Tomcat跨二级域配置

内容转自:http://blog.csdn.net/luka2008/article/details/38385703/,请直接看原文,不过这篇“原文”也是转的。。。

 

1,Tomcat下

代码:

import com.sun.javaws.Globals;

import javax.xml.soap.MimeHeaders;
import java.io.IOException;

/**
 * Created by liu.yuxiang on 2017/9/26.
 */
public class SessionCrossDomainValve extends ValveBase {

    public SessionCrossDomainValve() {
        super();
        info = "com.jinfuzi.SessionCrossDomainValve";
    }

    public void invoke(Request request, Response response) throws IOException, ServletException {
        request.getSession(true);
        // replace any Tomcat-generated session cookies with our own
        Cookie[] cookies = response.getCookies();
        if (cookies != null) {
            for (int i = 0; i < cookies.length; i++) {
                Cookie cookie = cookies;
                containerLog.debug("CrossSubdomainSessionValve: Cookie name is "
                        + cookie.getName());
                if (Globals.SESSION_COOKIE_NAME.equals(cookie.getName())) {
                    replaceCookie(request, response, cookie);
                }
            }
        }
// process the next valve
        getNext().invoke(request, response);
    }

    @SuppressWarnings("unchecked")
    protected void replaceCookie(Request request, Response response, Cookie cookie) {
        //copy the existing session cookie, but use a different domain
        Cookie newCookie = new Cookie(cookie.getName(), cookie.getValue());
        if (cookie.getPath() != null)
            newCookie.setPath(cookie.getPath());
        newCookie.setDomain(getCookieDomain(request));
        newCookie.setMaxAge(cookie.getMaxAge());
        newCookie.setVersion(cookie.getVersion());
        if (cookie.getComment() != null)
            newCookie.setComment(cookie.getComment());
        newCookie.setSecure(cookie.getSecure());

        //if the response has already been committed, our replacement strategy will have no effect
        if (response.isCommitted())
            containerLog.error("CrossSubdomainSessionValve: response was already committed!");

        //find the Set-Cookie header for the existing cookie and replace its value with new cookie
        MimeHeaders headers = response.getCoyoteResponse().getMimeHeaders();
        for (int i = 0, size = headers.size(); i < size; i++)
        {
            if (headers.getName(i).equals("Set-Cookie"))
            {
                MessageBytes value = headers.getValue(i);
                if (value.indexOf(cookie.getName()) >= 0)
                {
                    StringBuffer buffer = new StringBuffer();
                    ServerCookie.appendCookieValue(buffer, newCookie.getVersion(), newCookie
                            .getName(), newCookie.getValue(),  newCookie.getPath(), newCookie
                            .getDomain(), newCookie.getComment(), newCookie.getMaxAge(), newCookie
                            .getSecure());  //如果是tomcat6.020,这里需要多加一个true.
                    containerLog.debug("CrossSubdomainSessionValve: old Set-Cookie value: " + value.toString());
                    containerLog.debug("CrossSubdomainSessionValve: new Set-Cookie value: " + buffer);
                    value.setString(buffer.toString());
                }
            }
        }
    }

    protected String getCookieDomain(Request request) {
        String cookieDomain = request.getServerName();
        String[] parts = cookieDomain.split("\\.");
        if (parts.length >= 2)
            cookieDomain = parts[parts.length - 2] + "."
                    + parts[parts.length - 1];
        return "." + cookieDomain;
    }

    public String toString() {
        return ("CrossSubdomainSessionValve[container=" + container.getName() + ']');
    }
}

这个类就是查看response要写入的cookie有没有符合规则,有就对cookie,domain进行变更,变为二级域名

将这个类打包成jar包,放进{catalina_home}/lib下,并在server.xml中注册: 
<Valve className="SessionCrossDomainValve"/>

 

2、改变获取Session的方式

public Session getSession(HttpServletRequest request, HttpServletResponse response){ 
      HttpSession session = request.getSession(false); 
       if (session==null){ 
             session = request.getSession(true); 
             String session_id = session.getId(); 
             Cookie c = new Cookie("JSESSIONID",session_id); 
             c.setDomain(".vinceruan.info"); 
             c.setPath("/"); 
             response.addCookie(); 
        } 
} 

 

posted @ 2017-09-26 10:41  剑握在手  阅读(388)  评论(0编辑  收藏  举报
返回顶部↑