今天自己写SSO(单点登录)发现一些问题的总结
1。因为原先有拦截器inteceptor,所以想着就直接用拦截器搞好了,后来发现不行,
原因是:工程默认是/访问,是在web中配置默认的,并没有调用任何方法(而拦截器是拦截方法的),所以无论我修改spring配置文件,修改拦截条件都始终拦截不上
所以个人感觉,登录这种操作应该是在filter来搞,因为过滤器(过滤一切请求,即便是还没有登录)
2.所以改用filter过滤器
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse,
FilterChain filterChain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) servletRequest;
HttpServletResponse response = (HttpServletResponse) servletResponse;
String urlString = request.getRequestURI();
System.out.println("client请求链接:"+urlString);
if(urlString.contains("css")||urlString.contains("js")){
filterChain.doFilter(servletRequest, servletResponse);
return;
}
HttpSession session = request.getSession();
String username = (String) session.getAttribute("username");
String ticket = request.getParameter("ticket");
String url = URLEncoder.encode(request.getRequestURL().toString(), "UTF-8");
if (null == username) {
if (null != ticket && !"".equals(ticket)) {
JSONObject jsonObject = httpRequest("http://localhost:8080/yxy_author/ticketService?ticket="+ticket, "GET");
if(jsonObject!=null){
username = (String) jsonObject.getJSONObject("data").get("username");
}
if (null != username && !"".equals(username)) {
session.setAttribute("username", username);
filterChain.doFilter(request, response);
} else {
response.sendRedirect("http://localhost:8080/yxy_author/login?service=" + url);
}
} else {
response.sendRedirect("http://localhost:8080/yxy_author/login?service=" + url);
}
} else {
filterChain.doFilter(request, response);
}
}
核心代码就这么几句
记得配置web.xml中添加这个过滤器
<filter>
<filter-name>ssoClientFilter</filter-name>
<filter-class>com.cyt.babyhealth.tj.filter.SSOClientFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>ssoClientFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
============================下面是授权服务工程代码==============================================
SSOServerFilter代码
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse,
FilterChain filterChain) throws IOException, ServletException {
// TODO Auto-generated method stub
HttpServletRequest request = (HttpServletRequest) servletRequest;
HttpServletResponse response = (HttpServletResponse) servletResponse;
String test = ((HttpServletRequest) servletRequest).getServletPath();
String urlString = request.getRequestURI();
System.out.println("service请求链接:"+urlString);
if("/yxy_author/login".equals(urlString)||"/yxy_author/ticketService".equals(urlString)||urlString.contains("css")||urlString.contains("js")){
filterChain.doFilter(servletRequest, servletResponse);
return;
}
String service = request.getParameter("service");
String ticket = request.getParameter("ticket");
Cookie[] cookies = request.getCookies();
String username = "";
if (null != cookies) {
for (Cookie cookie : cookies) {
if ("sso".equals(cookie.getName())) {
username = cookie.getValue();
break;
}
}
}
if (null == service && null != ticket) {
filterChain.doFilter(servletRequest, servletResponse);
}
if (null != username && !"".equals(username)) {
System.out.println("service用户名:"+username);
long time = System.currentTimeMillis();
String timeString = username + time;
MemCached memCached = (MemCached) SpringUtil.getBean("memcachedClient");
memCached.set(timeString, 1000,username);
StringBuilder url = new StringBuilder();
if(service!=null){
url.append(service);
if (0 <= service.indexOf("?")) {
url.append("&");
} else {
url.append("?");
}
url.append("ticket=").append(timeString);
}
response.sendRedirect(url.toString());
} else {
filterChain.doFilter(servletRequest, servletResponse);
}
}
授权中心login
@RequestMapping(value = "/ticketService")
@ResponseBody
public ApiResult ticketService(HttpServletRequest request, HttpServletResponse response){
ApiResult apiResult = new ApiResult();
String ticket = request.getParameter("ticket");
String username = memcachedClient.get(ticket);
memcachedClient.delete(ticket);
// Object customVO = memcachedClient.get(ticket+".user");
// memcachedClient.delete(ticket+".user");
Map<String, Object> data = new HashMap<String, Object>();
data.put("username",username);
// data.put("customVO", customVO);
apiResult.setData(data);
return apiResult;
}
/**
* @param loginname
* @param pwd
* @return 登录
* @throws IOException
*/
@RequestMapping(value = "/login")
public String login(@RequestParam(required = false) String loginname,
@RequestParam(required = false) String pwd,
String service,HttpServletResponse response) throws IOException {
if(loginname!=null&&loginname.trim().length()>0&&pwd!=null&&pwd.trim().length()>0){
ImCustom admin = imCustomService.findLoginName(loginname);
if (admin != null) {
if(admin.getStatus() == 1){
if (admin.getPwd().equals(MD5.sign(pwd + PropertiesUtil.config.get("md5.key")))) {
if (admin.getStatus() == 1) {
String sysIds = admin.getSysIds();
List<AdminAuthorSys> adminAuthorSys = new ArrayList<AdminAuthorSys>();
String[] sysIdsArrStrings = sysIds.split(",");
for (int i = 0; i < sysIdsArrStrings.length; i++) {
String sysIdString = sysIdsArrStrings[i];
AdminAuthorSys adminAuthorSyss = adminAuthorSysService.find(Integer.parseInt(sysIdString));
adminAuthorSys.add(adminAuthorSyss);
}
ImCustomVO customVO = new ImCustomVO();
BeanUtils.copyProperties(admin, customVO);
customVO.setAdminSyses(adminAuthorSys);
ServletContext ContextA =getSession().getServletContext();
ContextA.setAttribute("session",getSession() );
getSession().setAttribute("admin", customVO);//这样保存只能在当前应用内看
System.out.println("44444444444444444444444444444444");
//设置cookie
Cookie cookie = new Cookie("sso", admin.getUname());
cookie.setPath("/");
response.addCookie(cookie);
//admin1503379134793 admin
//admin1503379134793.user com.cyt.babyhealth.tj.entity.ImCustomVO@399f315c
long time = System.currentTimeMillis();
String timeString = admin.getUname() + time;
memcachedClient.set(timeString, 10000, admin.getUname());
// JSONObject.toJSON(customVO);
//要想在应用外用,则需要session共享,放在memcached中
// memcachedClient.set(timeString+".user", 10000, JSONObject.toJSON(customVO));
if (null != service) {
StringBuilder url = new StringBuilder();
url.append(service);
if (0 <= service.indexOf("?")) {
url.append("&");
} else {
url.append("?");
}
url.append("ticket=").append(timeString);
response.sendRedirect(url.toString());
return null;
}else {
response.sendRedirect("/yxy_author/index.jsp");
return null;
}
} else {
getRequest().setAttribute("error", "该用户禁止登录");
}
} else {
getRequest().setAttribute("error", "密码错误");
}
}else{
getRequest().setAttribute("error", "用户已被禁止");
}
} else {
getRequest().setAttribute("error", "该用户不存在");
}
}
return "/login";
}
/**
* @return 退出登录
*/
@RequestMapping(value = "/logout")
public String logout() {
getSession().invalidate();
return "/login";
}
最後記得web.xml配置
<filter>
<filter-name>ssoServerFilter</filter-name>
<filter-class>com.cyt.babyhealth.tj.filter.SSOServerFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>ssoServerFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>