1

pom.xml

@@ -43,6 +43,10 @@
             <groupId>org.springframework.cloud</groupId>
             <artifactId>spring-cloud-starter-netflix-eureka-client</artifactId>
         </dependency>
+        <dependency>  
+		    <groupId>org.springframework.boot</groupId>  
+		    <artifactId>spring-boot-starter-security</artifactId>  
+		</dependency>
 
         <!-- 引入spring boot自带的pagehelper插件 -->
         <dependency>

src/main/java/com/chinaitop/depot/WebSecurityConfig.java

@@ -0,0 +1,26 @@
+package com.chinaitop.depot;
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+
+@Configuration
+@EnableWebSecurity
+public class WebSecurityConfig 
+extends WebSecurityConfigurerAdapter 
+{
+
+	@Override
+    protected void configure(HttpSecurity http) throws Exception {
+
+		http.authorizeRequests()
+		.antMatchers("/**")
+		.permitAll() //允许所有用户访问所有资源
+        .and()
+        .csrf().disable(); // 禁用CSRF（防止伪造的跨域攻击）
+
+        super.configure(http);
+
+    }
+}

src/main/java/com/chinaitop/depot/system/controller/UserInfoController.java

@@ -24,6 +24,7 @@ import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.http.MediaType;
+import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
 import org.springframework.web.bind.annotation.RequestParam;
@@ -1031,4 +1032,19 @@ public class UserInfoController {
 		}
 		return map;
 	}
+
+	@RequestMapping(value="/checkPwdBlack", method = RequestMethod.POST)
+	@ApiOperation(value="查询密码字符串中是否包含密码黑名单里面的内容", notes = "密码可用就返回true")
+	@ApiImplicitParams({
+		@ApiImplicitParam(name = "newpwd", value = "密码", paramType = "form")
+	})
+	public boolean checkPwdBlack(String newpwd) {
+		boolean flag = false;
+		try {
+			flag = userInfoService.checkPwdBlack(newpwd);
+		} catch (Exception e) {
+			e.printStackTrace();
+		}
+		return flag;
+	}
 }

src/main/java/com/chinaitop/depot/system/mapper/UserInfoMapper.java

@@ -67,4 +67,11 @@ public interface UserInfoMapper {
 	void deleteKeeperHouseObj(@Param("keepid") Integer keepid);
 
 	List<Map<Object, Object>> sptgetUserInfo(Map<Object, Object> map);
+
+	/**
+	 * 查询密码字符串中是否包含密码黑名单里面的内容
+	 * @param pwd
+	 * @return
+	 */
+	List<String> selectPwdBlack(String pwd);
 }

src/main/java/com/chinaitop/depot/system/mapper/UserInfoMapper.xml

@@ -791,4 +791,8 @@
 	order by ui.real_name asc
   </select>
   
+  <select id="selectPwdBlack" parameterType="java.lang.String" resultType="java.util.Map">
+	select pwd from dict_pwd_blacklist where INSTR(#{pwd,jdbcType=VARCHAR}, pwd) > 0
+  </select>
+  
 </mapper>

src/main/java/com/chinaitop/depot/system/service/UserInfoService.java

@@ -144,4 +144,12 @@ public interface UserInfoService {
 	String checkRepeat(Integer orgId, String sfzhm, Integer userId, String type) throws Exception;
 
 	List<Map<Object, Object>> sptgetUserInfo(Map<Object, Object> map);
+
+	/**
+	 * 查询密码字符串中是否包含密码黑名单里面的内容
+	 * @param pwd
+	 * @return
+	 * @throws Exception
+	 */
+	boolean checkPwdBlack(String pwd) throws Exception;
 }

src/main/java/com/chinaitop/depot/system/service/impl/UserInfoServiceImpl.java

@@ -346,4 +346,14 @@ public class UserInfoServiceImpl implements UserInfoService {
 		return UserInfoMapper.sptgetUserInfo(map);
 	}
 
+	@Override
+	public boolean checkPwdBlack(String pwd) throws Exception {
+		boolean flag = false;
+		List<String> list = UserInfoMapper.selectPwdBlack(pwd);
+		if (null == list || list.size() == 0) {
+			flag = true;
+		}
+		return flag;
+	}
+
 }

src/main/resources/application.properties

@@ -1,28 +1,35 @@
 #端口
 server.port=9023
 
+eureka.instance.hostname=172.16.0.16
+#eureka.instance.hostname=localhost
+eureka.client.serviceUrl.defaultZone=http://tj_admin:Admin_1234@${eureka.instance.hostname}:9001/eureka/
+#eureka.client.serviceUrl.defaultZone=http://${eureka.instance.hostname}:9001/eureka/
+# 每隔10s发送一次心跳(默认30s)
+eureka.instance.lease-renewal-interval-in-seconds=10
+# 告知服务端30秒还未收到心跳的话，就将该服务移除列表(默认90s)
+eureka.instance.lease-expiration-duration-in-seconds=30
+eureka.instance.status-page-url=http://${eureka.instance.hostname}:${server.port}/swagger-ui.html
+#eureka.instance.status-page-url=http://${spring.security.user.name}:${spring.security.user.password}@${eureka.instance.hostname}:${server.port}/swagger-ui.html
+
+management.server.port=-1
+#management.endpoints.enabled-by-default=false
+
+#spring.security.basic.enabled=true
+# 用户名
+#spring.security.user.name=tj_admin
+# 用户密码
+#spring.security.user.password=Admin_1234
+
 #gbase8s的数据库配置
 spring.application.name=depot-system
 spring.datasource.type=com.alibaba.druid.pool.DruidDataSource
 spring.datasource.url=jdbc:gbasedbt-sqli://101.36.160.140:19089/depot:INFORMIXSERVER=ol_gbasedbt1210;NEWCODESET=GB18030,GB18030-2000,5488;DB_LOCALE=zh_cn.GB18030-2000;GL_USEGLU=1;IFX_USE_STRENC=true;characterEncoding=utf8;
 spring.datasource.username=gbasedbt
 spring.datasource.password=cDbK2S0go8
-#spring.datasource.url=jdbc:gbasedbt-sqli://111.164.113.172:666/depot:INFORMIXSERVER=gbaseserver;NEWCODESET=GBK,8859-1,819;GL_USEGLU=1;IFX_USE_STRENC=true;characterEncoding=utf8;
-#spring.datasource.username=gbasedbt
-#spring.datasource.password=GBase123
 spring.datasource.driverClassName=com.gbasedbt.jdbc.IfxDriver
 mybatis.config-location=classpath:mybatis/mybatis-config.xml
 
-eureka.instance.hostname=localhost
-# 每隔10s发送一次心跳(默认30s)
-eureka.instance.lease-renewal-interval-in-seconds=10
-# 告知服务端30秒还未收到心跳的话，就将该服务移除列表(默认90s)
-eureka.instance.lease-expiration-duration-in-seconds=30
-eureka.client.serviceUrl.defaultZone=http://172.16.0.16:9001/eureka/
-eureka.instance.status-page-url=http://172.16.0.16:9023/swagger-ui.html
-
-
-
 # Redis数据库索引（默认为0）
 spring.redis.database=3
 # Redis服务器地址
@@ -45,7 +52,7 @@ spring.redis.timeout=3000
 spring.session.store-type=redis
 
 #图片地址
-web.upload-path=D:/depotImg/
+web.upload-path=/home/depot/depot-web/depot-file
 spring.resources.static-locations=classpath:/META-INF/resources/,classpath:/resources/,classpath:/static/,classpath:/public/,file:${web.upload-path}
 #设置全局变量判断是云端还是库端；1云端，2本地
 localOrCloud=1