在IE浏览器中iframe跨域访问cookie/session丢失的解决办法

单点登录需要在需要进入的子系统B中添加一个类，用于接收A系统传过来的参数；

 

@Action(value = "outerLogin", results = {
            @Result(name = "redirect", type = "redirect", location = "${innerUrl}")
    })
    public String outerLogin() {
        try {
            if (userName != null && userName.trim().length() > 0) {
                TPolicemen policemen = policeMenService.getPolicemenByJh(userName);
                if (policemen != null) {
                    //获取当前登录用户所在IP
                    String ipStr = CommonService.getIpAddr(this.request);
                    policemen.setIpStr(ipStr);
                    this.session.put(AuthInterceptor.USER_SESSION_KEY, policemen);
                    response.setHeader("P3P", "CP=CAO PSA OUR");
                    innerUrl = outerUrl;
                    return "redirect";
                } else {
                    loginStr = "用户名或者密码错误";
                }
            }
        } catch (Exception e) {
            this.clientMessage(e.getMessage());
        }
        return "login";
    }

A系统中点击某个链接，url格式形如：

 

防止iframe跨域访问cookie/session丢失的解决办法是，在保存session后添加一段代码：即

 

response.setHeader("P3P", "CP=CAO PSA OUR");