SSO单点登录一（Spring+SpringMVC+固定密码）实现的简单的同域SSOdemo

最新推荐文章于 2022-10-08 15:22:13 发布

雨轩_wscrf

最新推荐文章于 2022-10-08 15:22:13 发布

阅读量707

点赞数

分类专栏：后台框架

后台框架专栏收录该内容

70 篇文章 0 订阅

订阅专栏

首先导入spring+springMVC的核心jar文件

编写web.xml文件

[html] view plain copy

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" id="WebApp_ID" version="3.0">
<display-name>SSO-First-同域</display-name>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/classes/applicationContext.xml</param-value>
</context-param>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<servlet>
<servlet-name>springmvc</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/classes/springmvc-servlet.xml</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>springmvc</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
</web-app>

编写spring和springmvc的配置文件

[html] view plain copy

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:aop="http://www.springframework.org/schema/aop"
xmlns:context="http://www.springframework.org/schema/context" xmlns:tx="http://www.springframework.org/schema/tx"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/aop
http://www.springframework.org/schema/aop/spring-aop.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context.xsd
http://www.springframework.org/schema/tx
http://www.springframework.org/schema/tx/spring-tx.xsd
http://www.springframework.org/schema/mvc
http://www.springframework.org/schema/mvc/spring-mvc.xsd">
<mvc:annotation-driven />
<context:component-scan base-package="com.lcl" />
<bean
class="org.springframework.web.servlet.view.InternalResourceViewResolver">
<property name="viewClass"
value="org.springframework.web.servlet.view.JstlView" />
<property name="suffix" value=".jsp"></property>
</bean>
<mvc:interceptors>
<mvc:interceptor>
<mvc:mapping path="/index/**"/>
<bean class="com.lcl.interceptor.MyInteceptor"></bean>
</mvc:interceptor>
</mvc:interceptors>
</beans>

配置拦截器

[java] view plain copy

package com.lcl.interceptor;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
import com.lcl.utils.CheckLogin;
public class MyInteceptor extends HandlerInterceptorAdapter{
@Override
public synchronized boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
throws Exception {
Cookie[] cookies = request.getCookies();
//System.out.println("进入Interceptor");
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
<span style="color:#ff0000;"> String currPath = basePath.substring(0, basePath.length()-1) + request.getServletPath();</span>
//System.out.println(currPath);
if(null != cookies){
for(Cookie cookie : cookies){
if("Login".equals(cookie.getName())){
String value = cookie.getValue();
String[] split = value.split("_");
if(CheckLogin.login(split[0],split[1]))
return true;
}
}
}
String username = request.getParameter("username");
String password = request.getParameter("password");
if(null != username && null != password){
if(CheckLogin.login(username, password)){
Cookie ck = new Cookie("Login",username+"_"+password);
<span style="color:#ff0000;">ck.setPath("/");//设置到共有的根路径下</span>
ck.setMaxAge(60);
response.addCookie(ck);
return true;
}
}
<span style="color:#ff0000;">request.getRequestDispatcher("/login.jsp?gotoUrl="+currPath).forward(request, response);</span>
return false;
}
}

主要通过cookie来实现的单点登录同域下只要将cookie放入根目录下即可这是最容易实现的方式以后将补充剩余两种分别是同父域SSO和完全不完全域SSO

编写登录方法这里简单登录未通过数据库

[java] view plain copy

package com.lcl.utils;
public class CheckLogin {
private static final String USERNAME="admin";
private static final String PASSWORD="admin";
public static boolean login(String username, String password) {
if(USERNAME.equals(username)
&& PASSWORD.equals(password))
return true;
return false;
}
}

使用Controller完成路径的跳转这里只有两个测试用的

[java] view plain copy

package com.lcl.controller;
import org.springframework.stereotype.Component;
import org.springframework.web.bind.annotation.RequestMapping;
@Component("mycontroller")
@RequestMapping("/index")
public class MyController {
@RequestMapping("index1")
public String index(){
//System.out.println("进入MyController");
return "/index";
}
@RequestMapping("index2")
public String index2(){
return "/index2";
}
}

同域下的SSO登录的核心思想就是在请求资源主页面的时候通过拦截器拦截请求并验证Cookie的合法性若cookie为空或者不合法则跳转登录界面

若cookie合法则通过拦截器完成请求同域下SSO相对简单重点就是将cookie放在跟目录下保证多个资源页面能够共享这个cookie完成登录

[html] view plain copy

<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<%
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<base href="<%=basePath%>">
<title>SSO单点登录页面一</title>
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="0">
<meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
<meta http-equiv="description" content="This is my page">
<!--
<link rel="stylesheet" type="text/css" href="styles.css">
-->
</head>
<body>
SSO单点登录页面一<br/>
</body>
</html>

[html] view plain copy

<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<%
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<base href="<%=basePath%>">
<title>SSO单点登录页面二</title>
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="0">
<meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
<meta http-equiv="description" content="This is my page">
<!--
<link rel="stylesheet" type="text/css" href="styles.css">
-->
</head>
<body>
SSO单点登录页面二<br>
</body>
</html>

[html] view plain copy

<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<%
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<base href="<%=basePath%>">
<title>登录</title>
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="0">
<meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
<meta http-equiv="description" content="This is my page">
<!--
<link rel="stylesheet" type="text/css" href="styles.css">
-->
</head>
<body>
<form action="${gotoUrl}" method="get">
<span>用户名：</span><input type="text" name="username"/>
<span>密码：</span><input type="password" name="password"/>
<input type="submit" value="登录">
<input type="hidden" value="${gotoUrl}">
</form>
</body>
</html>

雨轩_wscrf

关注

0
点赞
踩
0

收藏

觉得还不错? 一键收藏
1
评论
SSO单点登录一（Spring+SpringMVC+固定密码）实现的简单的同域SSOdemo

首先导入spring+springMVC的核心jar文件编写web.xml文件[html] view plain copy xml version="1.0" encoding="UTF-8"?> web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.
复制链接

扫一扫

专栏目录