From 390165d733ccaf14096bfb259863b9bdb2c58f86 Mon Sep 17 00:00:00 2001
From: xuxueli <931591021@qq.com>
Date: Sat, 21 May 2022 14:27:39 +0800
Subject: [PATCH] =?UTF-8?q?=E8=B0=83=E5=BA=A6=E9=80=9A=E8=AE=AF=E9=BB=98?=
=?UTF-8?q?=E8=AE=A4=E5=90=AF=E7=94=A8accessToken=EF=BC=8C=E6=8F=90?=
=?UTF-8?q?=E5=8D=87=E7=B3=BB=E7=BB=9F=E5=AE=89=E5=85=A8=E6=80=A7=EF=BC=88?=
=?UTF-8?q?=E5=BB=BA=E8=AE=AE=E7=94=9F=E4=BA=A7=E7=8E=AF=E5=A2=83=E8=87=AA?=
=?UTF-8?q?=E5=AE=9A=E4=B9=89accessToken=EF=BC=89=E3=80=82?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
doc/XXL-JOB官方文档.md | 3 ++-
pom.xml | 11 +++++------
.../controller/interceptor/CookieInterceptor.java | 7 +++----
.../controller/interceptor/PermissionInterceptor.java | 8 ++++----
.../src/main/resources/application.properties | 2 +-
.../src/main/resources/xxl-job-executor.properties | 2 +-
.../src/main/resources/application.properties | 2 +-
7 files changed, 17 insertions(+), 18 deletions(-)
diff --git a/doc/XXL-JOB官方文档.md b/doc/XXL-JOB官方文档.md
index f9c604fa..e4cd49b4 100644
--- a/doc/XXL-JOB官方文档.md
+++ b/doc/XXL-JOB官方文档.md
@@ -2213,7 +2213,8 @@ public void execute() {
- 1、【修复】修复低版本风险漏洞,升级项目依赖:CVE-2021-2471、CVE-2022-22965等;
- 2、【修复】邮箱校验逻辑下放至EmailJobAlarm中,避免对其他告警方式的干扰;
- 3、【优化】合并多项PR,项目代码结构、健壮性优化:PR-2833、PR-2812、PR-2541、PR-2537、PR-2514、PR-2509、;
-- 4、【优化】任务线程名优化(ISSUE-2527)
+- 4、【优化】任务线程名优化(ISSUE-2527);
+- 5、【优化】调度通讯默认启用accessToken,提升系统安全性(建议生产环境自定义accessToken)。
### 7.33 版本 v2.3.2 Release Notes[规划中]
- 1、【优化】[规划中]任务日志重构:一次调度只记录一条主任务,维护起止时间和状态。
diff --git a/pom.xml b/pom.xml
index 1f57e72c..202f036b 100644
--- a/pom.xml
+++ b/pom.xml
@@ -27,11 +27,11 @@
4.1.63.Final
2.9.0
- 5.3.19
- 2.6.6
+ 5.3.20
+ 2.6.7
2.2.2
- 8.0.28
+ 8.0.29
1.7.36
5.8.2
@@ -40,9 +40,8 @@
3.0.10
3.2.1
- 3.3.2
- 1.6
- 3.3.2
+ 3.4.0
+ 3.0.1
diff --git a/xxl-job-admin/src/main/java/com/xxl/job/admin/controller/interceptor/CookieInterceptor.java b/xxl-job-admin/src/main/java/com/xxl/job/admin/controller/interceptor/CookieInterceptor.java
index 8c2437ef..930b9e8a 100644
--- a/xxl-job-admin/src/main/java/com/xxl/job/admin/controller/interceptor/CookieInterceptor.java
+++ b/xxl-job-admin/src/main/java/com/xxl/job/admin/controller/interceptor/CookieInterceptor.java
@@ -3,8 +3,8 @@ package com.xxl.job.admin.controller.interceptor;
import com.xxl.job.admin.core.util.FtlUtil;
import com.xxl.job.admin.core.util.I18nUtil;
import org.springframework.stereotype.Component;
+import org.springframework.web.servlet.AsyncHandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
-import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
@@ -17,7 +17,7 @@ import java.util.HashMap;
* @author xuxueli 2015-12-12 18:09:04
*/
@Component
-public class CookieInterceptor extends HandlerInterceptorAdapter {
+public class CookieInterceptor implements AsyncHandlerInterceptor {
@Override
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler,
@@ -36,8 +36,7 @@ public class CookieInterceptor extends HandlerInterceptorAdapter {
if (modelAndView != null) {
modelAndView.addObject("I18nUtil", FtlUtil.generateStaticModel(I18nUtil.class.getName()));
}
-
- super.postHandle(request, response, handler, modelAndView);
+
}
}
diff --git a/xxl-job-admin/src/main/java/com/xxl/job/admin/controller/interceptor/PermissionInterceptor.java b/xxl-job-admin/src/main/java/com/xxl/job/admin/controller/interceptor/PermissionInterceptor.java
index 8ac2e40b..ecb28114 100644
--- a/xxl-job-admin/src/main/java/com/xxl/job/admin/controller/interceptor/PermissionInterceptor.java
+++ b/xxl-job-admin/src/main/java/com/xxl/job/admin/controller/interceptor/PermissionInterceptor.java
@@ -6,7 +6,7 @@ import com.xxl.job.admin.core.util.I18nUtil;
import com.xxl.job.admin.service.LoginService;
import org.springframework.stereotype.Component;
import org.springframework.web.method.HandlerMethod;
-import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
+import org.springframework.web.servlet.AsyncHandlerInterceptor;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
@@ -18,7 +18,7 @@ import javax.servlet.http.HttpServletResponse;
* @author xuxueli 2015-12-12 18:09:04
*/
@Component
-public class PermissionInterceptor extends HandlerInterceptorAdapter {
+public class PermissionInterceptor implements AsyncHandlerInterceptor {
@Resource
private LoginService loginService;
@@ -27,7 +27,7 @@ public class PermissionInterceptor extends HandlerInterceptorAdapter {
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
if (!(handler instanceof HandlerMethod)) {
- return super.preHandle(request, response, handler);
+ return true; // proceed with the next interceptor
}
// if need login
@@ -53,7 +53,7 @@ public class PermissionInterceptor extends HandlerInterceptorAdapter {
request.setAttribute(LoginService.LOGIN_IDENTITY_KEY, loginUser);
}
- return super.preHandle(request, response, handler);
+ return true; // proceed with the next interceptor
}
}
diff --git a/xxl-job-admin/src/main/resources/application.properties b/xxl-job-admin/src/main/resources/application.properties
index afe93b42..8727b6c7 100644
--- a/xxl-job-admin/src/main/resources/application.properties
+++ b/xxl-job-admin/src/main/resources/application.properties
@@ -52,7 +52,7 @@ spring.mail.properties.mail.smtp.starttls.required=true
spring.mail.properties.mail.smtp.socketFactory.class=javax.net.ssl.SSLSocketFactory
### xxl-job, access token
-xxl.job.accessToken=
+xxl.job.accessToken=default_token
### xxl-job, i18n (default is zh_CN, and you can choose "zh_CN", "zh_TC" and "en")
xxl.job.i18n=zh_CN
diff --git a/xxl-job-executor-samples/xxl-job-executor-sample-frameless/src/main/resources/xxl-job-executor.properties b/xxl-job-executor-samples/xxl-job-executor-sample-frameless/src/main/resources/xxl-job-executor.properties
index 15a803a6..9b1ab8a7 100644
--- a/xxl-job-executor-samples/xxl-job-executor-sample-frameless/src/main/resources/xxl-job-executor.properties
+++ b/xxl-job-executor-samples/xxl-job-executor-sample-frameless/src/main/resources/xxl-job-executor.properties
@@ -2,7 +2,7 @@
xxl.job.admin.addresses=http://127.0.0.1:8080/xxl-job-admin
### xxl-job, access token
-xxl.job.accessToken=
+xxl.job.accessToken=default_token
### xxl-job executor appname
xxl.job.executor.appname=xxl-job-executor-sample
diff --git a/xxl-job-executor-samples/xxl-job-executor-sample-springboot/src/main/resources/application.properties b/xxl-job-executor-samples/xxl-job-executor-sample-springboot/src/main/resources/application.properties
index e067db4f..14c796e8 100644
--- a/xxl-job-executor-samples/xxl-job-executor-sample-springboot/src/main/resources/application.properties
+++ b/xxl-job-executor-samples/xxl-job-executor-sample-springboot/src/main/resources/application.properties
@@ -11,7 +11,7 @@ logging.config=classpath:logback.xml
xxl.job.admin.addresses=http://127.0.0.1:8080/xxl-job-admin
### xxl-job, access token
-xxl.job.accessToken=
+xxl.job.accessToken=default_token
### xxl-job executor appname
xxl.job.executor.appname=xxl-job-executor-sample