在IE浏览器中iframe跨域访问cookie/session丢失的解决办法
单点登录需要在需要进入的子系统B中添加一个类,用于接收A系统传过来的参数;
@Action(value = "outerLogin", results = { @Result(name = "redirect", type = "redirect", location = "${innerUrl}") }) public String outerLogin() { try { if (userName != null && userName.trim().length() > 0) { TPolicemen policemen = policeMenService.getPolicemenByJh(userName); if (policemen != null) { //获取当前登录用户所在IP String ipStr = CommonService.getIpAddr(this.request); policemen.setIpStr(ipStr); this.session.put(AuthInterceptor.USER_SESSION_KEY, policemen); response.setHeader("P3P", "CP=CAO PSA OUR"); innerUrl = outerUrl; return "redirect"; } else { loginStr = "用户名或者密码错误"; } } } catch (Exception e) { this.clientMessage(e.getMessage()); } return "login"; }
A系统中点击某个链接,url格式形如:
防止iframe跨域访问cookie/session丢失的解决办法是,在保存session后添加一段代码:即
response.setHeader("P3P", "CP=CAO PSA OUR");