springMVC使用ehcache实现简单的单点登录

只要解决了以上的问题,达到了开头讲得效果就可以说是SSO。最简单实现SSO的方法就是用Cookie,实现流程如下所示



以下是代码部份

package com.qj.sso.controller;




import java.util.Date;
import java.util.HashMap;
import java.util.Map;
import java.util.UUID;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.converter.json.MappingJacksonValue;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;
import com.qj.bean.User;
import com.qj.bean.UserOpenid;
import com.qj.contants.ApiContants;
import com.qj.sms.SmsAct;
import com.qj.sso.annotation.MySign;
import com.qj.sso.service.UserOpenidService;
import com.qj.sso.service.UserService;
import com.qj.utils.CookieUtils;
import com.qj.utils.EhcacheUtil;
import com.qj.utils.ExceptionUtil;
import com.qj.utils.HttpClientUtil;
import com.qj.utils.JsonUtils;
import com.qj.utils.MD5Utils;
import com.qj.utils.StringCodeHelper;
import com.qj.utils.StringHelper;
import com.qj.utils.VrResult;




/***
 * 登录
 * @author HZW
 *
 */
@Controller
public class UserController {

private static Logger log = LoggerFactory.getLogger(UserController.class);

@Autowired
private UserService service;

@Autowired
private UserOpenidService uoService;

@Value("${ACCOUNTSID}")
private String accountSid;
@Value("${TOKEN}")
private String token;
@Value("${APPID}")
private String appId;
@Value("${TEMPLATEID}")
private String templateId;
@Value("${vrstoreUrl}")
private String vrstoreUrl;
@Value("${KEY}")
private String key;
@Value("${webSite}")
private String webSite;
/***
*  测试集群缓存同步
* @return
*/
@RequestMapping(value="/test/sso",method=RequestMethod.GET)
public Object test(){
//把用户信息写入ehcache
//EhcacheUtil.put("org.news.pojo.News",ApiContants.USER_SESSIONID_KEY,":xxxxxxxx123213");
//Object object = EhcacheUtil.get("org.news.pojo.News",ApiContants.USER_SESSIONID_KEY);
//System.out.println(object.toString()+">>>");
return "请求成功";
}

/***
* 登录
*
* @return
*/
@RequestMapping(value="/loginsubmit")
@ResponseBody
public Object loginsubmit(@RequestBody User u,HttpServletRequest request, HttpServletResponse response,String callback){
VrResult result=null;
if(!MD5Utils.MD5(u.getData()+key).equals(u.getSign())){
 return VrResult.build(400,"签名异常!");
 }
 if(u.getLoginType().equals("phone")){//账号密码
 result=loginPhone(u,request,response);
        }
 if(u.getLoginType().equals("1")){//QQ
 result=loginApi(u,request,response);
 }
          if(u.getLoginType().equals("2")){//微信登录
         System.out.println();
         result=loginApi(u,request,response);
          }
          if(u.getLoginType().equals("3")){//微博
         result=loginApi(u,request,response);
          }
          
          if (null != callback) {
  MappingJacksonValue mappingJacksonValue = new MappingJacksonValue(result);
  mappingJacksonValue.setJsonpFunction(callback);
  return mappingJacksonValue;
  } else {
  System.out.println(result.toString());
  return result; 
  }
}


/***
* 账号密码登录
* @param req
* @param request
* @param response
* @return
*/
public VrResult loginPhone(User req,HttpServletRequest request, HttpServletResponse response){
 try {
if(StringHelper.isNotNull(req.getUsername()) && StringHelper.isNotNull(req.getPassword())){
User user = service.findByUsername(req.getUsername());
//如果没有此用户名
if (null== user) {
return VrResult.build(400, "用户名不存在");
}
//比对密码
if (!user.getPassword().equals(MD5Utils.MD5(req.getPassword()))) {
return VrResult.build(400, "用户名或密码错误");
}
//生成token
String token =UUID.randomUUID().toString();
//保存用户之前,把用户对象中的密码清空。
user.setPassword(null);
user.setRegisterTime(null);
//把用户信息写入ehcache
EhcacheUtil.put(ApiContants.EHCZCHE_NAME,ApiContants.USER_SESSIONID_KEY+":"+token,JsonUtils.objectToJson(user));
//添加写cookie的逻辑,cookie的有效期是关闭浏览器就失效。
log.info(token);
user.setToken(token);
CookieUtils.setCookie(request, response, "VR_TOKEN", token);
return VrResult.build(200,"登录成功",JsonUtils.objectToJson(user));
}else{
log.info("用户名或密码不能为空!");
return VrResult.build(400, "用户名或密码不能为空!");
}
} catch (Exception e) {
e.printStackTrace();
return VrResult.build(500, ExceptionUtil.getStackTrace(e));
}
}

/***
* 第三方 登录
* @param req
* @param request
* @param response
* @return
*/
public VrResult loginApi(User req,HttpServletRequest request, HttpServletResponse response){
try {
Map map=new HashMap<>();
map.put("loginType",req.getLoginType());
map.put("unionid",req.getUnionid());
UserOpenid uo = uoService.findByOpenId(map);
if(null==uo){
//没有绑定
return VrResult.build(201, "该用户没有绑定"+req.getLoginType());
}else{//已绑定当前第三方
//
User u = service.findByOpenId(map);//根据唯一标识查用户信息
log.info(req.getLoginType()+"登录,用户信息为"+u.toString());
//生成token
String token =UUID.randomUUID().toString();
//保存用户之前,把用户对象中的密码清空。
u.setPassword(null);
u.setRegisterTime(null);
//把用户信息写入ehcache
EhcacheUtil.put(ApiContants.EHCZCHE_NAME,ApiContants.USER_SESSIONID_KEY+":"+token,JsonUtils.objectToJson(u));
//添加写cookie的逻辑,cookie的有效期是关闭浏览器就失效。
log.info(token);
CookieUtils.setCookie(request,response, "VR_TOKEN",token);
u.setToken(token);
if(StringHelper.isNotNull(u.getPhone())){//手机号不为空,已绑定直接返回登录成功
//返回cookie
return VrResult.build(200,"登录成功,已成功绑定手机与"+req.getLoginType(),JsonUtils.objectToJson(u));
}
//已绑定当前第三方,没有绑定手机
return VrResult.build(202,"登录成功,请绑定手机号",JsonUtils.objectToJson(u));
}
} catch (Exception e) {
e.printStackTrace();
return VrResult.build(500,ExceptionUtil.getStackTrace(e));
}
}

/***
* 第三方注册信息接口
* @param user
* @param request
* @param response
* @return*/
@RequestMapping(value="/register")
@ResponseBody
public Object register(@RequestBody User user,HttpServletRequest request, HttpServletResponse response){
 try {
 if(!MD5Utils.MD5(user.getData()+key).equals(user.getSign())){
 return VrResult.build(400,"签名异常!");
 }
 user.setClient(0);//网页
 Map map=new HashMap<>();
 map.put("phone",user.getPhone());//
 map.put("loginType",user.getLoginType());//2
 int rows=service.getPhone(map);//查询手机号是否与别的账号有关联
 if(rows>0){//如果存在,返回
 //返回cookie
 return VrResult.build(400,"手机号已被注册,请更换手机号!");
 }
 User pu=service.selectPhone(user.getPhone());//用手机账号查询用户信息
 if(null!=pu){//修改已存在信息
 //绑定手机号,返回成功登录
 pu.setPhone(user.getPhone());
 pu.setPassword(MD5Utils.MD5(user.getPassword()));
 pu.setRegisterTime(new Date());
 if(!StringHelper.isNotNull(pu.getAvatarUrl30())){
 pu.setAvatarUrl30(user.getAvatarUrl30());
 }
 if(!StringHelper.isNotNull(pu.getAvatarUrl50())){
 pu.setAvatarUrl50(user.getAvatarUrl50());
 }
 if(!StringHelper.isNotNull(pu.getAvatarUrl100())){
 pu.setAvatarUrl100(user.getAvatarUrl100());
 }
 if(pu.getSex()==0){
 pu.setSex(user.getSex());
 }
 pu.setLoginType(user.getLoginType());
 pu.setOpenid(user.getOpenid());
 pu.setClient(user.getClient());
 pu.setUnionid(user.getUnionid());
 int row=service.update(pu);
 if(row>0){
  pu.setRegisterTime(null);
  pu.setPassword(null);
//把用户信息写入ehcache
  EhcacheUtil.put(ApiContants.EHCZCHE_NAME,ApiContants.USER_SESSIONID_KEY+":"+token,JsonUtils.objectToJson(pu));
//添加写cookie的逻辑,cookie的有效期是关闭浏览器就失效。
log.info(token);
CookieUtils.setCookie(request, response, "VR_TOKEN",token);
pu.setToken(token);
 //返回cookie
return VrResult.build(200,"登录成功",JsonUtils.objectToJson(pu));
}
 }else//新增
 {
 user.setPassword(MD5Utils.MD5(user.getPassword()));
 int registerUser = service.registerApiUser(user);//新增用户
 if(registerUser>0){
 User u = service.getUser(user.getUserId());
 u.setPassword(null);
 u.setRegisterTime(null);
 //生成token
 String token =UUID.randomUUID().toString();
 //把用户信息写入ehcache
 EhcacheUtil.put(ApiContants.EHCZCHE_NAME,ApiContants.USER_SESSIONID_KEY+":"+token,JsonUtils.objectToJson(u));
 //添加写cookie的逻辑,cookie的有效期是关闭浏览器就失效。
 log.info(token);
 CookieUtils.setCookie(request, response, "VR_TOKEN", token);
 u.setToken(token);
 //返回cookie
 return VrResult.build(200,"写入成功已绑定"+user.getLoginType(),JsonUtils.objectToJson(u));
 }
 }
} catch (Exception e) {
e.printStackTrace();
return VrResult.build(500, ExceptionUtil.getStackTrace(e));
}
   return VrResult.build(400,"写入信息失败");
}



/***
* 手机密码注册与绑定
* @return
*/
@RequestMapping(value="/registerPhone")
@ResponseBody
public Object registerPhone(@RequestBody User user,HttpServletRequest request, HttpServletResponse response){
//生成token
String token =UUID.randomUUID().toString();
try {
 if(!MD5Utils.MD5(user.getData()+key).equals(user.getSign())){
 return VrResult.build(400,"签名异常!");
 }
 //检验短信验证码
 String code=(String)EhcacheUtil.get(ApiContants.EHCZCHE_NAME,ApiContants.SMS_CODE+":"+user.getPhone());//短信验证码
 String phone=(String)EhcacheUtil.get(ApiContants.EHCZCHE_NAME,ApiContants.SMS_PHONE+":"+user.getPhone());//手机号
 if(StringHelper.isNull(code)||StringHelper.isNull(phone)){
 return VrResult.build(400,"验证码不正确,请重新输入");
 }
 if(!code.equals(user.getCode())){
 return VrResult.build(400,"验证码不正确,请重新输入!");
 }
 if(!phone.equals(user.getPhone())){
 return VrResult.build(400,"验证码输入有误,请重新输入!");
 }
 if(user.getLoginType().equals("phone")){//手机号注册
 User ur=new User();
 ur.setPhone(user.getPhone());
 User r=service.selectPhone(user.getPhone());//查询手机号是否存在
 if(null!=r){//如果存在,返回
 //返回cookie
 return VrResult.build(400,"手机号已被注册,请更换手机号!");
 }
 user.setPassword(MD5Utils.MD5(user.getPassword()));//密码加密
 user.setRegisterTime(new Date());
 user.setSex(0);//新用户注册性别默认为0未知
 user.setAvatarUrl30(webSite+"/images/tx.jpg");
 user.setAvatarUrl50(webSite+"/images/tx.jpg");
 user.setAvatarUrl100(webSite+"/images/tx.jpg");
 int registerUser = service.registerUser(user);//新增
 if(registerUser>0){
 User u = service.getUser(user.getUserId());
 u.setRegisterTime(null);
 u.setPassword(null);
 //把用户信息写入ehcache
 EhcacheUtil.put(ApiContants.EHCZCHE_NAME,ApiContants.USER_SESSIONID_KEY+":"+token,JsonUtils.objectToJson(u));
 //添加写cookie的逻辑,cookie的有效期是关闭浏览器就失效。
 log.info(token);
 CookieUtils.setCookie(request, response, "VR_TOKEN", token);
 u.setToken(token);
 //返回cookie
 return VrResult.build(200,"登录成功",JsonUtils.objectToJson(u));
 }
 }
} catch (Exception e) {
e.printStackTrace();
return VrResult.build(500, ExceptionUtil.getStackTrace(e));
}
   return VrResult.build(400,"注册失败");
}
/**
* 发送短信验证码
* @param user
* @param request
* @return
*/
@RequestMapping("/sendMsg")
@ResponseBody
@MySign
public Object sendMsg(String phone,HttpServletRequest request){
        try {
String code =StringCodeHelper.getRandomString(4);//产生四位验证码
EhcacheUtil.putTime(ApiContants.EHCZCHE_NAME,ApiContants.SMS_CODE+":"+phone,code);//时间为5分钟
EhcacheUtil.putTime(ApiContants.EHCZCHE_NAME,ApiContants.SMS_PHONE+":"+phone,phone);
String para = code + ",5"; //过期时间为5分钟??
String result=SmsAct.InstantiationRestAPI(true).templateSMS(accountSid,token,appId,templateId,phone,para);
log.info("Response content is: " + result);
return VrResult.build(200,"发送成功",result);
} catch (Exception e) {
e.printStackTrace();
return VrResult.build(500, ExceptionUtil.getStackTrace(e));
}
}

/****
* 根据token获取用户信息
* @param req
* @param session
* @return
*/
@RequestMapping(value = "/token")
@ResponseBody
@MySign
public Object getUserByToken(String token, String callback) {
VrResult result=null;
try {
String json=(String)EhcacheUtil.get(ApiContants.EHCZCHE_NAME,ApiContants.USER_SESSIONID_KEY + ":"+ token);
// 判断是否为空
log.info(token + "json=" + json);
if (StringUtils.isBlank(json)) {
result=VrResult.build(400, "此用户已经过期,请重新登录");
}else{
result=VrResult.ok(json);
}
} catch (Exception e) {
e.printStackTrace();
result=VrResult.build(500,ExceptionUtil.getStackTrace(e));
}
//判断是否为jsonp调用
  if (StringUtils.isBlank(callback)) {
return result;
} else {
MappingJacksonValue mappingJacksonValue = new MappingJacksonValue(result);
mappingJacksonValue.setJsonpFunction(callback);
return mappingJacksonValue;
}
}


/***
* 找回密码[手机号,验证码]
* @return
*/
@RequestMapping(value="/findPwd")
@ResponseBody
@MySign
public Object findPwd(String phone,String code,String callback){
//检验短信验证码
String codes=(String)EhcacheUtil.get(ApiContants.EHCZCHE_NAME,ApiContants.SMS_CODE+":"+phone);//短信验证码
String phones=(String)EhcacheUtil.get(ApiContants.EHCZCHE_NAME,ApiContants.SMS_PHONE+":"+phone);//手机号
if(StringHelper.isNull(codes)||StringHelper.isNull(phones)){
 return VrResult.build(400,"验证码不正确,请重新输入");
 }
 if(!code.equals(codes)){
 return VrResult.build(400,"验证码不正确,请重新输入!");
 }
 if(!phone.equals(phones)){
 return VrResult.build(400,"验证码输入有误,请重新输入!");
 }
//查询手机号是否存在,存在则下一步,否则返回  
Map map=new HashMap<>();
map.put("phone",phone);
int row=service.getPhone(map);
if(row==0){
return VrResult.build(400,"手机号不存在,请更换手机号!");
}
return VrResult.build(200,"验证成功!");
}


/***
* 修改密码
* @return
*/
@RequestMapping(value="/updatePwd")
@ResponseBody
@MySign
public Object updatePwd(String phone,String paws,String callback){
//检验短信验证码
String codes=(String)EhcacheUtil.get(ApiContants.EHCZCHE_NAME,ApiContants.SMS_CODE+":"+phone);//短信验证码
String phones=(String)EhcacheUtil.get(ApiContants.EHCZCHE_NAME,ApiContants.SMS_PHONE+":"+phone);//手机号
if(StringHelper.isNull(codes)||StringHelper.isNull(phones)){
return VrResult.build(400,"用户异常,请稍后再试");
}
if(!phone.equals(phones)){
return VrResult.build(400,"用户异常,请稍后再试!");
}
User beam=new User();
beam.setPhone(phone);
beam.setPassword(paws);
int row = service.updatePassword(beam);
if(row>0){
return VrResult.build(200,"修改成功!");
}
return VrResult.build(400,"修改失败!");
}

/**
* 修改手机号
* @return
*/
@RequestMapping("/updatePhone")
@ResponseBody
@MySign
public Object updatePhone(String phone,String code,String userId,String callback){
try {
//检验短信验证码
String codes=(String)EhcacheUtil.get(ApiContants.EHCZCHE_NAME,ApiContants.SMS_CODE+":"+phone);//短信验证码
String phones=(String)EhcacheUtil.get(ApiContants.EHCZCHE_NAME,ApiContants.SMS_PHONE+":"+phone);//手机号
if(StringHelper.isNull(codes)||StringHelper.isNull(phones)){
return VrResult.build(400,"验证码有误,请重新输入!");
}
if(!phone.equals(phones)){
return VrResult.build(400,"验证码有误,请重新输入!");
}
if(!phone.equals(phones)){
return VrResult.build(400,"验证码有误,请重新输入!");
}
User user=new User();
user.setUserId(Integer.parseInt(userId));
user.setPhone(phone);
User r=service.selectPhone(phone);//查询手机号是否存在
if(null!=r){
return VrResult.build(400,"手机号已绑定其它账号,请更换手机号!");
}
int row=service.updateUser(user);
if(row>0){
return VrResult.build(200,"修改成功!");
}
} catch (NumberFormatException e) {
e.printStackTrace();
}
return VrResult.build(200,"修改失败!");

}

/***
* 退出处理
* @param request
* @param response
*/
@RequestMapping(value="/quit")
@ResponseBody
public Object quit(String callback){
//清除缓存
EhcacheUtil.remove(ApiContants.EHCZCHE_NAME,ApiContants.USER_SESSIONID_KEY + ":"+ token);
//exitUrl
long currentTimeMillis = System.currentTimeMillis();
Map param=new HashMap<>();
param.put("t",currentTimeMillis+"");
param.put("sign",MD5Utils.MD5(currentTimeMillis+key));
String returns=HttpClientUtil.doGet(vrstoreUrl,param);// writeJson("success", response);
System.out.println(returns);
return VrResult.build(200,"退出成功");
}
}

2//为保证sso接口的安全性,在拦截处设置简单的签名

package com.qj.sso.interceptor;


import java.io.PrintWriter;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.Calendar;
import java.util.Date;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
import com.google.gson.Gson;
import com.qj.sso.annotation.MySign;
import com.qj.utils.MD5Utils;
import com.qj.utils.VrResult;


/***
 * 拦截请求
 * @author hzw  2017年1月20日
 *
 */
public class SignInterceptor implements HandlerInterceptor{

@Value("${KEY}")
private String key;

private static final SimpleDateFormat format    = new SimpleDateFormat("yyyyMMddHHmmss");
    private static final Integer          MINUTE    = 3;
    private static final Boolean          BEFORE    = Boolean.TRUE;
    private static final Boolean          AFTER     = Boolean.FALSE;

@Override
public void afterCompletion(HttpServletRequest arg0, HttpServletResponse arg1, Object arg2, Exception arg3)
throws Exception {

}


@Override
public void postHandle(HttpServletRequest arg0, HttpServletResponse arg1, Object arg2, ModelAndView arg3)
throws Exception {
}


@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) {
HandlerMethod methodHandler=(HandlerMethod) handler;
MySign sign=methodHandler.getMethodAnnotation(MySign.class);
if(null!=sign&&sign.check()){
if(vailSign(request)){
return true;
}
PrintWriter out = null;
response.setCharacterEncoding("UTF-8");  
response.setContentType("application/json; charset=utf-8");  
Gson gson=new Gson();
try {
out = response.getWriter();
out.append(gson.toJson(VrResult.build(500,"invalid sign or timestamp out of range 3 minute")));  
return false;
} catch (Exception e) {
out.append(gson.toJson(VrResult.build(400,e.getMessage())));
} finally {
if (out != null) {  
out.close();  
}  
}
}
return true;
}


/***
* 验证签名
* @param request
* @return
* @throws ParseException 
*/
private boolean vailSign(HttpServletRequest request){
try {
String t=request.getParameter("t");
String sign=request.getParameter("sign");
//请求时间不能超过三分钟
if(timeStampCheck(format.parse(t))&&MD5Utils.MD5(t+key).equals(sign)){//签证签名成功
return true;
}
} catch (Exception e) {
return false;
}
return false;
}



/**
     * 请求必须在三分钟内完成,否则算无效请求
     */
    private Boolean timeStampCheck(Date time) {
        Calendar timestamp = Calendar.getInstance();
        timestamp.setTime(time);
        Calendar before = getTimeServeralMinuteBefore(MINUTE);
        Calendar after = getTimeServeralMinuteAfter(MINUTE);
        if (timestamp.before(before) || timestamp.after(after)) {//no
        //时间不能
        return false;
        }
        return true;
    }
    
    private Calendar getTimeServeralMinuteBefore(int minute) {
        return getTimeServeralMinute(minute, BEFORE);
    }
    private Calendar getTimeServeralMinuteAfter(int minute) {
        return getTimeServeralMinute(minute, AFTER);
    }


private Calendar getTimeServeralMinute(Integer minute, Boolean agoOrAfter) {
        Calendar cal = Calendar.getInstance();
        cal.setTime(new Date());
        cal.set(Calendar.MINUTE, cal.get(Calendar.MINUTE) + minute * (agoOrAfter ? -1 : 1));
        return cal;
    }
}



3.在项目中调用,原理也是实现拦截器,去判断Cookie

package com.qj.vrstore.interceptor;


import java.util.Date;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
import com.qj.vrstore.common.util.ConfigUtil;
import com.qj.vrstore.common.util.CookieUtils;
import com.qj.vrstore.common.util.DateUtils;
import com.qj.vrstore.common.util.HttpClientUtil;
import com.qj.vrstore.common.util.JsonUtils;
import com.qj.vrstore.common.util.MD5Utils;
import com.qj.vrstore.common.util.RequestUtil;
import com.qj.vrstore.entity.ApiUser;
import com.qj.vrstore.entity.User;
import com.qj.vrstore.entity.api.ApiSso;


public class LoginInterceptor implements HandlerInterceptor{


@Override
public void afterCompletion(HttpServletRequest arg0, HttpServletResponse arg1, Object arg2, Exception arg3)
throws Exception {

}


@Override
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object arg2, ModelAndView arg3)
throws Exception {
User u = (User)request.getSession().getAttribute(RequestUtil.CURRENT_USER);
if(u==null){
String cookieValue = CookieUtils.getCookieValue(request,"VR_TOKEN");
if(cookieValue!=null){
String date =DateUtils.format(new Date(),"yyyyMMddHHmmss");
Map param=new HashMap<>();
param.put("token",cookieValue);
param.put("t",date);
param.put("sign",MD5Utils.MD5(date+ConfigUtil.get("KEY")));
String result=HttpClientUtil.postMap(ConfigUtil.get("getUser"),param);
if(null==result){
return ;
}
ApiSso data=JsonUtils.jsonToPojo(result, ApiSso.class);
if(data.getStatus()==200){
ApiUser user = JsonUtils.jsonToPojo(data.getData().toString(),ApiUser.class);
if(null!=user){
User ur=new User();
ur.setUserId(user.getUserId());
ur.setUsername(user.getUsername());
ur.setEmail(user.getEmail());
ur.setPhone(user.getPhone());
ur.setRealname(user.getRealname());
ur.setSex(user.getSex());
ur.setGrade(user.getGrade());
ur.setAvatarURL30(user.getAvatarUrl30());
ur.setAvatarURL50(user.getAvatarUrl50());
ur.setAvatarURL100(user.getAvatarUrl100());
ur.setToken(user.getToken());
                RequestUtil.setCurrentUser(request,ur);
}
}
}
}
}


@Override
public boolean preHandle(HttpServletRequest arg0, HttpServletResponse arg1, Object arg2) throws Exception {
return true;
}


}


所有原理就是通过token来访问sso系统实现,token返回时加密处理

你可能感兴趣的:(java技术性文章)