分配单点登录sessionId,不使用session获取会话id,改为cookie,防止session丢失
This commit is contained in:
parent
71eb9453be
commit
47a613f7ae
|
@ -1,5 +1,6 @@
|
||||||
package com.zheng.upms.client.filter;
|
package com.zheng.upms.client.filter;
|
||||||
|
|
||||||
|
import com.zheng.common.util.CookieUtil;
|
||||||
import com.zheng.common.util.RedisUtil;
|
import com.zheng.common.util.RedisUtil;
|
||||||
import org.apache.commons.lang.StringUtils;
|
import org.apache.commons.lang.StringUtils;
|
||||||
import org.apache.http.HttpEntity;
|
import org.apache.http.HttpEntity;
|
||||||
|
@ -29,7 +30,8 @@ import java.util.List;
|
||||||
*/
|
*/
|
||||||
public class SSOFilter implements Filter {
|
public class SSOFilter implements Filter {
|
||||||
|
|
||||||
private static Logger _log = LoggerFactory.getLogger(SSOFilter.class);
|
private final static Logger _log = LoggerFactory.getLogger(SSOFilter.class);
|
||||||
|
private final static String ZHENG_UPMS_SSO_CLIENT_SESSION_ID = "zheng-upms-sso-client-session-id";
|
||||||
|
|
||||||
private String SYSTEM_NAME = "system_name";
|
private String SYSTEM_NAME = "system_name";
|
||||||
private String SSO_SERVER_URL = "sso_server_url";
|
private String SSO_SERVER_URL = "sso_server_url";
|
||||||
|
@ -44,10 +46,15 @@ public class SSOFilter implements Filter {
|
||||||
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
|
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
|
||||||
HttpServletRequest request = (HttpServletRequest) servletRequest;
|
HttpServletRequest request = (HttpServletRequest) servletRequest;
|
||||||
HttpServletResponse response = (HttpServletResponse) servletResponse;
|
HttpServletResponse response = (HttpServletResponse) servletResponse;
|
||||||
HttpSession session = request.getSession();
|
// 分配单点登录sessionId,不使用session获取会话id,改为cookie,防止session丢失
|
||||||
|
String sessionId = CookieUtil.getCookie(request, ZHENG_UPMS_SSO_CLIENT_SESSION_ID);
|
||||||
|
if (StringUtils.isEmpty(sessionId)) {
|
||||||
|
sessionId = request.getSession().getId();
|
||||||
|
CookieUtil.setCookie(response, ZHENG_UPMS_SSO_CLIENT_SESSION_ID, sessionId);
|
||||||
|
}
|
||||||
|
|
||||||
// 已登录
|
// 已登录
|
||||||
if (!StringUtils.isEmpty(RedisUtil.get(session.getId() + "_token"))) {
|
if (!StringUtils.isEmpty(RedisUtil.get(sessionId + "_token"))) {
|
||||||
filterChain.doFilter(request, response);
|
filterChain.doFilter(request, response);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
@ -75,7 +82,7 @@ public class SSOFilter implements Filter {
|
||||||
String result = EntityUtils.toString(httpEntity);
|
String result = EntityUtils.toString(httpEntity);
|
||||||
if (result.equals("success")) {
|
if (result.equals("success")) {
|
||||||
// token校验正确,创建局部会话
|
// token校验正确,创建局部会话
|
||||||
RedisUtil.set(session.getId() + "_token", token);
|
RedisUtil.set(sessionId + "_token", token);
|
||||||
// 移除url中的token参数
|
// 移除url中的token参数
|
||||||
// TODO
|
// TODO
|
||||||
// 返回请求资源
|
// 返回请求资源
|
||||||
|
|
|
@ -1,15 +1,18 @@
|
||||||
package com.zheng.upms.admin.controller;
|
package com.zheng.upms.admin.controller;
|
||||||
|
|
||||||
|
import com.zheng.common.util.CookieUtil;
|
||||||
import com.zheng.common.util.RedisUtil;
|
import com.zheng.common.util.RedisUtil;
|
||||||
import org.apache.commons.lang.StringUtils;
|
import org.apache.commons.lang.StringUtils;
|
||||||
import org.slf4j.Logger;
|
import org.slf4j.Logger;
|
||||||
import org.slf4j.LoggerFactory;
|
import org.slf4j.LoggerFactory;
|
||||||
import org.springframework.stereotype.Controller;
|
import org.springframework.stereotype.Controller;
|
||||||
|
import org.springframework.ui.ModelMap;
|
||||||
import org.springframework.web.bind.annotation.RequestMapping;
|
import org.springframework.web.bind.annotation.RequestMapping;
|
||||||
import org.springframework.web.bind.annotation.RequestMethod;
|
import org.springframework.web.bind.annotation.RequestMethod;
|
||||||
import org.springframework.web.bind.annotation.ResponseBody;
|
import org.springframework.web.bind.annotation.ResponseBody;
|
||||||
|
|
||||||
import javax.servlet.http.HttpServletRequest;
|
import javax.servlet.http.HttpServletRequest;
|
||||||
|
import javax.servlet.http.HttpServletResponse;
|
||||||
import javax.servlet.http.HttpSession;
|
import javax.servlet.http.HttpSession;
|
||||||
import java.net.URLEncoder;
|
import java.net.URLEncoder;
|
||||||
import java.util.ArrayList;
|
import java.util.ArrayList;
|
||||||
|
@ -24,8 +27,9 @@ import java.util.UUID;
|
||||||
@RequestMapping("/sso")
|
@RequestMapping("/sso")
|
||||||
public class SSOController {
|
public class SSOController {
|
||||||
|
|
||||||
private static Logger _log = LoggerFactory.getLogger(SSOController.class);
|
private final static Logger _log = LoggerFactory.getLogger(SSOController.class);
|
||||||
private static List<String> apps = new ArrayList<>();
|
private final static String ZHENG_UPMS_SSO_SERVER_SESSION_ID = "zheng-upms-sso-server-session-id";
|
||||||
|
private final static List<String> apps = new ArrayList<>();
|
||||||
{
|
{
|
||||||
apps.add("zheng-cms-job");
|
apps.add("zheng-cms-job");
|
||||||
apps.add("zheng-cms-web");
|
apps.add("zheng-cms-web");
|
||||||
|
@ -42,24 +46,28 @@ public class SSOController {
|
||||||
* @throws Exception
|
* @throws Exception
|
||||||
*/
|
*/
|
||||||
@RequestMapping("")
|
@RequestMapping("")
|
||||||
public String index(HttpServletRequest request) throws Exception {
|
public String index(HttpServletRequest request, HttpServletResponse response) throws Exception {
|
||||||
HttpSession session = request.getSession();
|
|
||||||
|
|
||||||
String system_name = request.getParameter("system_name");
|
String system_name = request.getParameter("system_name");
|
||||||
String backurl = request.getParameter("backurl");
|
String backurl = request.getParameter("backurl");
|
||||||
|
|
||||||
// 判断请求认证系统是否注册 TODO
|
// 判断请求认证系统是否注册
|
||||||
if (StringUtils.isEmpty(system_name) || !apps.contains(system_name)) {
|
if (StringUtils.isEmpty(system_name) || !apps.contains(system_name)) {
|
||||||
_log.info("未注册的系统:{}", system_name);
|
_log.info("未注册的系统:{}", system_name);
|
||||||
return "/404";
|
return "/404";
|
||||||
}
|
}
|
||||||
|
// 分配单点登录sessionId,不使用session获取会话id,改为cookie,防止session丢失
|
||||||
|
String sessionId = CookieUtil.getCookie(request, ZHENG_UPMS_SSO_SERVER_SESSION_ID);
|
||||||
|
if (StringUtils.isEmpty(sessionId)) {
|
||||||
|
sessionId = request.getSession().getId();
|
||||||
|
CookieUtil.setCookie(response, ZHENG_UPMS_SSO_SERVER_SESSION_ID, sessionId);
|
||||||
|
}
|
||||||
// 判断是否存在全局会话
|
// 判断是否存在全局会话
|
||||||
// 未登录
|
// 未登录
|
||||||
if (StringUtils.isEmpty(RedisUtil.get(session.getId() + "_token"))) {
|
if (StringUtils.isEmpty(RedisUtil.get(sessionId + "_token"))) {
|
||||||
return "redirect:/sso/login?backurl=" + URLEncoder.encode(backurl, "utf-8");
|
return "redirect:/sso/login?backurl=" + URLEncoder.encode(backurl, "utf-8");
|
||||||
}
|
}
|
||||||
// 已登录
|
// 已登录
|
||||||
String token = RedisUtil.get(session.getId() + "_token");
|
String token = RedisUtil.get(sessionId + "_token");
|
||||||
String redirectUrl = backurl;
|
String redirectUrl = backurl;
|
||||||
if (backurl.contains("?")) {
|
if (backurl.contains("?")) {
|
||||||
redirectUrl += "&token=" + token;
|
redirectUrl += "&token=" + token;
|
||||||
|
@ -75,7 +83,9 @@ public class SSOController {
|
||||||
* @return
|
* @return
|
||||||
*/
|
*/
|
||||||
@RequestMapping(value = "/login", method = RequestMethod.GET)
|
@RequestMapping(value = "/login", method = RequestMethod.GET)
|
||||||
public String login() {
|
public String login(HttpServletRequest request) {
|
||||||
|
String sessionId = CookieUtil.getCookie(request, ZHENG_UPMS_SSO_SERVER_SESSION_ID);
|
||||||
|
_log.info("认证中心sessionId={}", sessionId);
|
||||||
return "/sso/login";
|
return "/sso/login";
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -85,9 +95,7 @@ public class SSOController {
|
||||||
* @return
|
* @return
|
||||||
*/
|
*/
|
||||||
@RequestMapping(value = "/login", method = RequestMethod.POST)
|
@RequestMapping(value = "/login", method = RequestMethod.POST)
|
||||||
public String login(HttpServletRequest request) {
|
public String login(HttpServletRequest request, HttpServletResponse response, ModelMap modelMap) {
|
||||||
HttpSession session = request.getSession();
|
|
||||||
|
|
||||||
String backurl = request.getParameter("backurl");
|
String backurl = request.getParameter("backurl");
|
||||||
String username = request.getParameter("username");
|
String username = request.getParameter("username");
|
||||||
String password = request.getParameter("password");
|
String password = request.getParameter("password");
|
||||||
|
@ -99,9 +107,19 @@ public class SSOController {
|
||||||
_log.info("密码不能为空!");
|
_log.info("密码不能为空!");
|
||||||
return "/404";
|
return "/404";
|
||||||
}
|
}
|
||||||
|
// 分配单点登录sessionId,不使用session获取会话id,改为cookie,防止session丢失
|
||||||
|
String sessionId = CookieUtil.getCookie(request, ZHENG_UPMS_SSO_SERVER_SESSION_ID);
|
||||||
|
if (StringUtils.isEmpty(sessionId)) {
|
||||||
|
sessionId = request.getSession().getId();
|
||||||
|
CookieUtil.setCookie(response, ZHENG_UPMS_SSO_SERVER_SESSION_ID, sessionId);
|
||||||
|
}
|
||||||
|
if (StringUtils.isEmpty(sessionId)) {
|
||||||
|
sessionId = request.getSession().getId();
|
||||||
|
CookieUtil.setCookie(response, ZHENG_UPMS_SSO_SERVER_SESSION_ID, sessionId);
|
||||||
|
}
|
||||||
// 默认验证帐号密码正确,创建token
|
// 默认验证帐号密码正确,创建token
|
||||||
String token = UUID.randomUUID().toString();
|
String token = UUID.randomUUID().toString();
|
||||||
RedisUtil.set(session.getId() + "_token", token, 2 * 60 * 60);
|
RedisUtil.set(sessionId + "_token", token, 2 * 60 * 60);
|
||||||
RedisUtil.set(token, token, 2 * 60 * 60);
|
RedisUtil.set(token, token, 2 * 60 * 60);
|
||||||
// 回调子系统
|
// 回调子系统
|
||||||
String redirectUrl = backurl;
|
String redirectUrl = backurl;
|
||||||
|
|
Loading…
Reference in New Issue