From fd77ba362b252dbddfd8cd331a37c434664e2583 Mon Sep 17 00:00:00 2001 From: ijunho Date: Thu, 25 Sep 2025 12:21:46 +0900 Subject: [PATCH] =?UTF-8?q?=EB=A1=9C=EA=B7=B8=EC=9D=B8=20=EA=B0=9C?= =?UTF-8?q?=EB=B0=9C=20=EC=A4=91?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../let/uat/uia/web/EgovLoginController.java | 348 ++++++++++++++++-- .../jsp/web/kccadr/kccadrCom/ML4WebPage.jsp | 109 ------ .../jsp/web/kccadr/login/SsoLoginUsr.jsp | 223 +---------- 3 files changed, 326 insertions(+), 354 deletions(-) delete mode 100644 src/main/webapp/WEB-INF/jsp/web/kccadr/kccadrCom/ML4WebPage.jsp diff --git a/src/main/java/kcc/let/uat/uia/web/EgovLoginController.java b/src/main/java/kcc/let/uat/uia/web/EgovLoginController.java index 5d53b38f..1bb2e9a5 100644 --- a/src/main/java/kcc/let/uat/uia/web/EgovLoginController.java +++ b/src/main/java/kcc/let/uat/uia/web/EgovLoginController.java @@ -342,7 +342,6 @@ public class EgovLoginController { // 로그인필요 URL 호출하여 온경우 String beforeUrl = (String) commandMap.get("beforeUrl"); String message = (String) commandMap.get("message"); - String test = (String) commandMap.get("test"); // 실서버 적용시 바꾸기 String returnSiteUrl = returnSiteUrlGlobal; @@ -361,20 +360,7 @@ public class EgovLoginController { model.addAttribute("message", message); model.addAttribute("environment", environment); //로컬은 셀렉트박스 로그인 - //개발은 e배움터 개발서버 로그인 - //운영은 e배움터 운영서버 로그인 - if("dev".equals(environment)) { - return "redirect:http://223.255.205.7/user/member/loginForm.do?eduOff=Y"; - } - if("real".equals(environment)) { - return "redirect:https://edu-copyright.or.kr/user/member/loginForm.do?eduOff=Y"; - } -// initRsa(request); - if (test != null && test.equals("test")) { - return "web/kccadr/login/SsoLoginUsr3"; - } else { - return "web/kccadr/login/SsoLoginUsr"; - } + return "web/kccadr/login/SsoLoginUsr"; } @@ -748,7 +734,323 @@ public class EgovLoginController { public String selectActionSecurityLoginWeb(@ModelAttribute("loginVO") LoginVO loginVO, HttpServletResponse response, HttpServletRequest request, ModelMap model, HttpSession session, RedirectAttributes redirectAttributes) throws Exception { - ScriptEngineManager engine = new ScriptEngineManager(); + //일반 로그인이 아니므로 1로 세팅 + loginVO.setPassword("1"); + + // 로그인 정보 check + if (loginVO.getId() == null || loginVO.getPassword() == null) { + SsoLoginVO SsoLoginSessionChk = (SsoLoginVO) session.getAttribute("SSOLoginVO"); + // SSOLoginVO 세션 체크 + if (SsoLoginSessionChk != null) { + + loginVO.setId(SsoLoginSessionChk.getMembId()); + loginVO.setPassword("1"); + } else { + model.addAttribute("message", "로그인을 다시 해주세요."); + // 로그인 페이지로 이동 + /*return "/web/kccadr/login/SsoLoginUsr";*/ + return "redirect:/web/user/login/ssoLogin.do"; + } + } + + SsoLoginVO ssologinVO = new SsoLoginVO(); + + /*231031.개발서버 selectbox 로그인용 임시 + isDev 삭제 처리*/ + if ((ProfileUtil.isLocal() || ProfileUtil.isTLocal() || ProfileUtil.isDev()) && "Y".equals(loginVO.getIsSelect())) { //비 sso login + + loginVO.setStatusAll("N"); + ssologinVO.setMembSeq(loginVO.getId()); //중요 + //loginVO = loginService.actionLogin(loginVO); + + //기존에 개발자 로그인은 selectbox와 mber_seq로 로그인 처리. + //e배움터 연동 후 mber_seq는 key로 사용하기 때문에 mber_id로 로그인 처리 과정 + //loginVO = loginService.actionLoginDev(loginVO); //개발자 아이디 선택 로그인시 + loginVO = loginService.actionLoginMberId(loginVO); + + + //ssologinVO.setMembSeq(loginVO.getId()); //중요 + + //loginVO = loginService.actionLoginDev(loginVO); //개발자 아이디 선택 로그인시 + + //ssologinVO.setMembSeq(loginVO.getId()); //중요 + + ssologinVO.setMembId(loginVO.getEmail()); + + // ================== 이름 암호화로 나오는 문제 해결 ==================== + ssologinVO.setMembName(egovCryptoUtil.decrypt(loginVO.getName())); + + System.out.println("==================임시=================="); + // ==== 계속 암호화에 암호화가 되서 임시로 넣음 + ssologinVO.setMembName(egovCryptoUtil.decrypt(ssologinVO.getMembName())); + ssologinVO.setMembName(egovCryptoUtil.decrypt(ssologinVO.getMembName())); + ssologinVO.setMembName(egovCryptoUtil.decrypt(ssologinVO.getMembName())); + ssologinVO.setMembName(egovCryptoUtil.decrypt(ssologinVO.getMembName())); + ssologinVO.setMembName(egovCryptoUtil.decrypt(ssologinVO.getMembName())); + + + ssologinVO.setSexCode("M"); + ssologinVO.setMembEmail(loginVO.getEmail()); + ssologinVO.setMembCelnum(loginVO.getMembCelnum()); + ssologinVO.setMembBirth(loginVO.getMembBirth()); + + /* + * ssologinVO.setMembSmsRecpYn(loginVO.getMembSmsRecpYn()); + * ssologinVO.setMembEmailRecpYn(loginVO.getMembEmailRecpYn()); + * + * ssologinVO.setDispsettMembDivisCode(loginVO.getDispsettMembDivisCode()); + * ssologinVO.setCorpnum(loginVO.getCorpnum()); + * ssologinVO.setBuisnRegnum(loginVO.getBuisnRegnum()); + * ssologinVO.setCompTitle(loginVO.getCompTitle()); + */ + + session.setAttribute("SSOLoginVO", ssologinVO); + + } else { //sso login + + ssologinVO = (SsoLoginVO) session.getAttribute("SSOLoginVO"); + + String SsoLoginResult = ""; +/* if (ssologinVO == null) { + SSO로그인 및 SSOLoginVO 세선 생성 + SsoLogin ssoLogin = new SsoLogin(); + SsoLoginResult = ssoLogin.SsoLogin(loginVO.getId(), loginVO.getPassword(), request); + } + if ("fail".equals(SsoLoginResult)) { + redirectAttributes.addAttribute("message", "아이디 비밀번호를 확인해 주세요."); + redirectAttributes.addFlashAttribute("message", "아이디 비밀번호를 확인해 주세요."); + return "redirect:/web/user/login/ssoLogin.do"; + }*/ + } + +// ssologinVO = (SsoLoginVO) session.getAttribute("SSOLoginVO"); + + /*if ("".equals(ssologinVO.getDispsettMembDivisCode())) { + 신청 관련코드 받아오면 처리 + System.out.println("조정분류코드 없음"); + + }*/ + + // 기존에 있던 회원이 아니면 DB에 일련번호 저장 + /* UserManageVO userManageVO = new UserManageVO(); + userManageVO.setMberSeq(ssologinVO.getMembSeq()); + userManageVO = userManageService.selectKccadrUser(userManageVO); + if (null == userManageVO) { + UserManageVO tmpUserManageVO = new UserManageVO(); + tmpUserManageVO.setMberSeq(ssologinVO.getMembSeq()); + tmpUserManageVO.setAuthorCode("ROLE_USER_MEMBER"); + tmpUserManageVO.setEmplyrNm(ssologinVO.getMembName()); + tmpUserManageVO = egovCryptoUtil.encryptUserManageVO(tmpUserManageVO); + String result = userManageService.insertUser(tmpUserManageVO); + + userManageVO = userManageService.selectKccadrUser(tmpUserManageVO); + }else { //기존에 있던 회원이라면 이름 최신화 + UserManageVO tmpUserManageVO = new UserManageVO(); + tmpUserManageVO.setMberSeq(ssologinVO.getMembSeq()); + tmpUserManageVO.setEmplyrNm(ssologinVO.getMembName()); + + tmpUserManageVO = egovCryptoUtil.encryptUserManageVO(tmpUserManageVO); + userManageService.updateUserNm(tmpUserManageVO); + }*/ + + /*loginVO.setId(userManageVO.getEmplyrId()); + loginVO.setPassword(userManageVO.getPassword()); +*/ + /* + * ssoLoginVO에서 아이디와, 일련번호, 부가가입여부 체크해서 DB에 일치하는 정보가 있는지 체크하고 일치하면 통과, 없으면 + * ssoLoginVO에서 일련번호, 부가가입여부를 포함한 사용자 정보 DB에 insert + */ + + loginVO.setUserSe("GNR"); + // 로그인 정보 check + + /* + * if(loginVO.getId() == null || loginVO.getPassword() == null){ // 회원가입 시 로그인 + * 처리 LoginVO pLoginVO = (LoginVO)request.getAttribute("pLoginVO"); if (pLoginVO + * == null) { // RSA 키 생성 initRsa(request); return + * "redirect:/web/user/login/login.do"; } else { + * loginVO.setId(pLoginVO.getId()); loginVO.setPassword(pLoginVO.getPassword()); + * loginVO.setBeforeUrl(pLoginVO.getBeforeUrl()); + * loginVO.setMessage(pLoginVO.getMessage()); } } + */ + + // 관리자 유무 체크 + List authorities = (List) loginService.selectAuthorities(loginVO); + Boolean adminFlag = false; + for (EgovMap authority : authorities) { + // admin_auth_code 최하위 관리자 Roll 코드 + if (authority.get("authorCode").equals(propertiesService.getString("admin_auth_code"))) + adminFlag = true; + } + + // 관리자 시 로그인 막기 + if (adminFlag) { + model.addAttribute("message", egovMessageSource.getMessage("fail.common.login")); + // RSA 키 생성 +// initRsa(request); + return "web/site/login/EgovLoginGnrlUsr"; + } + + // 1. 일반 로그인 처리 + LoginVO resultVO; + // 복호화 + + loginVO.setStatusAll("Y"); // 신청대기중인 사용자까지 조회 + /* loginVO.setUserSe("GNR"); */ + resultVO = loginService.actionLogin(loginVO); + // 로그인 시 권한조회 + resultVO.setAuthority(loginService.getUserAuth(resultVO).getAuthority()); + + System.out.println("==1=="); + + String alertMessage = ""; + if (!"admin".equals(loginVO.getId())) { + if (null == resultVO.getId()) { // 로그인 실패 + /* loginService.updatePassMissPlus(loginVO); */ + alertMessage = egovMessageSource.getMessage("fail.common.login"); + // 로그인 실패이면 메인페이지로 이동 + return goUserLoginPage(redirectAttributes, request, model, alertMessage); + } /* + * else{ if(resultVO.getPassMiss() > 5) { alertMessage = + * "패스워드가 5회 이상 틀려 로그인 할수 없습니다. 관리자에게 문의하시기 바랍니다."; return + * goUserLoginPage(redirectAttributes, request, model, alertMessage); }else + * if("A".equals(resultVO.getEmplyrSttusCode())){ //신청상태 alertMessage = + * "신청하신 아이디가 현제 승인대기 상태입니다."; return goUserLoginPage(redirectAttributes, + * request, model, alertMessage); }else + * if("B".equals(resultVO.getEmplyrSttusCode())){ //신청상태 alertMessage = + * "아이디가 차단상태가 되어 사용할수 없습니다."; return goUserLoginPage(redirectAttributes, + * request, model, alertMessage); } loginService.updatePassMissReset(loginVO); } + */ + } + + boolean loginPolicyYn = true; + System.out.println("==12=="); + // 접속IP + String userIp = EgovClntInfo.getClntIP(request); + + // resultVO.siteId 의 각 로그인 ip를 조회함 + if (resultVO != null && resultVO.getId() != null && !resultVO.getId().equals("") && loginPolicyYn) { + // 세션에다 ip 등록 + resultVO.setIp(userIp); + System.out.println("==13=="); + // LoginVO세션에 사용자 정보 넣기 + resultVO.setMembSeq(ssologinVO.getMembSeq()); + resultVO.setMembId(ssologinVO.getMembId()); + resultVO.setMembName(ssologinVO.getMembName()); + resultVO.setMembSeq(ssologinVO.getMembSeq()); + resultVO.setMembCi(ssologinVO.getMembCi()); + resultVO.setMembEmail(ssologinVO.getMembEmail()); + resultVO.setMembCelnum(ssologinVO.getMembCelnum()); + resultVO.setMembBirth(ssologinVO.getMembBirth()); + resultVO.setMembSmsRecpYn(ssologinVO.getMembSmsRecpYn()); + resultVO.setMembEmailRecpYn(ssologinVO.getMembEmailRecpYn()); + resultVO.setSexCode(ssologinVO.getSexCode()); + resultVO.setDispsettMembDivisCode(ssologinVO.getDispsettMembDivisCode()); + resultVO.setCorpnum(ssologinVO.getCorpnum()); + resultVO.setBuisnRegnum(ssologinVO.getBuisnRegnum()); + resultVO.setCompTitle(ssologinVO.getCompTitle()); + + // 2. spring security 연동 + request.getSession().setAttribute("LoginVO", resultVO); // LoginVO세션 생성 + System.out.println("@@@@로그인VO:"+resultVO+"@@@@@@"); + UsernamePasswordAuthenticationFilter springSecurity = new UsernamePasswordAuthenticationFilter(); + ApplicationContext act = WebApplicationContextUtils.getRequiredWebApplicationContext(request.getSession().getServletContext()); + Map beans = act.getBeansOfType(UsernamePasswordAuthenticationFilter.class); + if (beans.size() > 0) { + springSecurity = (UsernamePasswordAuthenticationFilter) beans.values().toArray()[0]; + springSecurity.setUsernameParameter("egov_security_username"); + springSecurity.setPasswordParameter("egov_security_password"); + springSecurity.setRequiresAuthenticationRequestMatcher(new AntPathRequestMatcher(request.getServletContext().getContextPath() + "/egov_security_login", "POST")); + + } else { + throw new IllegalStateException("No AuthenticationProcessingFilter"); + } + System.out.println("==14=1="); + + springSecurity.doFilter(new RequestWrapperForSecurity(request, resultVO.getUserSe() + resultVO.getId(), resultVO.getUniqId()), response, null); + + try{ + System.out.println("==14=1="); + System.out.println("EgovUserDetailsHelper.isAuthenticated()"); + System.out.println(EgovUserDetailsHelper.isAuthenticated()); + }catch(Exception ex){ + ex.printStackTrace(); + } + + { // 관리자 로그인 log 저장 + String uniqId = ""; + String ip = ""; + + /* Authenticated */ + LoginLog loginLog = new LoginLog(); + Boolean isAuthenticated = EgovUserDetailsHelper.isAuthenticated(); + if (isAuthenticated.booleanValue()) { + LoginVO user = (LoginVO) EgovUserDetailsHelper.getAuthenticatedUser(); + uniqId = user.getUniqId(); + ip = EgovClntInfo.getClntIP(request); + + HttpSession httpSession = request.getSession(true); + { + List siteManageList = new ArrayList(); + SiteManagerVO siteManagerVO = new SiteManagerVO(); + siteManagerVO.setFirstIndex(0); + siteManagerVO.setRecordCountPerPage(100); + siteManageList = egovSiteManagerService.selectSiteManagerList(siteManagerVO); + httpSession.setAttribute("siteManageList", siteManageList); + httpSession.setAttribute("loginId", user.getId()); // 자동완성 공통으로 쓰기위해 + httpSession.setAttribute("esntlId", user.getPassword()); + } + } + + loginLog.setLoginId(uniqId); + loginLog.setLoginIp(ip); + loginLog.setLoginMthd("I"); // 로그인:I, 로그아웃:O + loginLog.setErrOccrrAt("N"); + loginLog.setErrorCode(""); + // 로그인은 관리자, PC만 됨 + loginLog.setUserAt("U"); // 사용자 + loginLog.setDeviceType("P"); // PC + loginLog.setProgrmFileNm("adminLogin"); + loginLog.setMenuNm("관리자로그인"); + loginLogService.logInsertLoginLog(loginLog); + System.out.println("==15=0="); + } + +// session.setAttribute("beforeSiteUrl", request.getRequestURI()); + System.out.println("session.getAttributesession.getAttributesession.getAttributesession.getAttribute"); + loginVO.setBeforeUrl((String) request.getSession().getAttribute("beforeSiteUrl")); + // 로그인 전 URL 호출 시 + if (loginVO.getBeforeUrl() != null && !("").equals(loginVO.getBeforeUrl())) { + request.getSession().setAttribute("usrBeforeUrl", loginVO.getBeforeUrl()); + // 회원가입 시 메세지 처리 + if (loginVO.getMessage() != null && !("").equals(loginVO.getMessage())) { + request.getSession().setAttribute("registMessage", loginVO.getMessage()); + } + } + System.out.println("==16=0="); + // 개인키 삭제 + // 성공시 웹페이지 분기로 인해 session에 페이지 타입을 넣어준다. + request.getSession().setAttribute("pageType", "web"); + return "blank"; // 성공 시 페이지.. (redirect 불가) + } else { + String message = egovMessageSource.getMessage("fail.common.login"); + redirectAttributes.addAttribute("beforeUrl", loginVO.getBeforeUrl()); + redirectAttributes.addAttribute("message", message); + return "redirect:/web/user/login/login.do"; + } + } + + /** + * (사용자) 일반(스프링 시큐리티) 로그인을 처리한다(SSO ID/PW를 통한 로그인 처리) + * + * @param vo - 아이디, 비밀번호가 담긴 LoginVO + * @param request - 세션처리를 위한 HttpServletRequest + * @return result - 로그인결과(세션정보) + * @exception Exception + */ + @RequestMapping(value = "/web/user/login/actionSecurityLogin_back.do") + public String selectActionSecurityLoginWeb_back(@ModelAttribute("loginVO") LoginVO loginVO, HttpServletResponse response, HttpServletRequest request, ModelMap model, HttpSession session, + RedirectAttributes redirectAttributes) throws Exception { // 로그인 정보 check if (loginVO.getId() == null || loginVO.getPassword() == null) { @@ -767,7 +1069,7 @@ public class EgovLoginController { } SsoLoginVO ssologinVO = new SsoLoginVO(); - + /*231031.개발서버 selectbox 로그인용 임시 isDev 삭제 처리*/ if ((ProfileUtil.isLocal() || ProfileUtil.isTLocal() || ProfileUtil.isDev()) && "Y".equals(loginVO.getIsSelect())) { //비 sso login @@ -1013,18 +1315,6 @@ public class EgovLoginController { httpSession.setAttribute("siteManageList", siteManageList); httpSession.setAttribute("loginId", user.getId()); // 자동완성 공통으로 쓰기위해 httpSession.setAttribute("esntlId", user.getPassword()); - - // 최근검색어 조회 후 세션에 넣어줌 - /* - * UserManageVO tempUserManageVO = new UserManageVO(); - * tempUserManageVO.setEmplyrId(user.getId()); tempUserManageVO = - * userManageService.selectRecentSearchWord(tempUserManageVO); - * - * List lisRecentSearch = new ArrayList(); if(null != - * tempUserManageVO){ //ArrayList 로 세션 저장 - * Collections.addAll(lisRecentSearch,tempUserManageVO.getSearchWord().split("," - * )) ; } httpSession.setAttribute("recentSearch", lisRecentSearch) ; - */ } } diff --git a/src/main/webapp/WEB-INF/jsp/web/kccadr/kccadrCom/ML4WebPage.jsp b/src/main/webapp/WEB-INF/jsp/web/kccadr/kccadrCom/ML4WebPage.jsp deleted file mode 100644 index 70f89e69..00000000 --- a/src/main/webapp/WEB-INF/jsp/web/kccadr/kccadrCom/ML4WebPage.jsp +++ /dev/null @@ -1,109 +0,0 @@ -<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="utf-8"%> - - - - - - - - - - - - - - - - - - - - -
- - - - - -
- -
- -
- - - diff --git a/src/main/webapp/WEB-INF/jsp/web/kccadr/login/SsoLoginUsr.jsp b/src/main/webapp/WEB-INF/jsp/web/kccadr/login/SsoLoginUsr.jsp index 4daaa901..2ef52ffb 100644 --- a/src/main/webapp/WEB-INF/jsp/web/kccadr/login/SsoLoginUsr.jsp +++ b/src/main/webapp/WEB-INF/jsp/web/kccadr/login/SsoLoginUsr.jsp @@ -77,24 +77,6 @@ function actionLogin2() { document.loginForm.submit(); } -/* 아이디 비밀번호 찾기 link */ -function usrIdPassFind(choose){ - var gsWin = window.open('about:blank','usrIdPassFind',''); - var frm = document.usrForm; - frm.target ="usrIdPassFind"; - var actionUrl; - frm.returnSiteCode.value = ""; - frm.returnSiteUrl.value = ""; - - if(choose == 'id'){ - actionUrl = ""; - }else{ - actionUrl = ""; - } - - frm.action = actionUrl; - frm.submit(); -}
@@ -117,45 +99,15 @@ function usrIdPassFind(choose){ - - - <%-- --%> -
- -
- - -