单点登录的实现

从第三方系统单点登录到目标系统,第三方系统会发送token进行验证,通过解析token,获取相应的用户信息的json串。将其set到自己系统的session中。

 

public class sessionFilter extends OncePerRequestFilter{

	// 登录页面
    private String LoginPage = Configure.getInstance().getProperty("com.zyzx.dmc.login.html");

    @Override
    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
            throws ServletException, IOException {
		HttpServletRequest hrequest = (HttpServletRequest) request;
    	HttpSession session = hrequest.getSession();
        // 不过滤的uri
        String[] notFilter = new String[] { "login.html", ".js", "/css","/images", "/logout", "/druid", "/login","/ssoAuth" };

        // 请求的uri
        String url = request.getRequestURL().toString();
        //Token

        String token = request.getParameter("token");
//        String url = uri.replaceAll("html", "bak");
        // 是否过滤
        boolean doFilter = true;
        for (String s : notFilter) {
            if (url.indexOf(s) != -1) {
                // 如果uri中包含不过滤的uri,则不进行过滤
                doFilter = false;
                break;
            }
        }
        /*
         * if(uri.contains("jsp") && uri.indexOf("login.jsp") == -1) { doFilter
         * = true; }
         */
        if (doFilter) {
            // 执行过滤
            // 从session中获取登录者实体
            final IUserSession userSession = (IUserSession) session.getAttribute(IUserSession.ASIA_SESSION_NAME);
            if (userSession == null) {
                //未登录状态
                if(null == token){
                    response.sendRedirect(LoginPage + "?goto=" + url);
                    return;
                //token 存在则去保存session,验证用户信息
                }else {
                    JSONObject  result = checkTokenInfo(token);
                    if(null == result){
                        response.sendRedirect(LoginPage + "?goto=" + url);
                        return;
                    }
                    //验证成功
                    if("suc".equals(result.get("result"))){
                      //正常登录
                        Map<String,String> sessionUserInfo = new HashMap<String, String>();
                        UserMessage userMessage = new UserMessage();
                        sessionUserInfo = JsonUtil.json2HashMap(result.get("userInfo").toString());
                        sessionUserInfo.put("token", token);
                        
                        String ip = request.getHeader("x-forwarded-for"); 
                        if(ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { 
                            ip = request.getHeader("Proxy-Client-IP"); 
                        } 
                        if(ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { 
                            ip = request.getHeader("WL-Proxy-Client-IP"); 
                        } 
                        if(ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { 
                            ip = request.getRemoteAddr(); 
                        } 
                        
                        userMessage.setUserID(sessionUserInfo.get("user_account"));
                        userMessage.setUserName(sessionUserInfo.get("user_name"));
                        userMessage.setSessionID(sessionUserInfo.get("token"));
                        userMessage.setClientIP(ip);
                        request.getSession().setAttribute(IUserSession.ASIA_SESSION_NAME,userMessage);
                        response.sendRedirect(url);
                    }else if("fail".equals(result.get("result"))){
                        response.sendRedirect(LoginPage + "?goto=" + url);
                    }
                }
                // 如果session中不存在登录者实体,则弹出框提示重新登录
                boolean isAjaxRequest = isAjaxRequest(request);
                if (isAjaxRequest) {
                    // 设置request和response的字符集,防止乱码
                    response.setContentType("text/html;charset=UTF-8");
                    response.sendError(HttpStatus.UNAUTHORIZED.value(), "您已经太长时间没有操作,请刷新页面");
                    return;
                }
            } else {
                // 如果session中存在登录者实体,则继续
                filterChain.doFilter(request, response);
            }
        } else {
            // 如果不执行过滤,则继续
            filterChain.doFilter(request, response);
        }
    }

    /**
     * 判断是否为Ajax请求 <功能详细描述>
     * 
     * @param request
     * @return 是true, 否false
     * @see [类、类#方法、类#成员]
     */
    public static boolean isAjaxRequest(HttpServletRequest request) {
        String header = request.getHeader("X-Requested-With");
        if (header != null && "XMLHttpRequest".equals(header))
            return true;
        else
            return false;
    }
    /**
     * 
     * 验证Token是否存在
     * @param tokenValue
     * @return
     * @throws IOException
     */
    private JSONObject checkTokenInfo(String tokenValue) throws IOException {
        String checkUrl = Configure.getInstance().getProperty("xxxxxUrl")+tokenValue;
        HttpClient httpclient = new HttpClient();
        GetMethod httpget = new GetMethod(checkUrl);
        try {
            httpclient.executeMethod(httpget);
            String result = httpget.getResponseBodyAsString();
            JSONObject json = JSONObject.fromObject(result);
            return json;
        } finally {
            httpget.releaseConnection();
        }
    }
    
}

  代码写完了,然后需要在web.xml中配置filter

<filter>
<filter-name>sessionFilter</filter-name>
<filter-class>代码路径.sessionFilter</filter-class>
</filter>

随后配置filter-mapping 

<filter-mapping>
<filter-name>sessionFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>

 

OK结束。

 

posted on 2015-10-21 21:07  松伯  阅读(345)  评论(0编辑  收藏  举报