckUtil {
return true; return true;
} }
// 服务器域名白名单列表 // 服务器域名白名单列表
whiteDomains.add("oa.gxwebsoft.com"); whiteDomains.add("server.gxwebsoft.com");
whiteDomains.add("admin.gxwebsoft.com");
whiteDomains.add("adm.wsdns.cn");
for(String item: whiteDomains){ for(String item: whiteDomains){
// System.out.println(">>> domainName = " + domainName);
if(Objects.equals(item, domainName)){ if(Objects.equals(item, domainName)){
return true; return true;
} }