diff --git a/pom.xml b/pom.xml
index d82ec636d..917f78ba6 100644
--- a/pom.xml
+++ b/pom.xml
@@ -228,7 +228,6 @@
ruoyi-common
${ruoyi.version}
-
diff --git a/ruoyi-admin/pom.xml b/ruoyi-admin/pom.xml
index 83925f1c0..011f42be4 100644
--- a/ruoyi-admin/pom.xml
+++ b/ruoyi-admin/pom.xml
@@ -98,7 +98,7 @@
cn.hutool
hutool-all
- 5.8.33
+ 5.8.36
@@ -112,6 +112,12 @@
icu4j
59.1
+
+
+ com.google.code.gson
+ gson
+ 2.11.0
+
diff --git a/ruoyi-admin/src/main/java/com/neuhis/his/app/controller/AppUnauthController.java b/ruoyi-admin/src/main/java/com/neuhis/his/app/controller/AppUnauthController.java
index c3f925b6e..cb4fdc8fe 100644
--- a/ruoyi-admin/src/main/java/com/neuhis/his/app/controller/AppUnauthController.java
+++ b/ruoyi-admin/src/main/java/com/neuhis/his/app/controller/AppUnauthController.java
@@ -20,6 +20,7 @@ import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;
+import javax.annotation.Resource;
import java.io.UnsupportedEncodingException;
import java.util.List;
import java.util.Map;
@@ -40,10 +41,18 @@ public class AppUnauthController extends BaseController {
ISysUserService sysUserService;
@Autowired
private SysPasswordService passwordService;
+ @Resource
+ private IBjCaService bjCaService;
@Autowired
IComDictionaryService comDictionaryService;
+ @GetMapping("/bjca/startAutoSign")
+ public AjaxResult bjcaAuto() {
+ bjCaService.startAutoSign();
+ return AjaxResult.success("成功");
+ }
+
@GetMapping("/getIp")
public AjaxResult getIp() {
String hostIp = IpUtils.getHostIp();
@@ -93,5 +102,4 @@ public class AppUnauthController extends BaseController {
log.info("测试结束" + DateUtil.format(DateUtil.date(), "yyyy-MM-dd HH:mm:ss"));
return AjaxResult.success("end");
}
-
}
diff --git a/ruoyi-admin/src/main/java/com/neuhis/his/app/controller/TestMain.java b/ruoyi-admin/src/main/java/com/neuhis/his/app/controller/TestMain.java
deleted file mode 100644
index 35e9f2533..000000000
--- a/ruoyi-admin/src/main/java/com/neuhis/his/app/controller/TestMain.java
+++ /dev/null
@@ -1,15 +0,0 @@
-package com.neuhis.his.app.controller;
-
-import cn.hutool.core.util.IdcardUtil;
-import cn.hutool.extra.pinyin.PinyinUtil;
-import cn.hutool.json.JSONUtil;
-import org.apache.commons.lang3.StringUtils;
-
-public class TestMain {
- public static void main(String[] args) throws Exception {
- String a="abc";
- String s = StringUtils.leftPad(a, 12, "0");
- System.out.println(s);
-
- }
-}
diff --git a/ruoyi-admin/src/main/java/com/neuhis/his/common/config/BjCaConfig.java b/ruoyi-admin/src/main/java/com/neuhis/his/common/config/BjCaConfig.java
new file mode 100644
index 000000000..ee194dd24
--- /dev/null
+++ b/ruoyi-admin/src/main/java/com/neuhis/his/common/config/BjCaConfig.java
@@ -0,0 +1,53 @@
+package com.neuhis.his.common.config;
+
+import lombok.Getter;
+import lombok.Setter;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.context.annotation.Configuration;
+
+/**
+ * 北京CA配置
+ *
+ * @author dazer
+ * @date 2025/3/4 09:28
+ **/
+@Configuration
+@ConfigurationProperties(prefix = "nhit.dc.ca.bjxt01")
+@Getter
+@Setter
+public class BjCaConfig {
+ /**
+ *
+ * # CA服务地址
+ * nhit.dc.ca.bjxt01.server-query-user-info=http://192.168.216.112:10201/coss/service/v1/queryUserInfo
+ * # 开启自动签名
+ * nhit.dc.ca.bjxt01.server-start-auth-sign=http://192.168.216.112:10201/coss/service/v1/startAutoSign
+ * # 获取签名结果
+ * nhit.dc.ca.bjxt01.server-get-sign-result=http://192.168.216.112:10201/coss/service/v1/getSignResult
+ * # 自动签名
+ * nhit.dc.ca.bjxt01.server-auth-sign=http://192.168.216.112:10201/coss/service/v1/autoSign
+ * # 验证数据签名
+ * nhit.dc.ca.bjxt01.server-verify-sign=http://192.168.216.112:10201/coss/service/v1/verifySign
+ * # 获取印章图片
+ * nhit.dc.ca.bjxt01.server-query-image=http://192.168.216.112:10201/coss/service/v1/queryImage
+ * # 时间戳签名
+ * nhit.dc.ca.bjxt01.server-tss-info=http://192.168.216.112:10201/coss/service/v1/createAndGetTssInfo
+ * # 验证时间戳签名
+ * nhit.dc.ca.bjxt01.server-verify-tss=http://192.168.216.112:10201/coss/service/v1/verifyTS
+ * # 第三方账号标识
+ * nhit.dc.ca.bjxt01.app-id=APP_3FAE577489B649F78F70C861AA991AEE
+ * # 第三方账号秘钥
+ * nhit.dc.ca.bjxt01.app-secret=MDAwNjY1MTZmMjczNDk4MDk2MzJhMTQ4OWYyZTdlNGE=
+ *
+ */
+ private String serverQueryUserInfo;
+ private String serverStartAuthSign;
+ private String serverGetSignResult;
+ private String serverAuthSign;
+ private String serverVerifySign;
+ private String serverQueryImage;
+ private String serverTssInfo;
+ private String serverVerifyTss;
+ private String appId;
+ private String appSecret;
+}
diff --git a/ruoyi-admin/src/main/java/com/neuhis/his/domain/dto/DeadLockRac.java b/ruoyi-admin/src/main/java/com/neuhis/his/domain/dto/DeadLockRac.java
index 227a7af51..f79c21bf5 100644
--- a/ruoyi-admin/src/main/java/com/neuhis/his/domain/dto/DeadLockRac.java
+++ b/ruoyi-admin/src/main/java/com/neuhis/his/domain/dto/DeadLockRac.java
@@ -56,4 +56,12 @@ public class DeadLockRac {
this.sessionStr = sessionStr;
}
+ @Override
+ public String toString() {
+ return "DeadLockRac{" +
+ "本进程号SID=" + 本进程号SID +
+ ", 阻塞SID='" + 阻塞SID + '\'' +
+ ", rac_KILL='" + rac_KILL + '\'' +
+ '}';
+ }
}
diff --git a/ruoyi-admin/src/main/java/com/neuhis/his/service/IBjCaService.java b/ruoyi-admin/src/main/java/com/neuhis/his/service/IBjCaService.java
new file mode 100644
index 000000000..49fad70eb
--- /dev/null
+++ b/ruoyi-admin/src/main/java/com/neuhis/his/service/IBjCaService.java
@@ -0,0 +1,27 @@
+package com.neuhis.his.service;
+
+/**
+ * 北京CA自动签名,用于补历史签名数据
+ * 接口1 3.4.3.1 开启自动签(startAutoSign) 需要用户扫码,扫码后的字段放到哪个字段里面?
+ * 接口2 3.4.3.3 自动签名(autoSign)的反参这二个数据存库signResult签名结果,signCert签名证书,
+ * 接口3 3.4.7.1 产生时间戳(createAndGetTssInfo) 第三个接口的时间戳结果:入参:oriData,这个是啥字段? 数据原文和自动签名接口里面传的数据原文保持一致就行
+ * @author dazer
+ * @date 2025/3/3 19:26
+ **/
+public interface IBjCaService {
+ /**
+ * 开启自动签名
+ */
+ void startAutoSign();
+ /**
+ * 自动签名
+ * @param signDataId startAutoSign开启自动签名接口:返回的signDataId
+ * @param oriDataBase64 待签数据(必须是 base64编码)
+ */
+ void autoSign(String signDataId, String oriDataBase64);
+ /**
+ * 产生时间戳
+ * @param oriDataBase64 待签数据(必须是 base64编码)
+ */
+ void createAndGetTssInfo(String oriDataBase64);
+}
diff --git a/ruoyi-admin/src/main/java/com/neuhis/his/service/impl/BjCaServiceImpl.java b/ruoyi-admin/src/main/java/com/neuhis/his/service/impl/BjCaServiceImpl.java
new file mode 100644
index 000000000..b6e3fb7f2
--- /dev/null
+++ b/ruoyi-admin/src/main/java/com/neuhis/his/service/impl/BjCaServiceImpl.java
@@ -0,0 +1,85 @@
+package com.neuhis.his.service.impl;
+
+import com.neuhis.his.common.config.BjCaConfig;
+import com.neuhis.his.service.IBjCaService;
+import com.neuhis.utils.BjcaUtil;
+import lombok.Getter;
+import lombok.Setter;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+
+import java.util.HashMap;
+import java.util.Map;
+
+/**
+ * 北京CA自动签名,用于补历史签名数据
+ *
+ * @author dazer
+ * @date 2025/3/3 19:27
+ **/
+@Getter
+@Setter
+@Slf4j
+@Service
+public class BjCaServiceImpl implements IBjCaService {
+ @Autowired
+ private BjCaConfig bjCaConfig;
+ /**
+ * 北京CA协同平台的USER_ID
+ */
+ private final String USER_ID = "XXX";
+
+ @Override
+ public void startAutoSign() {
+ Map params = getBjCaCommonParams();
+ params.put("userId", USER_ID);//用户 Id
+ params.put("timeRegion", " 86400");//自动签名的过期时间,单位为秒(默认最长 86400秒,即 24 小时,也可以通过管理端系统重新设置)
+ params.put("requireQrCode", "N");//是否返回二维码(只能传入 Y、N 两种类型,如果 传 Y,会将二维码图片 base64 编码后返回)
+ postBjCa(bjCaConfig.getServerStartAuthSign(), params);
+ }
+
+ @Override
+ public void autoSign(String signDataId, String oriDataBase64) {
+ Map params = getBjCaCommonParams();
+ params.put("userId", USER_ID);//用户 Id
+ params.put("dataType", "DATA");//原文类型(DATA:原文,HASH:hash 数据WEB_SEAL:网页签章)
+ params.put("algo", "SM3withSM2");//签名算法(SM3withSM2)
+ params.put("data", oriDataBase64);//待签数据(必须是 base64编码)
+ params.put("signToken", signDataId);//开启自动签返回的 signDataId
+ params.put("title", "");//标题(最长不超过100个字符),非必填
+ params.put("description", "");//描述(最长不超过200个字符),非必填
+ postBjCa(bjCaConfig.getServerAuthSign(), params);
+ }
+
+ @Override
+ public void createAndGetTssInfo(String oriDataBase64) {
+ Map params = getBjCaCommonParams();
+ params.put("oriData", "");//数据原文oriData: 数据原文和自动签名接口里面传的数据原文保持一致就行, 待签数据(必须是 base64编码)
+ params.put("attachCert", "false");//最终产生的时间戳是否带证书 (true/false)
+ postBjCa(bjCaConfig.getServerTssInfo(), params);
+ }
+
+ private String postBjCa(String url, Map params) {
+ String requestJson = "";
+ String result = "";
+ try {
+ requestJson = BjcaUtil.RequestUtils.generateRequestJson(params, bjCaConfig.getAppSecret());
+ result = BjcaUtil.HTTPUtils.post(bjCaConfig.getServerStartAuthSign(), requestJson);
+ } catch (Exception e) {
+ result = "请求CA报错:" + e.getMessage();
+ }
+ log.info("北京CA开始HTTP请求,URL:" + url + "\n," +
+ " 请求入参:" + requestJson + "\n" +
+ "响应结果" + result);
+ return result;
+ }
+
+ private Map getBjCaCommonParams() {
+ Map params = new HashMap<>();
+ params.put("version", "1.0");
+ params.put("appId", bjCaConfig.getAppId());
+ params.put("signAlgo", "HMAC");//签名算法(默认传入 HMAC),使用的算法为 HMAC-SHA256
+ return params;
+ }
+}
diff --git a/ruoyi-admin/src/main/java/com/neuhis/his/service/impl/OracleSysServiceImpl.java b/ruoyi-admin/src/main/java/com/neuhis/his/service/impl/OracleSysServiceImpl.java
index b9fa6581b..712fb563f 100644
--- a/ruoyi-admin/src/main/java/com/neuhis/his/service/impl/OracleSysServiceImpl.java
+++ b/ruoyi-admin/src/main/java/com/neuhis/his/service/impl/OracleSysServiceImpl.java
@@ -56,7 +56,7 @@ public class OracleSysServiceImpl implements IOracleSysService {
oracleSysMapper.killSession(sessionStr);
}
}catch (Exception e){
- System.out.println("数据库杀死锁异常:"+e.getMessage());
+ log.error("数据库杀死锁异常:"+e.getMessage());
}
}
diff --git a/ruoyi-admin/src/main/java/com/neuhis/quartz/task/HisTask.java b/ruoyi-admin/src/main/java/com/neuhis/quartz/task/HisTask.java
index 20ab18b2c..387998c3c 100644
--- a/ruoyi-admin/src/main/java/com/neuhis/quartz/task/HisTask.java
+++ b/ruoyi-admin/src/main/java/com/neuhis/quartz/task/HisTask.java
@@ -67,7 +67,7 @@ public class HisTask {
List sessionV2Rac = oracleSysService.getDeadLockSessionV2Rac();
sessionV2Rac.forEach(deadLock -> HisTask.this.oracleSysService.killSession(deadLock.getSessionStr()));
- log.info("杀oracle死锁结束" + DateUtil.format(DateUtil.date(), "yyyy-MM-dd HH:mm:ss"));
+ log.info("杀oracle死锁结束,被杀进程数量:" + sessionV2Rac.size() + "," + DateUtil.format(DateUtil.date(), "yyyy-MM-dd HH:mm:ss"));
}
}
diff --git a/ruoyi-admin/src/main/java/com/neuhis/utils/BjcaUtil.java b/ruoyi-admin/src/main/java/com/neuhis/utils/BjcaUtil.java
new file mode 100644
index 000000000..0ceedf5df
--- /dev/null
+++ b/ruoyi-admin/src/main/java/com/neuhis/utils/BjcaUtil.java
@@ -0,0 +1,223 @@
+package com.neuhis.utils;
+
+import cn.hutool.core.codec.Base64;
+import com.alibaba.fastjson.JSON;
+import com.google.gson.GsonBuilder;
+
+import javax.crypto.Mac;
+import javax.crypto.spec.SecretKeySpec;
+import java.io.BufferedReader;
+import java.io.DataOutputStream;
+import java.io.InputStream;
+import java.io.InputStreamReader;
+import java.net.HttpURLConnection;
+import java.net.URL;
+import java.util.*;
+
+/**
+ * 北京CA签名、加密相关工具类
+ *
+ * @author dazer
+ * @date 2025/3/3 19:07
+ **/
+public class BjcaUtil {
+ public static class RequestUtils {
+
+ /**
+ * @param key: 密钥 secret 是由协同 签名系统生成的安全码 secureCode,通过协同签名管理页面的应用管理中获取,安全码 要与 appId 对应
+ */
+ public static String generateRequestJson(Map request, String key) throws Exception {
+ String jsonData = JSON.toJSONString(request);
+ String data = generateSignString(request);
+ System.out.println("hashData>>>>>"+data);
+
+ String signature;
+ signature = getHMAC(data.getBytes(), key.getBytes(), "HmacSHA256");//签名方式名称不能修改
+
+ request.put("signature", signature);
+ return new GsonBuilder().disableHtmlEscaping().create().toJson(request);
+ }
+ /**
+ * 计算signature
+ * @param request
+ * @param key: 密钥 secret 是由协同 签名系统生成的安全码 secureCode,通过协同签名管理页面的应用管理中获取,安全码 要与 appId 对应
+ * @return signature
+ * @throws Exception
+ */
+ public static String createSignature(String request, String key) throws Exception {
+ String signature = getHMAC(request.getBytes(), key.getBytes(), "HmacSHA256");//签名方式名称不能修改
+ System.out.println("signature>>>"+signature);
+ return signature;
+ }
+
+
+ //常量字符�?
+ private static final String AND = "&";
+ private static final String EQUAL = "=";
+
+ /**
+ * 生成签名字符串,忽略掉转入的属
+ *
+ * @param props
+ * @return
+ */
+ public static String generateSignString(Map props) {
+
+ StringBuilder sb = new StringBuilder();
+ List keys = new ArrayList(props.keySet());
+ Collections.sort(keys);
+
+ for (int i = 0; i < keys.size(); i++) {
+ String key = keys.get(i);
+ Object value = props.get(key);
+ if (value == null || "signature".equals(key)) {
+ continue;
+ }
+
+ if (i == props.size() - 1) {// 拼接时,不包括最后一�?&字符
+ sb.append(key).append(EQUAL).append(value);
+ } else {
+ sb.append(key).append(EQUAL).append(value).append(AND);
+ }
+ }
+ return sb.toString();
+ }
+
+ private static String getHMAC(byte[] data, byte[] key, String HmacAlgo) throws Exception {
+
+ SecretKeySpec signingKey = new SecretKeySpec(key, HmacAlgo);
+ Mac mac = Mac.getInstance(HmacAlgo);
+ mac.init(signingKey);
+ return Base64.encode(mac.doFinal(data));
+ //return StringUtils.base64Encode(mac.doFinal(data));
+
+ }
+ public static String hashTojson(Map certinfoMap) {
+
+ String string = "{";
+ for (Iterator it = certinfoMap.entrySet().iterator(); it.hasNext();) {
+ Map.Entry e = (Map.Entry) it.next();
+ string += "\"" + e.getKey() + "\":";
+ string += "\"" + e.getValue() + "\",";
+ }
+ string = string.substring(0, string.lastIndexOf(","));
+ string += "}";
+ return string;
+ }
+ }
+
+ public static class HTTPUtils {
+ public static int TIME_OUT = 30000;
+ public static String DEFAULT_CHARSET = "utf-8";
+
+ public static String post(final String uRL, String data) throws Exception {
+ long timeOut = 30000;
+ URL url = new URL(uRL);
+
+ StringBuffer sb = new StringBuffer("");
+ HttpURLConnection connection = (HttpURLConnection) url.openConnection();
+ connection.setReadTimeout( (int)timeOut);
+ connection.setConnectTimeout( (int)timeOut);
+ connection.setDoOutput(true);
+ connection.setDoInput(true);
+ connection.setRequestMethod("POST");
+ connection.setUseCaches(false);
+ connection.setRequestProperty("Accept-Charset", DEFAULT_CHARSET);
+ connection.setRequestProperty("contentType", DEFAULT_CHARSET);
+
+ connection.setInstanceFollowRedirects(true);
+ connection.addRequestProperty("User-Agent", "MSSP-User-Agent");
+ connection.setRequestProperty("Content-Type", "application/json");
+ try{
+ connection.connect();
+
+ // post
+ DataOutputStream out = new DataOutputStream(connection.getOutputStream());
+
+ out.write(data.getBytes(DEFAULT_CHARSET));
+
+ out.flush();
+ out.close();
+
+ InputStream is;
+ if (connection.getResponseCode() != HttpURLConnection.HTTP_OK) {
+ connection.disconnect();
+ throw new Exception("HTTP ERROR :" + connection.getResponseCode());
+ } else {
+ is = connection.getInputStream();
+ }
+
+ BufferedReader reader = new BufferedReader(new InputStreamReader(is, DEFAULT_CHARSET));
+ String lines;
+ sb = new StringBuffer("");
+ while ((lines = reader.readLine()) != null) {
+ sb.append(lines);
+ }
+ reader.close();
+
+ connection.disconnect();
+
+ }catch(Exception e){
+ e.printStackTrace();
+ }
+ return sb.toString();
+
+ }
+
+ public static String get(final String uRL, String data) throws Exception {
+ long timeOut = 30000;
+ URL url = new URL(uRL);
+
+ StringBuffer sb = new StringBuffer("");
+ HttpURLConnection connection = (HttpURLConnection) url.openConnection();
+ connection.setReadTimeout( (int)timeOut);
+ connection.setConnectTimeout( (int)timeOut);
+ connection.setDoOutput(true);
+ connection.setDoInput(true);
+ connection.setRequestMethod("GET");
+ connection.setUseCaches(false);
+ connection.setRequestProperty("Accept-Charset", DEFAULT_CHARSET);
+ connection.setRequestProperty("contentType", DEFAULT_CHARSET);
+
+ connection.setInstanceFollowRedirects(true);
+ connection.addRequestProperty("User-Agent", "MSSP-User-Agent");
+ connection.setRequestProperty("Content-Type", "application/json");
+ try{
+ connection.connect();
+
+ // post
+ DataOutputStream out = new DataOutputStream(connection.getOutputStream());
+
+ out.write(data.getBytes(DEFAULT_CHARSET));
+
+ out.flush();
+ out.close();
+
+ InputStream is;
+ if (connection.getResponseCode() != HttpURLConnection.HTTP_OK) {
+ connection.disconnect();
+ throw new Exception("HTTP ERROR :" + connection.getResponseCode());
+ } else {
+ is = connection.getInputStream();
+ }
+
+ BufferedReader reader = new BufferedReader(new InputStreamReader(is, DEFAULT_CHARSET));
+ String lines;
+ sb = new StringBuffer("");
+ while ((lines = reader.readLine()) != null) {
+ sb.append(lines);
+ }
+ reader.close();
+
+ connection.disconnect();
+
+ }catch(Exception e){
+ e.printStackTrace();
+ }
+ return sb.toString();
+
+ }
+ }
+
+
+}
diff --git a/ruoyi-admin/src/main/java/com/ruoyi/RuoYiApplication.java b/ruoyi-admin/src/main/java/com/ruoyi/RuoYiApplication.java
index 8da2130bd..2b0dc2efd 100644
--- a/ruoyi-admin/src/main/java/com/ruoyi/RuoYiApplication.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/RuoYiApplication.java
@@ -14,6 +14,11 @@ import java.net.UnknownHostException;
* 启动程序
*
* @author ruoyi
+ *
*/
@SpringBootApplication(exclude = { DataSourceAutoConfiguration.class },
scanBasePackages = {"com.ruoyi", "com.neuhis"}) //修改:controller扫描包路径
@@ -35,7 +40,7 @@ public class RuoYiApplication
Environment env = run.getEnvironment();
String ip = InetAddress.getLocalHost().getHostAddress();
String port = env.getProperty("server.port");
- String path = StrUtil.blankToDefault(env.getProperty("server.servlet.context-path"), "") + "/swagger-ui.html";
+ String path = StrUtil.blankToDefault(env.getProperty("server.servlet.context-path"), "") + "/swagger-ui/index.html";
String active = env.getProperty("spring.profiles.active");
System.err.println("\n----------------------------------------------------------\n\t" +
diff --git a/ruoyi-admin/src/main/java/com/ruoyi/web/core/config/SwaggerConfig.java b/ruoyi-admin/src/main/java/com/ruoyi/web/core/config/SwaggerConfig.java
index 00807ff2e..9d0968309 100644
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/core/config/SwaggerConfig.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/core/config/SwaggerConfig.java
@@ -42,7 +42,9 @@ public class SwaggerConfig
// 设置哪些接口暴露给Swagger展示
.select()
// 扫描所有有注解的api,用这种方式更灵活
- .apis(RequestHandlerSelectors.withMethodAnnotation(ApiOperation.class))
+ // 对所有该包下的Api进行监控,如果想要监控所有的话可以改成any()
+ .apis(RequestHandlerSelectors.withMethodAnnotation(ApiOperation.class)) //添加ApiOperiation注解的被扫描
+ .apis(RequestHandlerSelectors.any())
// 扫描指定包中的swagger注解
//.apis(RequestHandlerSelectors.basePackage("com.ruoyi.project.tool.swagger"))
// 扫描所有 .apis(RequestHandlerSelectors.any())
diff --git a/ruoyi-admin/src/main/resources/application.properties b/ruoyi-admin/src/main/resources/application.properties
new file mode 100644
index 000000000..f452cd5fb
--- /dev/null
+++ b/ruoyi-admin/src/main/resources/application.properties
@@ -0,0 +1,28 @@
+# ??CA
+# CA????
+nhit.dc.ca.bjxt01.server-query-user-info=http://192.168.216.112:10201/coss/service/v1/queryUserInfo
+# ??????
+nhit.dc.ca.bjxt01.server-start-auth-sign=http://192.168.216.112:10201/coss/service/v1/startAutoSign
+# ??????
+nhit.dc.ca.bjxt01.server-get-sign-result=http://192.168.216.112:10201/coss/service/v1/getSignResult
+# ????
+nhit.dc.ca.bjxt01.server-auth-sign=http://192.168.216.112:10201/coss/service/v1/autoSign
+# ??????
+nhit.dc.ca.bjxt01.server-verify-sign=http://192.168.216.112:10201/coss/service/v1/verifySign
+# ??????
+nhit.dc.ca.bjxt01.server-query-image=http://192.168.216.112:10201/coss/service/v1/queryImage
+# ?????
+nhit.dc.ca.bjxt01.server-tss-info=http://192.168.216.112:10201/coss/service/v1/createAndGetTssInfo
+# ???????
+nhit.dc.ca.bjxt01.server-verify-tss=http://192.168.216.112:10201/coss/service/v1/verifyTS
+## ????ca APPID
+# ???????
+nhit.dc.ca.bjxt01.app-id=APP_3FAE577489B649F78F70C861AA991AEE
+# ???????
+nhit.dc.ca.bjxt01.app-secret=MDAwNjY1MTZmMjczNDk4MDk2MzJhMTQ4OWYyZTdlNGE=
+
+## ????appid
+# ???????
+#nhit.dc.ca.bjxt01.app-id=APP_95BF9D123FCF498A83C344ED42473675
+# ???????
+#nhit.dc.ca.bjxt01.app-secret=MzI1ODNlYTI2ZjkwNDkzZjg3MDhjOTMwMDBlZDYwOTQ=
diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/ShiroConfig.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/ShiroConfig.java
index 809027036..c29658fea 100644
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/ShiroConfig.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/ShiroConfig.java
@@ -290,6 +290,13 @@ public class ShiroConfig
filterChainDefinitionMap.put("/js/**", "anon");
filterChainDefinitionMap.put("/ruoyi/**", "anon");
filterChainDefinitionMap.put("/captcha/captchaImage**", "anon");
+ //自定义的shiro配置
+ filterChainDefinitionMap.put("/open/**", "anon");//open、app、api接口不需要登录
+ filterChainDefinitionMap.put("/app/**", "anon");
+ filterChainDefinitionMap.put("/api/**", "anon");
+ filterChainDefinitionMap.put("/swagger-resources/**", "anon");//swagger3 ui/resources
+ filterChainDefinitionMap.put("/swagger-ui/**", "anon");//swagger3 ui/resources
+ filterChainDefinitionMap.put("/v3/api-docs**", "anon");//swagger3 api docs
// 匿名访问不鉴权注解列表
List permitAllUrl = SpringUtils.getBean(PermitAllUrlProperties.class).getUrls();
if (StringUtils.isNotEmpty(permitAllUrl))