mirror of https://gitee.com/stylefeng/roses
【7.1.5】ThreadLocal使用加强,在Filter清空ThreadLocal
fengshuonan
parent
ddd2543ef9
commit
ed4c71e088
|
|
@ -0,0 +1,19 @@
|
|||
package cn.stylefeng.roses.kernel.rule.threadlocal;
|
||||
|
||||
/**
|
||||
* 对程序进行拓展,方便清除ThreadLocal
|
||||
*
|
||||
* @author fengshuonan
|
||||
* @date 2021/10/29 11:14
|
||||
*/
|
||||
public interface RemoveThreadLocalApi {
|
||||
|
||||
/**
|
||||
* 具体删除ThreadLocal的逻辑
|
||||
*
|
||||
* @author fengshuonan
|
||||
* @date 2021/10/29 11:19
|
||||
*/
|
||||
void removeThreadLocalAction();
|
||||
|
||||
}
|
||||
|
|
@ -0,0 +1,20 @@
|
|||
package cn.stylefeng.roses.kernel.auth.api.context;
|
||||
|
||||
import cn.stylefeng.roses.kernel.rule.threadlocal.RemoveThreadLocalApi;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
/**
|
||||
* 清除当前登录用户相关的ThreadLocalHolder
|
||||
*
|
||||
* @author fengshuonan
|
||||
* @date 2021/10/29 11:41
|
||||
*/
|
||||
@Component
|
||||
public class LoginUserRemoveThreadLocalHolder implements RemoveThreadLocalApi {
|
||||
|
||||
@Override
|
||||
public void removeThreadLocalAction() {
|
||||
LoginUserHolder.remove();
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -0,0 +1,20 @@
|
|||
package cn.stylefeng.roses.kernel.scanner.api.holder;
|
||||
|
||||
import cn.stylefeng.roses.kernel.rule.threadlocal.RemoveThreadLocalApi;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
/**
|
||||
* 清除ip地址相关的ThreadLocalHolder
|
||||
*
|
||||
* @author fengshuonan
|
||||
* @date 2021/10/29 11:42
|
||||
*/
|
||||
@Component
|
||||
public class IpAddrRemoveThreadLocalHolder implements RemoveThreadLocalApi {
|
||||
|
||||
@Override
|
||||
public void removeThreadLocalAction() {
|
||||
IpAddrHolder.clear();
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -19,6 +19,7 @@
|
|||
<module>security-api</module>
|
||||
<module>security-sdk-black-white</module>
|
||||
<module>security-sdk-captcha</module>
|
||||
<module>security-sdk-clear-threadlocal</module>
|
||||
<module>security-sdk-cors</module>
|
||||
<module>security-sdk-count</module>
|
||||
<module>security-sdk-xss</module>
|
||||
|
|
|
|||
|
|
@ -0,0 +1 @@
|
|||
清空web请求中的ThreadLocal中的变量值
|
||||
|
|
@ -0,0 +1,35 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<project xmlns="http://maven.apache.org/POM/4.0.0"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
|
||||
<parent>
|
||||
<groupId>cn.stylefeng.roses</groupId>
|
||||
<artifactId>kernel-d-security</artifactId>
|
||||
<version>7.1.5</version>
|
||||
<relativePath>../pom.xml</relativePath>
|
||||
</parent>
|
||||
|
||||
<artifactId>security-sdk-clear-threadlocal</artifactId>
|
||||
|
||||
<packaging>jar</packaging>
|
||||
|
||||
<dependencies>
|
||||
|
||||
<!--安全模块的api-->
|
||||
<dependency>
|
||||
<groupId>cn.stylefeng.roses</groupId>
|
||||
<artifactId>security-api</artifactId>
|
||||
<version>${roses.version}</version>
|
||||
</dependency>
|
||||
|
||||
<!--web模块-->
|
||||
<dependency>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
<artifactId>spring-boot-starter-web</artifactId>
|
||||
</dependency>
|
||||
|
||||
</dependencies>
|
||||
|
||||
</project>
|
||||
|
|
@ -0,0 +1,68 @@
|
|||
/*
|
||||
* Copyright [2020-2030] [https://www.stylefeng.cn]
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*
|
||||
* Guns采用APACHE LICENSE 2.0开源协议,您在使用过程中,需要注意以下几点:
|
||||
*
|
||||
* 1.请不要删除和修改根目录下的LICENSE文件。
|
||||
* 2.请不要删除和修改Guns源码头部的版权声明。
|
||||
* 3.请保留源码和相关描述文件的项目出处,作者声明等。
|
||||
* 4.分发源码时候,请注明软件出处 https://gitee.com/stylefeng/guns
|
||||
* 5.在修改包名,模块名称,项目代码等时,请注明软件出处 https://gitee.com/stylefeng/guns
|
||||
* 6.若您的项目无法满足以上几点,可申请商业授权
|
||||
*/
|
||||
package cn.stylefeng.roses.kernel.security.clear;
|
||||
|
||||
import cn.hutool.extra.spring.SpringUtil;
|
||||
import cn.stylefeng.roses.kernel.rule.threadlocal.RemoveThreadLocalApi;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
|
||||
import javax.servlet.*;
|
||||
import java.io.IOException;
|
||||
import java.util.Map;
|
||||
|
||||
|
||||
/**
|
||||
* 清空程序中的ThreadLocal
|
||||
*
|
||||
* @author fengshuonan
|
||||
* @date 2021/10/29 11:11
|
||||
*/
|
||||
@Slf4j
|
||||
public class ClearThreadLocalFilter implements Filter {
|
||||
|
||||
public static final String NAME = "ClearThreadLocalFilter";
|
||||
|
||||
@Override
|
||||
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws ServletException, IOException {
|
||||
try {
|
||||
chain.doFilter(request, response);
|
||||
} finally {
|
||||
|
||||
try {
|
||||
Map<String, RemoveThreadLocalApi> beansOfType = SpringUtil.getBeansOfType(RemoveThreadLocalApi.class);
|
||||
if (beansOfType != null) {
|
||||
for (Map.Entry<String, RemoveThreadLocalApi> entry : beansOfType.entrySet()) {
|
||||
RemoveThreadLocalApi removeThreadLocalApi = entry.getValue();
|
||||
removeThreadLocalApi.removeThreadLocalAction();
|
||||
}
|
||||
}
|
||||
} catch (Exception e) {
|
||||
// 清空失败
|
||||
log.error("清空threadLocal失败!", e);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -46,6 +46,7 @@ import java.util.Date;
|
|||
*/
|
||||
@Slf4j
|
||||
@ControllerAdvice
|
||||
@SuppressWarnings("all")
|
||||
public class EncryptionRequestBodyAdvice implements RequestBodyAdvice {
|
||||
|
||||
static {
|
||||
|
|
|
|||
|
|
@ -31,6 +31,7 @@ import java.util.Date;
|
|||
*/
|
||||
@Slf4j
|
||||
@ControllerAdvice
|
||||
@SuppressWarnings("all")
|
||||
public class EncryptionResponseBodyAdvice implements ResponseBodyAdvice {
|
||||
|
||||
static {
|
||||
|
|
@ -57,7 +58,7 @@ public class EncryptionResponseBodyAdvice implements ResponseBodyAdvice {
|
|||
// 判断响应实体是否是 ResponseData
|
||||
if (body instanceof ResponseData) {
|
||||
// 转换类型
|
||||
ResponseData responseData = (ResponseData)body;
|
||||
ResponseData responseData = (ResponseData) body;
|
||||
|
||||
Object data = responseData.getData();
|
||||
|
||||
|
|
@ -66,6 +67,7 @@ public class EncryptionResponseBodyAdvice implements ResponseBodyAdvice {
|
|||
|
||||
// 从 ThreadLocal 中获取 aes key
|
||||
String aesKey = EncryptionHolder.getAesKey();
|
||||
|
||||
// 偏移
|
||||
byte[] iv = HexUtil.decodeHex(SecureUtil.md5(StrUtil.format("{}{}", aesKey, DateUtil.format(new Date(), "yyyyMMdd"))));
|
||||
|
||||
|
|
|
|||
|
|
@ -0,0 +1,20 @@
|
|||
package cn.stylefeng.roses.kernel.security.request.encrypt.holder;
|
||||
|
||||
import cn.stylefeng.roses.kernel.rule.threadlocal.RemoveThreadLocalApi;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
/**
|
||||
* 清除加解密的相关ThreadLocal
|
||||
*
|
||||
* @author fengshuonan
|
||||
* @date 2021/10/29 11:37
|
||||
*/
|
||||
@Component
|
||||
public class EncryptRemoveThreadLocalHolder implements RemoveThreadLocalApi {
|
||||
|
||||
@Override
|
||||
public void removeThreadLocalAction() {
|
||||
EncryptionHolder.clearAesKey();
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -24,6 +24,13 @@
|
|||
<version>${roses.version}</version>
|
||||
</dependency>
|
||||
|
||||
<!--threadLocal清除器-->
|
||||
<dependency>
|
||||
<groupId>cn.stylefeng.roses</groupId>
|
||||
<artifactId>security-sdk-clear-threadlocal</artifactId>
|
||||
<version>${roses.version}</version>
|
||||
</dependency>
|
||||
|
||||
<!--图形验证码模块-->
|
||||
<dependency>
|
||||
<groupId>cn.stylefeng.roses</groupId>
|
||||
|
|
|
|||
|
|
@ -24,8 +24,14 @@
|
|||
*/
|
||||
package cn.stylefeng.roses.kernel.security.starter;
|
||||
|
||||
import cn.stylefeng.roses.kernel.security.api.constants.SecurityConstants;
|
||||
import cn.stylefeng.roses.kernel.security.clear.ClearThreadLocalFilter;
|
||||
import org.springframework.boot.web.servlet.FilterRegistrationBean;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
|
||||
import static org.springframework.core.Ordered.HIGHEST_PRECEDENCE;
|
||||
|
||||
/**
|
||||
* 安全模块自动配置
|
||||
*
|
||||
|
|
@ -35,4 +41,20 @@ import org.springframework.context.annotation.Configuration;
|
|||
@Configuration
|
||||
public class GunsSecurityAutoConfiguration {
|
||||
|
||||
/**
|
||||
* ThreadLocal清除器
|
||||
*
|
||||
* @author fengshuonan
|
||||
* @date 2021/10/29 11:29
|
||||
*/
|
||||
@Bean
|
||||
public FilterRegistrationBean<ClearThreadLocalFilter> clearThreadLocalFilterFilterRegistrationBean() {
|
||||
FilterRegistrationBean<ClearThreadLocalFilter> bean = new FilterRegistrationBean<>();
|
||||
bean.setFilter(new ClearThreadLocalFilter());
|
||||
bean.addUrlPatterns(SecurityConstants.DEFAULT_XSS_PATTERN);
|
||||
bean.setName(ClearThreadLocalFilter.NAME);
|
||||
bean.setOrder(HIGHEST_PRECEDENCE + 1);
|
||||
return bean;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -0,0 +1,21 @@
|
|||
package cn.stylefeng.roses.kernel.validator.api.context;
|
||||
|
||||
import cn.stylefeng.roses.kernel.rule.threadlocal.RemoveThreadLocalApi;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
/**
|
||||
* 清除参数缓存相关的ThreadLocal
|
||||
*
|
||||
* @author fengshuonan
|
||||
* @date 2021/10/29 11:37
|
||||
*/
|
||||
@Component
|
||||
public class RequestRemoveThreadLocalHolder implements RemoveThreadLocalApi {
|
||||
|
||||
@Override
|
||||
public void removeThreadLocalAction() {
|
||||
RequestGroupContext.clear();
|
||||
RequestParamContext.clear();
|
||||
}
|
||||
|
||||
}
|
||||
Loading…
Reference in New Issue