拦截器实现单点登录功能(简易)
版权所有,不得转载!
通过拦截器实现单点登录的功能:可以实现登录验证,网页关闭后不用重新验证,一点登录多网点授权
环境框架:spring mvc
设计流程图:
XML配置:
<?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:p="http://www.springframework.org/schema/p" xmlns:aop="http://www.springframework.org/schema/aop" xmlns:context="http://www.springframework.org/schema/context" xmlns:mvc="http://www.springframework.org/schema/mvc" xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.2.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.2.xsd http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-3.2.xsd http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-3.2.xsd http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.2.xsd"> <!-- 拦截器配置 --> <mvc:interceptors> <mvc:interceptor>
<!--拦截路径--> <mvc:mapping path="/*.do" />
<!----> <mvc:exclude-mapping path="/*/*.jsp" /> <bean class="com.tea.agent.LoginInterceptor" /> </mvc:interceptor> </mvc:interceptors> </beans>
拦截路径后走拦截器判断sessionid是否有效,判断票据是否有效!有效继续操作,无效跳转用户登录系统
拦截器Interceptor代码:
/** * 单点登录拦截器 * @author Mr song * */ @Service public class LoginInterceptor implements HandlerInterceptor{ @Autowired private SessionService sessionService; @Autowired private TicketService ticketService; @Override public void afterCompletion(HttpServletRequest arg0, HttpServletResponse arg1, Object arg2, Exception arg3) throws Exception { // TODO Auto-generated method stub } @Override public void postHandle(HttpServletRequest arg0, HttpServletResponse response, Object arg2, ModelAndView arg3) throws Exception { // TODO Auto-generated method stub } @Override public boolean preHandle(HttpServletRequest request,HttpServletResponse response, Object arg2) throws Exception { // TODO Auto-generated method stub HttpSession httpSession=request.getSession(); String sessionId=httpSession.getId();//获取session id //将票据添加到cookie中-----------start----------------------- //1获取传参票据 String ticket=""; if(request.getParameter("ticket")!=null)
//获取通过get传递票据方法 ticket=request.getParameter("ticket").toString(); //2从cookie中获取票据 String cookieTicket=""; Cookie[] cookies = request.getCookies(); if (cookies != null) { for (Cookie cookie : cookies) { if ("ticket".equals(cookie.getName())) { cookieTicket=cookie.getValue(); } } } Cookie foo; if(ticket!=null&&!"".equals(ticket)){ foo = new Cookie("ticket",ticket);
//设置cookie的最大保存时间 foo.setMaxAge(3600); response.addCookie(foo); }else if((cookieTicket!=null&&!"".equals(cookieTicket))){ foo = new Cookie("ticket",cookieTicket);
//设置cookie的最大保存时间 foo.setMaxAge(3600); response.addCookie(foo); } //将票据添加到cookie中-----------end----------------------- //获取域名 StringBuffer url = request.getRequestURL();
//域名截取 baidu.com/name/age截取后为baidu.com String tempContextUrl= url.delete(url.length() - request.getRequestURI().length(), url.length()).append("/").toString();
//创建实体记录session 插入库中 POJOSession session=new POJOSession(); session.setSession(sessionId); if(sessionId!=null){ //1.查询当前session id是否存在; boolean flag=sessionService.validateByHTTPSessionId(sessionId); if(idFlag){ //session存在 return true; }else{ if(ticket!=null&&!"".equals(ticket)){ //2.1session id不存在 验证票据; boolean ticketFlag=ticketService.validateTicket(ticket); if(ticketFlag){ //1.2.2 票据有效,将session id插入表中; System.out.println("票据有效,将session id插入表中"); sessionService.creatSession(session); //跳转的页面 return true; }else{ System.out.println("票据无效,重定向SSOserver登录页用户提交身份验证请求"); //1.2.3票据无效,重定向SSOserver登录页用户提交身份验证请求 response.sendRedirect("url/verification?tempContextUrl="+tempContextUrl); return false; } }else if(cookieTicket!=null&&!"".equals(cookieTicket)){ //2.1session id不存在 验证票据; boolean ticketFlag=ticketService.validateTicket(cookieTicket); if(ticketFlag){ //1.2.2 票据有效,将session id插入表中; System.out.println("票据有效,将session id插入表中"); sessionService.creatSession(session); //跳转的页面 return true; }else{ System.out.println("票据无效,重定向SSOserver登录页用户提交身份验证请求"); //1.2.3票据无效,重定向SSOserver登录页用户提交身份验证请求 response.sendRedirect("url/verification?tempContextUrl="+tempContextUrl); return false; } }else{ System.out.println("票据无效,重定向SSOserver登录页用户提交身份验证请求"); //1.2.3票据无效,重定向SSOserver登录页用户提交身份验证请求 response.sendRedirect("url/verification?tempContextUrl="+tempContextUrl); return false; } } } return false; } }
用户登录系统办法sessionid是否有效,有效发放票据,无效跳转登录首页
Controller层验证方法
/** * 单点登录验证 * * @return ModelAndView */ @RequestMapping(method = RequestMethod.GET, value = "/verification") private ModelAndView verification(HttpServletRequest request,HttpServletResponse response, HttpSession httpsession, @ModelAttribute("tempContextUrl") String tempContextUrl) { String sessionId = httpsession.getId();// 获取session id ModelAndView mv = new ModelAndView(); httpsession.setAttribute("tempContextUrl", tempContextUrl); if (sessionId != null) { // 1.查询当前session id是否存在; boolean idFlag = sessionService.validateByHTTPSessionId(sessionId); if (idFlag) { // 1.1session id存在 ; // 生成票据 String ticket = ticketService.creatTicket(sessionId);// 将票据传到量表 // 判断域名,返回相对页 mv.setView(new RedirectView("url?ticket="+ticket)); } else { // 2.1session id不存在 // 重定向SSOserver登录页用户提交身份验证请求,将域名传递到登录页 mv.setView(new InternalResourceView("/WEB-INF/login/login.jsp?")); } } return mv; }
用户登录验证,插入sessionid ,创建票据
Controller层登录验证方法
/** * 用户登录验证 * * @return */ @RequestMapping(method = RequestMethod.POST, value = "/login") private ModelAndView login(@ModelAttribute("pojoUser") PojoUser pojoUser, HttpServletRequest request, HttpServletResponse response) { String sessionId = request.getSession().getId();// 获取session id PojoSession session = new PojoSession(); session.setSession(sessionId); // 获取域名 String tempContextUrl=""; if(httpsession.getAttribute("tempContextUrl")!=null){ tempContextUrl=httpsession.getAttribute("tempContextUrl").toString(); } ModelAndView mv = new ModelAndView(); PojoAssertion assertion = new PojoAssertion(); assertion.setSecurityDomainName(tempContextUrl); assertion.setSsoSessionId(sessionId); // 验证用户信息 if (userAccountService.validateUserAccount(PojoUserAccount) != null) { // 插入session id sessionService.creatSession(session); // 生成票据 String ticket = ticketService.creatTicket(sessionId); // 断言信息绑定A站点 assertionService.creatAssertion(assertion); // 判断域名跳转页面 // 跳转到量表 mv.setView(new RedirectView("url?ticket=" + ticket ))); } else { mv.setView(new InternalResourceView("/WEB-INF/login/login.jsp")); } return mv; }