单点登录SSO（同域实现）

2019-11-08 02:13:21

字体：大中小

来源：转载

供稿：网友

1.实现一个同域SSO的流程如下

在一个注：在同一个域（localhost）下有dome1和dome2两个主页，实现在其中一个主页登录便可以访问另一个主页

2.统一登录接口（login.jsp）

pageEncoding="utf-8"%><!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>dome1和dome2的统一登录接口</title></head><body> <center> <h1>统一登录</h1> <form action="/doLogin.action" method="post"> <span>用户名：</span> <input type="text" name="username"/> <span>密码：</span> <input type="passWord" name="password"/>  <input type="hidden" name="getUrl" value="${getUrl}"/> <input type="submit" value="登录"/> </form> </center></body></html>

3.登录Action（SSOAction.java）

package com.hlj.action;import javax.servlet.http.Cookie;import javax.servlet.http.HttpServletResponse;import org.apache.struts2.ServletActionContext;import com.hlj.util.SSOCheck;import com.opensymphony.xwork2.ActionSupport;/* * 统一登录的接口action */public class SSOAction extends ActionSupport { //用户名和密码 PRivate String username; private String password; //隐藏表单，用于保存我们要跳转的页面 private String getUrl; public String getGetUrl() { return getUrl; } public void setGetUrl(String getUrl) { this.getUrl = getUrl; } public String getUsername() { return username; } public void setUsername(String username) { this.username = username; } public String getPassword() { return password; } public void setPassword(String password) { this.password = password; } /* * doLogin登录 */ public String doLogin() { boolean flag = SSOCheck.isLogin(username, password); if(flag) { //保存cookie Cookie cookie = new Cookie("ssocookie","sso"); cookie.setPath("/"); HttpServletResponse response = ServletActionContext.getResponse(); response.addCookie(cookie);//吧cookie保存到客户端 return SUCCESS;//登录成功 } return null;//登录失败（测试不做处理） }}

4.工具类（SSOCheck.java）包括登录验证和校验接口

package com.hlj.util;import javax.servlet.http.Cookie;import javax.servlet.http.HttpServletRequest;/* * 工具 */public class SSOCheck { //设置默认用户名和密码 private static final String USERNAME = "zhangying"; private static final String PASSWORD = "123"; /* * 判断是否登录成功 */ public static boolean isLogin(String username,String password) { if(username.equals(USERNAME) && password.equals(PASSWORD)) return true;//登录成功 return false;//登录失败 } /* * 统一的校验接口 */ public static boolean isCookie(HttpServletRequest request) { Cookie[] cookie = request.getCookies(); if(cookie!=null) { for(Cookie c : cookie) { //判断cookie是否存在 if(c.getName().equals("ssocookie") && c.getValue().equals("sso")) { return true; } } } return false; }}

5.DOME1和DOME2的主页（index1.jsp index2.jsp）

index1.jsp<%@ page language="java" contentType="text/html; charset=utf-8" pageEncoding="utf-8"%><!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>欢迎访问dome1</title></head><body> <h1>这里时dome1的主页</h1></body></html>index2.jsp<%@ page language="java" contentType="text/html; charset=utf-8" pageEncoding="utf-8"%><!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>欢迎访问dome2</title></head><body> <h1>这里时dome2的主页</h1></body></html>

6.DOME1和DOME2的Action（DOME1.java DOME2.java）

DOME1.javapackage com.hlj.action;import javax.servlet.http.HttpServletRequest;import org.apache.struts2.ServletActionContext;import com.hlj.util.SSOCheck;import com.opensymphony.xwork2.ActionSupport;public class DOME1 extends ActionSupport { private String getUrl; /* * dome1 */ public String main() { HttpServletRequest request = ServletActionContext.getRequest(); boolean flag = SSOCheck.isCookie(request); if(flag) { //已经登陆 return SUCCESS; } getUrl = "/main.action";//暂存他登陆时要访问的页面,以便下次登陆时可以访问 return LOGIN; }}DOME2.javapackage com.hlj.action;import javax.servlet.http.HttpServletRequest;import org.apache.struts2.ServletActionContext;import com.hlj.util.SSOCheck;import com.opensymphony.xwork2.ActionSupport;public class DOME2 extends ActionSupport { private String getUrl; /* * dome2 */ public String main() { HttpServletRequest request = ServletActionContext.getRequest(); boolean flag = SSOCheck.isCookie(request); if(flag) { //已经登陆 return SUCCESS; } getUrl = "/demo2/main.action";//暂存他登陆时要访问的页面,以便下次登陆时可以访问 return LOGIN; }}

7.struts.xml中的配置（struts.xml）

<!DOCTYPE struts PUBLIC "-//Apache Software Foundation//DTD Struts Configuration 2.5//EN" "http://struts.apache.org/dtds/struts-2.5.dtd"><struts> <package name="sso" extends="struts-default" namespace="/"> <action name="doLogin" class="com.hlj.action.SSOAction" method="doLogin">  <result name="success" type="redirect">${getUrl}</result> </action> </package> <package name="dome1" extends="struts-default" namespace="/"> <action name="dome1" class="com.hlj.action.DOME1" method="main"> <result name="success">/index1.jsp</result> <result name="login">/login.jsp</result> </action> </package> <package name="dome2" extends="struts-default" namespace="/"> <action name="dome2" class="com.hlj.action.DOME2" method="main"> <result name="success">/index2.jsp</result> <result name="login">/login.jsp</result> </action> </package></struts>