第一种为自己实现的单点登录,未使用CAS
主要是cookie跨域实现
代码如下:
package com.bochy.filter;
import java.io.IOException;
import java.security.NoSuchAlgorithmException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import org.apache.tomcat.util.http.Cookies;
import com.bochy.manage.UserManager;
import com.bochy.md5.MD_5;
public class AuthorityFilter implements Filter {
private String url;
public void init(FilterConfig config) throws ServletException {
url = config.getInitParameter("LoginProcessURL");
/*if(url == null){
throw new RuntimeException("loginurl为空");
}*/
}
public void doFilter(ServletRequest req, ServletResponse response, FilterChain chain) throws IOException, ServletException {
HttpServletRequest request=(HttpServletRequest)req;
String visiPath = request.getRequestURI();
if(visiPath.trim().equals(url)){
chain.doFilter(req, response);
return;
}
String user = (String) request.getSession().getAttribute("user");
if(user!=null){
chain.doFilter(req, response);
return;
}
Cookie[] cookies = request.getCookies();
if(cookies != null){
for(Cookie ck:cookies){
String path = ck.getPath();
System.out.println(path);
String ckName = ck.getName();
if(ckName.equals("pricipal")){
String value = ck.getValue();
String[] parts = value.split(":");
String username = parts[0];
String password = parts[1];
String dbPwd = UserManager.getInstance().findUserByName(username);
String md5pwd=null;
try {
md5pwd=MD_5.toMD5(dbPwd);
} catch (NoSuchAlgorithmException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
if(md5pwd != null && md5pwd.equals(password)){
request.getSession().setAttribute("user", username);
break;
}
}
}
}
chain.doFilter(request, response);
}
@Override
public void destroy() {
// TODO Auto-generated method stub
}
}
==================================================
package com.bochy.manage;
import java.util.HashMap;
import java.util.Map;
public class UserManager {
private static UserManager instance=new UserManager();
public static UserManager getInstance(){
return instance;
}
private Map users = new HashMap();
private UserManager(){
users.put("xlj", "abc");
users.put("ligang", "xyz");
users.put("hjw", "hjw");
}
public String findUserByName(String userName){
return (String) users.get(userName);
}
public void addUser(){
users.put("name", "password");
}
}
===============================================
package com.bochy.md5;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import com.sun.management.VMOption.Origin;
public class MD_5 {
public static String toMD5(String origin) throws NoSuchAlgorithmException{
MessageDigest digest=MessageDigest.getInstance("MD5");
byte[] results = digest.digest(origin.getBytes());
String md5String = toHex(results);
return md5String;
}
private static String toHex(byte[] results) {
// TODO Auto-generated method stub
if(results==null){
return null;
}
StringBuilder hexString =new StringBuilder();
for(int i=0;i<results.length;i++){
int hi=(results[i]>>4)&0x0f;
int lo=results[i]&0x0f;
hexString.append(Character.forDigit(hi, 16)).append(Character.forDigit(lo, 16));
}
return hexString.toString();
}
}
=============================================
package com.bochy.service;
import java.io.IOException;
import java.security.NoSuchAlgorithmException;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import com.bochy.manage.UserManager;
import com.bochy.md5.MD_5;
/**
* Servlet implementation class LoginService
*/
@WebServlet("/LoginService")
public class LoginServlet extends HttpServlet {
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
this.doPost(request, response);
}
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
request.setCharacterEncoding("utf-8");
response.setCharacterEncoding("utf-8");
response.setContentType("utf-8");
HttpSession session=request.getSession();
if("logoff".trim().equals(request.getParameter("action"))){
session.invalidate();//注销
Cookie ck=new Cookie("pricipal","");
ck.setMaxAge(0);
ck.setPath("/");//根目录及其子目录都可访问cookie;
//ck.setDomain("itcast.com");//设置域名,这样才能从电脑访问同一域名时携带cookie访问,实现单点登录,另外,注销时cookie设置必须和定义时相同;
response.addCookie(ck);
request.getRequestDispatcher("/index.jsp").forward(request, response);
return;
}
String userName = request.getParameter("username");
String password = request.getParameter("password");
System.out.println(userName+":"+password);
String forwardPath = "";
String pwd=UserManager.getInstance().findUserByName(userName);
if(pwd!=null&&pwd.trim().equals(password)){
session.setAttribute("user", userName);
if(request.getParameter("autoLogin")!=null){
String md5Password = null;
try {
md5Password = MD_5.toMD5(password);
} catch (NoSuchAlgorithmException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
Cookie ck=new Cookie("pricipal",userName+":"+md5Password);
ck.setMaxAge(3600*24*14);
ck.setPath("/");//根目录及其子目录都可访问cookie;
ck.setDomain(".itcast.com");//设置域名,这样才能从电脑访问同一域名时携带cookie访问,实现单点登录,另外,注销时cookie设置必须和定义时相同;
response.addCookie(ck);
}
forwardPath = "/success.jsp";
}else{
forwardPath = "/index.jsp";
}
request.getRequestDispatcher(forwardPath).forward(request,response);
}
}
==================================================
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Insert title here</title>
</head>
<body>
<%
String userName = (String)session.getAttribute("user");
if(userName != null){
%>
您已登录,用户名是 <%=userName%>,您可以<a href="LoginServlet?action=logoff">注销</a>
<%
return;
}
%>
<form action="LoginServlet" method="post">
用户名:<input type="text" name="username"><br>
密 码:<input type="password" name="password"><br>
记住两周<input type="checkbox" name="autoLogin"><!--默认value是on --><br>
<input type="submit" value="提交">
<input type="reset" value="重置">
</form>
</body>
</html>
======================================
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Insert title here</title>
</head>
<body>
<%
String userName = (String)session.getAttribute("user");
if(userName != null){
%>
您已登录,用户名是 <%=userName%>,您可以<a href="LoginServlet?action=logoff">注销</a>
<%
}
%>
</body>
</html>
================================================
<filter>
<filter-name>authori</filter-name>
<filter-class>com.bochy.filter.AuthorityFilter</filter-class>
<init-param>
<param-name>LoginProcessURL</param-name>
<param-value>/mysite/LoginServlet</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>authori</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<servlet>
<servlet-name>LoginServlet</servlet-name>
<servlet-class>com.bochy.service.LoginServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>LoginServlet</servlet-name>
<url-pattern>/LoginServlet</url-pattern>
</servlet-mapping>
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>