- 4、【优化】登录信息页面空值处理优化，避免空值影响ftl渲染；

- 5、【优化】异常页面处理逻辑优化，新增兜底落地页配置；
4 weeks ago · b54ca22e9e
parent 06539bf663
commit b54ca22e9e
8 changed files with 46 additions and 6 deletions
--- a/doc/XXL-JOB官方文档.md
+++ b/doc/XXL-JOB官方文档.md
@ -2547,6 +2547,8 @@ public void execute() {
 - 1、【强化】AI任务（ollamaJobHandler）优化：针对 “model” 模型配置信息，从执行器侧文件类配置调整至调度中心“任务参数”动态配置，支持集成多模型、并结合任务动态配置切换。
 - 2、【修复】漏洞修复（CVE-2025-7787），针对 httpJobHandler 支持配置URL白名单限制，防止服务器端请求伪造（SSRF）攻击。
 - 3、【升级】升级多项maven依赖至较新版本，如 netty、groovy、mybatis、spring、spring-ai、dify 等；
+- 4、【优化】登录信息页面空值处理优化，避免空值影响ftl渲染；
+- 5、【优化】异常页面处理逻辑优化，新增兜底落地页配置；

 - 3、【规划中】登录安全升级，密码加密处理算法从Md5改为Sha256；
 ```
@ -2557,9 +2559,7 @@ ALTER TABLE xxl_conf_user
 // 2、存量用户密码需要修改，可执行如下命令将密码初始化 “123456”；也可以自行通过 “SHA256Tool.sha256” 工具生成其他初始化密码；
 UPDATE xxl_conf_user t SET t.password = '8d969eef6ecad3c29a3a629280e686cf0c3f5d5a86aff3ca12020c923adc6c92' WHERE t.username = {用户名};
 ```
- 2、【规划中】登录态持久化逻辑调整，简化代码逻辑；
- 3、【规划中】异常页面处理逻辑优化，新增兜底落地页配置；
- 4、【规划中】登录信息页面空值处理优化，避免空值影响ftl渲染；
+- 2、【规划中】登录认证重构，规范登录态以及权限认证逻辑，提升系统安全；
 - 1、【规划中】登陆态Token生成逻辑优化，混淆登陆时间属性，降低token泄漏风险；
 - 2、【规划中】组件扫描改为BeanPostProcessor方式，避免小概率情况下提前初始化；底层组件移除单例写法，汇总factory统一管理；

--- a/pom.xml
+++ b/pom.xml
@ -44,6 +44,8 @@
 		<mysql-connector-j.version>9.4.0</mysql-connector-j.version>
 		<!-- dynamic language -->
 		<groovy.version>4.0.28</groovy.version>
+		<!-- xxl-sso (+xxl-tool、gson) -->
+		<xxl-sso.version>2.0.0</xxl-sso.version>
 	</properties>

 	<build>
--- a/xxl-job-admin/pom.xml
+++ b/xxl-job-admin/pom.xml
@ -77,6 +77,13 @@
 			<version>${project.parent.version}</version>
 		</dependency>

+		<!-- xxl-sso (xxl-tool、gson) -->
+		<dependency>
+			<groupId>com.xuxueli</groupId>
+			<artifactId>xxl-sso-core</artifactId>
+			<version>${xxl-sso.version}</version>
+		</dependency>
+
 	</dependencies>

 	<build>
--- a/xxl-job-admin/src/main/java/com/xxl/job/admin/controller/IndexController.java
+++ b/xxl-job-admin/src/main/java/com/xxl/job/admin/controller/IndexController.java
@ -4,6 +4,7 @@ import com.xxl.job.admin.controller.annotation.PermissionLimit;
 import com.xxl.job.admin.service.impl.LoginService;
 import com.xxl.job.admin.service.XxlJobService;
 import com.xxl.job.core.biz.model.ReturnT;
+import com.xxl.sso.core.annotation.XxlSso;
 import jakarta.annotation.Resource;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
@ -88,6 +89,17 @@ public class IndexController {
 		return "help";
 	}

+	@RequestMapping(value = "/errorpage")
+	@XxlSso(login = false)
+	public ModelAndView errorPage(HttpServletRequest request, HttpServletResponse response, ModelAndView mv) {
+
+		String exceptionMsg = "HTTP Status Code: "+response.getStatus();
+
+		mv.addObject("exceptionMsg", exceptionMsg);
+		mv.setViewName("common/common.errorpage");
+		return mv;
+	}
+
 	@InitBinder
 	public void initBinder(WebDataBinder binder) {
 		SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
--- a/xxl-job-admin/src/main/java/com/xxl/job/admin/controller/resolver/WebErrorPageRegistrar.java
+++ b/xxl-job-admin/src/main/java/com/xxl/job/admin/controller/resolver/WebErrorPageRegistrar.java
@ -0,0 +1,19 @@
+package com.xxl.job.admin.controller.resolver;
+
+import org.springframework.boot.web.server.ErrorPage;
+import org.springframework.boot.web.server.ErrorPageRegistrar;
+import org.springframework.boot.web.server.ErrorPageRegistry;
+import org.springframework.stereotype.Component;
+
+/**
+ * error page
+ */
+@Component
+public class WebErrorPageRegistrar implements ErrorPageRegistrar {
+
+    @Override
+    public void registerErrorPages(ErrorPageRegistry registry) {
+        ErrorPage errorPage = new ErrorPage("/errorpage");
+        registry.addErrorPages(errorPage);
+    }
+}
--- a/xxl-job-admin/src/main/java/com/xxl/job/admin/controller/resolver/WebExceptionResolver.java
+++ b/xxl-job-admin/src/main/java/com/xxl/job/admin/controller/resolver/WebExceptionResolver.java
@ -57,7 +57,7 @@ public class WebExceptionResolver implements HandlerExceptionResolver {
 		} else {

 			mv.addObject("exceptionMsg", errorResult.getMsg());
-			mv.setViewName("/common/common.exception");
+			mv.setViewName("/common/common.errorpage");
 			return mv;
 		}
 	}
--- a/xxl-job-admin/src/main/resources/templates/common/common.errorpage.ftl
+++ b/xxl-job-admin/src/main/resources/templates/common/common.errorpage.ftl
@ -22,7 +22,7 @@

 	<div class="dialog"> 
 	    <h1>System Error</h1>
-	    <p>${exceptionMsg}</p>
+		<p><#if exceptionMsg?exists>${exceptionMsg}<#else>Unknown Error.</#if></p>
 		<a href="javascript:window.location.href='${request.contextPath}/'">Back</a>
 	    </p> 
 	</div>
--- a/xxl-job-admin/src/main/resources/templates/common/common.macro.ftl
+++ b/xxl-job-admin/src/main/resources/templates/common/common.macro.ftl
@ -84,7 +84,7 @@
 					<#-- login user -->
                    <li class="dropdown">
                        <a href="javascript:" class="dropdown-toggle" data-toggle="dropdown" aria-expanded="false">
-                            ${I18n.system_welcome} ${loginUser.username}
+                            ${I18n.system_welcome} ${loginUser.username!}
                            <span class="caret"></span>
                        </a>
                        <ul class="dropdown-menu" role="menu">