2
来源:互联网 发布:北京编程培训机构 编辑:程序博客网 时间:2024/04/19 07:05
package isps.security.servlet;
/**
* IsCardSvlt.java
* Creator : Kim,Younghwan
* Created Date : 2007.04.12
* Modifier :
* Modified Date :
* Description : 出入증관리
*/
import isps.common.log.Log;
import isps.common.servlet.AbstractServlet;
import isps.common.util.ComUtil;
import isps.security.service.IsComSessionService;
import isps.security.vo.common.IsComSessionVO;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.Hashtable;
import java.util.StringTokenizer;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
public class IsComSessionSvlt extends AbstractServlet
{
private static final long serialVersionUID = -4555140650329932848L;
/**
* Method : doPost
* Input : HttpServletRequest req, HttpServletResponse res
* Output : void
* Description : 사용자 Session 생성
*/
public void service(HttpServletRequest req, HttpServletResponse res) throws ServletException, IOException
{
Log.debug("---------------------------------------------------");
Log.debug(" START <=== [EpConnectServlet/doPost] ===> START ");
Log.debug("---------------------------------------------------");
RequestDispatcher rd = null;
String url = "";
String actKey = "";
//String param = "";
String errMsg = "";
String[] ipInfo = null;
HttpSession session = null;
IsComSessionVO UsrSession = null;
//PrintWriter toClient = new PrintWriter(res.getOutputStream(),true);
try
{
url = ComUtil.checkString(req.getParameter("URL"));
Log.debug("IsComSessionSvlt.service() replace before url["+url+"]");
url = ComUtil.replace(url, "|", "&");
Log.debug("IsComSessionSvlt.service() replace after url["+url+"]");
actKey = ComUtil.checkString(req.getParameter("_ACT"));
//----------------------------------------------------
// url이 존재하면 Session 정보를 생성해서
// 해당 url로 forwarding한다.
//----------------------------------------------------
if (!url.equals(""))
{
UsrSession = new IsComSessionVO();
String retValue = setUsrSessionSso(req, res, UsrSession); // 세션 값 입력
if (!retValue.equals("USER"))
{
if(session == null ) session = req.getSession(true);
session.setAttribute("ISS_SESSION", UsrSession);
//-----------------------------------------------------------------------------------
// 구분자를 받아 해당 화면으로 forwarding한다.
// 1. 국내영업 요청
// - 来訪客申請(VISIT), 반出入申請(INOUT),
// - 出入증申請(TEMP_CARD), 役職員出入증(EMP_CARD), 회의실申請(ROOM)
//-----------------------------------------------------------------------------------
if (url.equals("VISIT") // 来訪客申請
|| url.equals("INOUT") // 반出入申請
|| url.equals("TEMP_CARD") // 出入증申請
|| url.equals("EMP_CARD") // 役職員出入증
|| url.equals("ROOM") // 회의실申請
)
{
this.forwardUrl(req, res);
}
}
else
{
if(session == null ) session = req.getSession(true);
session.setAttribute("SINGLE_SESSION", UsrSession);
}
}
// back door
else if (actKey.equals("BACK"))
{
url = "/comMainServlet.svlt?_ACT=MAIN";
UsrSession = new IsComSessionVO();
setBakUsrSession(req, res, UsrSession);
if(session == null ) session = req.getSession(true);
session.setAttribute("ISS_SESSION", UsrSession);
}
else
{
url = "/security/checkIp.jsp";
ipInfo = null;
UsrSession = new IsComSessionVO();
ipInfo = setUsrSession(req, res, UsrSession); // 세션 값 입력
if (!ipInfo[0].equals("USER"))
{
if(session == null ) session = req.getSession(true);
session.setAttribute("ISS_SESSION", UsrSession);
}
else
{
if(session == null ) session = req.getSession(true);
session.setAttribute("SINGLE_SESSION", UsrSession);
}
}
Log.debug(" Session Session is /n"+ UsrSession.toString());
}
catch ( Exception e )
{
e.printStackTrace();
errMsg = e.getMessage();
Log.error(e.getMessage());
}
finally
{
try {
if(errMsg.length() != 0)
{
req.setAttribute("errMsg", ComUtil.errMsgConvert(errMsg));
}
else if (url.equals("/security/checkIp.jsp"))
{
req.setAttribute("userIp", ipInfo[0]);
req.setAttribute("lastIp", ipInfo[1]);
req.setAttribute("lastDate", ipInfo[2]);
req.setAttribute("name", ipInfo[3]);
}
rd = getServletContext().getRequestDispatcher(url);
rd.forward(req, res);
return;
} catch(Exception e)
{
e.printStackTrace();
}
}
Log.debug("-----------------------------------------------");
Log.debug(" END <=== [IsComSessionSvlt/doPost] ===> END ");
Log.debug("-----------------------------------------------");
}
//----------------------------------------------------------------------------------------------------------
// Session 생성
//----------------------------------------------------------------------------------------------------------
private String[] setUsrSession(HttpServletRequest req, HttpServletResponse res, IsComSessionVO UsrSession) throws Exception, IOException//*
{
Log.debug("----------------------------------------------------------");
Log.debug(" START <=== [IsComSessionSvlt/setUsrSession] ===> START ");
Log.debug("----------------------------------------------------------");
// SBUsrChkHome UsrChkHome = null;
//SBUsrChkCtl UsrChkRemote = null;
//SrPdssInfoBean pdssInfoBean = null;
//SrConnIpBean connIpBean = null;
// 프로그램 ID
//String pgmId = "IsComSessionSvlt";
//String logRec = "접속 로그 검색/입력 (照会/추가)";
// Site에서 필요로 하는 Parameter 값들을 담을 변수를 미리 선언해 놓습니다. (주석은 사용자 정보(D1) 내의 키와 그 의미입니다.)
String EpID = "None"; //EP_LOGINID :Log-in ID//登录名
String Name = "None"; //EP_USERNAME :사용자이름
String Reg_no = "None"; //EP_SOCIALID :주민 登録 番号
String Compny_tel_no = "None"; //EP_COMPTEL :회사 전화 番号
String Email = "None"; //EP_MAIL :Mail Address
String UniqueID = "None"; //EP_USERID :Unique ID
//PDSS 체크 변수
String Emp_no = "None"; //EP_SABUN :사원 番号
String Compny_code = "None"; //EP_COMPID :회사 Code
String Compny_nm = "None"; //EP_COMPNAME :회사명
String Dept_code = "None"; //EP_DEPTID :부서 Code
String Dept_nm = "None"; //EP_DEPTNAME :부서명
String Rank_code = "None"; //EP_GRDID :직급 Code
String Rank_nm = "None"; //EP_GRDNAME :직급명
String GnDivCd = "None"; //EP_SORGID :총괄 구분 Code
String GnDivNm = "None"; //EP_SORGNAME :총괄 구분명
String WaDivCd = "None"; //EP_BUSID :사업장 구분 Cod
String WaDivNm = "None"; //EP_BUSNAME :사업장 구분명
String LcDivCd = "None"; //EP_REGID :지역 구분 Code
String LcDivNm = "None"; //EP_REGNAME :지역 구분명
String DComp = "None"; //EP_DCOMP :파견사구분
String AuthGrp = "None"; //권한 체크 변수
String regularTyp = "None"; //정규/비정규 구분 (1:정규, 2:비정규)
//String usrChk = "" ; //User Check
String Inner_dept_code = "None"; //내부부서코드
String userInfo = "None";
String errMsg = "";
//String ep_returncode = "";
String userIP = "None";
String[] ipInfo = null;
PrintWriter toClient = new PrintWriter(res.getOutputStream(),true);
try
{
String strTotalData = ComUtil.checkString(req.getParameter("totaldata"));//解密
Log.debug("IsComSessionSvlt.strTotalData["+strTotalData+"]");
if (strTotalData.equals(""))
{
throw new Exception("Single정보가 유효하지 않습니다./n/nSingle 재 접속 후 접속하시기 바랍니다.");
}
StringTokenizer token = new StringTokenizer(strTotalData , ";");//以;分开,集继承了enumeration?
String strNewDataList = token.nextToken(); // 암호화된 사용자 정보
String strMD5SecureKey = token.nextToken(); // 전자서명값
String strKeyFolder = token.nextToken(); // 공개키 위치
Log.debug("IsComSessionSvlt.token["+token+"]");
Log.debug("IsComSessionSvlt.strKeyFolder["+strKeyFolder+"]");
byte [] baPublicKey = new byte[4096];
if(strKeyFolder.equals("C10")){ // B2E SSO 인증 시不用管
baPublicKey = ep.Utils.getPublicKey("D:/ISPS_WAS/isps/config/PRIKEY/" + strKeyFolder + "/B2ESSO_key");
}else{ // mySingle 인증 시
baPublicKey = ep.Utils.getPublicKey("D:/ISPS_WAS/isps/config/PRIKEY//" + strKeyFolder + "/mySingle_key");//?
}
// 복호화된 사용자 정보
Log.debug("IsComSessionSvlt.DecryptDataList parameters");
Log.debug("IsComSessionSvlt.DecryptDataList new String(baPublicKey)["+new String(baPublicKey)+"]");
Log.debug("IsComSessionSvlt.DecryptDataList strMD5SecureKey["+strMD5SecureKey+"]");
Log.debug("IsComSessionSvlt.DecryptDataList strNewDataList["+strNewDataList+"]");
try {
userInfo = ep.EpTrayUtil.DecryptDataList(new String(baPublicKey),strMD5SecureKey,strNewDataList);
} catch (Exception e) {
throw new Exception("single 오류 입니다.");
}
Log.debug("IsComSessionSvlt.userInfo["+userInfo+"]");
// Web App.에서 필요로 하는 Parameter 값들을 추출합니다.
if ( userInfo != null && !userInfo.equals( "" ) )
{
StringTokenizer st = new StringTokenizer ( userInfo, ";" ); // ";"을 Token으로 문자열을 분리시킵니다.
for ( ; st.hasMoreTokens ( ) ; )
{
String info = st.nextToken ( );//info=之前是infokey,之后是infovalue
if ( info != null )
{
String infoKey = info.substring ( 0, info.indexOf ( "=" ) ).trim ( ); // "="을 기준으로 앞 문자열은 Key가 됩니다.
String infoValue = info.substring ( info.indexOf ( "=" ), info.length ( ) ).trim ( ); // "="을 기준으로 뒷 문자열은 Value가 됩니다.
// 1. 정상 로그인 여부 체크(1: 정상, 0 : 에러)
if (infoKey.equals("EP_RETURNCODE") && infoValue.equals("=0")){
//ep_returncode = infoValue.equals("=")?"":infoValue.substring(infoValue.indexOf("=")+1,infoValue.length( ));
errMsg = "Single 로그인 오류 입니다.";
throw new Exception(errMsg);
}
if ( infoKey.equals ( "EP_LOGINID" ) ){ // Log-in ID
EpID = infoValue.equals ( "=" ) ? "" : infoValue.substring ( infoValue.indexOf ( "=" ) + 1, infoValue.length ( ) );
if (ComUtil.checkString(EpID).equals("")) EpID = "None";
}
else if(infoKey.equals ( "EP_USERNAME" ) ){ // 성명
Name = infoValue.equals ( "=" ) ? "" : infoValue.substring ( infoValue.indexOf ( "=" ) + 1, infoValue.length ( ) );
if (ComUtil.checkString(Name).equals("")) Name = "None";
}
else if(infoKey.equals ( "EP_COMPID" ) ) { //회사 Code
Compny_code = infoValue.equals ( "=" ) ? "" : infoValue.substring ( infoValue.indexOf ( "=" ) + 1, infoValue.length ( ) );
if (ComUtil.checkString(Compny_code).equals("")) Compny_code = "None";
}
else if(infoKey.equals ( "EP_COMPNAME" ) ) { //회사명
Compny_nm = infoValue.equals ( "=" ) ? "" : infoValue.substring ( infoValue.indexOf ( "=" ) + 1, infoValue.length ( ) );
if (ComUtil.checkString(Compny_nm).equals("")) Compny_nm = "None";
}
else if(infoKey.equals ( "EP_SOCIALID" ) ) { //주민 登録 番号
Reg_no = infoValue.equals ( "=" ) ? "" : infoValue.substring ( infoValue.indexOf ( "=" ) + 1, infoValue.length ( ) );
if (ComUtil.checkString(Reg_no).equals("")) Reg_no = "None";
}
else if(infoKey.equals ( "EP_DEPTID" ) ) { //부서 Code
Dept_code = infoValue.equals ( "=" ) ? "" : infoValue.substring ( infoValue.indexOf ( "=" ) + 1, infoValue.length ( ) );
if (ComUtil.checkString(Dept_code).equals("")) Dept_code = "None";
}
else if(infoKey.equals ( "EP_DEPTNAME" ) ) { //부서명
Dept_nm = infoValue.equals ( "=" ) ? "" : infoValue.substring ( infoValue.indexOf ( "=" ) + 1, infoValue.length ( ) );
if (ComUtil.checkString(Dept_nm).equals("")) Dept_nm = "None";
}
else if(infoKey.equals ( "EP_GRDID" ) ) { //직급 Code
Rank_code = infoValue.equals ( "=" ) ? "" : infoValue.substring ( infoValue.indexOf ( "=" ) + 1, infoValue.length ( ) );
if (ComUtil.checkString(Rank_code).equals("")) Rank_code = "None";
}
else if(infoKey.equals ( "EP_GRDNAME" ) ) { //직급명
Rank_nm = infoValue.equals ( "=" ) ? "" : infoValue.substring ( infoValue.indexOf ( "=" ) + 1, infoValue.length ( ) );
if (ComUtil.checkString(Rank_nm).equals("")) Rank_nm = "None";
}
else if(infoKey.equals ( "EP_SABUN" ) ) { //사원 番号
Emp_no = infoValue.equals ( "=" ) ? "" : infoValue.substring ( infoValue.indexOf ( "=" ) + 1, infoValue.length ( ) );
if (ComUtil.checkString(Emp_no).equals("")) Emp_no = "None";
}
else if(infoKey.equals ( "EP_COMPTEL" ) ) { //회사 전화 番号
Compny_tel_no = infoValue.equals ( "=" ) ? "" : infoValue.substring ( infoValue.indexOf ( "=" ) + 1, infoValue.length ( ) );
if (ComUtil.checkString(Compny_tel_no).equals("")) Compny_tel_no = "None";
}
else if(infoKey.equals ( "EP_SORGID" ) ) { //총괄 구분 Code
GnDivCd = infoValue.equals ( "=" ) ? "" : infoValue.substring ( infoValue.indexOf ( "=" ) + 1, infoValue.length ( ) );
if (ComUtil.checkString(GnDivCd).equals("")) GnDivCd = "None";
}
else if(infoKey.equals ( "EP_SORGNAME" ) ) { //총괄 구분명
GnDivNm = infoValue.equals ( "=" ) ? "" : infoValue.substring ( infoValue.indexOf ( "=" ) + 1, infoValue.length ( ) );
if (ComUtil.checkString(GnDivNm).equals("")) GnDivNm = "None";
}
else if(infoKey.equals ( "EP_BUSID" ) ) { //사업장 구분 Code
WaDivCd = infoValue.equals ( "=" ) ? "" : infoValue.substring ( infoValue.indexOf ( "=" ) + 1, infoValue.length ( ) );
if (ComUtil.checkString(WaDivCd).equals("")) WaDivCd = "None";
}
else if(infoKey.equals ( "EP_BUSNAME" ) ) { //사업장 구분명
WaDivNm = infoValue.equals ( "=" ) ? "" : infoValue.substring ( infoValue.indexOf ( "=" ) + 1, infoValue.length ( ) );
if (ComUtil.checkString(WaDivNm).equals("")) WaDivNm = "None";
}
else if(infoKey.equals ( "EP_REGID" ) ) { //지역 구분 Code
LcDivCd = infoValue.equals ( "=" ) ? "" : infoValue.substring ( infoValue.indexOf ( "=" ) + 1, infoValue.length ( ) );
if (ComUtil.checkString(LcDivCd).equals("")) LcDivCd = "None";
}
else if(infoKey.equals ( "EP_REGNAME" ) ) { //지역 구분명
LcDivNm = infoValue.equals ( "=" ) ? "" : infoValue.substring ( infoValue.indexOf ( "=" ) + 1, infoValue.length ( ) );
if (ComUtil.checkString(LcDivNm).equals("")) LcDivNm = "None";
}
else if(infoKey.equals ( "EP_MAIL" ) ) { //Mail Address
Email = infoValue.equals ( "=" ) ? "" : infoValue.substring ( infoValue.indexOf ( "=" ) + 1, infoValue.length ( ) );
if (ComUtil.checkString(Email).equals("")) Email = "None";
}
else if ( infoKey.equals ( "EP_USERID" ) ) { //Unique ID
UniqueID = infoValue.equals ( "=" ) ? "" : infoValue.substring ( infoValue.indexOf ( "=" ) + 1, infoValue.length ( ) );
if (ComUtil.checkString(UniqueID).equals("")) UniqueID = "None";
}
else if ( infoKey.equals ( "EP_DCOMP" ) ) { //파견사 구분
DComp = infoValue.equals ( "=" ) ? "" : infoValue.substring ( infoValue.indexOf ( "=" ) + 1, infoValue.length ( ) );
if (ComUtil.checkString(DComp).equals("")) DComp = "None";
}
}
}
ejb_lookup();
//----------------------------------------------
// 인사정보 照会
//----------------------------------------------
IsComSessionService service = new IsComSessionService();
Hashtable ht = new Hashtable();
ht.put("emp_no",Emp_no);
Hashtable returnHt = ispsCommon.executeService(service, "checkUserInfo", ht);
if (((String)returnHt.get("RETURN")).equals("NOT FOUND"))
{
//-----------------------------------------------
// 미登録 사용자 登録을 위한 Session 생성
//-----------------------------------------------
// UsrSession.setSrName (Name );
// UsrSession.setSrReg_no (Reg_no );
// UsrSession.setSrGnDivCd (GnDivCd );
// UsrSession.setSrGnDivNm (GnDivNm );
// UsrSession.setSrCompny_tel_no (Compny_tel_no );
// UsrSession.setSrEmail (Email );
// UsrSession.setSrCompny_code (Compny_code );
// UsrSession.setSrCompny_nm (Compny_nm );
// UsrSession.setSrDept_code (Dept_code );
// UsrSession.setSrDept_nm (Dept_nm );
// UsrSession.setSrRank_code (Rank_code );
// UsrSession.setSrRank_nm (Rank_nm );
// UsrSession.setSrEmp_no (Emp_no );
// UsrSession.setSrWaDivCd (WaDivCd );
// UsrSession.setSrWaDivNm (WaDivNm );
// UsrSession.setSrLcDivCd (LcDivCd );
// UsrSession.setSrIp_addr (userIP );
// UsrSession.setSrInner_dept_code (Inner_dept_code );
toClient.println ( "<HTML> " );
toClient.println ( "<meta http-equiv=/"Content-Type/" content=/"text/html; charset=UTF-8/">" );
toClient.println ( "<BODY> " );
toClient.println ( "<Script Language=javascript> " );
toClient.println ( " alert(/"Unregistered User/")");
// toClient.println ( " top.window.location.replace(/"/security/head/head_user_reg_info.jsp/")" );
toClient.println ( " </Script> " );
toClient.println ( "</BODY> " );
toClient.println ( "</HTML> " );
ipInfo = new String[4];
ipInfo[0] = "USER";
return ipInfo;
}
else
{
//PDSS에서 정보를 불러온다.
//pdssInfoBean = UsrChkRemote.getPdssInfo(Reg_no);
Compny_tel_no = ComUtil.checkString((String)returnHt.get("worktel"));
Dept_code = ComUtil.checkString((String)returnHt.get("dept_code"));
Dept_nm = ComUtil.checkString((String)returnHt.get("dept"));
Rank_code = ComUtil.checkString((String)returnHt.get("rank_code"));
Rank_nm = ComUtil.checkString((String)returnHt.get("rank"));
AuthGrp = ComUtil.checkString((String)returnHt.get("auth_id"));
}
userIP = req.getRemoteAddr(); // remote ipaddress 가져오기
if (userIP == null)
{
userIP = "UnKnown";
}
UsrSession.setSrAuthGrp (AuthGrp );
UsrSession.setSrRegularTyp (regularTyp );
UsrSession.setSrEpID (EpID );
UsrSession.setSrName (Name );
UsrSession.setSrReg_no (Reg_no );
UsrSession.setSrGnDivCd (GnDivCd );
UsrSession.setSrGnDivNm (GnDivNm );
UsrSession.setSrCompny_tel_no (Compny_tel_no );
UsrSession.setSrEmail (Email );
UsrSession.setSrUniqueID (UniqueID );
UsrSession.setSrDComp (DComp );
UsrSession.setSrCompny_code (Compny_code );
UsrSession.setSrCompny_nm (Compny_nm );
UsrSession.setSrDept_code (Dept_code );
UsrSession.setSrDept_nm (Dept_nm );
UsrSession.setSrRank_code (Rank_code );
UsrSession.setSrRank_nm (Rank_nm );
UsrSession.setSrEmp_no (Emp_no );
UsrSession.setSrWaDivCd (WaDivCd );
UsrSession.setSrWaDivNm (WaDivNm );
UsrSession.setSrLcDivCd (LcDivCd );
UsrSession.setSrIp_addr (userIP );
UsrSession.setSrInner_dept_code (Inner_dept_code );
String pgmId = ComUtil.checkString((String)ht.get("pgmId"));
String logRec = ComUtil.checkString((String)ht.get("logRec"));
String userIp = ComUtil.checkString((String)ht.get("ipAddr"));
//---------------------------------------------------
// 로그 정보를 저장한다.
//---------------------------------------------------
ht.put("pgmId", "IsComSessionSvlt");
ht.put("logRec", "First Login");
ht.put("SESSION", UsrSession);
Hashtable retLogHt = ispsCommon.executeService(service, "checkLogging", ht);
ipInfo = new String[4];
ipInfo[0] = userIP;
ipInfo[1] = (String)retLogHt.get("lastIpAddr");
ipInfo[2] = ComUtil.format((String)retLogHt.get("lastLoginDt"), "####-##-## ##:##:##");
ipInfo[3] = Name;
}
else
{
errMsg = "役職員정보를 확인할 수 없습니다.";
Log.debug(errMsg);
toClient.println ( "<HTML> " );
toClient.println ( "<meta http-equiv=/"Content-Type/" content=/"text/html; charset=UTF-8/"> " );
toClient.println ( "<BODY> " );
toClient.println ( "<Script Language=javascript> " );
toClient.println ( " alert(/"Unknown User/") " );
// toClient.println ( " top.window.location.replace(/"//") " );
toClient.println ( " </Script> " );
toClient.println ( "</BODY> " );
toClient.println ( "</HTML> " );
}
}
catch(Exception e)
{
errMsg = e.getMessage();
e.printStackTrace();
throw e;
}
finally
{
Log.debug("------------------------------------------------------");
Log.debug(" END <=== [IsComSessionSvlt/setUsrSession] ===> END ");
Log.debug("------------------------------------------------------");
}
return ipInfo;
}
//----------------------------------------------------------------------------------------------------------
// Back Session 생성
//----------------------------------------------------------------------------------------------------------
private void setBakUsrSession(HttpServletRequest req, HttpServletResponse res, IsComSessionVO UsrSession) throws Exception, IOException
{
Log.debug("----------------------------------------------------------");
Log.debug(" START <=== [IsComSessionSvlt/setBakUsrSession] ===> START ");
Log.debug("----------------------------------------------------------");
// Site에서 필요로 하는 Parameter 값들을 담을 변수를 미리 선언해 놓습니다. (주석은 사용자 정보(D1) 내의 키와 그 의미입니다.)
String EpID = "None"; //EP_LOGINID :Log-in ID
String Name = "None"; //EP_USERNAME :사용자이름
String Reg_no = "None"; //EP_SOCIALID :주민 登録 番号
String Compny_tel_no = "None"; //EP_COMPTEL :회사 전화 番号
String Email = "None"; //EP_MAIL :Mail Address
String UniqueID = "None"; //EP_USERID :Unique ID
//PDSS 체크 변수
String Emp_no = "None"; //EP_SABUN :사원 番号
String Compny_code = "None"; //EP_COMPID :회사 Code
String Compny_nm = "None"; //EP_COMPNAME :회사명
String Dept_code = "None"; //EP_DEPTID :부서 Code
String Dept_nm = "None"; //EP_DEPTNAME :부서명
String Rank_code = "None"; //EP_GRDID :직급 Code
String Rank_nm = "None"; //EP_GRDNAME :직급명
String GnDivCd = "None"; //EP_SORGID :총괄 구분 Code
String GnDivNm = "None"; //EP_SORGNAME :총괄 구분명
String WaDivCd = "None"; //EP_BUSID :사업장 구분 Cod
String WaDivNm = "None"; //EP_BUSNAME :사업장 구분명
String LcDivCd = "None"; //EP_REGID :지역 구분 Code
String DComp = "None"; //EP_DCOMP :파견사구분
String AuthGrp = "None"; //권한 체크 변수
String regularTyp = "None"; //정규/비정규 구분 (1:정규, 2:비정규)
//String usrChk = "" ; //User Check
String Inner_dept_code = "None"; //내부부서코드
String errMsg = "";
//String ep_returncode = "";
String userIP = "None";
PrintWriter toClient = new PrintWriter(res.getOutputStream(),true);
try
{
ejb_lookup();
//----------------------------------------------
// 인사정보 照会
//----------------------------------------------
IsComSessionService service = new IsComSessionService();
Emp_no = ComUtil.checkString(req.getParameter("emp_no"));
Hashtable ht = new Hashtable();
ht.put("emp_no",Emp_no);
Hashtable returnHt = ispsCommon.executeService(service, "checkUserInfo", ht);
if (((String)returnHt.get("RETURN")).equals("NOT FOUND"))
{
toClient.println ( "<HTML> " );
toClient.println ( "<meta http-equiv=/"Content-Type/" content=/"text/html; charset=KSC5601/">" );
toClient.println ( "<BODY> " );
toClient.println ( "<Script Language=javascript> " );
toClient.println ( " alert(/"Unregistered User/")");
// toClient.println ( " top.window.location.replace(/"/security/head/head_user_reg_info.jsp/")" );
toClient.println ( " </Script> " );
toClient.println ( "</BODY> " );
toClient.println ( "</HTML> " );
}
else
{
//PDSS에서 정보를 불러온다.
//pdssInfoBean = UsrChkRemote.getPdssInfo(Reg_no);
Dept_code = ComUtil.checkString((String)returnHt.get("dept_code"));
Dept_nm = ComUtil.checkString((String)returnHt.get("dept"));
Rank_code = ComUtil.checkString((String)returnHt.get("rank_code"));
Rank_nm = ComUtil.checkString((String)returnHt.get("rank"));
Name = ComUtil.checkString((String)returnHt.get("name"));
Compny_tel_no = ComUtil.checkString((String)returnHt.get("worktel"));
EpID = ComUtil.checkString((String)returnHt.get("sing_id1"));
Email = ComUtil.checkString((String)returnHt.get("email"));
AuthGrp = ComUtil.checkString((String)returnHt.get("auth_id"));
userIP = req.getRemoteAddr(); // remote ipaddress 가져오기
if (userIP == null)
{
userIP = "UnKnown";
}
UsrSession.setSrAuthGrp (AuthGrp );
UsrSession.setSrRegularTyp (regularTyp );
UsrSession.setSrEpID (EpID );
UsrSession.setSrName (Name );
UsrSession.setSrReg_no (Reg_no );
UsrSession.setSrGnDivCd (GnDivCd );
UsrSession.setSrGnDivNm (GnDivNm );
UsrSession.setSrCompny_tel_no (Compny_tel_no );
UsrSession.setSrEmail (Email );
UsrSession.setSrUniqueID (UniqueID );
UsrSession.setSrDComp (DComp );
UsrSession.setSrCompny_code (Compny_code );
UsrSession.setSrCompny_nm (Compny_nm );
UsrSession.setSrDept_code (Dept_code );
UsrSession.setSrDept_nm (Dept_nm );
UsrSession.setSrRank_code (Rank_code );
UsrSession.setSrRank_nm (Rank_nm );
UsrSession.setSrEmp_no (Emp_no );
UsrSession.setSrWaDivCd (WaDivCd );
UsrSession.setSrWaDivNm (WaDivNm );
UsrSession.setSrLcDivCd (LcDivCd );
UsrSession.setSrIp_addr (userIP );
UsrSession.setSrInner_dept_code (Inner_dept_code );
}
}
catch(Exception e)
{
errMsg = e.getMessage();
e.printStackTrace();
throw e;
}
finally
{
Log.debug("------------------------------------------------------");
Log.debug(" END <=== [IsComSessionSvlt/setBakUsrSession] ===> END ");
Log.debug("------------------------------------------------------");
}
}
//----------------------------------------------------------------------------------------------------------
// Private Method
//----------------------------------------------------------------------------------------------------------
private String setUsrSessionSso(HttpServletRequest req, HttpServletResponse res, IsComSessionVO UsrSession) throws Exception, IOException
{
Log.debug("----------------------------------------------------------");
Log.debug(" START <=== [IsComSessionSvlt/setUsrSessionSso] ===> START ");
Log.debug("----------------------------------------------------------");
//SBUsrChkHome UsrChkHome = null;
//SBUsrChkCtl UsrChkRemote = null;
//SrPdssInfoBean pdssInfoBean = null;
// Site에서 필요로 하는 Parameter 값들을 담을 변수를 미리 선언해 놓습니다. (주석은 사용자 정보(D1) 내의 키와 그 의미입니다.)
String EpID = "None"; //EP_LOGINID :Log-in ID
String Name = "None"; //EP_USERNAME :사용자이름
String Reg_no = "None"; //EP_SOCIALID :주민 登録 番号
String Compny_tel_no = "None"; //EP_COMPTEL :회사 전화 番号
String Email = "None"; //EP_MAIL :Mail Address
String UniqueID = "None"; //EP_USERID :Unique ID
//PDSS 체크 변수
String Emp_no = "None"; //EP_SABUN :사원 番号
String Compny_code = "None"; //EP_COMPID :회사 Code
String Compny_nm = "None"; //EP_COMPNAME :회사명
String Dept_code = "None"; //EP_DEPTID :부서 Code
String Dept_nm = "None"; //EP_DEPTNAME :부서명
String Rank_code = "None"; //EP_GRDID :직급 Code
String Rank_nm = "None"; //EP_GRDNAME :직급명
String GnDivCd = "None"; //EP_SORGID :총괄 구분 Code
String GnDivNm = "None"; //EP_SORGNAME :총괄 구분명
String WaDivCd = "None"; //EP_BUSID :사업장 구분 Cod
String WaDivNm = "None"; //EP_BUSNAME :사업장 구분명
String LcDivCd = "None"; //EP_REGID :지역 구분 Code
String LcDivNm = "None"; //EP_REGNAME :지역 구분명
String DComp = "None"; //EP_DCOMP :파견사구분
String AuthGrp = "None"; //권한 체크 변수
String regularTyp = "None"; //정규/비정규 구분 (1:정규, 2:비정규)
String usrChk = "" ; //User Check
String Inner_dept_code = "None"; //내부부서코드
String userInfo = "None";
String errMsg = "";
String userIP = "None";
//String[] ipInfo = null;
PrintWriter toClient = new PrintWriter(res.getOutputStream(),true);
// PrintWriter toClient = res.getWriter();
try{
String strTotalData = ComUtil.checkString(req.getParameter("totaldata"));
if (strTotalData.equals(""))
{
throw new Exception("Single정보가 유효하지 않습니다./n/n관리자에게 문의하세요.");
}
StringTokenizer token = new StringTokenizer(strTotalData , ";");
String strNewDataList = token.nextToken(); // 암호화된 사용자 정보
String strMD5SecureKey = token.nextToken(); // 전자서명값
String strKeyFolder = token.nextToken(); // 공개키 위치
byte [] baPublicKey = new byte[4096];
if(strKeyFolder.equals("C10")){ // B2E SSO 인증 시
baPublicKey = ep.Utils.getPublicKey("D:/App/security/PRIKEY/" + strKeyFolder + "/B2ESSO_key");
}else{ // mySingle 인증 시
baPublicKey = ep.Utils.getPublicKey("D:/App/security/PRIKEY//" + strKeyFolder + "/mySingle_key");
}
// 복호화된 사용자 정보
userInfo = ep.EpTrayUtil.DecryptDataList(new String(baPublicKey),strMD5SecureKey,strNewDataList);//?
// Web App.에서 필요로 하는 Parameter 값들을 추출합니다.
if ( userInfo != null && !userInfo.equals( "" ) )
{
StringTokenizer st = new StringTokenizer ( userInfo, ";" ); // ";"을 Token으로 문자열을 분리시킵니다.
for ( ; st.hasMoreTokens ( ) ; )
{
String info = st.nextToken ( );
if ( info != null )
{
String infoKey = info.substring ( 0, info.indexOf ( "=" ) ).trim ( ); // "="을 기준으로 앞 문자열은 Key가 됩니다.
String infoValue = info.substring ( info.indexOf ( "=" ), info.length ( ) ).trim ( ); // "="을 기준으로 뒷 문자열은 Value가 됩니다.
if ( infoKey.equals ( "EP_LOGINID" ) ){ // Log-in ID
EpID = infoValue.equals ( "=" ) ? "" : infoValue.substring ( infoValue.indexOf ( "=" ) + 1, infoValue.length ( ) );
if (ComUtil.checkString(EpID).equals("")) EpID = "None";
}
else if(infoKey.equals ( "EP_USERNAME" ) ){ // 성명
Name = infoValue.equals ( "=" ) ? "" : infoValue.substring ( infoValue.indexOf ( "=" ) + 1, infoValue.length ( ) );
if (ComUtil.checkString(Name).equals("")) Name = "None";
}
else if(infoKey.equals ( "EP_COMPID" ) ) { //회사 Code
Compny_code = infoValue.equals ( "=" ) ? "" : infoValue.substring ( infoValue.indexOf ( "=" ) + 1, infoValue.length ( ) );
if (ComUtil.checkString(Compny_code).equals("")) Compny_code = "None";
}
else if(infoKey.equals ( "EP_COMPNAME" ) ) { //회사명
Compny_nm = infoValue.equals ( "=" ) ? "" : infoValue.substring ( infoValue.indexOf ( "=" ) + 1, infoValue.length ( ) );
if (ComUtil.checkString(Compny_nm).equals("")) Compny_nm = "None";
}
else if(infoKey.equals ( "EP_SOCIALID" ) ) { //주민 登録 番号
Reg_no = infoValue.equals ( "=" ) ? "" : infoValue.substring ( infoValue.indexOf ( "=" ) + 1, infoValue.length ( ) );
if (ComUtil.checkString(Reg_no).equals("")) Reg_no = "None";
}
else if(infoKey.equals ( "EP_DEPTID" ) ) { //부서 Code
Dept_code = infoValue.equals ( "=" ) ? "" : infoValue.substring ( infoValue.indexOf ( "=" ) + 1, infoValue.length ( ) );
if (ComUtil.checkString(Dept_code).equals("")) Dept_code = "None";
}
else if(infoKey.equals ( "EP_DEPTNAME" ) ) { //부서명
Dept_nm = infoValue.equals ( "=" ) ? "" : infoValue.substring ( infoValue.indexOf ( "=" ) + 1, infoValue.length ( ) );
if (ComUtil.checkString(Dept_nm).equals("")) Dept_nm = "None";
}
else if(infoKey.equals ( "EP_GRDID" ) ) { //직급 Code
Rank_code = infoValue.equals ( "=" ) ? "" : infoValue.substring ( infoValue.indexOf ( "=" ) + 1, infoValue.length ( ) );
if (ComUtil.checkString(Rank_code).equals("")) Rank_code = "None";
}
else if(infoKey.equals ( "EP_GRDNAME" ) ) { //직급명
Rank_nm = infoValue.equals ( "=" ) ? "" : infoValue.substring ( infoValue.indexOf ( "=" ) + 1, infoValue.length ( ) );
if (ComUtil.checkString(Rank_nm).equals("")) Rank_nm = "None";
}
else if(infoKey.equals ( "EP_SABUN" ) ) { //사원 番号
Emp_no = infoValue.equals ( "=" ) ? "" : infoValue.substring ( infoValue.indexOf ( "=" ) + 1, infoValue.length ( ) );
if (ComUtil.checkString(Emp_no).equals("")) Emp_no = "None";
}
else if(infoKey.equals ( "EP_COMPTEL" ) ) { //회사 전화 番号
Compny_tel_no = infoValue.equals ( "=" ) ? "" : infoValue.substring ( infoValue.indexOf ( "=" ) + 1, infoValue.length ( ) );
if (ComUtil.checkString(Compny_tel_no).equals("")) Compny_tel_no = "None";
}
else if(infoKey.equals ( "EP_SORGID" ) ) { //총괄 구분 Code
GnDivCd = infoValue.equals ( "=" ) ? "" : infoValue.substring ( infoValue.indexOf ( "=" ) + 1, infoValue.length ( ) );
if (ComUtil.checkString(GnDivCd).equals("")) GnDivCd = "None";
}
else if(infoKey.equals ( "EP_SORGNAME" ) ) { //총괄 구분명
GnDivNm = infoValue.equals ( "=" ) ? "" : infoValue.substring ( infoValue.indexOf ( "=" ) + 1, infoValue.length ( ) );
if (ComUtil.checkString(GnDivNm).equals("")) GnDivNm = "None";
}
else if(infoKey.equals ( "EP_BUSID" ) ) { //사업장 구분 Code
WaDivCd = infoValue.equals ( "=" ) ? "" : infoValue.substring ( infoValue.indexOf ( "=" ) + 1, infoValue.length ( ) );
if (ComUtil.checkString(WaDivCd).equals("")) WaDivCd = "None";
}
else if(infoKey.equals ( "EP_BUSNAME" ) ) { //사업장 구분명
WaDivNm = infoValue.equals ( "=" ) ? "" : infoValue.substring ( infoValue.indexOf ( "=" ) + 1, infoValue.length ( ) );
if (ComUtil.checkString(WaDivNm).equals("")) WaDivNm = "None";
}
else if(infoKey.equals ( "EP_REGID" ) ) { //지역 구분 Code
LcDivCd = infoValue.equals ( "=" ) ? "" : infoValue.substring ( infoValue.indexOf ( "=" ) + 1, infoValue.length ( ) );
if (ComUtil.checkString(LcDivCd).equals("")) LcDivCd = "None";
}
else if(infoKey.equals ( "EP_REGNAME" ) ) { //지역 구분명
LcDivNm = infoValue.equals ( "=" ) ? "" : infoValue.substring ( infoValue.indexOf ( "=" ) + 1, infoValue.length ( ) );
if (ComUtil.checkString(LcDivNm).equals("")) LcDivNm = "None";
}
else if(infoKey.equals ( "EP_MAIL" ) ) { //Mail Address
Email = infoValue.equals ( "=" ) ? "" : infoValue.substring ( infoValue.indexOf ( "=" ) + 1, infoValue.length ( ) );
if (ComUtil.checkString(Email).equals("")) Email = "None";
}
else if ( infoKey.equals ( "EP_USERID" ) ) { //Unique ID
UniqueID = infoValue.equals ( "=" ) ? "" : infoValue.substring ( infoValue.indexOf ( "=" ) + 1, infoValue.length ( ) );
if (ComUtil.checkString(UniqueID).equals("")) UniqueID = "None";
}
else if ( infoKey.equals ( "EP_DCOMP" ) ) { //파견사 구분
DComp = infoValue.equals ( "=" ) ? "" : infoValue.substring ( infoValue.indexOf ( "=" ) + 1, infoValue.length ( ) );
if (ComUtil.checkString(DComp).equals("")) DComp = "None";
}
}
}
//UsrChkHome = (SBUsrChkHome)JndiMgr.findHome("SBUsrChkCtl");
//UsrChkRemote = UsrChkHome.create();
//usrChk = UsrChkRemote.checkUsr(Reg_no);
if (usrChk.equals("D"))
{
//-----------------------------------------------
// 미登録 사용자 登録을 위한 Session 생성
//-----------------------------------------------
UsrSession.setSrName (Name );
UsrSession.setSrReg_no (Reg_no );
UsrSession.setSrGnDivCd (GnDivCd );
UsrSession.setSrGnDivNm (GnDivNm );
UsrSession.setSrCompny_tel_no (Compny_tel_no );
UsrSession.setSrEmail (Email );
UsrSession.setSrCompny_code (Compny_code );
UsrSession.setSrCompny_nm (Compny_nm );
UsrSession.setSrDept_code (Dept_code );
UsrSession.setSrDept_nm (Dept_nm );
UsrSession.setSrRank_code (Rank_code );
UsrSession.setSrRank_nm (Rank_nm );
UsrSession.setSrEmp_no (Emp_no );
UsrSession.setSrWaDivCd (WaDivCd );
UsrSession.setSrWaDivNm (WaDivNm );
UsrSession.setSrLcDivCd (LcDivCd );
UsrSession.setSrIp_addr (userIP );
UsrSession.setSrInner_dept_code (Inner_dept_code );
toClient.println ( "<HTML> " );
toClient.println ( "<meta http-equiv=/"Content-Type/" content=/"text/html; charset=UTF-8/">" );
toClient.println ( "<BODY> " );
toClient.println ( "<Script Language=javascript> " );
toClient.println ( " top.window.location.replace(/"/security/head/head_user_reg_info.jsp/")" );
toClient.println ( " </Script> " );
toClient.println ( "</BODY> " );
toClient.println ( "</HTML> " );
return "USER";
}
else if (usrChk.equals("T"))
{
/*
pdssInfoBean = UsrChkRemote.chkTbSbUsr( Reg_no, Compny_tel_no, Email, Compny_code,
Compny_nm, Dept_code, Dept_nm, Rank_code,
Rank_nm);
WaDivCd = pdssInfoBean.srWaDivCd;
WaDivNm = pdssInfoBean.srWaDivNm;
AuthGrp = pdssInfoBean.srAuthGrpId;
regularTyp = pdssInfoBean.srRegularTyp;
Ep_Chk = pdssInfoBean.srSystemUseTyp;
}else{
//PDSS에서 정보를 불러온다.
pdssInfoBean = UsrChkRemote.getPdssInfo(Reg_no);
Emp_no = pdssInfoBean.srEmp_no;
LcDivCd = pdssInfoBean.srLcDivCd;
Compny_code = pdssInfoBean.srCompny_code;
Compny_nm = pdssInfoBean.srCompny_nm;
Dept_code = pdssInfoBean.srDept_code;
Dept_nm = pdssInfoBean.srDept_nm;
Rank_code = pdssInfoBean.srRank_code;
Rank_nm = pdssInfoBean.srRank_nm;
WaDivCd = pdssInfoBean.srWaDivCd;
WaDivNm = pdssInfoBean.srWaDivNm;
AuthGrp = pdssInfoBean.srAuthGrpId;
regularTyp = pdssInfoBean.srRegularTyp;
Inner_dept_code = pdssInfoBean.srInnDptCd;
*/
}
UsrSession.setSrAuthGrp (AuthGrp );
UsrSession.setSrRegularTyp (regularTyp );
UsrSession.setSrEpID (EpID );
UsrSession.setSrName (Name );
UsrSession.setSrReg_no (Reg_no );
UsrSession.setSrGnDivCd (GnDivCd );
UsrSession.setSrGnDivNm (GnDivNm );
UsrSession.setSrCompny_tel_no (Compny_tel_no );
UsrSession.setSrEmail (Email );
UsrSession.setSrUniqueID (UniqueID );
UsrSession.setSrDComp (DComp );
UsrSession.setSrCompny_code (Compny_code );
UsrSession.setSrCompny_nm (Compny_nm );
UsrSession.setSrDept_code (Dept_code );
UsrSession.setSrDept_nm (Dept_nm );
UsrSession.setSrRank_code (Rank_code );
UsrSession.setSrRank_nm (Rank_nm );
UsrSession.setSrEmp_no (Emp_no );
UsrSession.setSrWaDivCd (WaDivCd );
UsrSession.setSrWaDivNm (WaDivNm );
UsrSession.setSrLcDivCd (LcDivCd );
UsrSession.setSrIp_addr (userIP );
UsrSession.setSrInner_dept_code (Inner_dept_code );
Log.debug("IsComSessionSvlt.setUsrSessionSso IsComSessionVO["+UsrSession.toString()+"]");
}
}
catch(Exception e)
{
errMsg = e.getMessage();
e.printStackTrace();
throw e;
}
finally
{
Log.debug("------------------------------------------------------");
Log.debug(" END <=== [IsComSessionSvlt/setUsrSessionSso] ===> END ");
Log.debug("------------------------------------------------------");
}
return "";
}
// URL forwarding
private String forwardUrl(HttpServletRequest req, HttpServletResponse res) throws Exception, IOException
{
PrintWriter toClient = new PrintWriter(res.getOutputStream(),true);
String url = "";
String fw_rul = "";
String errMsg = "";
try
{
url = ComUtil.checkString(req.getParameter("URL"));
//------------------------------------------------------
//------------------------------------------------------
if (url.equals("VISIT"))
{
fw_rul = "/servlets/security/head/ha/HaServlet?_SCREEN=APPROV&_ACT=APPROV_PATH&URL=/security/head/ha/ha_appl_int.jsp&SYSTYPE=HA_VISIT";
}
else if (url.equals("INOUT"))
{
fw_rul = "/servlets/security/head/hb/HbOutSelServlet?_SCREEN=CARRYOUT&_ACT=HB_BRANCH";
}
else if (url.equals("TEMP_CARD"))
{
fw_rul = "/servlets/security/head/ha/HaServlet?_SCREEN=APPROV&_ACT=APPROV_PATH&URL=/security/head/hc/hc_appl_int.jsp&SYSTYPE=HC_TMP_CARD_NEW";
}
else if (url.equals("EMP_CARD"))
{
fw_rul = "/servlets/security/head/ha/HaServlet?_SCREEN=APPROV&_ACT=APPROV_PATH&URL=/security/head/hc/hc_emp_appl_int.jsp&SYSTYPE=HC_EMP_NEW";
}
else if (url.equals("ROOM"))
{
fw_rul = "/security/head/hf/hf_res_int.jsp";
}
toClient.println ( "<HTML> " );
toClient.println ( "<meta http-equiv=/"Content-Type/" content=/"text/html; charset=utf-8/">" );
toClient.println ( "<BODY> " );
toClient.println ( "<Script Language=javascript> " );
toClient.println ( " top.window.location.replace(/""+fw_rul+"/")" );
toClient.println ( " </Script> " );
toClient.println ( "</BODY> " );
toClient.println ( "</HTML> " );
}
catch(Exception e)
{
errMsg = e.getMessage();
Log.error(e.getMessage());
throw e;
}
finally
{
}
return "";
}
}
