qm-security


License

License

Categories

Categories

Security
GroupId

GroupId

com.starmcc
ArtifactId

ArtifactId

qm-security
Last Version

Last Version

2.0.0-RELEASE
Release Date

Release Date

Type

Type

jar
Description

Description

qm-security
qm-security
Project URL

Project URL

https://github.com/starmcc/qm-security
Source Code Management

Source Code Management

https://github.com/starmcc/qm-security

Download qm-security

How to add to project

<!-- https://jarcasting.com/artifacts/com.starmcc/qm-security/ -->
<dependency>
    <groupId>com.starmcc</groupId>
    <artifactId>qm-security</artifactId>
    <version>2.0.0-RELEASE</version>
</dependency>
// https://jarcasting.com/artifacts/com.starmcc/qm-security/
implementation 'com.starmcc:qm-security:2.0.0-RELEASE'
// https://jarcasting.com/artifacts/com.starmcc/qm-security/
implementation ("com.starmcc:qm-security:2.0.0-RELEASE")
'com.starmcc:qm-security:jar:2.0.0-RELEASE'
<dependency org="com.starmcc" name="qm-security" rev="2.0.0-RELEASE">
  <artifact name="qm-security" type="jar" />
</dependency>
@Grapes(
@Grab(group='com.starmcc', module='qm-security', version='2.0.0-RELEASE')
)
libraryDependencies += "com.starmcc" % "qm-security" % "2.0.0-RELEASE"
[com.starmcc/qm-security "2.0.0-RELEASE"]

Dependencies

compile (4)

Group / Artifact Type Version
org.springframework : spring-web Optional jar 5.0.8.RELEASE
org.springframework : spring-webmvc Optional jar 5.0.8.RELEASE
org.apache.directory.studio : org.apache.commons.codec jar 1.8
org.slf4j : slf4j-api jar 1.7.25

provided (1)

Group / Artifact Type Version
javax.servlet : javax.servlet-api Optional jar 3.1.0

Project Modules

There are no modules declared in this project.

qm-security - 安全框架

1. Preface

1.1 Help Document

Show Document

1.2 Update Version Log

Show Version

1.3 Open Source

https://github.com/starmcc/qm-security

1.4 Introduce

qm-security是利用拦截器进行一系列安全校验的权限框架。

利用AES进行token多重加密生成,使用MD5token进行签名,建立自身拦截器并对请求进行登录认证和授权认证。如果不通过,则自动踢出请求并返回对应的JSON信息。

1.5 Internal coordination

框架内部提供接口,由调用者实现授权过程,不接管登录认证操作,只辅助生成密度较高的token字符串,专注于校验机制,所见即所得,这是一个轻量级的URL权限框架。

1、登录成功后生成token返回前端。
2、当该用户请求API接口时,header中带上token,安全框架将自动获取并通过层层校验。
3、当该用户请求时token的失效时间已过去一半,程序会重新签发token。
4、当该用户这次请求的token值已经过期,authorizationUserInfo返回null,则直接拦截。
5、当用户请求接口时遇到第3种情况时,会给Response的Header中设置token字段,该token映射的v为新的有效token。
6、注:当前端检测到Response的Header中有token字段时需替换旧的token的值。

2. Maven Warehouse

<dependency>
  <groupId>com.starmcc</groupId>
  <artifactId>qm-security</artifactId>
  <version>x.x.x-RELEASE</version>
</dependency>

3. Relation

在使用前,请确保项目中存在以下依赖

  • servlet-api
  • spring-web
  • spring-webmvc
  • slf4j

一般情况下,使用springboot进行web开发时我们会在Maven增加如下依赖。

<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-web</artifactId>
</dependency>

上述配置已经包含了所需依赖,无需进行其他配置直接引入qm-security依赖库即可。

Versions

Version
2.0.0-RELEASE
1.1.0-RELEASE
1.0.3-RELEASE
1.0.2
1.0.1
1.0.0