sso社区系统单点登录对接

使用原理

  • 1.1 社区系统点击进入被登录系统(psmp)时,传来的请求携带着session_id,psmp判断是否单点登录
  • 2.1(携带session_id) YES:则像社区系统发送请求验证该session_id,验证通过则直接进入首页,否则进入登录页面
  • 2.2(未携带session_id) NO:进入登录页面

注:社区系统和psmp的登录账号需要保持一致,否则无法登陆

具体实现

web.xml里面设置过滤器和分发器

过滤器


    SessionFilter
    com.ztesoft.uboss.login.filter.SessionFilter
    
        ExcludeFile
        /callremoteservice.do,/mcallremoteservice.do,/Login.jsp,/Login_chongqizongzhi.jsp,/Login_version20.jsp,/UlepLogin.jsp,loginservlet.do,ssologin.do, ssoeventNum.do,ssoeventList.do,logout.jsp,Error.jsp, /modules/bpmn/flowdesigner/draw/showFlow.jsp,/modules/bpmn/flowdesigner/draw/showView.jsp,/modules/bpmn/flowdesigner/draw/showFlow.jsp ,/modules/bpmn/flowdesigner/draw/showsubFlow.jsp,/modules/bpmn/flowdesigner/draw/flowActiviti.jsp,/modules/form ,modules/admin/report/release/reportTemplate.jsp,PreviewNotice.jsp,/sso.jsp
        
    

servlet


        loginservlet
        
            
            com.ztesoft.uboss.login.servlet.LoginServlet
        
    


        loginservlet
        /loginservlet.do
    

SessionFilter

在doFilter()方法里面,加上一句判断

String session_id = request.getParameter("session_id");
if (!StringUtils.isBlank(session_id)) { // 单点登录方式
    String strWebRoot = getWebRoot(request);
    String curURL = "loginservlet.do?action=login&sessionID=" + session_id;
    response.sendRedirect(strWebRoot + curURL);
    filterChain.doFilter(request, response);
    return;
}

LoginServlet

在login()方法里面加上一句判断

// 天津一部单点登录
sessionId = request.getParameter("sessionID");
    String responseBody = "";
    if (StringUtil.isNotEmpty(sessionId)) {
        String url = ConfigurationMgr.instance().getString("SSO_URL");
        //String url ="http://10.45.8.27:8080/ccm/sso/entrance/sessionLoad?session_id=" + sessionId;
        if (StringUtil.isEmpty(url)) {
            SMSLoginState ssoResult = SMSLoginState.USRCODE_ERR;
            logger.info("LOGIN FAILED TO GET AUTH URL.");
            LoginUtil.gotoAnotherLink(request, response, ssoResult, loginJsp);
            return;
        }
        responseBody = callHttpClientRequest(url, sessionId);
        JSONObject jsonResponse = JSONObject.fromObject(responseBody);
        if (jsonResponse.getBoolean("success")) {
            ssoLoginUserCode = jsonResponse.getString("acc_login_name");
            //ssoLoginUserCode="imcp";
            // 代表sso登录成功
            if (StringUtil.isNotEmpty(ssoLoginUserCode)) {
                logger.debug("SSO Auth success. User Code: " + ssoLoginUserCode);
                loginDict.set("SSO_AUTH_SUCCESS_CODE", ssoLoginUserCode);
                loginDict.set("USER_CODE", ssoLoginUserCode);
                loginDict.set("SESSION_ID", sessionId);
                userCode = ssoLoginUserCode;
                loginDict.setValueByName("LOGIN_PATTERN", 0);
                loginServ.login(loginDict);
            }
        } else {
            SMSLoginState ssoResult = SMSLoginState.USRCODE_ERR;
            LoginUtil.gotoAnotherLink(request, response, ssoResult,
                loginJsp);
            logger.info("SSO AUTH FAILED.");
            return;
        }
    } else {
        loginServ.login(loginDict);
    }

你可能感兴趣的:(sso社区系统单点登录对接)