JavaServlet使用Cookie实现单点登录

最新推荐文章于 2022-08-29 17:35:23 发布
最新推荐文章于 2022-08-29 17:35:23 发布
阅读量395 收藏 3
点赞数
分类专栏: java
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/yanglucisco/article/details/110948953
版权

JavaServlet使用Cookie实现单点登录

目标:my.authentication.normal 和my1.authentication.normal实现单点登录
login.authenticaton.normal是单独的登录验证模块,以上两个网站的用户、密码验证、是否已经登录的验证,全部由登录模块完成。因为不是一个网站,所以需要使用Apache的httpclient调用其它网站。主要是利用cookie实现单点登录。以下的filter、servlet,两个网站全部一样。
前段页面可以用login 、logout等可以用 jsp、html等实现

1、AuthenticationFilter过滤器

package normal.authentication.my;

import java.io.IOException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.apache.http.HttpEntity;
import org.apache.http.NameValuePair;
import org.apache.http.client.entity.UrlEncodedFormEntity;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.message.BasicNameValuePair;
import org.apache.http.util.EntityUtils;

import normal.authentication.common.CookieUtils;

/**
 * Servlet Filter implementation class AuthenticationFilter
 */
@WebFilter("/admin/*")
public class AuthenticationFilter implements Filter {

    /**
     * Default constructor. 
     */
    public AuthenticationFilter() {
        // TODO Auto-generated constructor stub
    }

	/**
	 * @see Filter#destroy()
	 */
	public void destroy() {
		// TODO Auto-generated method stub
	}
	/**
	 * @see Filter#doFilter(ServletRequest, ServletResponse, FilterChain)
	 */
	public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
		HttpServletRequest httpSR = (HttpServletRequest) request;
		HttpServletResponse httpRP = (HttpServletResponse) response;
		String strToken=CookieUtils.GetCookieValueByCookieName(httpSR.getCookies(), "token");
		if(strToken==null)
		{
			httpRP.sendRedirect("../login.jsp");
			return;
		}
		String result;
		CloseableHttpClient httpclient = HttpClients.createDefault();
        try {

            HttpPost httpPost = new HttpPost("http://login.authentication.normal:8080/authentication");
            List <NameValuePair> nvps = new ArrayList <NameValuePair>();
            nvps.add(new BasicNameValuePair("token", strToken));
            System.out.println("normal.my.token="+strToken);
            httpPost.setEntity(new UrlEncodedFormEntity(nvps));
            CloseableHttpResponse response2 = httpclient.execute(httpPost);

            try {
            	
                System.out.println(response2.getStatusLine());
                HttpEntity entity2 = response2.getEntity();
                 result=EntityUtils.toString(entity2);
                EntityUtils.consume(entity2);
            } finally {
                response2.close();
            }
        } finally {
            httpclient.close();
        }
        if(result.equals("islogin"))
        {
        	System.out.println("hahah isLogin");
        	chain.doFilter(request, response);
        	return;
        }
        else
        {
        	httpRP.sendRedirect("../login.jsp");
        }
	}

	/**
	 * @see Filter#init(FilterConfig)
	 */
	public void init(FilterConfig fConfig) throws ServletException {
		// TODO Auto-generated method stub
	}

}

2、Login Servlet

package normal.authentication.my;

import java.io.IOException;
import java.net.URISyntaxException;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.util.ArrayList;
import java.util.List;

import org.apache.http.HttpEntity;
import org.apache.http.NameValuePair;
import org.apache.http.client.entity.UrlEncodedFormEntity;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.message.BasicNameValuePair;
import org.apache.http.util.EntityUtils;
/**
 * Servlet implementation class Login
 */
@WebServlet("/login")
public class Login extends HttpServlet {
	private static final long serialVersionUID = 1L;

	/**
	 * @see HttpServlet#HttpServlet()
	 */
	public Login() {
		super();
		// TODO Auto-generated constructor stub
	}

	/**
	 * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse
	 *      response)
	 */
	protected void doGet(HttpServletRequest request, HttpServletResponse response)
			throws ServletException, IOException {
		// TODO Auto-generated method stub
		response.getWriter().append("Served at: ").append(request.getContextPath());
	}

	/**
	 * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse
	 *      response)
	 */
	protected void doPost(HttpServletRequest request, HttpServletResponse response)
			throws ServletException, IOException {
		
		CloseableHttpClient httpclient = HttpClients.createDefault();
        try {

            HttpPost httpPost = new HttpPost("http://login.authentication.normal:8080/login");
            List <NameValuePair> nvps = new ArrayList <NameValuePair>();
            String username = request.getParameter("username");
            nvps.add(new BasicNameValuePair("username", username));
            nvps.add(new BasicNameValuePair("password", "secret"));
            httpPost.setEntity(new UrlEncodedFormEntity(nvps));
            CloseableHttpResponse response2 = httpclient.execute(httpPost);

            try {
            	
                System.out.println(response2.getStatusLine());
                HttpEntity entity2 = response2.getEntity();
                String result=EntityUtils.toString(entity2);
                if(!result.equals("wrong"))
                {
                	Cookie ck = new Cookie("token", result);
    				ck.setDomain("authentication.normal");
    				ck.setMaxAge(600);
    				response.addCookie(ck);
    				response.getWriter().write("success");
                }
                else
                {
                	response.getWriter().write("fail");
                }
                EntityUtils.consume(entity2);
            } finally {
                response2.close();
            }
        } finally {
            httpclient.close();
        }
		
		
	}

}

3、LogOut Servlet

package normal.authentication.my;

import java.io.IOException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.apache.http.HttpEntity;
import org.apache.http.NameValuePair;
import org.apache.http.client.entity.UrlEncodedFormEntity;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.message.BasicNameValuePair;
import org.apache.http.util.EntityUtils;

import normal.authentication.common.CookieUtils;

/**
 * Servlet implementation class Logout
 */
@WebServlet("/logout")
public class Logout extends HttpServlet {
	private static final long serialVersionUID = 1L;
       
    /**
     * @see HttpServlet#HttpServlet()
     */
    public Logout() {
        super();
        // TODO Auto-generated constructor stub
    }

	/**
	 * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
	 */
	protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		// TODO Auto-generated method stub
		response.getWriter().append("Served at: ").append(request.getContextPath());
	}

	/**
	 * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
	 */
	protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		
		String cookieToken=CookieUtils.GetCookieValueByCookieName(request.getCookies(), "token");
		if(cookieToken==null)
		{
			response.getWriter().write("logout fail");
			return;
		}
		CloseableHttpClient httpclient = HttpClients.createDefault();
        try {

            HttpPost httpPost = new HttpPost("http://login.authentication.normal:8080/logout");
            List <NameValuePair> nvps = new ArrayList <NameValuePair>();
            nvps.add(new BasicNameValuePair("token", cookieToken));
            httpPost.setEntity(new UrlEncodedFormEntity(nvps));
            CloseableHttpResponse response2 = httpclient.execute(httpPost);

            try {
            	
                System.out.println(response2.getStatusLine());
                HttpEntity entity2 = response2.getEntity();
                String result=EntityUtils.toString(entity2);
                if(!result.equals("wrong"))
                {
    				response.getWriter().write("logout success");
                }
                else
                {
                	response.getWriter().write("logout fail");
                }
                // do something useful with the response body
                // and ensure it is fully consumed
                EntityUtils.consume(entity2);
            } finally {
                response2.close();
            }
        } finally {
            httpclient.close();
        }
	}

}

4、Login网站(单点登录模块)Authentication Filter

package login.authentication.normal;

import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * Servlet implementation class Authentication
 */
@WebServlet("/authentication")
public class Authentication extends HttpServlet {
	private static final long serialVersionUID = 1L;
    private UserService userService=new UserService();
    /**
     * @see HttpServlet#HttpServlet()
     */
    public Authentication() {
        super();
        // TODO Auto-generated constructor stub
    }

	/**
	 * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
	 */
	protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		// TODO Auto-generated method stub
		response.getWriter().append("Served at: ").append(request.getContextPath());
	}

	/**
	 * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
	 */
	protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		Object uuidOB=request.getParameter("token");
		if(uuidOB==null)
		{
			System.out.println("uuidOB=NULL");
			return;
		}
		String uuid=uuidOB.toString();
		System.out.println("token="+uuid);
		User user=userService.getByToken(uuid);
		if(user!=null && user.getLogin())
		{
			response.getWriter().append("islogin");
		}
		else
		{
			System.out.println("not login login.normal网站");
			response.getWriter().append("notlogin");
		}
	}

}

5、Login网站 login Servlet

package login.authentication.normal;

import java.io.FileWriter;
import java.io.IOException;
import java.util.UUID;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

/**
 * Servlet implementation class login
 */
@WebServlet("/login")
public class login extends HttpServlet {
	private static final long serialVersionUID = 1L;
	private final UserService userService=new UserService();
    /**
     * Default constructor. 
     */
    public login() {
        // TODO Auto-generated constructor stub
    }

	/**
	 * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
	 */
	protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		String token=request.getParameter("token");
		
	}

	/**
	 * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
	 */
	protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		String username= request.getParameter("username");
		System.out.println(username);
		User user=userService.getByName(username);
		if(user!=null)
		{
			String uuid= UUID.randomUUID().toString().replaceAll("-","");
			user.setUuid(uuid);
			user.setLogin(true);
			response.getWriter().write(uuid);
		}
		else
		{
			response.getWriter().write("wrong");
		}
	}

}

6、Login网站 Logout Servlet

package login.authentication.normal;

import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * Servlet implementation class Logout
 */
@WebServlet("/logout")
public class Logout extends HttpServlet {
	private static final long serialVersionUID = 1L;
    private final UserService userService=new UserService();
    /**
     * @see HttpServlet#HttpServlet()
     */
    public Logout() {
        super();
        // TODO Auto-generated constructor stub
    }

	/**
	 * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
	 */
	protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		// TODO Auto-generated method stub
		response.getWriter().append("Served at: ").append(request.getContextPath());
	}

	/**
	 * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
	 */
	protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		String token=request.getParameter("token").toString();
		User u=userService.getByToken(token);
		if(u==null)
		{
			response.getWriter().append("logout fail");
		}
		else
		{
			u.setLogin(false);
			response.getWriter().append("logoutsuccess");
		}
	}

}

7、Login网站 User类

package login.authentication.normal;

public class User {
	private String name;
	private String uuid;
	private boolean login=false;
	
	public boolean getLogin() {
		return login;
	}

	public void setLogin(boolean isLogin) {
		this.login = isLogin;
	}

	public String getUuid() {
		return uuid;
	}

	public void setUuid(String uuid) {
		this.uuid = uuid;
	}

	public String getName() {
		return name;
	}

	public void setName(String name) {
		this.name = name;
	}

	public User(String name)
	{
		this.name=name;
	}
}

8、Login网站 UserService类

package login.authentication.normal;

import java.util.ArrayList;
import java.util.List;

public class UserService {
	static private List<User> users;
	static {
		users = new ArrayList<User>();
		users.add(new User("ZhangSan"));
		users.add(new User("LiSi"));
	}

	public User getByName(String username) {
		try {
			System.out.println("UserService.getByName()方法,参数:username="+username);
			System.out.println("UserCount:"+users.size());
			return users.stream().filter(a -> a.getName().equals(username)).findFirst().get();
		} catch (Exception ex) {
			return null;
		}
	}

	public User getByToken(String uuid) {
		try {
			System.out.println("UserService.getByToken():"+uuid);
			for(User u:users)
			{
				String userUUID=u.getUuid();
				if(userUUID!=null && userUUID.equals(uuid))
				{
					return u;
				}
			}
			return null;
		} catch (Exception ex) {
			ex.printStackTrace();
			System.out.println("UserService.getByToken() user==null");
			return null;
		}
	}

}
carrot_hlb_cxy
关注
  • 0
    点赞
  • 3
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
单点登录原理与简单实现
weixin_30851409的博客
11-29 8549
(2017-09-22更新)GitHub:https://github.com/sheefee/simple-sso 一、单系统登录机制 1、http无状态协议   web应用采用browser/server架构,http作为通信协议。http是无状态协议,浏览器的每一次请求,服务器会独立处理,不与之前或之后的请求产生关联,这个过程用下图说明,三次请求/响应对之间没有任何联系   但这...
Java web使用Cookie的自动登录
weixin_43730203的博客
09-20 2038
1.在Java web 项目里建立一个 login.jsp 页面,用于编写登录页面 <%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%> <!DOCTYPE html> <html> <head> <meta charset="UTF-8"> <title>Insert title here</title
随手记录第一话 -- Java中的单点登录都有哪些实现方式?
生生不息,则源源不断
07-20 1585
在早期开发中,一家公司可能只有一个Server,什么业务都写在一起,也就是早期的Servlet。随着业务的发展,逐渐的新增了很多的业务Server,这时候每个Server都要进行注册登录的话,那对用户来说简直是奔溃级的体验。一次注册、一次登录并不困难,但如果每次都登录,应该没什么用户会选择这个系列的产品了吧!单点登录实现的难点,其实就是任意服务怎么实现根据token串获取用户信息共享,这里记录一下之前用到过的实现方式redis缓存,毫无疑问肯定是最常见的mongo、mysql等db存储,公共库。......
单点登录java
weixin_58314835的博客
07-26 3080
单点登录简单实现
代码审查Collaborator的单点登录——通过Java Servlet配置单点登录
bojing2272的博客
08-20 232
Collaborator的代码审查可以为开发测试人员和管理者提供帮助,生产出高质量的代码。团队可以用它在一个透明、共同的框架中进行同行代码审查、用户示例和测试计划的编辑。本文介绍如何使用Java servlet为Tomcat在SSO服务器和Collaborator之间建立单点登录。要了解单点登录的一般原理,请参阅单点登录。下面我们将介绍如何在Collaborator和Aper...
帆软报表连接不上数据库
一份耕耘,一分收获
08-29 4099
帆软报表连接不上数据库
Java Servlet Cookie登录状态检测
_Adler.
11-10 338
index.jsp &lt;%--   Created by IntelliJ IDEA.   User: adler   Date: 2018/11/9   Time: 7:09 PM   To change this template use File | Settings | File Templates. --%&gt;&lt;%@ pagecontentType="text/html;...
单点登录&单点登出(Cookie+ticket)
05-16
在本项目中,"单点登录&单点登出(Cookie+ticket)"是通过Servlet技术实现的,利用Cookie和Ticket这两种机制来处理SSO的过程。 Cookie是Web应用中用于跟踪用户状态的一种常见方法。在SSO场景下,当用户首次登录SSO...
简单实现web单点登录
01-27
本教程将指导你如何使用J2EE技术,特别是Servlet、JSP以及Filter,来简单实现一个Web单点登录系统。 首先,我们要理解SSO的工作原理。SSO的核心是共享用户认证信息。当用户在系统A中登录后,系统会生成一个安全的...
帆软拦截器单点登录.docx
12-26
在这个场景中,我们将讨论如何使用 Java 拦截器来实现帆软报表系统(FineReport)与HIS系统(或其他系统)的单点登录集成。 1. **Java 拦截器原理** Java 拦截器是基于 Java Servlet API 的 Filter 技术,它可以在...
一个简单的jsp+servlet单点登录项目
03-28
一个简单的jsp+servlet单点登录项目
jsp如何实现单点登录
04-13
**JSP实现单点登录(Single Sign-On,SSO)详解** 在Web应用程序中,单点登录(Single Sign-On,SSO)是一种便捷的身份验证机制,允许用户在一次登录后,就能访问多个相互关联的应用系统,而无需再次输入凭证。在...
sso单点登录demo
11-05
这个“sso单点登录demo”是基于Java Servlet技术实现的示例项目,旨在帮助开发者理解SSO的工作原理和实现方式。 在SSO中,通常涉及三个主要组件:认证服务器(SSO Server)、服务提供者(Service Provider)和用户...
Servlet+Cookie实现自动登录
全世界无产者联合起来
11-28 2278
项目总结 文件列表 login.jsp(登陆页面)、success.jsp(登陆成功页面)、LoginServlet.java实现步骤 第一步 编写登录页面login.jsp和登录成功页面success.jsp。把表单提交给servlet的doPost()方法。 <title>登录</title> </head> <body> <form action="hello" method="post"> 用户名:<input name =
单点登录的3中方式
weixin_34192732的博客
08-30 1024
2019独角兽企业重金招聘Python工程师标准>>> ...
实现单点登录三种常见方式
qq_44895262的博客
07-07 3577
单点登录实现方式
SpringSecurity中基于角色或权限进行访问控制
xzy的博客
01-21 1086
文章目录SpringSecurity中基于角色或权限进行访问控制1.在SpringSecurity配置类中的configure(HttpSecurity http)中的代码2.UserDetailService实现类中的代码3.SpringSecurity配置类中的configure(AuthenticationManagerBuilder auth)方法4.浏览器中的验证登录页面5.没有权限或角色的时候浏览器中的禁止页面 SpringSecurity中基于角色或权限进行访问控制 1.在SpringSecu
关于sso单点登录以及通过路径直接访问Servlet
dianjixiao4363的博客
05-17 281
1.单点登录代码 package cn.sunline.filter; import java.io.IOException; import javax.servlet.Filter;import javax.servlet.FilterChain;import javax.servlet.FilterConfig;import javax.servlet.ServletEx...
【202309】毕马威-中国第六届领先汽车科技50_109页.pdf
最新发布
07-28
【202309】毕马威-中国第六届领先汽车科技50_109页.pdf
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值