[Java实战]XXL-SSO非springboot项目集成解决方案(xxl-sso+shiro)

解决方案如图

因为这次项目用到了shiro+xxl-sso

所以必须自定义一个filter,并且在web.xml中加上filter拦截

过滤器如下

/**
 * @description: xxlsso 过滤器
 * @author: liandong
 * @create: 2019-03-04 11:12
 **/


public class XxlSsoWebFilter extends HttpServlet implements Filter {


    private static Logger logger = LoggerFactory.getLogger(XxlSsoWebFilter.class);



    private static final AntPathMatcher antPathMatcher = new AntPathMatcher();



    private String ssoServer;

    private String logoutPath;

    private String excludedPaths;



    @Override

    public void init(FilterConfig filterConfig) throws ServletException {

        //ssoServer = filterConfig.getInitParameter(Conf.SSO_SERVER);
        ssoServer = XxlSsoConfig.getLfSsoServer();
        //logoutPath = filterConfig.getInitParameter(Conf.SSO_LOGOUT_PATH);
        logoutPath = XxlSsoConfig.getLfSsoLogoutPath();
        //excludedPaths = filterConfig.getInitParameter(Conf.SSO_EXCLUDED_PATHS);
        excludedPaths = XxlSsoConfig.getLfSsoExcludedPaths();

        logger.info("XxlSsoWebFilter init.");

    }



    @Override

    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {

        HttpServletRequest req = (HttpServletRequest) request;

        HttpServletResponse res = (HttpServletResponse) response;



// make url

        String servletPath = req.getServletPath();



// excluded path check

        if (excludedPaths!=null && excludedPaths.trim().length()>0) {

            for (String excludedPath:excludedPaths.split(",")) {

                String uriPattern = excludedPath.trim();



// 支持ANT表达式

                if (antPathMatcher.match(uriPattern, servletPath)) {

// excluded path, allow

                    chain.doFilter(request, response);

                    return;

                }



            }

        }



// logout path check

//        if (logoutPath!=null
//
//                && logoutPath.trim().length()>0
//
//                && logoutPath.equals(servletPath)) {
//
//
 remove cookie
//
//            SsoWebLoginHelper.removeSessionIdByCookie(req, res);
//
//
//
 redirect logout
//
//            String logoutPageUrl = ssoServer.concat(Conf.SSO_LOGOUT);
//
//            res.sendRedirect(logoutPageUrl);
//
//
//
//            return;
//
//        }



// valid login user, cookie + redirect

        XxlSsoUser xxlUser = SsoWebLoginHelper.loginCheck(req, res);



// valid login fail

        if (xxlUser == null) {



            String header = req.getHeader("content-type");

            boolean isJson= header!=null && header.contains("json");

            if (isJson) {



// json msg

                res.setContentType("application/json;charset=utf-8");

                res.getWriter().println("{\"resultCode\":"+Conf.SSO_LOGIN_FAIL_RESULT.getResultCode()+", \"resultMsg\":\""+ Conf.SSO_LOGIN_FAIL_RESULT.getResultMsg() +"\"}");

                return;

            } else {



// total link

                String link = req.getRequestURL().toString();



// redirect logout

                String loginPageUrl = ssoServer.concat(Conf.SSO_LOGIN)

                        + "?" + Conf.REDIRECT_URL + "=" + link;



                res.sendRedirect(loginPageUrl);

                return;

            }



        }



// ser sso user

        request.setAttribute(Conf.SSO_USER, xxlUser);





// already login, allow

        chain.doFilter(request, response);

        return;

    }



}

增加的XXLConfig类如下

/**
 * @author xuxueli 2018-11-15
 */
@Configuration
public class XxlSsoConfig implements DisposableBean {

    private static PropertiesLoader propertiesLoader = new PropertiesLoader("conf/XxlSso.properties");

    private static final String lfSsoServer=propertiesLoader.getProperty("lf.sso.server");

    private static final String lfSsoLogoutPath=propertiesLoader.getProperty("lf.sso.logout.path");

    private static final String lfSsoExcludedPaths=propertiesLoader.getProperty("lf-sso.excluded.sellerpaths");

    private static final String lfSsoRedisAddress=propertiesLoader.getProperty("lf.sso.redis.address");

    public static String getLfSsoServer() {
        return lfSsoServer;
    }

    public static String getLfSsoLogoutPath() {
        return lfSsoLogoutPath;
    }

    public static String getLfSsoExcludedPaths() {
        return lfSsoExcludedPaths;
    }

    public static String getLfSsoRedisAddress() {
        return lfSsoRedisAddress;
    }

    @Bean
    public FilterRegistrationBean lfSsoFilterRegistration() {

        // xxl-sso, redis init
        JedisUtil.init(lfSsoRedisAddress);

        // xxl-sso, filter init
        FilterRegistrationBean registration = new FilterRegistrationBean();

        registration.setName("XxlSsoWebFilter");
        registration.setOrder(1);
        registration.addUrlPatterns("/*");
        registration.setFilter(new XxlSsoWebFilter());
        registration.addInitParameter(Conf.SSO_SERVER, lfSsoServer);
        registration.addInitParameter(Conf.SSO_LOGOUT_PATH, lfSsoLogoutPath);
        registration.addInitParameter(Conf.SSO_EXCLUDED_PATHS, lfSsoExcludedPaths);

        return registration;
    }

    @Override
    public void destroy() throws Exception {

        // xxl-sso, redis close
        JedisUtil.close();
    }

}

还有properties文件

#xxlsso网址
lf.sso.server=http://ssotest.test.com

#登出网址
lf.sso.logout.path=/logout

#排除网址
lf-sso.excluded.sellerpaths=/api/uc.php,/unionJD/**

#redis网址
lf.sso.redis.address=redis://localhost:6379/1

因为非springboot项目不会读@Configration注释

所以要在application-context.xml中配置config

<!--加载ssoconfig文件-->
    <context:component-scan base-package="com.seller.sso"></context:component-scan>

在后台方法中获取,就变成了

//集成单点登陆
XxlSsoUser xxlUser = (XxlSsoUser) request.getAttribute(Conf.SSO_USER);