设置yml里httponly以及websocket地址传值key不能有token字样

backend/src/main/java/com/jiayue/ssi/filter/VerifySmFilter.java

@@ -63,8 +63,8 @@ public class VerifySmFilter extends OncePerRequestFilter {
                 String tokenSign = "";
                 if ("/websocket/testsocket".equals(request.getServletPath())){
                     // 心跳
-                    tokenStr = request.getParameter("accessToken");
-                    tokenSign = request.getParameter("tokenSign");
+                    tokenStr = request.getParameter("JY");
+                    tokenSign = request.getParameter("JySign");
                 }
                 else{
                     // 验证token
@@ -85,8 +85,8 @@ public class VerifySmFilter extends OncePerRequestFilter {
                         activeUserDto.setHttpServletRequest(request);
                         request.getSession().setAttribute("ActiveUserDto",activeUserDto);
                         // 心跳
-                        tokenStr = request.getParameter("accessToken");
-                        tokenSign = request.getParameter("tokenSign");
+//                        tokenStr = request.getParameter("JY");
+                        tokenSign = request.getParameter("JySign");
                     }
 
 
@@ -231,9 +231,9 @@ public class VerifySmFilter extends OncePerRequestFilter {
             ParameterRequestWrapper pr = new ParameterRequestWrapper(initWrapper, stringToMap, decryptStr);
             filterChain.doFilter(pr, response);
         } catch (Exception e) {
-            e.printStackTrace();
+//            e.printStackTrace();
 //            log.error(IPUtils.getIpAddr(request) + "访问系统失败", e);
-            ResponseInfo.doResponse(response, "访问失败,联系管理员！", 401);
+            ResponseInfo.doResponse(response, "不能访问系统,联系管理员！", 401);
             return;
         }
     }

backend/src/main/resources/application.yml

@@ -6,7 +6,11 @@ server:
     key-store-password: JY[7d28439aff975b7e01a6bde97cc460afbf70308b07b023809bf9d839e61284bb22ed37382bc5cd497b651b1f0e9e16befb8f590920cd9d2f452d30bcd8a06762199423c6f524f2085e66a3691fff57e7dd960714a8cc26da64f85a49ce18be812494fb33f29eea00]
     enabled-protocols: "TLSv1.2"
     ciphers: "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"
-
+  servlet:
+    session:
+     cookie:
+       http-only: true
+       secure: true
 logging:
   config: classpath:logback-ssi.xml
 

ui/src/layout/components/Sidebar/index.vue

@@ -94,7 +94,7 @@ export default {
       else {
         visitPort = '443'
       }
-      let wsuri = 'wss:'+location.host.split(':')[0]+ ':'+visitPort+'/websocket/testsocket?accessToken='+tokenStr.split("&")[0]+'&'+'tokenSign='+tokenStr.split("&")[1];
+      let wsuri = 'wss:'+location.host.split(':')[0]+ ':'+visitPort+'/websocket/testsocket?JY='+tokenStr.split("&")[0]+'&'+'JySign='+tokenStr.split("&")[1];
       //建立连接
       this.websock = new WebSocket(wsuri);
       //连接成功