完成单点登录:登录功能

This commit is contained in:
shuzheng 2016-12-10 23:13:14 +08:00
parent 167251bb45
commit 849448068b
11 changed files with 228 additions and 62 deletions

View File

@ -36,6 +36,12 @@
<artifactId>zheng-upms-client</artifactId>
<version>1.0.0</version>
</dependency>
<!-- zheng-upms-client -->
<dependency>
<groupId>com.zheng</groupId>
<artifactId>zheng-upms-client</artifactId>
<version>1.0.0</version>
</dependency>
</dependencies>
<profiles>
@ -78,11 +84,12 @@
<plugin>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-maven-plugin</artifactId>
<version>9.0.0.v20130308</version>
<!--<version>9.0.0.v20130308</version>-->
<version>9.2.7.v20150116</version>
<configuration>
<scanIntervalSeconds>3</scanIntervalSeconds>
<webApp>
<contextPath>/zheng-cms-admin</contextPath>
<contextPath>/</contextPath>
</webApp>
<httpConnector>
<port>2222</port>

View File

@ -1,15 +1,8 @@
package com.zheng.cms.admin.controller;
/**
* 控制器基类
* @author shuzheng
* @date 2016年7月7日 上午10:08:47
* Created by shuzheng on 2016/12/10.
*/
public class BaseController {
public static final String RESULT = "result";
public static final String DATA = "data";
public static final String SUCCESS = "success";
public static final String FAILED = "failed";
}

View File

@ -0,0 +1,44 @@
package com.zheng.cms.admin.controller;
import com.zheng.cms.dao.model.User;
import com.zheng.cms.dao.model.UserExample;
import com.zheng.cms.service.UserService;
import com.zheng.common.util.Paginator;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.validation.BindingResult;
import org.springframework.validation.ObjectError;
import org.springframework.web.bind.annotation.*;
import org.springframework.web.multipart.MultipartFile;
import javax.servlet.http.HttpServletRequest;
import javax.validation.Valid;
import java.io.File;
import java.io.IOException;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
/**
* 用户管理
* Created by shuzheng on 2016/12/10.
*/
@Controller
@RequestMapping("/manage/user")
public class UserController extends BaseController {
private static Logger _log = LoggerFactory.getLogger(UserController.class);
/**
* 列表
* @return
*/
@RequestMapping("/list")
public String index() {
return "/user/list";
}
}

View File

@ -0,0 +1,17 @@
<%@ page contentType="text/html; charset=utf-8"%>
<%@ taglib uri="http://java.sun.com/jstl/core_rt" prefix="c"%>
<%@ taglib uri="http://java.sun.com/jsp/jstl/fmt" prefix="fmt"%>
<%@ taglib uri="http://java.sun.com/jsp/jstl/functions" prefix="fn"%>
<%@ taglib uri="http://www.springframework.org/tags" prefix="spring"%>
<%@ taglib uri="http://www.springframework.org/tags/form" prefix="form"%>
<c:set var="basePath" value="${pageContext.request.contextPath}"/>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8"/>
<title>列表</title>
</head>
<body>
/manage/user/list
</body>
</html>

View File

@ -64,6 +64,24 @@
</filter-mapping>
-->
<!-- zhang-upms-client -->
<filter>
<filter-name>zheng-upms-client</filter-name>
<filter-class>com.zheng.upms.client.filter.SSOFilter</filter-class>
<init-param>
<param-name>system_name</param-name>
<param-value>zheng-cms-admin</param-value>
</init-param>
<init-param>
<param-name>sso_server_url</param-name>
<param-value>http://upms.zhangshuzheng.cn:1111</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>zheng-upms-client</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- Druid连接池监控页面 -->
<servlet>
<servlet-name>DruidStatView</servlet-name>

View File

@ -46,12 +46,6 @@
<artifactId>rocketmq-client</artifactId>
<version>3.6.2.Final</version>
</dependency>
<!-- zheng-upms-client -->
<dependency>
<groupId>com.zheng</groupId>
<artifactId>zheng-upms-client</artifactId>
<version>1.0.0</version>
</dependency>
</dependencies>
<profiles>

View File

@ -63,24 +63,6 @@
<url-pattern>/*</url-pattern>
</filter-mapping>
-->
<!-- zhang-upms-client -->
<filter>
<filter-name>zheng-upms-client</filter-name>
<filter-class>com.zheng.upms.client.filter.SSOFilter</filter-class>
<init-param>
<param-name>system_name</param-name>
<param-value>zheng-cms-web</param-value>
</init-param>
<init-param>
<param-name>sso_server_url</param-name>
<param-value>http://upms.zhengshuzheng.cn:1111/sso/login</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>zheng-upms-client</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- Druid连接池监控页面 -->
<servlet>

View File

@ -32,6 +32,7 @@ public class SSOFilter implements Filter {
HttpServletRequest request = (HttpServletRequest) servletRequest;
HttpServletResponse response = (HttpServletResponse) servletResponse;
HttpSession session = request.getSession();
_log.info("浏览器sessionId{}", session.getId());
// 已登录
if (null != session.getAttribute("isLogin")) {
@ -40,20 +41,36 @@ public class SSOFilter implements Filter {
}
// 未登录
else {
// 跳转sso-server认证中心并带上回调地址和系统名称参数
// 认证中心地址
StringBuffer sso_server_url = new StringBuffer(filterConfig.getInitParameter(SSO_SERVER_URL));
// 参数system_name
sso_server_url.append("?").append(SYSTEM_NAME).append("=").append(filterConfig.getInitParameter(SYSTEM_NAME));
// 参数backurl
StringBuffer backurl = request.getRequestURL();
String queryString = request.getQueryString();
if (!StringUtils.isEmpty(queryString)) {
backurl.append("?").append(queryString);
// 判断是否有是认证中心验证后回跳
String token = request.getParameter("token");
// 无token跳到认证中心登录
if (StringUtils.isEmpty(token)) {
// 跳转sso-server认证中心并带上回调地址和系统名称参数
// 认证中心地址
StringBuffer sso_server_url = new StringBuffer(filterConfig.getInitParameter(SSO_SERVER_URL));
sso_server_url.append("/sso");
// 参数system_name
sso_server_url.append("?").append(SYSTEM_NAME).append("=").append(filterConfig.getInitParameter(SYSTEM_NAME));
// 参数backurl
StringBuffer backurl = request.getRequestURL();
String queryString = request.getQueryString();
if (!StringUtils.isEmpty(queryString)) {
backurl.append("?").append(queryString);
}
sso_server_url.append("&").append("backurl").append("=").append(URLEncoder.encode(backurl.toString(), "utf-8"));
_log.info("未登录,跳转认证中心:{}", sso_server_url);
response.sendRedirect(sso_server_url.toString());
}
// 已拿到token
else {
// HttpPost去校验token
// ... 默认校验正确
// token校验正确创建局部会话
session.setAttribute("isLogin", true);
filterChain.doFilter(request, response);
return;
}
sso_server_url.append("&").append("backurl").append("=").append(URLEncoder.encode(backurl.toString(), "utf-8"));
_log.info("未登录,跳转认证中心:{}", sso_server_url);
response.sendRedirect(sso_server_url.toString());
}
}

View File

@ -1,15 +0,0 @@
package com.zheng.upms.admin;
/**
* 控制器基类
* @author shuzheng
* @date 2016年7月7日 上午10:08:47
*/
public class BaseController {
public static final String RESULT = "result";
public static final String DATA = "data";
public static final String SUCCESS = "success";
public static final String FAILED = "failed";
}

View File

@ -0,0 +1,88 @@
package com.zheng.upms.admin.controller;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import java.net.URLEncoder;
import java.util.UUID;
/**
* 单点登录管理
* Created by shuzheng on 2016/12/10.
*/
@Controller
@RequestMapping("/sso")
public class SSOController {
private static Logger _log = LoggerFactory.getLogger(SSOController.class);
/**
* 认证中心首页
* @return
*/
@RequestMapping("")
public String index(HttpServletRequest request) throws Exception {
String system_name = request.getParameter("system_name");
String backurl = request.getParameter("backurl");
if (StringUtils.isEmpty(system_name) || !system_name.equals("zheng-cms-admin")) {
_log.info("未注册的系统:{}", system_name);
return "/404";
}
// 判断是否存在全局会话
if (null == request.getSession().getAttribute("isLogin")) {
return "redirect:/sso/login?backurl=" + URLEncoder.encode(backurl, "utf-8");
}
_log.info("认证中心验证为已登录,跳回:{}", backurl);
return "redirect:" + backurl;
}
/**
* 登录页get
* @return
*/
@RequestMapping(value = "/login", method = RequestMethod.GET)
public String login() {
return "/sso/login";
}
/**
* 登录页post
* @return
*/
@RequestMapping(value = "/login", method = RequestMethod.POST)
public String login(HttpServletRequest request) {
String backurl = request.getParameter("backurl");
String username = request.getParameter("username");
String password = request.getParameter("password");
if (StringUtils.isEmpty(username)) {
_log.info("帐号不能为空!");
return "/404";
}
if (StringUtils.isEmpty(password)) {
_log.info("密码不能为空!");
return "/404";
}
// 默认验证帐号密码正确创建token
HttpSession session = request.getSession();
_log.info("子系统sessionId{}", session.getId());
String token = UUID.randomUUID().toString().replace("-", "");
session.setAttribute("isLogin", true);
session.setAttribute(session.getId(), token);
String redirectUrl = backurl;
if (backurl.contains("?")) {
redirectUrl += "&token=" + token;
} else {
redirectUrl += "?token=" + token;
}
_log.info("认证中心帐号通过带token回跳{}", redirectUrl);
return "redirect:" + redirectUrl;
}
}

View File

@ -0,0 +1,21 @@
<%@ page contentType="text/html; charset=utf-8"%>
<%@ taglib uri="http://java.sun.com/jstl/core_rt" prefix="c"%>
<%@ taglib uri="http://java.sun.com/jsp/jstl/fmt" prefix="fmt"%>
<%@ taglib uri="http://java.sun.com/jsp/jstl/functions" prefix="fn"%>
<%@ taglib uri="http://www.springframework.org/tags" prefix="spring"%>
<%@ taglib uri="http://www.springframework.org/tags/form" prefix="form"%>
<c:set var="basePath" value="${pageContext.request.contextPath}"/>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8"/>
<title>登录页</title>
</head>
<body>
<form method="post">
<p>帐号:<input type="text" name="username" /></p>
<p>密码:<input type="password" name="password" /></p>
<p><input type="submit" value="登录"></p>
</form>
</body>
</html>