本文介绍了如何通过SSO(Single Sign-On)技术,让不同域名的三个系统共享用户登录状态,实现在一个登录后其他系统无需重复登录。涉及Spring Boot、Thymeleaf和Redis的配合应用实例。
SSO - 单点登录
Single Sign On 一处登陆、处处可用
参考:https://gitee.com/xuxueli0323/xxl-sso.git
一、项目搭建
结构:
- gulimall-test-sso-client 登录服务器 8080 ssoserver.com
- gulimall-test-sso-client 项目1 8081 client1.com
127.0.0.1 ssoserver.com
127.0.0.1 client1.com
127.0.0.1 client2.com
核心:
三个系统即使域名不一样,想办法给三个系统同步同一个用户的票据
1、 中央认责服务器:ssoserver.com
2、 其他系统‘想要登录去 ssoserver.com 登录,登录成功跳转回来
3、只要一个登录,其他都不用登录
4、全系统一个ss0-sessionid; 所有系统可能域名都不相同
二、项目流程图
三、项目代码
1.gulimall-test-sso-client
pom
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-redis</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-thymeleaf</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
<optional>true</optional>
</dependency>
controller
import org.springframework.http.ResponseEntity;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.client.RestTemplate;
import org.thymeleaf.util.StringUtils;
import javax.servlet.http.HttpSession;
import java.util.ArrayList;
/**
* @Author OY
* @Date 2021/11/19
*/
@Controller
public class HelloController {
/**
* 无需登录就可以访问
* @return
*/
@ResponseBody
@GetMapping(value = "/hello")
public String hello(){
return "hello";
}
@GetMapping(value = "/employees")
public String employees(Model model, HttpSession session, @RequestParam(value = "token", required = false) String token) {
if(!StringUtils.isEmpty(token)){
RestTemplate restTemplate = new RestTemplate();
ResponseEntity<String> forEntity = restTemplate.getForEntity("http://ssoserver.com:8080/userinfo?token=" + token, String.class);
String body = forEntity.getBody();
session.setAttribute("loginUser",body);
}
Object logUser = session.getAttribute("loginUser");
if(logUser == null){
return "redirect:" + "http://ssoserver.com:8080/login.html"+"?redirect_url=http://client1.com:8081/employees";
}else{
ArrayList<String> emps = new ArrayList<>();
emps.add("张三");
emps.add("李四");
model.addAttribute("emps",emps);
return "employees";
}
}
}
application.properties
# 应用名称
spring.application.name=gulimall-test-sso-client
# 应用服务 WEB 访问端口
server.port=8081
# THYMELEAF (ThymeleafAutoConfiguration)
# 开启模板缓存(默认值: true )
spring.thymeleaf.cache=false
spring.redis.host=192.168.56.10
spring.redis.port=6379
employees.html
<!DOCTYPE html>
<html lang="en" xmlns:th="http://www.thymeleaf.org">
<head>
<meta charset="UTF-8">
<title>员工列表</title>
</head>
<body>
<h1>欢迎:[[${session.loginUser}]]</h1>
<ul>
<li th:each="emp:${emps}">姓名:[[${emp}]]</li>
</ul>
</body>
</html>
2.gulimall-test-sso-server
pom
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-thymeleaf</artifactId>
</dependency>
<dependency>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
<optional>true</optional>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-redis</artifactId>
</dependency>
controller
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.redis.core.StringRedisTemplate;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.*;
import org.thymeleaf.util.StringUtils;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletResponse;
import java.util.UUID;
/**
* @Author OY
* @Date 2021/11/19
*/
@Controller
public class LoginController {
@Autowired
private StringRedisTemplate redisTemplate;
@ResponseBody
@GetMapping(value = "/userinfo")
public String userinfo(@RequestParam(value = "token")String token){
String s = redisTemplate.opsForValue().get(token);
return s;
}
@GetMapping("/login.html")
public String loginPage(@RequestParam("redirect_url") String url, Model model, @CookieValue(value = "sso_token", required = false) String sso_token) {
if(!StringUtils.isEmpty(sso_token)){
return "redirect:"+url+"?token="+sso_token;
}
model.addAttribute("url",url);
return "login";
}
@PostMapping(value = "/doLogin")
public String doLogin(@RequestParam("username") String username, @RequestParam("password") String password, @RequestParam("redirect_url") String url, HttpServletResponse response) {
// 登录成功跳转,跳回到登录页
if(!StringUtils.isEmpty(username) && !StringUtils.isEmpty(password)){
String uuid = UUID.randomUUID().toString().replace("_", "");
redisTemplate.opsForValue().set(uuid, username);
Cookie sso_token = new Cookie("sso_token", uuid);
response.addCookie(sso_token);
return "redirect:" + url + "?token=" + uuid;
}
return "login";
}
}
application.properties
# 应用名称
spring.application.name=gulimall-test-sso-server
# 应用服务 WEB 访问端口
server.port=8080
spring.redis.host=192.168.56.10
spring.redis.port=6379
login.html
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>登录页</title>
</head>
<body>
<form action="/doLogin" method="post">
用户名:<input type="text" name="username" /><br />
密码:<input type="password" name="password" /><br />
<input type="hidden" name="redirect_url" value="http://localhost:8081/employees" />
<input type="submit" value="登录">
</form>
</body>
</html>
四、效果展示
- http://client1.com:8081/employees
扫一扫
7795
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
