Index: ssts-web/src/main/webapp/logonSSOForBjdxzlyy.jsp
===================================================================
diff -u
--- ssts-web/src/main/webapp/logonSSOForBjdxzlyy.jsp	(revision 0)
+++ ssts-web/src/main/webapp/logonSSOForBjdxzlyy.jsp	(revision 27144)
@@ -0,0 +1,210 @@
+<%@page import="com.itextpdf.text.log.SysoLogger"%>
+<%@page import="com.forgon.security.model.User"%>
+<%@page import="com.forgon.disinfectsystem.common.CssdUtils"%>
+<%@page import="com.forgon.security.service.UserManager"%>
+<%@ page contentType="text/html; charset=UTF-8" %>
+<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
+<%@page import="com.forgon.tools.SpringBeanManger"%>
+<%@page import="com.forgon.tools.Constants"%>
+<%@page import="com.forgon.tools.crypto.coder.CoderEncryption" %>
+<%@page import="java.io.File" %>
+<%@page import="java.util.ArrayList" %>
+<%@page import="org.apache.commons.lang.StringUtils"%>
+<%@page import="java.util.Date"%>
+<%@page import="java.text.SimpleDateFormat"%>
+
+<!DOCTYPE html>
+<%
+ArrayList message = new ArrayList();
+String userName = request.getParameter("userName");
+String time = request.getParameter("loginTime");
+String md5 = request.getParameter("md5");
+//HIS系统和追溯系统约定的salt字符串为：201911070087@ABC
+String salt = "201911070087@ABC";
+System.out.println("userName=" + userName + " time=" + time + " md5=" + md5);
+if(StringUtils.isNotBlank(userName) || StringUtils.isNotBlank(time) || StringUtils.isNotBlank(md5)){
+	try{
+		// 请求时间
+		SimpleDateFormat sdf = new SimpleDateFormat("yyyy:MM:dd HH:mm:ss");
+		Date d1 = sdf.parse(time);
+		long s1 = d1.getTime();
+		// 服务器当前时间
+		long s2 = System.currentTimeMillis();
+		// 检查当前的时间跟传入的时间的间隔，间隔时间不能大于120秒
+		if ((s2 - s1) > 120000) {
+			throw new RuntimeException("请求时间无效");
+		}
+ 		// 校验md5码
+ 		String md5Str = CoderEncryption.encryptMD5(userName + time + salt, "UTF-8");
+ 		System.out.println(md5Str);
+ 		if (!StringUtils.equals(md5, md5Str)) {
+ 			throw new RuntimeException("md5码校验出错");
+ 		}
+ 		// 查询用户信息
+ 		if(StringUtils.isNotBlank(userName)){
+ 			UserManager userManager=(UserManager)SpringBeanManger.getBean("userManager");
+ 			User user=userManager.getFirst("name", userName);
+ 			if(user==null){
+ 				message.add("用户:"+userName+"不存在");
+ 			}else{
+ 				pageContext.setAttribute("barcode", user.getBarcode());
+ 			}
+ 		}
+	}
+	catch(Exception e) {
+		message.add(e.getMessage());
+	}
+}else{
+	 message.add("参数不能为空");
+}
+pageContext.setAttribute("message", message);
+
+String companyName = CssdUtils.getSystemSetConfigByName("companyName");
+String companyNameStr = "";
+if(companyName == null || companyName.equals("forgon")){
+	companyNameStr = "©2016 广州孚峻信息技术有限公司 版权所有";
+}else if(companyName.equals("dingxiang")){
+	companyNameStr = "©2016 广州丁香软件有限公司 版权所有";
+}
+session.setAttribute("companyName", companyNameStr);
+String project = CssdUtils.getConfigProperty("project");
+session.setAttribute("profile", project);
+
+String imgPath =  "disinfectsystem/config/" + project + "/img/logo_" + project +".png";
+//System.out.println(application.getRealPath("/") + imgPath);
+File file = new File(application.getRealPath("/") + imgPath);
+if(file.exists()){
+	request.setAttribute("logoPath",imgPath);
+}else{
+	if(companyName == null || companyName.equals("forgon")){
+		request.setAttribute("logoPath","themes/portalPage/img/logo_Forgon.png");
+	}else if(companyName.equals("dingxiang")){
+		request.setAttribute("logoPath","themes/portalPage/img/logo_dingxiangsoft.png");
+	}
+}
+ 
+%>
+<html>
+<head>
+<link rel="apple-touch-icon-precomposed" href="ipadIcon.png"/>
+<link rel="icon" href="favicon.ico" />
+<meta name="apple-mobile-web-app-capable" content="yes" />
+<meta name="apple-mobile-web-app-status-bar-style" content="black-translucent" />
+<meta http-equiv="X-UA-Compatible" content="IE=8" />
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+<title>消毒供应质量追溯管理系统</title>
+<%-- <link rel="stylesheet" type="text/css" href="${ctx}/themes/portalPage/css/login.css" /> --%>
+<script type="text/javascript" src="${ctx}/js/ui/common.js"></script>
+
+</head>
+
+<body onload=" setFieldFocus(document.getElementById('j_username_display'));autoMaxSize();autoLogin();">
+
+<form name="loginForm" action="j_spring_security_check" method="post" onsubmit="return checkSubmit();">
+<div style="height:118px;"></div>
+<div style="display:none;">
+    <c:if test="${(param.login_error == 1)}">账号或密码错误！请重新输入！</c:if>
+    <c:if test="${(param.login_error == 2)}">验证码错误，请重新输入！</c:if>
+    <c:if test="${(param.login_error == 3)}">该用户没有回收清点的权限，请重新输入！</c:if>
+    <c:if test="${(param.login_error == 4)}">注册码不正确或试用期已过！请与管理人员联系！</c:if>
+    <c:if test="${(param.login_error == 5)}">身份验证接口访问异常，请与系统管理员联系！</c:if>
+    <div class="login_n"  style="display:none;">
+      <input class="login_input" id="j_username_display" name="j_username_display" value="${barcode }" tabindex="1" type="text" maxlength="20" onfocus="this.select()" />
+      <input id="j_username" name="j_username" type="hidden" value="${barcode }" maxlength="20"/>
+      <span class="login_btn"><a href="#" onclick="checkSubmit();" tabindex="3"  onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('btn1','','${ctx}/themes/portalPage/img/btn3.gif',1)"><img style="vertical-align:middle;" src="${ctx}/themes/portalPage/img/btn1.gif" name="btn1" width="83" height="38" border="0" id="btn1" /></a></span>
+    </div>
+    <div class="login_p" style="display:none;">
+      <input class="login_input" id="j_password" name="j_password" tabindex="2" type="password" value="P@ssword" onfocus="this.select()" />
+    </div>
+</div>
+</form>
+</body>
+<script type="text/javascript" src="${ctx}/jquery/jquery-1.11.2.js"></script>
+<script type="text/javascript" src="${ctx}/js/number.js"></script>
+<script type="text/javascript" src="${ctx}/disinfectsystem/config/default/config.js"></script>
+<script type="text/javascript" src="${ctx}/disinfectsystem/config/${profile}/config.js"></script>
+<script type="text/javascript" src="${ctx}/disinfectsystem/common/cssdUtils.js"></script>
+<script type="text/javascript" src="${ctx}/js/configUtils.js"></script>
+<script type="text/javascript">
+if (top != self) {
+    top.location = self.location;
+}
+function autoMaxSize(){
+    self.moveTo(0,0);
+    self.resizeTo(screen.availWidth,screen.availHeight);
+}
+
+function MM_swapImgRestore() { //v3.0
+  var i,x,a=document.MM_sr; for(i=0;a&&i<a.length&&(x=a[i])&&x.oSrc;i++) x.src=x.oSrc;
+}
+function MM_preloadImages() { //v3.0
+  var d=document; if(d.images){ if(!d.MM_p) d.MM_p=new Array();
+    var i,j=d.MM_p.length,a=MM_preloadImages.arguments; for(i=0; i<a.length; i++)
+    if (a[i].indexOf("#")!=0){ d.MM_p[j]=new Image; d.MM_p[j++].src=a[i];}}
+}
+
+function MM_findObj(n, d) { //v4.01
+  var p,i,x;  if(!d) d=document; if((p=n.indexOf("?"))>0&&parent.frames.length) {
+    d=parent.frames[n.substring(p+1)].document; n=n.substring(0,p);}
+  if(!(x=d[n])&&d.all) x=d.all[n]; for (i=0;!x&&i<d.forms.length;i++) x=d.forms[i][n];
+  for(i=0;!x&&d.layers&&i<d.layers.length;i++) x=MM_findObj(n,d.layers[i].document);
+  if(!x && d.getElementById) x=d.getElementById(n); return x;
+}
+
+function MM_swapImage() { //v3.0
+  var i,j=0,x,a=MM_swapImage.arguments; document.MM_sr=new Array; for(i=0;i<(a.length-2);i+=3)
+   if ((x=MM_findObj(a[i]))!=null){document.MM_sr[j++]=x; if(!x.oSrc) x.oSrc=x.src; x.src=a[i+2];}
+}
+
+    function submitForm(){
+    	document.loginForm.submit();
+    }
+	function checkSubmit() {
+		if (isFieldBlank(document.loginForm.j_username_display) == true) {
+			alert('<fmt:message key="error.required.login.username"/>');
+			document.loginForm.j_username_display.focus();
+			return false;
+		}
+		if (isFieldBlank(document.loginForm.j_password) == true) {
+			if (document.activeElement.id != 'j_username_display') {
+				alert('<fmt:message key="error.required.login.password"/>');
+			}
+			document.loginForm.j_password.focus();
+			return false;
+		}
+		document.loginForm.j_username.value = document.loginForm.j_username_display.value;
+		document.loginForm.submit();
+	}
+
+	function setFieldFocus(objField) {
+		try {
+			objField.focus();
+		} catch (e) {
+		}
+	}
+
+	function isFieldBlank(objField) {
+		if (typeof (objField[0]) == "object") {
+			objField = objField[0];
+		}
+		if (typeof (objField) == "object") {
+			if (objField.value == "") {
+				return true;
+			} else {
+				return false;
+			}
+		}
+		return true;
+	}
+	function autoLogin(){
+		var a='${message}';
+		if(a.length>2){
+			window.location.href = "${ctx}/logon.jsp";
+		}else{
+			document.loginForm.submit();
+		}
+		
+	}
+</script>
+
+</html>
Index: ssts-web/src/main/resources/spring/security/applicationContext-acegi-security-bjdxzlyy.xml.back
===================================================================
diff -u -r27135 -r27144
--- ssts-web/src/main/resources/spring/security/applicationContext-acegi-security-bjdxzlyy.xml.back	(.../applicationContext-acegi-security-bjdxzlyy.xml.back)	(revision 27135)
+++ ssts-web/src/main/resources/spring/security/applicationContext-acegi-security-bjdxzlyy.xml.back	(.../applicationContext-acegi-security-bjdxzlyy.xml.back)	(revision 27144)
@@ -62,6 +62,7 @@
 			<intercept-url pattern="/services/**" access="permitAll"></intercept-url>
 			<intercept-url pattern="/mobileClient/**" access="permitAll"></intercept-url>
 			<intercept-url pattern="/disinfectSystem/sterilization/sterilizationRecordAction!uploadSterilizationRecordPic.do" access="permitAll"></intercept-url>
+			<intercept-url pattern="/logonSSOForBjdxzlyy.jsp" access="permitAll"></intercept-url>
 
 			<!--  user is not an anonymous or a remember-me user -->
 			<intercept-url pattern="/**" access="isFullyAuthenticated()"></intercept-url>