分配单点登录sessionId,不使用session获取会话id,改为cookie,防止session丢失
This commit is contained in:
shuzheng
parent
71eb9453be
commit
47a613f7ae
|
|
@ -1,5 +1,6 @@
|
|||
package com.zheng.upms.client.filter;
|
||||
|
||||
import com.zheng.common.util.CookieUtil;
|
||||
import com.zheng.common.util.RedisUtil;
|
||||
import org.apache.commons.lang.StringUtils;
|
||||
import org.apache.http.HttpEntity;
|
||||
|
|
@ -29,7 +30,8 @@ import java.util.List;
|
|||
*/
|
||||
public class SSOFilter implements Filter {
|
||||
|
||||
private static Logger _log = LoggerFactory.getLogger(SSOFilter.class);
|
||||
private final static Logger _log = LoggerFactory.getLogger(SSOFilter.class);
|
||||
private final static String ZHENG_UPMS_SSO_CLIENT_SESSION_ID = "zheng-upms-sso-client-session-id";
|
||||
|
||||
private String SYSTEM_NAME = "system_name";
|
||||
private String SSO_SERVER_URL = "sso_server_url";
|
||||
|
|
@ -44,10 +46,15 @@ public class SSOFilter implements Filter {
|
|||
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
|
||||
HttpServletRequest request = (HttpServletRequest) servletRequest;
|
||||
HttpServletResponse response = (HttpServletResponse) servletResponse;
|
||||
HttpSession session = request.getSession();
|
||||
// 分配单点登录sessionId,不使用session获取会话id,改为cookie,防止session丢失
|
||||
String sessionId = CookieUtil.getCookie(request, ZHENG_UPMS_SSO_CLIENT_SESSION_ID);
|
||||
if (StringUtils.isEmpty(sessionId)) {
|
||||
sessionId = request.getSession().getId();
|
||||
CookieUtil.setCookie(response, ZHENG_UPMS_SSO_CLIENT_SESSION_ID, sessionId);
|
||||
}
|
||||
|
||||
// 已登录
|
||||
if (!StringUtils.isEmpty(RedisUtil.get(session.getId() + "_token"))) {
|
||||
if (!StringUtils.isEmpty(RedisUtil.get(sessionId + "_token"))) {
|
||||
filterChain.doFilter(request, response);
|
||||
return;
|
||||
}
|
||||
|
|
@ -75,7 +82,7 @@ public class SSOFilter implements Filter {
|
|||
String result = EntityUtils.toString(httpEntity);
|
||||
if (result.equals("success")) {
|
||||
// token校验正确,创建局部会话
|
||||
RedisUtil.set(session.getId() + "_token", token);
|
||||
RedisUtil.set(sessionId + "_token", token);
|
||||
// 移除url中的token参数
|
||||
// TODO
|
||||
// 返回请求资源
|
||||
|
|
|
|||
|
|
@ -1,15 +1,18 @@
|
|||
package com.zheng.upms.admin.controller;
|
||||
|
||||
import com.zheng.common.util.CookieUtil;
|
||||
import com.zheng.common.util.RedisUtil;
|
||||
import org.apache.commons.lang.StringUtils;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.stereotype.Controller;
|
||||
import org.springframework.ui.ModelMap;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RequestMethod;
|
||||
import org.springframework.web.bind.annotation.ResponseBody;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import javax.servlet.http.HttpSession;
|
||||
import java.net.URLEncoder;
|
||||
import java.util.ArrayList;
|
||||
|
|
@ -24,8 +27,9 @@ import java.util.UUID;
|
|||
@RequestMapping("/sso")
|
||||
public class SSOController {
|
||||
|
||||
private static Logger _log = LoggerFactory.getLogger(SSOController.class);
|
||||
private static List<String> apps = new ArrayList<>();
|
||||
private final static Logger _log = LoggerFactory.getLogger(SSOController.class);
|
||||
private final static String ZHENG_UPMS_SSO_SERVER_SESSION_ID = "zheng-upms-sso-server-session-id";
|
||||
private final static List<String> apps = new ArrayList<>();
|
||||
{
|
||||
apps.add("zheng-cms-job");
|
||||
apps.add("zheng-cms-web");
|
||||
|
|
@ -42,24 +46,28 @@ public class SSOController {
|
|||
* @throws Exception
|
||||
*/
|
||||
@RequestMapping("")
|
||||
public String index(HttpServletRequest request) throws Exception {
|
||||
HttpSession session = request.getSession();
|
||||
|
||||
public String index(HttpServletRequest request, HttpServletResponse response) throws Exception {
|
||||
String system_name = request.getParameter("system_name");
|
||||
String backurl = request.getParameter("backurl");
|
||||
|
||||
// 判断请求认证系统是否注册 TODO
|
||||
// 判断请求认证系统是否注册
|
||||
if (StringUtils.isEmpty(system_name) || !apps.contains(system_name)) {
|
||||
_log.info("未注册的系统:{}", system_name);
|
||||
return "/404";
|
||||
}
|
||||
// 分配单点登录sessionId,不使用session获取会话id,改为cookie,防止session丢失
|
||||
String sessionId = CookieUtil.getCookie(request, ZHENG_UPMS_SSO_SERVER_SESSION_ID);
|
||||
if (StringUtils.isEmpty(sessionId)) {
|
||||
sessionId = request.getSession().getId();
|
||||
CookieUtil.setCookie(response, ZHENG_UPMS_SSO_SERVER_SESSION_ID, sessionId);
|
||||
}
|
||||
// 判断是否存在全局会话
|
||||
// 未登录
|
||||
if (StringUtils.isEmpty(RedisUtil.get(session.getId() + "_token"))) {
|
||||
if (StringUtils.isEmpty(RedisUtil.get(sessionId + "_token"))) {
|
||||
return "redirect:/sso/login?backurl=" + URLEncoder.encode(backurl, "utf-8");
|
||||
}
|
||||
// 已登录
|
||||
String token = RedisUtil.get(session.getId() + "_token");
|
||||
String token = RedisUtil.get(sessionId + "_token");
|
||||
String redirectUrl = backurl;
|
||||
if (backurl.contains("?")) {
|
||||
redirectUrl += "&token=" + token;
|
||||
|
|
@ -75,7 +83,9 @@ public class SSOController {
|
|||
* @return
|
||||
*/
|
||||
@RequestMapping(value = "/login", method = RequestMethod.GET)
|
||||
public String login() {
|
||||
public String login(HttpServletRequest request) {
|
||||
String sessionId = CookieUtil.getCookie(request, ZHENG_UPMS_SSO_SERVER_SESSION_ID);
|
||||
_log.info("认证中心sessionId={}", sessionId);
|
||||
return "/sso/login";
|
||||
}
|
||||
|
||||
|
|
@ -85,9 +95,7 @@ public class SSOController {
|
|||
* @return
|
||||
*/
|
||||
@RequestMapping(value = "/login", method = RequestMethod.POST)
|
||||
public String login(HttpServletRequest request) {
|
||||
HttpSession session = request.getSession();
|
||||
|
||||
public String login(HttpServletRequest request, HttpServletResponse response, ModelMap modelMap) {
|
||||
String backurl = request.getParameter("backurl");
|
||||
String username = request.getParameter("username");
|
||||
String password = request.getParameter("password");
|
||||
|
|
@ -99,9 +107,19 @@ public class SSOController {
|
|||
_log.info("密码不能为空!");
|
||||
return "/404";
|
||||
}
|
||||
// 分配单点登录sessionId,不使用session获取会话id,改为cookie,防止session丢失
|
||||
String sessionId = CookieUtil.getCookie(request, ZHENG_UPMS_SSO_SERVER_SESSION_ID);
|
||||
if (StringUtils.isEmpty(sessionId)) {
|
||||
sessionId = request.getSession().getId();
|
||||
CookieUtil.setCookie(response, ZHENG_UPMS_SSO_SERVER_SESSION_ID, sessionId);
|
||||
}
|
||||
if (StringUtils.isEmpty(sessionId)) {
|
||||
sessionId = request.getSession().getId();
|
||||
CookieUtil.setCookie(response, ZHENG_UPMS_SSO_SERVER_SESSION_ID, sessionId);
|
||||
}
|
||||
// 默认验证帐号密码正确,创建token
|
||||
String token = UUID.randomUUID().toString();
|
||||
RedisUtil.set(session.getId() + "_token", token, 2 * 60 * 60);
|
||||
RedisUtil.set(sessionId + "_token", token, 2 * 60 * 60);
|
||||
RedisUtil.set(token, token, 2 * 60 * 60);
|
||||
// 回调子系统
|
||||
String redirectUrl = backurl;
|
||||
|
|
|
|||
Loading…
Reference in New Issue