1.同父域单点登录实现流程
备:在.x.com这个域中有三个服务器,dome1项目和dome2项目,包括一个校验chekck,实现在不同的项目中单点登录
2.使用不同包和路径模拟三个服务器
3.统一登录接口(login.jsp)
<%@ page language="java" contentType="text/html; charset=utf-8"
pageEncoding="utf-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>dome1和dome2的统一登录接口</title>
</head>
<body>
<center>
<h1>统一登录</h1>
<!-- action这里请求的是一个校验服务器接口,因为属于不同服务器,所以需要全路径 -->
<form action="http://check.x.com/doLogin.action" method="post">
<span>用户名:</span>
<input type="text" name="username"/>
<span>密码:</span>
<input type="password" name="password"/>
<!--隐藏表单,用于保存我们要跳转的页面 -->
<input type="hidden" name="getUrl" value="${getUrl}"/>
<input type="submit" value="登录"/>
</form>
</center>
</body>
</html>
4.登录Action(SSOAction.java)
package check.x.com;
import java.io.IOException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletResponse;
import org.apache.struts2.ServletActionContext;
import com.opensymphony.xwork2.ActionSupport;
import check.x.com.util.SSOCheck;
/*
* cookie的校验服务器
*/
public class SSOAction extends ActionSupport {
private String username;
private String password;
private String getUrl;
public String getGetUrl() {
return getUrl;
}
public void setGetUrl(String getUrl) {
this.getUrl = getUrl;
}
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
//发送cookiename 和cookievalue过去校验
private String cookieName;
private String cookieValue;
public String getCookieName() {
return cookieName;
}
public void setCookieName(String cookieName) {
this.cookieName = cookieName;
}
public String getCookieValue() {
return cookieValue;
}
public void setCookieValue(String cookieValue) {
this.cookieValue = cookieValue;
}
/*
* doLogin
*/
public String doLogin()
{
boolean flag = SSOCheck.isLogin(username, password);
if(flag)
{
Cookie cookie = new Cookie("ssocookie","sso");
//因为现在是在不同的域,所以需要把cookie设置到顶级中
cookie.setDomain(".x.com");//主要
cookie.setPath("/");
HttpServletResponse response = ServletActionContext.getResponse();
response.addCookie(cookie);
return SUCCESS;
}
return null;
}
/*
* 用于别的域校验cookie
*/
public void check() throws IOException
{
boolean flag = SSOCheck.isCookie(cookieName, cookieValue);
String result = "0";//保存cookie是否校验成功
if(flag)
{
result = "1";//成功
}
HttpServletResponse response = ServletActionContext.getResponse();
response.getWriter().print(result);//吧校验结果发送到客户端
response.getWriter().close();
}
}
5.工具类(SSOCheck.java)包括登录验证和校验接口
package check.x.com.util;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
/*
* 工具
*/
public class SSOCheck {
private static final String USERNAME = "zhangying";
private static final String PASSWORD = "123";
public static boolean isLogin(String username,String password)
{
if(username.equals(USERNAME) && password.equals(PASSWORD))
return true;
return false;
}
/*
* 用于校验cookie
*/
public static boolean isCookie(String cookieName,String cookieValue)
{
//直接校验
if(cookieName.equals("ssocookie") && cookieValue.equals("sso"))
{
return true;
}
return false;
}
}
6.DOME1和DOME2的主页(index1.jsp index2.jsp)
index1.jsp
<%@ page language="java" contentType="text/html; charset=utf-8"
pageEncoding="utf-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>欢迎访问dome1</title>
</head>
<body>
<h1>这里时dome1的主页</h1>
</body>
</html>
index2.jsp
<%@ page language="java" contentType="text/html; charset=utf-8"
pageEncoding="utf-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>欢迎访问dome2</title>
</head>
<body>
<h1>这里时dome2的主页</h1>
</body>
</html>
7…DOME1和DOME2的Action(DOME1.java DOME2.java)
DOME1.java
package dome1.x.com;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import org.apache.struts2.ServletActionContext;
import com.opensymphony.xwork2.ActionSupport;
import dome1.x.com.util.DOME1Tool;
public class DOME1 extends ActionSupport {
private String getUrl;
/*
* dome1
*/
public String main()
{
HttpServletRequest request = ServletActionContext.getRequest();
//获取cookie
Cookie[] cookies = request.getCookies();
if(cookies!=null)
{
for(Cookie c:cookies)
{
if(c.getName().equals("ssocookie"))
{
//url是校验服务器的地址
String result = DOME1Tool.doGet("http://check.x.com/check.action", c.getName(), c.getValue());
if(result.equals("1"))//存在cookie
{
return SUCCESS;
}
}
}
}
getUrl = "http://dome1.x.com/main.action";//请求后需要回来的这个域
return LOGIN;
}
}
DOME2.java
package dome2.x.com;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import org.apache.struts2.ServletActionContext;
import com.opensymphony.xwork2.ActionSupport;
import dome2.x.com.util.DOME2Tool;
public class DOME2 extends ActionSupport {
private String getUrl;
/*
* dome1
*/
public String main()
{
HttpServletRequest request = ServletActionContext.getRequest();
//获取cookie
Cookie[] cookies = request.getCookies();
if(cookies!=null)
{
for(Cookie c:cookies)
{
if(c.getName().equals("ssocookie"))
{
//url是校验服务器的地址
String result = DOME2Tool.doGet("http://check.x.com/check.action", c.getName(), c.getValue());
if(result.equals("1"))//存在cookie
{
return SUCCESS;
}
}
}
}
getUrl = "http://dome2.x.com/main.action";//请求后需要回来的这个域
return LOGIN;
}
}
8.DOME1和DOME2的工具(DOME1Tool.java DOME2Tool.java)
DOME1Tool.java
package dome1.x.com.util;
import java.awt.image.BufferStrategy;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.net.HttpURLConnection;
import java.net.URL;
import org.xml.sax.InputSource;
import antlr.InputBuffer;
/*
* dome1的工具
*/
public class DOME1Tool {
/*
* 用于dome1向校验服务器通信
*/
public static String doGet(String url,String cookieName,String cookieValue)
{
StringBuffer sb = new StringBuffer();
HttpURLConnection httpURLConnection = null;
try{
URL urls = new URL(url+"?cookieName="+cookieName+"&cookieValue="+cookieValue);
httpURLConnection = (HttpURLConnection) urls.openConnection();//打开通信
httpURLConnection.setRequestMethod("GET");//设置通信方式
httpURLConnection.connect();//开始通信
InputStream is = httpURLConnection.getInputStream();
InputStreamReader isr = new InputStreamReader(is);
BufferedReader br = new BufferedReader(isr);
String temp = null;
while((temp=br.readLine())!=null)
{
sb.append(temp);
}
br.close();
isr.close();
is.close();
}catch (IOException e)
{
e.printStackTrace();
}finally{
if(httpURLConnection!=null)
{
httpURLConnection.disconnect();//关闭通信
}
}
return sb.toString();
}
}
DOME2Tool.java
package dome2.x.com.util;
import java.awt.image.BufferStrategy;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.net.HttpURLConnection;
import java.net.URL;
import org.xml.sax.InputSource;
import antlr.InputBuffer;
/*
* dome1的工具
*/
public class DOME2Tool {
/*
* 用于dome1向校验服务器通信
*/
public static String doGet(String url,String cookieName,String cookieValue)
{
StringBuffer sb = new StringBuffer();
HttpURLConnection httpURLConnection = null;
try{
URL urls = new URL(url+"?cookieName="+cookieName+"&cookieValue="+cookieValue);
httpURLConnection = (HttpURLConnection) urls.openConnection();//打开通信
httpURLConnection.setRequestMethod("GET");//设置通信方式
httpURLConnection.connect();//开始通信
InputStream is = httpURLConnection.getInputStream();
InputStreamReader isr = new InputStreamReader(is);
BufferedReader br = new BufferedReader(isr);
String temp = null;
while((temp=br.readLine())!=null)
{
sb.append(temp);
}
br.close();
isr.close();
is.close();
}catch (IOException e)
{
e.printStackTrace();
}finally{
if(httpURLConnection!=null)
{
httpURLConnection.disconnect();//关闭通信
}
}
return sb.toString();
}
}
9.struts.xml中的配置(struts.xml)
<!DOCTYPE struts PUBLIC
"-//Apache Software Foundation//DTD Struts Configuration 2.5//EN"
"http://struts.apache.org/dtds/struts-2.5.dtd">
<struts>
<package name="sso" extends="struts-default" namespace="/">
<action name="doLogin" class="check.x.com.SSOAction" method="doLogin">
<!-- type设置为请求转发,转发到我们要跳转的页面 -->
<result name="success" type="redirect">${getUrl}</result>
</action>
<!-- 配置校验服务器的校验 -->
<action name="check" class="check.x.com.SSOAction" method="check"></action>
</package>
<package name="dome1" extends="struts-default" namespace="/">
<action name="dome1" class="dome1.x.com.DOME1" method="main">
<result name="success">/index1.jsp</result>
<result name="login">/login.jsp</result>
</action>
</package>
<package name="dome2" extends="struts-default" namespace="/">
<action name="dome2" class="dome2.x.com.DOME2" method="main">
<result name="success">/index2.jsp</result>
<result name="login">/login.jsp</result>
</action>
</package>
</struts>
10.测试
访问:http://dome1.x.com/main.action
http://dome2.x.com/main.action
在没有登录之前,他们都会跳转到登录页面
只要在其中一个登录成功后,再刷新第二个项目便不需要登录了