最近在使用shiro可以免密登陆,还是方便与其它web应用集成的。同样Domino也要与其它第三方集成,如微信、钉钉、集成企业应用等。Domino自带的LtpaToken是实现相当安全、便捷实现SSO功能。通过几篇文章综合分析实现,可参考。SSO配置实例、Domino单点登录、剖析LtpaToken。
以下是测试的几张图片,可以参考交流:
function sso(){
var b=window.location.href;//全路径
var URL=b.substring(0,b.indexOf('.nsf')+4);
$.ajax({
url: URL+"/SSO?openagent&username="+escape($('#username').val())+"&id="+Math.random()
, dataType:"json"
, error:function(errTXT){
alert(errTXT);
}
, success:function(json){
var Days = 30;
var exp = new Date();
exp.setTime(exp.getTime() + Days*24*60*60*1000);
var token = json.token;
if(token!=""){
// 创建单点cookie
document.cookie = "LtpaToken="+ token + ";expires=" + exp.toGMTString() + ";path=/;domain=.whs.com";
location.href = "http://www.whs.com/xpages/Bootstrap_demo.nsf/x_index.xsp";
}
}
});
}
$(function(){
$("#token").click(function(){
sso();
});
})
public void NotesMain() {
Session session = null;
AgentContext agentContext = null;
Document doc = null;
PrintWriter pw = null;
String token = "";
String sReturn = "false";
String sJson = "";
try {
pw = getAgentOutput();
session = getSession();
agentContext = session.getAgentContext();
doc = agentContext.getDocumentContext();
String sPara = doc.getItemValueString("query_string_decoded");
// 单点用户名loginName
//String canonicalUser = sPara.substring(sPara.indexOf("sPara=")+6);
Hashtable ht = parseQueryString(sPara);
String canonicalUser=(String) ht.get("username");
//canonicalUser = "CN=ADMIN/O=oas";
System.out.println("username-->"+canonicalUser);
// 单点起始时间
Date tokenCreation = new Date(new Date().getTime() - 60000 * 10);
String timeLimit="720";
// 单点到期时间
Date tokenExpires = new Date(tokenCreation.getTime() + Long.parseLong(timeLimit) * 60000);
// domino SSO 密钥(domino SSO配置文档的LTPA_DominoSecret域值)
String dominoSecret = "XbX+********w=";
token = LtpaToken.generate(canonicalUser, tokenCreation, tokenExpires,"abc","def", dominoSecret).getLtpaToken();
//System.out.println("token==ssobak==="+token);
//if(LtpaToken.isValid()){
sReturn = "true";
//}else{
// sReturn = "false";
//}
//DominoTokenParser tokenParser = new DominoTokenParser();
//System.out.println("用户名:"+tokenParser.parse(token,dominoSecret));
} catch(Exception e) {
e.printStackTrace();
}finally{
pw.println("Content-type: text/plain;charset=GB2312");
sJson = "{\"oResult\":\""+sReturn+"\",\"token\":\""+token+"\"}";
System.out.println("sJson="+sJson);
pw.println(sJson);
//回收domino对象
fnRecycle(doc);
fnRecycle(agentContext);
fnRecycle(session);
if(pw!=null){
pw.close();
}
}
}
---------------------
作者:weijia3624
来源:CSDN
原文:https://blog.csdn.net/weijia3624/article/details/89058739
版权声明:本文为博主原创文章,转载请附上博文链接!