From 64e2e1f123d0044c1116765528f281deb98278b4 Mon Sep 17 00:00:00 2001
From: pioneer <pioneer@fanruan.com>
Date: Tue, 6 Dec 2022 16:26:47 +0800
Subject: [PATCH] open

---
 README.md                                     |   6 +
 plugin.xml                                    |  20 ++
 .../xx/zgrsauth/config/InitializeMonitor.java |  21 ++
 .../zgrsauth/config/PluginSimpleConfig.java   |  79 +++++
 .../plugin/xx/zgrsauth/filter/SSOFilter.java  | 121 +++++++
 .../plugin/xx/zgrsauth/utils/AuthUtils.java   |  64 ++++
 .../plugin/xx/zgrsauth/utils/FRUserUtils.java | 220 ++++++++++++
 .../eco/plugin/xx/zgrsauth/utils/FRUtils.java | 332 ++++++++++++++++++
 .../plugin/xx/zgrsauth/utils/HttpUtils.java   | 262 ++++++++++++++
 .../xx/zgrsauth/utils/ResponseUtils.java      | 108 ++++++
 .../eco/plugin/xx/zgrsauth/utils/Utils.java   | 328 +++++++++++++++++
 .../AuthServerServiceImplService.java         |  70 ++++
 .../xx/zgrsauth/webservice/ExeHttp.java       |  27 ++
 .../webservice/IAuthServerService.java        |  43 +++
 .../xx/zgrsauth/webservice/ObjectFactory.java |  33 ++
 15 files changed, 1734 insertions(+)
 create mode 100644 README.md
 create mode 100644 plugin.xml
 create mode 100644 src/main/java/com/eco/plugin/xx/zgrsauth/config/InitializeMonitor.java
 create mode 100644 src/main/java/com/eco/plugin/xx/zgrsauth/config/PluginSimpleConfig.java
 create mode 100644 src/main/java/com/eco/plugin/xx/zgrsauth/filter/SSOFilter.java
 create mode 100644 src/main/java/com/eco/plugin/xx/zgrsauth/utils/AuthUtils.java
 create mode 100644 src/main/java/com/eco/plugin/xx/zgrsauth/utils/FRUserUtils.java
 create mode 100644 src/main/java/com/eco/plugin/xx/zgrsauth/utils/FRUtils.java
 create mode 100644 src/main/java/com/eco/plugin/xx/zgrsauth/utils/HttpUtils.java
 create mode 100644 src/main/java/com/eco/plugin/xx/zgrsauth/utils/ResponseUtils.java
 create mode 100644 src/main/java/com/eco/plugin/xx/zgrsauth/utils/Utils.java
 create mode 100644 src/main/java/com/eco/plugin/xx/zgrsauth/webservice/AuthServerServiceImplService.java
 create mode 100644 src/main/java/com/eco/plugin/xx/zgrsauth/webservice/ExeHttp.java
 create mode 100644 src/main/java/com/eco/plugin/xx/zgrsauth/webservice/IAuthServerService.java
 create mode 100644 src/main/java/com/eco/plugin/xx/zgrsauth/webservice/ObjectFactory.java

diff --git a/README.md b/README.md
new file mode 100644
index 0000000..02b265f
--- /dev/null
+++ b/README.md
@@ -0,0 +1,6 @@
+# open-JSD-10260
+ 
+JSD-10260 模板访问根据客户提供的权限接口返回结果进行访问控制\
+免责说明：该源码为第三方爱好者提供，不保证源码和方案的可靠性，也不提供任何形式的源码教学指导和协助！\
+仅作为开发者学习参考使用！禁止用于任何商业用途！\
+为保护开发者隐私，开发者信息已隐去！若原开发者希望公开自己的信息，可联系【pioneer】处理。
\ No newline at end of file
diff --git a/plugin.xml b/plugin.xml
new file mode 100644
index 0000000..8fbab69
--- /dev/null
+++ b/plugin.xml
@@ -0,0 +1,20 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?><plugin>
+    <id>com.eco.plugin.xx.zgrsauth</id>
+    <name><![CDATA[模板二次认证_EK]]></name>
+    <active>yes</active>
+    <version>1.0.6</version>
+    <env-version>10.0</env-version>
+    <jartime>2018-07-31</jartime>
+    <vendor>fr.open</vendor>
+    <description><![CDATA[模板二次认证]]></description>
+    <change-notes><![CDATA[
+        [2022-06-28]JSD-10260初始化
+    ]]></change-notes>
+    <main-package>com.eco.plugin.xx.zgrsauth</main-package>
+    <lifecycle-monitor class="com.eco.plugin.xx.zgrsauth.config.InitializeMonitor"/>
+
+    <extra-decision>
+		<GlobalRequestFilterProvider class="com.eco.plugin.xx.zgrsauth.filter.SSOFilter"/>
+    </extra-decision>
+    <function-recorder class="com.eco.plugin.xx.zgrsauth.config.PluginSimpleConfig"/>
+</plugin>
\ No newline at end of file
diff --git a/src/main/java/com/eco/plugin/xx/zgrsauth/config/InitializeMonitor.java b/src/main/java/com/eco/plugin/xx/zgrsauth/config/InitializeMonitor.java
new file mode 100644
index 0000000..4e9d678
--- /dev/null
+++ b/src/main/java/com/eco/plugin/xx/zgrsauth/config/InitializeMonitor.java
@@ -0,0 +1,21 @@
+package com.eco.plugin.xx.zgrsauth.config;
+
+import com.fr.plugin.context.PluginContext;
+import com.fr.plugin.observer.inner.AbstractPluginLifecycleMonitor;
+
+/**
+ * @author xx
+ * @version 10.0
+ * Created by xx on 2021-12-03
+ */
+public class InitializeMonitor extends AbstractPluginLifecycleMonitor {
+    @Override
+    public void afterRun(PluginContext pluginContext) {
+        PluginSimpleConfig.getInstance();
+    }
+
+    @Override
+    public void beforeStop(PluginContext pluginContext) {
+
+    }
+}
diff --git a/src/main/java/com/eco/plugin/xx/zgrsauth/config/PluginSimpleConfig.java b/src/main/java/com/eco/plugin/xx/zgrsauth/config/PluginSimpleConfig.java
new file mode 100644
index 0000000..e0387a2
--- /dev/null
+++ b/src/main/java/com/eco/plugin/xx/zgrsauth/config/PluginSimpleConfig.java
@@ -0,0 +1,79 @@
+package com.eco.plugin.xx.zgrsauth.config;
+
+import com.fr.config.*;
+import com.fr.config.holder.Conf;
+import com.fr.config.holder.factory.Holders;
+import com.fr.intelli.record.Focus;
+import com.fr.intelli.record.Original;
+import com.fr.record.analyzer.EnableMetrics;
+
+@Visualization(category = "二次认证配置")
+@EnableMetrics
+public class PluginSimpleConfig extends DefaultConfiguration {
+
+    private static volatile PluginSimpleConfig config = null;
+
+    @Focus(id="com.eco.plugin.xx.zgrsauth.config", text = "二次认证配置", source = Original.PLUGIN)
+    public static PluginSimpleConfig getInstance() {
+        if (config == null) {
+            config = ConfigContext.getConfigInstance(PluginSimpleConfig.class);
+        }
+        return config;
+    }
+
+    @Identifier(value = "dimensionCd", name = "维度编码", description = "维度编码", status = Status.SHOW)
+    private Conf<String> dimensionCd = Holders.simple("");
+
+    @Identifier(value = "systemCd", name = "系统编号", description = "系统编号", status = Status.SHOW)
+    private Conf<String> systemCd = Holders.simple("");
+
+    @Identifier(value = "flag", name = "标识参数", description = "标识参数", status = Status.SHOW)
+    private Conf<String> flag = Holders.simple("");
+
+    @Identifier(value = "url", name = "接口地址", description = "接口地址", status = Status.SHOW)
+    private Conf<String> url = Holders.simple("");
+
+    public String getDimensionCd() {
+        return dimensionCd.get();
+    }
+
+    public void setDimensionCd(String url) {
+        this.dimensionCd.set(url);
+    }
+
+    public String getSystemCd() {
+        return systemCd.get();
+    }
+
+    public void setSystemCd(String url) {
+        this.systemCd.set(url);
+    }
+
+    public String getFlag() {
+        return flag.get();
+    }
+
+    public void setFlag(String url) {
+        this.flag.set(url);
+    }
+
+    public String getUrl() {
+        return url.get();
+    }
+
+    public void setUrl(String url) {
+        this.url.set(url);
+    }
+
+    @Override
+    public Object clone() throws CloneNotSupportedException {
+        PluginSimpleConfig cloned = (PluginSimpleConfig) super.clone();
+//        cloned.text = (Conf<String>) text.clone();
+//        cloned.count = (Conf<Integer>) count.clone();
+//        cloned.price = (Conf<Double>) price.clone();
+//        cloned.time = (Conf<Long>) time.clone();
+//        cloned.student = (Conf<Boolean>) student.clone();
+        return cloned;
+    }
+
+}
diff --git a/src/main/java/com/eco/plugin/xx/zgrsauth/filter/SSOFilter.java b/src/main/java/com/eco/plugin/xx/zgrsauth/filter/SSOFilter.java
new file mode 100644
index 0000000..f1efe01
--- /dev/null
+++ b/src/main/java/com/eco/plugin/xx/zgrsauth/filter/SSOFilter.java
@@ -0,0 +1,121 @@
+package com.eco.plugin.xx.zgrsauth.filter;
+
+import com.eco.plugin.xx.zgrsauth.config.PluginSimpleConfig;
+import com.eco.plugin.xx.zgrsauth.utils.*;
+import com.fr.decision.fun.GlobalRequestFilterProvider;
+import com.fr.decision.fun.impl.AbstractGlobalRequestFilterProvider;
+import com.fr.plugin.context.PluginContexts;
+import com.fr.record.analyzer.EnableMetrics;
+import com.fr.stable.fun.Authorize;
+import org.jetbrains.annotations.NotNull;
+
+import javax.servlet.FilterChain;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.UnsupportedEncodingException;
+import java.net.URLDecoder;
+
+@EnableMetrics
+@Authorize(callSignKey = "com.eco.plugin.xx.zgrsauth")
+public class SSOFilter extends AbstractGlobalRequestFilterProvider {
+    @Override
+    public String filterName() {
+        return "zgrsFilter";
+    }
+
+    @Override
+    public String[] urlPatterns() {
+        return new String[]{"/*"};
+    }
+
+    @Override
+    public void doFilter(HttpServletRequest req, HttpServletResponse res, FilterChain chain ){
+
+        if(PluginContexts.currentContext().isAvailable()){
+            PluginSimpleConfig psc = PluginSimpleConfig.getInstance();
+            FRUtils.FRLogInfo(FRUtils.getAllUrl(req));
+            //是否放行
+            boolean release = isRelease(req,psc);
+
+            if(release){
+                FRUtils.FRLogInfo("无参数");
+                release(req,res,chain);
+                return;
+            }
+
+            //不是模板，放行
+            String viewlet = req.getParameter("viewlet");
+
+            if(Utils.isNullStr(viewlet)){
+                FRUtils.FRLogInfo("非模板");
+                release(req,res,chain);
+                return ;
+            }
+
+            try {
+                viewlet = URLDecoder.decode(viewlet,"utf-8");
+            } catch (UnsupportedEncodingException e) {
+
+            }
+            FRUtils.FRLogInfo("viewlet:"+viewlet);
+
+
+            String username = "";
+            try {
+                username = FRUserUtils.getCurrentUser(req).getUserName();
+            } catch (Exception e) {
+                FRUtils.FRLogInfo("获取当前用户失败!");
+                ResponseUtils.responseText(res,"您无权限访问");
+                return ;
+            }
+            boolean hasAuth = AuthUtils.hasAuth(username,viewlet,psc);
+
+            if(!hasAuth){
+                ResponseUtils.responseText(res,"您无权限访问");
+                return ;
+            }
+        }
+
+        release(req,res,chain);
+    }
+
+    private boolean isRelease(HttpServletRequest req,PluginSimpleConfig psc) {
+        String flag = psc.getFlag();
+        String flagValue = req.getParameter(flag);
+
+        //没有约定参数，放行
+        if(Utils.isNullStr(flagValue)){
+            return true;
+        }
+
+        return false;
+    }
+
+    //放行拦截器
+    private void release(HttpServletRequest req, HttpServletResponse res, FilterChain chain) {
+        try{
+            chain.doFilter(req,res);
+        }catch (Exception e){
+            FRUtils.FRLogInfo("拦截失败");
+        }
+    }
+
+    /**
+     * 可选实现的多个filter排序（执行顺序）的方法
+     * @param other
+     * @return 0 相等，大于0是自身优先 小于0 是other优先
+     */
+    @Override
+    public int compareTo(@NotNull GlobalRequestFilterProvider other ){
+
+        //如果是单点拦截器，则单点拦截器优先
+        if(other.filterName().equals("global")){
+            return -1;
+        }
+
+        return super.compareTo(other);
+    }
+
+
+}
+
diff --git a/src/main/java/com/eco/plugin/xx/zgrsauth/utils/AuthUtils.java b/src/main/java/com/eco/plugin/xx/zgrsauth/utils/AuthUtils.java
new file mode 100644
index 0000000..446cd4a
--- /dev/null
+++ b/src/main/java/com/eco/plugin/xx/zgrsauth/utils/AuthUtils.java
@@ -0,0 +1,64 @@
+package com.eco.plugin.xx.zgrsauth.utils;
+
+import com.eco.plugin.xx.zgrsauth.config.PluginSimpleConfig;
+import com.eco.plugin.xx.zgrsauth.webservice.ExeHttp;
+import com.fr.json.JSONArray;
+import com.fr.json.JSONObject;
+
+public class AuthUtils {
+
+    /**
+     * 判断是否有权限
+     * @param username
+     * @param temp
+     * @param psc
+     * @return
+     */
+    public static boolean hasAuth(String username,String temp,PluginSimpleConfig psc){
+        JSONArray auths = new JSONArray();
+        try {
+            auths = getAuth(username, psc);
+        } catch (Exception e) {
+            FRUtils.FRLogInfo("exception :"+e.getMessage());
+            return false;
+        }
+
+        boolean hasAuth = false;
+
+        for(int i=0;i<auths.size();i++){
+            JSONObject auth = auths.getJSONObject(i);
+            String dimensionValue = auth.getString("dimensionValue");
+            FRUtils.FRLogInfo("temp:"+temp+";dimensionValue:"+dimensionValue+";equals:"+String.valueOf(dimensionValue.equals(temp)));
+
+            if(dimensionValue.equals(temp)){
+                hasAuth = true;
+                break;
+            }
+        }
+
+        return hasAuth;
+    }
+
+    /**
+     * 获取auth数组
+     * @param psc
+     * @return
+     * @throws Exception
+     */
+    private static JSONArray getAuth(String username,PluginSimpleConfig psc) throws Exception {
+        ExeHttp t = new ExeHttp();
+
+        String result = t.exeWebService4queryDimension(Integer.valueOf(username),psc.getDimensionCd(),psc.getSystemCd());
+
+        FRUtils.FRLogInfo("resule:"+result);
+
+        if(Utils.isNullStr(result)){
+            throw new Exception("获取权限信息失败!");
+        }
+
+        JSONObject resultJson = new JSONObject(result);
+        JSONArray dimensionRanges = resultJson.getJSONArray("dimensionRanges");
+        JSONObject dimensionRange = dimensionRanges.getJSONObject(0);
+        return dimensionRange.getJsonArray("authRange");
+    }
+}
diff --git a/src/main/java/com/eco/plugin/xx/zgrsauth/utils/FRUserUtils.java b/src/main/java/com/eco/plugin/xx/zgrsauth/utils/FRUserUtils.java
new file mode 100644
index 0000000..d628cc6
--- /dev/null
+++ b/src/main/java/com/eco/plugin/xx/zgrsauth/utils/FRUserUtils.java
@@ -0,0 +1,220 @@
+package com.eco.plugin.xx.zgrsauth.utils;
+
+import com.fr.decision.authority.data.User;
+import com.fr.decision.privilege.TransmissionTool;
+import com.fr.decision.webservice.bean.user.*;
+import com.fr.decision.webservice.v10.login.ExtendTokenProcessor;
+import com.fr.decision.webservice.v10.login.LoginService;
+import com.fr.decision.webservice.v10.user.UserService;
+
+import javax.servlet.http.HttpServletRequest;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Map;
+
+public class FRUserUtils {
+
+    /**
+     * 获取用户Service
+     * @return
+     */
+    public static UserService getUserService(){
+        return UserService.getInstance();
+    }
+
+    /**
+     * 获取全量用户
+     * @return
+     * @throws Exception
+     */
+    public static List<UserAdditionBean> getAllUsers() throws Exception {
+//        List<UserBean> userbean = UserMiddleRoleService.getInstance().getAllUsers(false);
+        List<UserAdditionBean> users = new ArrayList<UserAdditionBean>();
+        getAllUser(getAdminUser().getUsername(),0,1000,users);
+        return users;
+    }
+
+    /**
+     *
+     * @param adminUsername 管理员用户名
+     * @param page  页数
+     * @param num  每页的数据
+     * @param users 保存用户的列表
+     */
+    private static void getAllUser(String adminUsername,int page,int num,List<UserAdditionBean> users) throws Exception {
+        Map<String,Object> result = getUserService().getAllUsers(adminUsername,page,num,"","",true);
+        Long total = (Long)result.get("total");
+        List<UserAdditionBean> item = (List<UserAdditionBean>)result.get("items");
+        users.addAll(item);
+
+        page = page+1;
+
+        if(page * num >= total){
+            return ;
+        }
+
+        getAllUser(adminUsername,page,num,users);
+    }
+    /**
+     * 添加用户
+     * @param userBean
+     */
+    public static void addUser(UserBean userBean) throws Exception {
+        userBean.setPassword(TransmissionTool.defaultEncrypt(userBean.getPassword()));
+        getUserService().addUser(userBean);
+    }
+
+    /**
+     * 删除用户
+     * @param userBean
+     */
+    public static void updateUser(UserBean userBean) throws Exception {
+        getUserService().editUser(userBean,getAdminUser().getId());
+    }
+
+    /**
+     * 删除用户
+     * @param user
+     * @return
+     */
+    public static int deleteUser(User user) throws Exception {
+        String userId = user.getId();
+
+        UserUpdateBean userUpdateBean = new UserUpdateBean();
+        userUpdateBean.setRemoveUserIds(new String[]{userId});
+
+        return getUserService().deleteUsers(userUpdateBean);
+    }
+
+    /**
+     * 根据用户名获取用户实体
+     * @param userName
+     * @return
+     */
+    public static User getUserByUserName(String userName) throws Exception {
+        return getUserService().getUserByUserName(userName);
+    }
+
+    /**
+     * 根据用户名获取用户实体
+     * @param userName
+     * @return
+     */
+    public static UserBean getUserBeanByUserName(String userName ) throws Exception {
+        String id = getUserService().getUserByUserName(userName).getId();
+        return getUser(id);
+    }
+
+    /**
+     * 根据id获取用户
+     * @param id
+     * @return
+     * @throws Exception
+     */
+    public static UserBean getUser(String id) throws Exception {
+       return getUserService().getUser(id);
+    }
+
+    /**
+     * 判断是否是管理员
+     * @param username
+     * @return
+     */
+    public static boolean isAdmin(String username) throws Exception{
+        return getUserService().isAdmin(getUserByUserName(username).getId());
+    }
+
+    /**
+     * 禁用启用用户
+     * @param userId
+     * @param state false 禁用 true 启用
+     * @throws Exception 异常说明失败
+     */
+    public static void forbidUser(String userId,boolean state) throws Exception {
+        getUserService().forbidUser(userId,state);
+    }
+
+    /**
+     * 修改用户部门
+     * @param departmentId
+     * @param postId
+     * @param ud
+     * @throws Exception
+     */
+    public static void updateDepartmentPostUsers(String departmentId, String postId, UserUpdateBean ud) throws Exception {
+        getUserService().updateDepartmentPostUsers(departmentId,"",ud);
+    }
+
+
+//    /**
+//     * 验证密码是否正确
+//     * @param psd   明文密码
+//     * @param user  根据用户名获取得用户对象
+//     * @return
+//     */
+//    public static boolean checkPsd(String psd,User user){
+//        String shaPsd = CipherUtils.jdksha256(psd);
+//
+//        return shaPsd.equals(user.getPassword());
+//    }
+    public static User getCurrentUser(HttpServletRequest req) throws Exception {
+        String username = LoginService.getInstance().getCurrentUserNameFromRequestCookie(req);
+
+        if(Utils.isNullStr(username)){
+            return null;
+        }
+
+        return getUserByUserName(username);
+    }
+
+    public static UserBean getCurrentUserBean(HttpServletRequest req) throws Exception {
+        String username = LoginService.getInstance().getCurrentUserNameFromRequestCookie(req);
+
+        if(Utils.isNullStr(username)){
+            return null;
+        }
+
+        return getUserBeanByUserName(username);
+    }
+
+    /**
+     * 获取用户部门角色
+     * @param username
+     * @return
+     * @throws Exception
+     */
+    private static UserRolesBean getUserRolesBean(String username) throws Exception {
+        return FRUserUtils.getUserService().getUserDepAndCustomRoles(username);
+    }
+
+    /**
+     * 获取部门职务
+     * @param username
+     * @return
+     * @throws Exception
+     */
+    public static List<DepRoleBean> getDepRoleBean(String username) throws Exception{
+        return getUserRolesBean(username).getDepRoles();
+    }
+
+    /**
+     * 获取角色
+     * @param username
+     * @return
+     * @throws Exception
+     */
+    public static List<String> getCustomRoles(String username) throws Exception{
+        return getUserRolesBean(username).getCustomRoles();
+    }
+
+    public static UserBean getAdminUser() throws Exception {
+        String adminid = getUserService().getAdminUserIdList().get(0);
+        return getUser(adminid);
+    }
+
+    public static String getUsernameFromToken(String token){
+        String username = ExtendTokenProcessor.KEY.getUsername(token);
+        return username;
+    }
+
+}
diff --git a/src/main/java/com/eco/plugin/xx/zgrsauth/utils/FRUtils.java b/src/main/java/com/eco/plugin/xx/zgrsauth/utils/FRUtils.java
new file mode 100644
index 0000000..04a49ec
--- /dev/null
+++ b/src/main/java/com/eco/plugin/xx/zgrsauth/utils/FRUtils.java
@@ -0,0 +1,332 @@
+package com.eco.plugin.xx.zgrsauth.utils;
+
+import com.fr.base.ServerConfig;
+import com.fr.base.TableData;
+import com.fr.base.TemplateUtils;
+import com.fr.decision.authority.AuthorityContext;
+import com.fr.decision.authority.base.constant.type.operation.ManualOperationType;
+import com.fr.decision.authority.data.User;
+import com.fr.decision.base.util.UUIDUtil;
+import com.fr.decision.privilege.encrpt.PasswordValidator;
+import com.fr.decision.webservice.bean.authentication.OriginUrlResponseBean;
+import com.fr.decision.webservice.interceptor.handler.ReportTemplateRequestChecker;
+import com.fr.decision.webservice.login.LogInOutResultInfo;
+import com.fr.decision.webservice.utils.DecisionServiceConstants;
+import com.fr.decision.webservice.utils.DecisionStatusService;
+import com.fr.decision.webservice.utils.UserSourceFactory;
+import com.fr.decision.webservice.v10.login.LoginService;
+import com.fr.decision.webservice.v10.login.event.LogInOutEvent;
+import com.fr.decision.webservice.v10.user.UserService;
+import com.fr.event.EventDispatcher;
+import com.fr.file.TableDataConfig;
+import com.fr.general.data.DataModel;
+import com.fr.log.FineLoggerFactory;
+import com.fr.script.Calculator;
+import com.fr.stable.StringUtils;
+import com.fr.stable.query.QueryFactory;
+import com.fr.stable.query.restriction.RestrictionFactory;
+import com.fr.third.springframework.web.method.HandlerMethod;
+import com.fr.web.controller.ReportRequestService;
+import com.fr.web.utils.WebUtils;
+
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+import java.io.IOException;
+import java.util.List;
+
+public class FRUtils {
+    /**
+     * 判断用户是否存在
+     * @param userName
+     * @return
+     */
+    public static boolean isUserExist(String userName){
+        if (StringUtils.isEmpty(userName)) {
+            return false;
+        } else {
+            try {
+                List userList = AuthorityContext.getInstance().getUserController().find(QueryFactory.create().addRestriction(RestrictionFactory.eq("userName", userName)));
+                return userList != null && !userList.isEmpty();
+            } catch (Exception e) {
+                FineLoggerFactory.getLogger().error(e.getMessage());
+                return false;
+            }
+        }
+    }
+
+    /**
+     * 判断是否登录FR
+     * @param req
+     * @return
+     */
+    public static boolean isLogin(HttpServletRequest req){
+        return LoginService.getInstance().isLogged(req);
+    }
+
+    /**
+     * 帆软登录
+     * @param httpServletRequest
+     * @param httpServletResponse
+     * @param userName
+     * @param url
+     */
+    public static void login(HttpServletRequest httpServletRequest,HttpServletResponse httpServletResponse,String userName,String url){
+
+        FineLoggerFactory.getLogger().info("FRLOG:用户名:"+userName);
+        FineLoggerFactory.getLogger().info("FRLOG:跳转链接:"+url);
+
+
+        //判断用户名是否为空
+        if(!Utils.isNullStr(userName)){
+            if(isUserExist(userName)){
+                String FRToken = "";
+
+                try {
+                    //HttpSession session = httpServletRequest.getSession(true);
+
+                    FRToken = LoginService.getInstance().login(httpServletRequest, httpServletResponse, userName);
+
+                    //httpServletRequest.setAttribute(DecisionServiceConstants.FINE_AUTH_TOKEN_NAME,FRToken);
+
+                    //session.setAttribute(DecisionServiceConstants.FINE_AUTH_TOKEN_NAME, FRToken);
+                    EventDispatcher.fire(LogInOutEvent.LOGIN,new LogInOutResultInfo(httpServletRequest,httpServletResponse,userName,true));
+                    FineLoggerFactory.getLogger().info("FRLOG:登陆成功!");
+
+                    if(!Utils.isNullStr(url)){
+                        httpServletResponse.sendRedirect(url);
+                    }
+                } catch (Exception e) {
+                    ResponseUtils.failedResponse(httpServletResponse,"登录异常，请联系管理员!");
+                    FineLoggerFactory.getLogger().info("FRLOG:登录异常，请联系管理员!");
+                    FineLoggerFactory.getLogger().info("FRLOGException:"+e.getMessage());
+                }
+            }else{
+                ResponseUtils.failedResponse(httpServletResponse,"用户在报表系统中不存在!");
+                FineLoggerFactory.getLogger().info("FRLOG:用户在报表系统中不存在!");
+            }
+        }else{
+            ResponseUtils.failedResponse(httpServletResponse,"用户名不能为空!");
+            FineLoggerFactory.getLogger().info("FRLOG:用户名不能为空!");
+        }
+    }
+
+    /**
+     * 帆软登录
+     * @param httpServletRequest
+     * @param httpServletResponse
+     * @param token
+     * @param url
+     */
+    public static void loginByToken(HttpServletRequest httpServletRequest,HttpServletResponse httpServletResponse,String token,String url){
+
+        FineLoggerFactory.getLogger().info("FRLOG:token:"+token);
+        FineLoggerFactory.getLogger().info("FRLOG:跳转链接:"+url);
+
+
+        //判断用户名是否为空
+        if(!Utils.isNullStr(token)){
+            writeToken2Cookie(httpServletResponse,token,-1);
+
+            HttpSession session = httpServletRequest.getSession(true);
+
+            httpServletRequest.setAttribute(DecisionServiceConstants.FINE_AUTH_TOKEN_NAME,token);
+
+            session.setAttribute(DecisionServiceConstants.FINE_AUTH_TOKEN_NAME, token);
+
+            if(!Utils.isNullStr(url)){
+                try {
+                    httpServletResponse.sendRedirect(url);
+                } catch (IOException e) {
+                    ResponseUtils.failedResponse(httpServletResponse,"跳转异常!");
+                    FineLoggerFactory.getLogger().info("FRLOG:跳转异常!");
+                }
+            }
+        }else{
+            ResponseUtils.failedResponse(httpServletResponse,"token不能为空!");
+            FineLoggerFactory.getLogger().info("FRLOG:token不能为空!");
+        }
+    }
+
+    /**
+     * 获取token
+     * @param httpServletRequest
+     * @param httpServletResponse
+     * @param username
+     * @return
+     */
+    public static String getToken(HttpServletRequest httpServletRequest,HttpServletResponse httpServletResponse,String username){
+        String token = "";
+        try {
+            token = LoginService.getInstance().login(httpServletRequest, httpServletResponse, username);
+        } catch (Exception e) {
+            FineLoggerFactory.getLogger().info("FRLOG:获取token失败"+e.getMessage());
+        }
+
+        return token;
+    }
+
+    private static void writeToken2Cookie(HttpServletResponse req, String token, int num) {
+        try {
+            if (StringUtils.isNotEmpty(token)) {
+                Cookie cookie = new Cookie("fine_auth_token", token);
+                long maxAge = num == -2 ? 1209600000L : (long)num;
+                cookie.setMaxAge((int)maxAge);
+                cookie.setPath(ServerConfig.getInstance().getCookiePath());
+                req.addCookie(cookie);
+                Cookie rememberCookie = new Cookie("fine_remember_login", String.valueOf(num == -2 ? -2 : -1));
+                rememberCookie.setMaxAge((int)maxAge);
+                rememberCookie.setPath(ServerConfig.getInstance().getCookiePath());
+                req.addCookie(rememberCookie);
+            } else {
+                FineLoggerFactory.getLogger().error("empty token cannot save.");
+            }
+        } catch (Exception e) {
+            FineLoggerFactory.getLogger().error(e.getMessage(), e);
+        }
+
+    }
+
+    /**
+     * 后台登出
+     * @param httpServletRequest
+     * @param httpServletResponse
+     */
+    public static void logoutByToken(HttpServletRequest httpServletRequest,HttpServletResponse httpServletResponse,String token)
+    {
+        httpServletRequest.setAttribute("fine_auth_token",token);
+        logout(httpServletRequest,httpServletResponse);
+    }
+
+    /**
+     *
+     * @param httpServletRequest
+     * @param httpServletResponse
+     */
+    public static void logout(HttpServletRequest httpServletRequest,HttpServletResponse httpServletResponse)
+    {
+        if(!isLogin(httpServletRequest)){
+            return ;
+        }
+
+        try {
+            LoginService.getInstance().logout(httpServletRequest,httpServletResponse);
+        } catch (Exception e) {
+            ResponseUtils.failedResponse(httpServletResponse,"登出异常，请联系管理员!");
+            FineLoggerFactory.getLogger().info("FRLOG:登出异常，请联系管理员!");
+            FineLoggerFactory.getLogger().info("FRLOGException:"+e.getMessage());
+        }
+    }
+
+    /**
+     * 打印FR日志
+     * @param message
+     */
+    public static void FRLogInfo(String message){
+        FineLoggerFactory.getLogger().info("FRLOG:"+message);
+    }
+
+    /**
+     * 打印FR日志-error
+     * @param message
+     */
+    public static void FRLogError(String message){
+        FineLoggerFactory.getLogger().error("FRLOG:"+message);
+    }
+
+
+    /**
+     * 根据用户名获取用户信息
+     * @param userName
+     * @return
+     */
+    public static User getFRUserByUserName(String userName){
+        try {
+            return UserService.getInstance().getUserByUserName(userName);
+        } catch (Exception e) {
+            FRLogInfo("获取用户信息异常:"+e.getMessage());
+        }
+
+        return null;
+    }
+
+    /**
+     * 解密FR密码
+     * @param password
+     * @return
+     */
+//    public static String decryptFRPsd(String password){
+//        FRLogInfo("解密密码:"+password);
+//        return TransmissionTool.decrypt(password);
+//    }
+
+    /**
+     * 根据明文密码生成数据库中的密码，用户密码校验用
+     * @return
+     */
+    public static String getDBPsd(String username,String password){
+        PasswordValidator pv = UserSourceFactory.getInstance().getUserSource(ManualOperationType.KEY).getPasswordValidator();
+        String uuid = UUIDUtil.generate();
+
+        return pv.encode(username, password, uuid);
+    }
+
+    /**
+     * 获取带参数的访问链接
+     * @return
+     */
+    public static String getAllUrl(HttpServletRequest httpServletRequest){
+        return  WebUtils.getOriginalURL(httpServletRequest);
+    }
+
+	/**
+     * 根据originKey获取源链接
+     * @param req
+     * @return
+     * @throws Exception
+     */
+    public static String getOriginUrl(HttpServletRequest req) throws Exception {
+        String origin = req.getParameter("origin");
+        if (StringUtils.isNotEmpty(origin)) {
+            OriginUrlResponseBean originUrlResponseBean = (OriginUrlResponseBean) DecisionStatusService.originUrlStatusService().get(origin);
+            DecisionStatusService.originUrlStatusService().delete(origin);
+            if (originUrlResponseBean != null) {
+                return originUrlResponseBean.getOriginUrl();
+            }
+        }
+
+        return new OriginUrlResponseBean(TemplateUtils.render("${fineServletURL}")).getOriginUrl();
+    }
+
+	/**
+     * 判断是否开启模板认证
+     * @param
+     * @return
+     * @throws Exception
+     */
+	public static boolean isTempAuth(HttpServletRequest req,HttpServletResponse res) throws Exception {
+        ReportTemplateRequestChecker checker = new ReportTemplateRequestChecker();
+        HandlerMethod hm = new HandlerMethod(new ReportRequestService(),ReportRequestService.class.getMethod("preview", HttpServletRequest.class, HttpServletResponse.class, String.class));
+        return checker.checkRequest(req,res,hm);
+    }
+
+    /**
+     * 获取数据集数据
+     * @param serverDataSetName
+     * @return
+     */
+    public static DataModel getTableData(String serverDataSetName){
+        TableData userInfo = TableDataConfig.getInstance().getTableData(serverDataSetName);
+        DataModel userInfoDM = userInfo.createDataModel(Calculator.createCalculator());
+//        userInfoDM.getRowCount();
+//        userInfoDM.getColumnIndex();
+//        userInfoDM.getValueAt()
+        return userInfoDM;
+    }
+	
+	public static String getIndex(HttpServletRequest req){
+		String url = req.getScheme()+"://"+req.getServerName()+":"+String.valueOf(req.getServerPort())+req.getRequestURI();
+        return url;
+	}
+}
diff --git a/src/main/java/com/eco/plugin/xx/zgrsauth/utils/HttpUtils.java b/src/main/java/com/eco/plugin/xx/zgrsauth/utils/HttpUtils.java
new file mode 100644
index 0000000..0a4aa07
--- /dev/null
+++ b/src/main/java/com/eco/plugin/xx/zgrsauth/utils/HttpUtils.java
@@ -0,0 +1,262 @@
+package com.eco.plugin.xx.zgrsauth.utils;
+
+import com.fr.log.FineLoggerFactory;
+import com.fr.third.org.apache.http.HttpEntity;
+import com.fr.third.org.apache.http.HttpResponse;
+import com.fr.third.org.apache.http.HttpStatus;
+import com.fr.third.org.apache.http.NameValuePair;
+import com.fr.third.org.apache.http.client.CookieStore;
+import com.fr.third.org.apache.http.client.entity.UrlEncodedFormEntity;
+import com.fr.third.org.apache.http.client.methods.HttpGet;
+import com.fr.third.org.apache.http.client.methods.HttpPost;
+import com.fr.third.org.apache.http.conn.ssl.NoopHostnameVerifier;
+import com.fr.third.org.apache.http.entity.StringEntity;
+import com.fr.third.org.apache.http.impl.client.BasicCookieStore;
+import com.fr.third.org.apache.http.impl.client.CloseableHttpClient;
+import com.fr.third.org.apache.http.impl.client.HttpClients;
+import com.fr.third.org.apache.http.impl.cookie.BasicClientCookie;
+import com.fr.third.org.apache.http.message.BasicNameValuePair;
+import com.fr.third.org.apache.http.ssl.SSLContexts;
+import com.fr.third.org.apache.http.ssl.TrustStrategy;
+import com.fr.third.org.apache.http.util.EntityUtils;
+
+import javax.net.ssl.SSLContext;
+import javax.servlet.http.Cookie;
+import java.io.UnsupportedEncodingException;
+import java.security.cert.CertificateException;
+import java.security.cert.X509Certificate;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+
+public class HttpUtils {
+
+    /**
+     * httpGet请求
+     * @param url
+     * @return
+     */
+    public static String httpGet(String url,Cookie[] cookies,Map<String,String> header){
+        FineLoggerFactory.getLogger().info("FRLOG:HttpUtils.get--url:"+url);
+
+        //创建httpClient
+        CloseableHttpClient httpclient = createHttpClient(cookies);
+
+        HttpGet getMethod = new HttpGet(url);
+
+        if(header != null && header.size() > 0){
+            Set<String> keySet = header.keySet();
+
+            for(String key : keySet){
+                getMethod.setHeader(key,header.get(key));
+            }
+        }
+
+        try {
+            HttpResponse response = httpclient.execute(getMethod);
+            int status =response.getStatusLine().getStatusCode();
+            HttpEntity entity = response.getEntity();
+            String returnResult = EntityUtils.toString(entity, "utf-8");
+
+            FineLoggerFactory.getLogger().info("FRLOG:HttpUtils.get--status:"+status);
+            FineLoggerFactory.getLogger().info("FRLOG:HttpUtils.get--returnResult:"+returnResult);
+
+            httpclient.close();
+
+            if (status == HttpStatus.SC_OK) {
+                return returnResult;
+            }
+        } catch (Exception e) {
+            FineLoggerFactory.getLogger().info("FRLOG:HttpUtils.get--exception:"+e.getMessage());
+        }
+
+		try {
+            httpclient.close();
+        } catch (Exception e) {
+            FineLoggerFactory.getLogger().info("FRLOG:http关闭异常:"+e.getMessage());
+        }
+
+        return "";
+    }
+
+    /**
+     * HttpPost请求
+     * @param postMethod
+     * @return
+     */
+    private static String HttpPost(HttpPost postMethod){
+        CloseableHttpClient httpclient = createHttpClient(null);
+
+        try {
+            HttpResponse response = httpclient.execute(postMethod);
+            int status = response.getStatusLine().getStatusCode();
+            HttpEntity entity = response.getEntity();
+            String returnResult = EntityUtils.toString(entity, "utf-8");
+            FineLoggerFactory.getLogger().info("FRLOG:HttpPost:status:"+status);
+            FineLoggerFactory.getLogger().info("FRLOG:HttpPost:returnResult:"+returnResult);
+            httpclient.close();
+
+            if (status == HttpStatus.SC_OK) {
+                return returnResult;
+            }
+        } catch (Exception e) {
+            FineLoggerFactory.getLogger().info("FRLOG:HttpPost:exception:"+e.getMessage());
+        }
+
+		try {
+            httpclient.close();
+        } catch (Exception e) {
+            FineLoggerFactory.getLogger().info("FRLOG:http关闭异常:"+e.getMessage());
+        }
+
+        return "";
+    }
+
+    public static String HttpPostXML(String url, String xmlParam){
+        FineLoggerFactory.getLogger().info("FRLOG:HttpPostXML:url:"+url);
+
+        HttpPost postMethod = new HttpPost(url);
+
+        postMethod.setHeader("Content-type", "text/html");
+        HttpEntity entity = null;
+        try {
+            entity = new StringEntity(xmlParam);
+        } catch (UnsupportedEncodingException e) {
+            FineLoggerFactory.getLogger().info("FRLOG:HttpPostXML:参数异常:"+e.getMessage());
+            return "";
+        }
+
+        postMethod.setEntity(entity);
+
+        return HttpPost(postMethod);
+    }
+
+    public static String HttpPostText(String url, String xmlParam){
+        FineLoggerFactory.getLogger().info("FRLOG:HttpPostText:url:"+url);
+
+        HttpPost postMethod = new HttpPost(url);
+
+        postMethod.setHeader("Content-type", "text/plain");
+        HttpEntity entity = null;
+        try {
+            entity = new StringEntity(xmlParam);
+        } catch (UnsupportedEncodingException e) {
+            FineLoggerFactory.getLogger().info("FRLOG:HttpPostText:参数异常:"+e.getMessage());
+            return "";
+        }
+
+        postMethod.setEntity(entity);
+
+        return HttpPost(postMethod);
+    }
+
+    public static String HttpPostJson(String url, String param,Map<String,String> header){
+        FineLoggerFactory.getLogger().info("FRLOG:HttpPostJSON:url:"+url);
+
+        HttpPost postMethod = new HttpPost(url);
+
+        postMethod.setHeader("Content-Type","application/json");
+
+        if(header != null && header.size() > 0){
+            Set<String> keySet = header.keySet();
+
+            for(String key : keySet){
+                postMethod.setHeader(key,header.get(key));
+            }
+        }
+
+        if(!Utils.isNullStr(param)){
+            HttpEntity entity = null;
+            try {
+                entity = new StringEntity(param);
+            } catch (UnsupportedEncodingException e) {
+                FineLoggerFactory.getLogger().info("FRLOG:HttpPostJSON:参数异常:"+e.getMessage());
+                return "";
+            }
+
+            postMethod.setEntity(entity);
+        }
+
+        return HttpPost(postMethod);
+    }
+
+    public static String HttpPostWWWForm(String url, Map<String,String> header,Map<String,String> param){
+        FineLoggerFactory.getLogger().info("FRLOG:HttpWWWForm:url:"+url);
+
+        HttpPost postMethod = new HttpPost(url);
+
+        if(header != null && header.size() > 0){
+            Set<String> keySet = header.keySet();
+
+            for(String key : keySet){
+                postMethod.setHeader(key,header.get(key));
+            }
+        }
+
+        if(param != null && param.size() > 0){
+            List<NameValuePair> params = new ArrayList<NameValuePair>(param.size());
+
+            for(Map.Entry<String,String> map : param.entrySet()){
+                params.add(new BasicNameValuePair(map.getKey(), map.getValue()));
+            }
+
+            try {
+                postMethod.setEntity(new UrlEncodedFormEntity(params, "UTF-8"));
+            } catch (UnsupportedEncodingException e) {
+                FineLoggerFactory.getLogger().info("FRLOG:HttpWWWForm:异常:"+e.getMessage());
+                return "";
+            }
+        }
+
+        return HttpPost(postMethod);
+    }
+
+    private static CloseableHttpClient createHttpClient(Cookie[] cookies){
+
+        SSLContext sslContext = null;
+        try {
+            sslContext = SSLContexts.custom().loadTrustMaterial(null, new TrustStrategy() {
+                @Override
+                public boolean isTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {
+                    return true;
+                }
+            }).build();
+        } catch (Exception e) {
+            FRUtils.FRLogInfo("exception:"+e.getMessage());
+        }
+
+        CloseableHttpClient httpclient = null;
+
+        if(cookies != null && cookies.length > 0){
+            CookieStore cookieStore = cookieToCookieStore(cookies);
+
+            httpclient = HttpClients.custom().setSslcontext(sslContext).
+                    setSSLHostnameVerifier(new NoopHostnameVerifier()).setDefaultCookieStore(cookieStore).build();
+        }
+        else{
+            httpclient = HttpClients.custom().setSslcontext(sslContext).
+                    setSSLHostnameVerifier(new NoopHostnameVerifier()).build();
+        }
+
+        return httpclient;
+    }
+
+    /**
+     * cookies转cookieStore
+     * @param cookies
+     * @return
+     */
+    public static CookieStore cookieToCookieStore(Cookie[] cookies){
+        CookieStore cookieStore = new BasicCookieStore();
+
+        if(cookies != null && cookies.length>0){
+            for(Cookie cookie : cookies){
+                BasicClientCookie cookie1 = new BasicClientCookie(cookie.getName(), cookie.getValue());
+                cookieStore.addCookie(cookie1);
+            }
+        }
+
+        return cookieStore;
+    }
+}
diff --git a/src/main/java/com/eco/plugin/xx/zgrsauth/utils/ResponseUtils.java b/src/main/java/com/eco/plugin/xx/zgrsauth/utils/ResponseUtils.java
new file mode 100644
index 0000000..cae1684
--- /dev/null
+++ b/src/main/java/com/eco/plugin/xx/zgrsauth/utils/ResponseUtils.java
@@ -0,0 +1,108 @@
+package com.eco.plugin.xx.zgrsauth.utils;
+
+import com.fr.json.JSONObject;
+import com.fr.log.FineLoggerFactory;
+import com.fr.web.utils.WebUtils;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.PrintWriter;
+
+public class ResponseUtils {
+    private static final int SUCCESS = 200;
+    private static final int FAILED = -1;
+
+    public static void successResponse(HttpServletResponse res, String body) {
+        response(res, body, SUCCESS);
+    }
+
+    public static void failedResponse(HttpServletResponse res, String body) {
+        response(res, body, FAILED);
+    }
+
+    private static void response(HttpServletResponse res, String body, int code) {
+        JSONObject object = new JSONObject();
+        PrintWriter pw;
+        try {
+            object.put("code", code);
+            object.put("data", body);
+            pw = WebUtils.createPrintWriter(res);
+        } catch (Exception e) {
+            FineLoggerFactory.getLogger().info(e.getMessage());
+            return;
+        }
+        res.setContentType("application/json;charset=utf-8");
+        String result = object.toString();
+        pw.println(result);
+        pw.flush();
+        pw.close();
+    }
+
+    public static void response(HttpServletResponse res,JSONObject json){
+        PrintWriter pw;
+        try {
+            pw = WebUtils.createPrintWriter(res);
+        } catch (Exception e) {
+            FineLoggerFactory.getLogger().info(e.getMessage());
+            return;
+        }
+        res.setContentType("application/json;charset=utf-8");
+        String result = json.toString();
+        pw.println(result);
+        pw.flush();
+        pw.close();
+    }
+
+    public static void responseText(HttpServletResponse res,String text){
+        PrintWriter pw;
+        try {
+            pw = WebUtils.createPrintWriter(res);
+        } catch (Exception e) {
+            FineLoggerFactory.getLogger().info(e.getMessage());
+            return;
+        }
+        res.setContentType("text/html;charset=utf-8");
+        pw.println(text);
+        pw.flush();
+        pw.close();
+    }
+
+    public static void responseXml(HttpServletResponse res,String xml){
+        PrintWriter pw;
+        try {
+            pw = WebUtils.createPrintWriter(res);
+        } catch (Exception e) {
+            FineLoggerFactory.getLogger().info(e.getMessage());
+            return;
+        }
+        res.setContentType("text/xml;charset=utf-8");
+        pw.println(xml);
+        pw.flush();
+        pw.close();
+    }
+
+    public static void setCSRFHeader(HttpServletResponse httpServletResponse){
+        httpServletResponse.setHeader("Access-Control-Allow-Origin", "*");
+        httpServletResponse.setHeader("Access-Control-Allow-Methods", "POST,GET,OPTIONS,DELETE,HEAD,PUT,PATCH");
+        httpServletResponse.setHeader("Access-Control-Max-Age", "36000");
+        httpServletResponse.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept,Authorization,authorization");
+    }
+
+    public static void responseJsonp(HttpServletRequest req, HttpServletResponse res, JSONObject json){
+        PrintWriter pw;
+        try {
+            pw = WebUtils.createPrintWriter(res);
+        } catch (Exception e) {
+            FineLoggerFactory.getLogger().info(e.getMessage());
+            return;
+        }
+        res.setContentType("text/javascript;charset=utf-8;charset=utf-8");
+        String result = json.toString();
+
+        String jsonp=req.getParameter("callback");
+
+        pw.println(jsonp+"("+result+")");
+        pw.flush();
+        pw.close();
+    }
+}
diff --git a/src/main/java/com/eco/plugin/xx/zgrsauth/utils/Utils.java b/src/main/java/com/eco/plugin/xx/zgrsauth/utils/Utils.java
new file mode 100644
index 0000000..6578ce0
--- /dev/null
+++ b/src/main/java/com/eco/plugin/xx/zgrsauth/utils/Utils.java
@@ -0,0 +1,328 @@
+package com.eco.plugin.xx.zgrsauth.utils;
+
+import com.fr.base.TemplateUtils;
+import com.fr.data.NetworkHelper;
+import com.fr.decision.webservice.v10.user.UserService;
+import com.fr.io.utils.ResourceIOUtils;
+import com.fr.json.JSONObject;
+import com.fr.stable.CodeUtils;
+import com.fr.stable.StringUtils;
+import com.fr.third.org.apache.commons.codec.digest.DigestUtils;
+import com.fr.web.utils.WebUtils;
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.BufferedReader;
+import java.io.InputStream;
+import java.net.URLEncoder;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.UUID;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
+
+public class Utils {
+
+    /**
+     * 判断字符串是否为空
+     * @param str
+     * @return  true 空字符串  false 非空字符串
+     */
+    public static boolean isNullStr(String str){
+        return !(str != null && !str.isEmpty() && !"null".equals(str));
+    }
+
+    /**
+     * 判断字符串是否非空
+     * @param str
+     * @return
+     */
+    public static boolean isNotNullStr(String str){
+        return !isNullStr(str);
+    }
+
+    /**
+     * MD5加密
+     * @param str
+     * @return
+     */
+    public static String getMd5Str(String str)
+    {
+        return DigestUtils.md5Hex(str);
+    }
+
+	/**
+     * 帆软shaEncode加密
+     */
+
+	public static String shaEncode(String str){
+		return CodeUtils.sha256Encode(str);
+	}
+
+    /**
+     * 获取uuid
+     */
+    public static String uuid(){
+        return UUID.randomUUID().toString();
+    }
+
+    /**
+     * 替换空字符串
+     * @param str
+     * @param replace
+     * @return
+     */
+    public static String replaceNullStr(String str,String replace){
+        if(isNullStr(str)){
+            return replace;
+        }
+
+        return str;
+    }
+
+    /**
+     * 获取请求体
+     * @param req
+     * @return
+     */
+    public static JSONObject getRequestBody(HttpServletRequest req){
+        StringBuffer sb = new StringBuffer();
+        String line = null;
+        try {
+            BufferedReader reader = req.getReader();
+            while ((line = reader.readLine()) != null)
+                sb.append(line);
+        } catch (Exception e) {
+            FRUtils.FRLogInfo("getRequestBody:exception:"+e.getMessage());
+        }
+        //将空格和换行符替换掉避免使用反序列化工具解析对象时失败
+        String jsonString = sb.toString().replaceAll("\\s","").replaceAll("\n","");
+        FRUtils.FRLogInfo("reqBody:"+jsonString);
+        JSONObject json = new JSONObject(jsonString);
+
+        return json;
+    }
+
+    /**
+     * 获取ip
+     * @return
+     */
+    public static String getIp(HttpServletRequest req){
+        String realIp = req.getHeader("X-Real-IP");
+        String fw = req.getHeader("X-Forwarded-For");
+        if (StringUtils.isNotEmpty(fw) && !"unKnown".equalsIgnoreCase(fw)) {
+            int para3 = fw.indexOf(",");
+            return para3 != -1 ? fw.substring(0, para3) : fw;
+        } else {
+            fw = realIp;
+            if (StringUtils.isNotEmpty(realIp) && !"unKnown".equalsIgnoreCase(realIp)) {
+                return realIp;
+            } else {
+                if (StringUtils.isBlank(realIp) || "unknown".equalsIgnoreCase(realIp)) {
+                    fw = req.getHeader("Proxy-Client-IP");
+                }
+
+                if (StringUtils.isBlank(fw) || "unknown".equalsIgnoreCase(fw)) {
+                    fw = req.getHeader("WL-Proxy-Client-IP");
+                }
+
+                if (StringUtils.isBlank(fw) || "unknown".equalsIgnoreCase(fw)) {
+                    fw = req.getHeader("HTTP_CLIENT_IP");
+                }
+
+                if (StringUtils.isBlank(fw) || "unknown".equalsIgnoreCase(fw)) {
+                    fw = req.getHeader("HTTP_X_FORWARDED_FOR");
+                }
+
+                if (StringUtils.isBlank(fw) || "unknown".equalsIgnoreCase(fw)) {
+                    fw = req.getRemoteAddr();
+                }
+
+                return fw;
+            }
+        }
+    }
+
+    /**
+     * 根据key获取cookie
+     * @param req
+     * @return
+     */
+    public static String getCookieByKey(HttpServletRequest req,String key){
+        Cookie[] cookies = req.getCookies();
+        String cookie = "";
+
+        if(cookies == null || cookies.length <=0){
+            return "";
+        }
+
+        for(int i = 0; i < cookies.length; i++) {
+            Cookie item = cookies[i];
+            if (item.getName().equalsIgnoreCase(key)) {
+                cookie = item.getValue();
+            }
+        }
+
+        FRUtils.FRLogInfo("cookie:"+cookie);
+
+        return cookie;
+    }
+
+    /**
+     * 判断是否是手机端的链接
+     * @param req
+     * @return
+     */
+    public static boolean isMobile(HttpServletRequest req) {
+        String[] mobileArray = {"iPhone", "iPad", "android", "windows phone", "xiaomi"};
+        String userAgent = req.getHeader("user-agent");
+        if (userAgent != null && userAgent.toUpperCase().contains("MOBILE")) {
+            for(String mobile : mobileArray) {
+                if(userAgent.toUpperCase().contains(mobile.toUpperCase())) {
+                    return true;
+                }
+            }
+        }
+        return NetworkHelper.getDevice(req).isMobile();
+    }
+
+    /**
+     * 只编码中文
+     * @param url
+     * @return
+     */
+    public static String encodeCH(String url ){
+        Matcher matcher = Pattern.compile("[\\u4e00-\\u9fa5]").matcher(url);
+
+        while(matcher.find()){
+            String chn = matcher.group();
+            url = url.replaceAll(chn, URLEncoder.encode(chn));
+        }
+
+        return url;
+    }
+
+    /**
+     * 获取web-inf文件夹下的文件
+     * filename /resources/ip4enc.properties
+     */
+    public static InputStream getResourcesFile(String filename){
+        return ResourceIOUtils.read(filename);
+    }
+
+    /**
+     *
+     * @param res
+     * @param path /com/fr/plugin/loginAuth/html/getMac.html
+     * @param parameterMap
+     */
+    public static void toErrorPage(HttpServletResponse res,String path,Map<String, String> parameterMap){
+        if(parameterMap == null){
+            parameterMap = new HashMap<String, String>();
+        }
+
+        try {
+            String macPage = TemplateUtils.renderTemplate(path, parameterMap);
+            WebUtils.printAsString(res, macPage);
+        }catch (Exception e){
+            FRUtils.FRLogError("跳转页面异常");
+        }
+
+    }
+
+    /**
+     * 判断是否是管理员
+     * @param username
+     * @return
+     */
+    public static boolean isAdmin(String username) throws Exception{
+        return UserService.getInstance().isAdmin(UserService.getInstance().getUserByUserName(username).getId());
+    }
+
+    /**
+     * 去掉浏览器中的参数
+     * @param url
+     * @param param
+     * @return
+     */
+    public static String removeParam(String url,String param){
+        if(!url.contains("?"+param) && !url.contains("&"+param)){
+            return url;
+        }
+
+        return url.substring(0,url.indexOf(url.contains("?"+param) ? "?"+param : "&"+param));
+    }
+
+    /**
+     * 获取跳转链接
+     * @param req
+     * @param param
+     * @return
+     */
+    public static String getRedirectUrl(HttpServletRequest req,String param){
+        String url = FRUtils.getAllUrl(req);
+
+        if(isNotNullStr(param)){
+            url = removeParam(url,param);
+        }
+
+        url = encodeCH(url);
+
+        return url;
+    }
+
+    /**
+     * 去除空格换行
+     * @param str
+     * @return
+     */
+    public static String trim(String str){
+        return str.trim().replaceAll("\n","").replaceAll("\r","");
+    }
+
+    /**
+     * list 转化为指定字符分割的字符串
+     * @param list
+     * @param list
+     * @return
+     */
+    public static String listToStr(List<String> list, String split){
+        String result = "";
+
+        if(list == null || list.size() <= 0){
+            return result;
+        }
+
+        for(String str : list){
+            result+=","+str;
+        }
+
+        result = result.substring(1);
+
+        return result;
+    }
+
+    /**
+     * array 转化为指定字符分割的字符串
+     * @param list
+     * @param list
+     * @return
+     */
+    public static String arrayToStr(String[] list, String split){
+        String result = "";
+
+        if(list == null ||list.length <= 0){
+            return result;
+        }
+
+        for(int i=0;i<list.length;i++){
+            String str = list[i];
+            result+=","+str;
+        }
+
+        result = result.substring(1);
+
+        return result;
+    }
+}
diff --git a/src/main/java/com/eco/plugin/xx/zgrsauth/webservice/AuthServerServiceImplService.java b/src/main/java/com/eco/plugin/xx/zgrsauth/webservice/AuthServerServiceImplService.java
new file mode 100644
index 0000000..26550ef
--- /dev/null
+++ b/src/main/java/com/eco/plugin/xx/zgrsauth/webservice/AuthServerServiceImplService.java
@@ -0,0 +1,70 @@
+
+package com.eco.plugin.xx.zgrsauth.webservice;
+
+import com.eco.plugin.xx.zgrsauth.config.PluginSimpleConfig;
+import com.eco.plugin.xx.zgrsauth.utils.FRUtils;
+
+import javax.xml.namespace.QName;
+import javax.xml.ws.Service;
+import javax.xml.ws.WebEndpoint;
+import javax.xml.ws.WebServiceClient;
+import javax.xml.ws.WebServiceException;
+import java.net.MalformedURLException;
+import java.net.URL;
+
+/**
+ * This class was generated by the JAX-WS RI.
+ * JAX-WS RI 2.2.4-b01
+ * Generated source version: 2.2
+ * 
+ */
+@WebServiceClient(name = "AuthServerServiceImplService", targetNamespace = "http://xx/")
+
+public class AuthServerServiceImplService
+    extends Service
+{
+
+	private static final long serialVersionUID = 1L;
+	
+    private final static URL AUTHSERVERSERVICEIMPLSERVICE_WSDL_LOCATION;
+    private final static WebServiceException AUTHSERVERSERVICEIMPLSERVICE_EXCEPTION;
+    private final static QName AUTHSERVERSERVICEIMPLSERVICE_QNAME = new QName("http://xx/", "AuthServerServiceImplService");
+
+    static {
+        URL url = null;
+        WebServiceException e = null;
+        try {
+        	FRUtils.FRLogInfo("------AuthServerServiceImplService----------:" + 1);
+        	url = new URL(PluginSimpleConfig.getInstance().getUrl());
+            FRUtils.FRLogInfo("------AuthServerServiceImplService----------:" + url);
+        } catch (MalformedURLException ex) {
+            e = new WebServiceException(ex);
+        }
+        AUTHSERVERSERVICEIMPLSERVICE_WSDL_LOCATION = url;
+        AUTHSERVERSERVICEIMPLSERVICE_EXCEPTION = e;
+    }
+
+    public AuthServerServiceImplService() {
+        super(__getWsdlLocation(), AUTHSERVERSERVICEIMPLSERVICE_QNAME);
+    }
+
+
+    /**
+     * 
+     * @return
+     *     returns IAuthServerService
+     */
+    @WebEndpoint(name = "AuthServerServiceImplPort")
+    public IAuthServerService getAuthServerServiceImplPort() {
+        return super.getPort(new QName("http://xx/", "AuthServerServiceImplPort"), IAuthServerService.class);
+    }
+
+
+    private static URL __getWsdlLocation() {
+        if (AUTHSERVERSERVICEIMPLSERVICE_EXCEPTION!= null) {
+            throw AUTHSERVERSERVICEIMPLSERVICE_EXCEPTION;
+        }
+        return AUTHSERVERSERVICEIMPLSERVICE_WSDL_LOCATION;
+    }
+
+}
diff --git a/src/main/java/com/eco/plugin/xx/zgrsauth/webservice/ExeHttp.java b/src/main/java/com/eco/plugin/xx/zgrsauth/webservice/ExeHttp.java
new file mode 100644
index 0000000..79c8301
--- /dev/null
+++ b/src/main/java/com/eco/plugin/xx/zgrsauth/webservice/ExeHttp.java
@@ -0,0 +1,27 @@
+package com.eco.plugin.xx.zgrsauth.webservice;
+
+import com.eco.plugin.xx.zgrsauth.utils.FRUtils;
+
+public class ExeHttp {
+
+	public static void main(String []args){
+		ExeHttp t = new ExeHttp();
+		System.out.println(t.exeWebService4queryDimension(18100495, "FR_ID0001","FR0001"));
+		
+	}
+	
+	public static String exeWebService4queryDimension(Integer useraccount,String dimensionCd, String systemCd){
+		
+		String result = "";
+		try {
+			AuthServerServiceImplService service = new AuthServerServiceImplService();
+			
+			IAuthServerService authServerServiceImplPort = service.getAuthServerServiceImplPort();
+			result = authServerServiceImplPort.queryDimension(useraccount, dimensionCd, systemCd);
+		} catch (Exception e) {
+			FRUtils.FRLogInfo("------YZL_PubfunJson-------ExeHttp---error---------------:" + e.getMessage());
+		}
+		return result;
+	}
+
+}
\ No newline at end of file
diff --git a/src/main/java/com/eco/plugin/xx/zgrsauth/webservice/IAuthServerService.java b/src/main/java/com/eco/plugin/xx/zgrsauth/webservice/IAuthServerService.java
new file mode 100644
index 0000000..08e6436
--- /dev/null
+++ b/src/main/java/com/eco/plugin/xx/zgrsauth/webservice/IAuthServerService.java
@@ -0,0 +1,43 @@
+
+package com.eco.plugin.xx.zgrsauth.webservice;
+
+import javax.jws.WebMethod;
+import javax.jws.WebParam;
+import javax.jws.WebResult;
+import javax.jws.WebService;
+import javax.xml.bind.annotation.XmlSeeAlso;
+import javax.xml.ws.RequestWrapper;
+import javax.xml.ws.ResponseWrapper;
+
+/**
+ * This class was generated by the JAX-WS RI.
+ * JAX-WS RI 2.2.4-b01
+ * Generated source version: 2.2
+ * 
+ */
+@WebService(name = "IAuthServerService", targetNamespace = "http://xx/")
+@XmlSeeAlso({
+    ObjectFactory.class
+})
+public interface IAuthServerService {
+
+
+    /**
+     * 
+     * @param userId
+     * @param dimensionCd
+     * @return
+     *     returns java.lang.String
+     */
+    @WebMethod
+    @WebResult(targetNamespace = "")
+    @RequestWrapper(localName = "queryDimension", targetNamespace = "http://xx/", className = "com.zyzx.dmc.webservice.authcxf.queryDimension")
+    @ResponseWrapper(localName = "queryDimensionResponse", targetNamespace = "http://xx/", className = "com.zyzx.dmc.webservice.authcxf.queryDimensionResponse")
+    public String queryDimension(
+        @WebParam(name = "userAccount", targetNamespace = "")
+        Integer userId,
+        @WebParam(name = "dimensionCd", targetNamespace = "")
+        String dimensionCd,
+        @WebParam(name = "systemCd", targetNamespace = "")
+        String systemCd);
+}
diff --git a/src/main/java/com/eco/plugin/xx/zgrsauth/webservice/ObjectFactory.java b/src/main/java/com/eco/plugin/xx/zgrsauth/webservice/ObjectFactory.java
new file mode 100644
index 0000000..e872036
--- /dev/null
+++ b/src/main/java/com/eco/plugin/xx/zgrsauth/webservice/ObjectFactory.java
@@ -0,0 +1,33 @@
+
+package com.eco.plugin.xx.zgrsauth.webservice;
+
+import javax.xml.bind.annotation.XmlRegistry;
+
+
+/**
+ * This object contains factory methods for each 
+ * Java content interface and Java element interface 
+ * generated in the com.zyzx.dmc.webservice.authcxf package. 
+ * <p>An ObjectFactory allows you to programatically 
+ * construct new instances of the Java representation 
+ * for XML content. The Java representation of XML 
+ * content can consist of schema derived interfaces 
+ * and classes representing the binding of schema 
+ * type definitions, element declarations and model 
+ * groups.  Factory methods for each of these are 
+ * provided in this class.
+ * 
+ */
+@XmlRegistry
+public class ObjectFactory {
+
+
+    /**
+     * Create a new ObjectFactory that can be used to create new instances of schema derived classes for package: com.zyzx.dmc.webservice.authcxf
+     * 
+     */
+    public ObjectFactory() {
+    }
+
+
+}