背景:两台服务器的部署的两个项目,能够从一个项目登录,并且登录后不需要输入账户密码就能够进入另一台服务器,也就是实现 所谓的单点登录。由于我们项目的权限赋予是在登录时候实现的,所以为了防止单点登录时,相关权限的丢失,这里决定采用伪登录来实现单点,也就是实现一次假的登录。
- 首先我们从第一个服务器的jsp页面发出请求,这里我们请求参数采用form表单的形式提交,因为form表单有post提交方式,可以隐蔽我们传递的参数,较为安全。
function enter(t_loginCode,t_passWord){
var dlform = document.createElement('form');
dlform.style = "display:none;";
dlform.method = 'post';
dlform.action = "http://1.1.1.1:8080/auto";
dlform.target = 'callBackTarget';
//账户
var hdnFilePath = document.createElement('input');
hdnFilePath.type = 'hidden';
hdnFilePath.name = 'loginName';
hdnFilePath.value = t_loginCode;
dlform.appendChild(hdnFilePath);
//密码
var hdnFilePath1 = document.createElement('input');
hdnFilePath1.type = 'hidden';
hdnFilePath1.name = 'password';
hdnFilePath1.value = t_passWord;
dlform.appendChild(hdnFilePath1);
//访问后台的标识参数
var hdnFilePath2 = document.createElement('input');
hdnFilePath2.type = 'hidden';
hdnFilePath2.name = 't_enterType';
hdnFilePath2.value = "0";
dlform.appendChild(hdnFilePath2);
document.body.appendChild(dlform);
dlform.submit();
document.body.removeChild(dlform);
}
- 然后再第二台服务器的项目controller接收请求,并且转入伪登录界面
@RequestMapping("auto")
public ModelAndView auto(String loginName,String password, HttpServletRequest request) {
ModelMap model = new ModelMap();
model.put("loginName", loginName);
model.put("password", password);
model.put("enterType", request.getParameter("t_enterType"));
model.put("hydropowerId", request.getParameter("t_hydropowerId"));
request.getSession().setAttribute("enterType"+loginName, request.getParameter("t_enterType"));
request.getSession().setAttribute("hydropowerId"+loginName, request.getParameter("t_hydropowerId"));
return new ModelAndView("system/auto", model);
}
- 伪登录界面
对于有验证码的这里可以给个写死的验证码,后台配置便可
<%@ page language="java" pageEncoding="UTF-8" contentType="text/html; charset=UTF-8"%>
<%
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
%>
<!DOCTYPE html>
<html lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1" />
<meta charset="utf-8" />
<title>xxxx</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0" />
<link rel="stylesheet" href="<%=basePath%>resources/supervision/css/bootstrap.css" />
<link rel="stylesheet" href="<%=basePath%>resources/supervision/css/login.css" />
<script type="text/javascript" src="<%=basePath%>resources/ace/assets/js/jquery.min.js" ></script>
<script type="text/javascript" src="<%=basePath%>resources/js/MD5.js"></script>
<script type="text/javascript">
$(function(){
if("${loginName}"!=""&&"${password}"!=""){
login("${loginName}","${password}");
};
});
//登陆
function login(t_loginCode,t_passWord) {
var url="<%=basePath%>j_spring_security_check";
$.post( url, {
//rand : t_checkcode,
j_username : t_loginCode,
j_password : t_passWord,
t_checkcode:"9999"
}, function(data) {
if (data.success) {
//存Cookie记录
location.href = "<%=basePath%>admin/index";
}
});
}
</script>
</head>
<body>
正在进行登录,请稍等...
</body>
</html>
然后正常跳到登录的controller便可