From 47a613f7ae38f62f44fbd49b4c7d85b1c991b023 Mon Sep 17 00:00:00 2001 From: shuzheng <469741414@qq.com> Date: Sat, 31 Dec 2016 22:57:41 +0800 Subject: [PATCH] =?UTF-8?q?=E5=88=86=E9=85=8D=E5=8D=95=E7=82=B9=E7=99=BB?= =?UTF-8?q?=E5=BD=95sessionId=EF=BC=8C=E4=B8=8D=E4=BD=BF=E7=94=A8session?= =?UTF-8?q?=E8=8E=B7=E5=8F=96=E4=BC=9A=E8=AF=9Did=EF=BC=8C=E6=94=B9?= =?UTF-8?q?=E4=B8=BAcookie=EF=BC=8C=E9=98=B2=E6=AD=A2session=E4=B8=A2?= =?UTF-8?q?=E5=A4=B1?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../zheng/upms/client/filter/SSOFilter.java | 15 +++++-- .../upms/admin/controller/SSOController.java | 44 +++++++++++++------ 2 files changed, 42 insertions(+), 17 deletions(-) diff --git a/zheng-upms/zheng-upms-client/src/main/java/com/zheng/upms/client/filter/SSOFilter.java b/zheng-upms/zheng-upms-client/src/main/java/com/zheng/upms/client/filter/SSOFilter.java index 70637b36..0d37e029 100644 --- a/zheng-upms/zheng-upms-client/src/main/java/com/zheng/upms/client/filter/SSOFilter.java +++ b/zheng-upms/zheng-upms-client/src/main/java/com/zheng/upms/client/filter/SSOFilter.java @@ -1,5 +1,6 @@ package com.zheng.upms.client.filter; +import com.zheng.common.util.CookieUtil; import com.zheng.common.util.RedisUtil; import org.apache.commons.lang.StringUtils; import org.apache.http.HttpEntity; @@ -29,7 +30,8 @@ import java.util.List; */ public class SSOFilter implements Filter { - private static Logger _log = LoggerFactory.getLogger(SSOFilter.class); + private final static Logger _log = LoggerFactory.getLogger(SSOFilter.class); + private final static String ZHENG_UPMS_SSO_CLIENT_SESSION_ID = "zheng-upms-sso-client-session-id"; private String SYSTEM_NAME = "system_name"; private String SSO_SERVER_URL = "sso_server_url"; @@ -44,10 +46,15 @@ public class SSOFilter implements Filter { public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { HttpServletRequest request = (HttpServletRequest) servletRequest; HttpServletResponse response = (HttpServletResponse) servletResponse; - HttpSession session = request.getSession(); + // 分配单点登录sessionId,不使用session获取会话id,改为cookie,防止session丢失 + String sessionId = CookieUtil.getCookie(request, ZHENG_UPMS_SSO_CLIENT_SESSION_ID); + if (StringUtils.isEmpty(sessionId)) { + sessionId = request.getSession().getId(); + CookieUtil.setCookie(response, ZHENG_UPMS_SSO_CLIENT_SESSION_ID, sessionId); + } // 已登录 - if (!StringUtils.isEmpty(RedisUtil.get(session.getId() + "_token"))) { + if (!StringUtils.isEmpty(RedisUtil.get(sessionId + "_token"))) { filterChain.doFilter(request, response); return; } @@ -75,7 +82,7 @@ public class SSOFilter implements Filter { String result = EntityUtils.toString(httpEntity); if (result.equals("success")) { // token校验正确,创建局部会话 - RedisUtil.set(session.getId() + "_token", token); + RedisUtil.set(sessionId + "_token", token); // 移除url中的token参数 // TODO // 返回请求资源 diff --git a/zheng-upms/zheng-upms-server/src/main/java/com/zheng/upms/admin/controller/SSOController.java b/zheng-upms/zheng-upms-server/src/main/java/com/zheng/upms/admin/controller/SSOController.java index f878ff33..8dd5c341 100644 --- a/zheng-upms/zheng-upms-server/src/main/java/com/zheng/upms/admin/controller/SSOController.java +++ b/zheng-upms/zheng-upms-server/src/main/java/com/zheng/upms/admin/controller/SSOController.java @@ -1,15 +1,18 @@ package com.zheng.upms.admin.controller; +import com.zheng.common.util.CookieUtil; import com.zheng.common.util.RedisUtil; import org.apache.commons.lang.StringUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.stereotype.Controller; +import org.springframework.ui.ModelMap; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.ResponseBody; import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import java.net.URLEncoder; import java.util.ArrayList; @@ -24,8 +27,9 @@ import java.util.UUID; @RequestMapping("/sso") public class SSOController { - private static Logger _log = LoggerFactory.getLogger(SSOController.class); - private static List apps = new ArrayList<>(); + private final static Logger _log = LoggerFactory.getLogger(SSOController.class); + private final static String ZHENG_UPMS_SSO_SERVER_SESSION_ID = "zheng-upms-sso-server-session-id"; + private final static List apps = new ArrayList<>(); { apps.add("zheng-cms-job"); apps.add("zheng-cms-web"); @@ -42,24 +46,28 @@ public class SSOController { * @throws Exception */ @RequestMapping("") - public String index(HttpServletRequest request) throws Exception { - HttpSession session = request.getSession(); - + public String index(HttpServletRequest request, HttpServletResponse response) throws Exception { String system_name = request.getParameter("system_name"); String backurl = request.getParameter("backurl"); - // 判断请求认证系统是否注册 TODO + // 判断请求认证系统是否注册 if (StringUtils.isEmpty(system_name) || !apps.contains(system_name)) { _log.info("未注册的系统:{}", system_name); return "/404"; } + // 分配单点登录sessionId,不使用session获取会话id,改为cookie,防止session丢失 + String sessionId = CookieUtil.getCookie(request, ZHENG_UPMS_SSO_SERVER_SESSION_ID); + if (StringUtils.isEmpty(sessionId)) { + sessionId = request.getSession().getId(); + CookieUtil.setCookie(response, ZHENG_UPMS_SSO_SERVER_SESSION_ID, sessionId); + } // 判断是否存在全局会话 // 未登录 - if (StringUtils.isEmpty(RedisUtil.get(session.getId() + "_token"))) { + if (StringUtils.isEmpty(RedisUtil.get(sessionId + "_token"))) { return "redirect:/sso/login?backurl=" + URLEncoder.encode(backurl, "utf-8"); } // 已登录 - String token = RedisUtil.get(session.getId() + "_token"); + String token = RedisUtil.get(sessionId + "_token"); String redirectUrl = backurl; if (backurl.contains("?")) { redirectUrl += "&token=" + token; @@ -75,7 +83,9 @@ public class SSOController { * @return */ @RequestMapping(value = "/login", method = RequestMethod.GET) - public String login() { + public String login(HttpServletRequest request) { + String sessionId = CookieUtil.getCookie(request, ZHENG_UPMS_SSO_SERVER_SESSION_ID); + _log.info("认证中心sessionId={}", sessionId); return "/sso/login"; } @@ -85,9 +95,7 @@ public class SSOController { * @return */ @RequestMapping(value = "/login", method = RequestMethod.POST) - public String login(HttpServletRequest request) { - HttpSession session = request.getSession(); - + public String login(HttpServletRequest request, HttpServletResponse response, ModelMap modelMap) { String backurl = request.getParameter("backurl"); String username = request.getParameter("username"); String password = request.getParameter("password"); @@ -99,9 +107,19 @@ public class SSOController { _log.info("密码不能为空!"); return "/404"; } + // 分配单点登录sessionId,不使用session获取会话id,改为cookie,防止session丢失 + String sessionId = CookieUtil.getCookie(request, ZHENG_UPMS_SSO_SERVER_SESSION_ID); + if (StringUtils.isEmpty(sessionId)) { + sessionId = request.getSession().getId(); + CookieUtil.setCookie(response, ZHENG_UPMS_SSO_SERVER_SESSION_ID, sessionId); + } + if (StringUtils.isEmpty(sessionId)) { + sessionId = request.getSession().getId(); + CookieUtil.setCookie(response, ZHENG_UPMS_SSO_SERVER_SESSION_ID, sessionId); + } // 默认验证帐号密码正确,创建token String token = UUID.randomUUID().toString(); - RedisUtil.set(session.getId() + "_token", token, 2 * 60 * 60); + RedisUtil.set(sessionId + "_token", token, 2 * 60 * 60); RedisUtil.set(token, token, 2 * 60 * 60); // 回调子系统 String redirectUrl = backurl;