web工程过滤器和springMVC拦截器的一些总结
2017-08-22 18:00
190 查看
今天自己写SSO(单点登录)发现一些问题的总结
1。因为原先有拦截器inteceptor,所以想着就直接用拦截器搞好了,后来发现不行,
原因是:工程默认是/访问,是在web中配置默认的,并没有调用任何方法(而拦截器是拦截方法的),所以无论我修改spring配置文件,修改拦截条件都始终拦截不上
所以个人感觉,登录这种操作应该是在filter来搞,因为过滤器(过滤一切请求,即便是还没有登录)
2.所以改用filter过滤器
记得配置web.xml中添加这个过滤器
============================下面是授权服务工程代码==============================================
SSOServerFilter代码
授权中心login
最後記得web.xml配置
1。因为原先有拦截器inteceptor,所以想着就直接用拦截器搞好了,后来发现不行,
原因是:工程默认是/访问,是在web中配置默认的,并没有调用任何方法(而拦截器是拦截方法的),所以无论我修改spring配置文件,修改拦截条件都始终拦截不上
所以个人感觉,登录这种操作应该是在filter来搞,因为过滤器(过滤一切请求,即便是还没有登录)
2.所以改用filter过滤器
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { HttpServletRequest request = (HttpServletRequest) servletRequest; HttpServletResponse response = (HttpServletResponse) servletResponse; String urlString = request.getRequestURI(); System.out.println("client请求链接:"+urlString); if(urlString.contains("css")||urlString.contains("js")){ filterChain.doFilter(servletRequest, servletResponse); return; } HttpSession session = request.getSession(); String username = (String) session.getAttribute("username"); String ticket = request.getParameter("ticket"); String url = URLEncoder.encode(request.getRequestURL().toString(), "UTF-8"); if (null == username) { if (null != ticket && !"".equals(ticket)) { JSONObject jsonObject = httpRequest("http://localhost:8080/yxy_author/ticketService?ticket="+ticket, "GET"); if(jsonObject!=null){ username = (String) jsonObject.getJSONObject("data").get("username"); } if (null != username && !"".equals(username)) { session.setAttribute("username", username); filterChain.doFilter(request, response); } else { response.sendRedirect("http://localhost:8080/yxy_author/login?service=" + url); } } else { response.sendRedirect("http://localhost:8080/yxy_author/login?service=" + url); } } else { filterChain.doFilter(request, response); } }核心代码就这么几句
记得配置web.xml中添加这个过滤器
<filter> <filter-name>ssoClientFilter</filter-name> <filter-class>com.cyt.babyhealth.tj.filter.SSOClientFilter</filter-class> </filter> <filter-mapping> <filter-name>ssoClientFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping>
============================下面是授权服务工程代码==============================================
SSOServerFilter代码
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { // TODO Auto-generated method stub HttpServletRequest request = (HttpServletRequest) servletRequest; HttpServletResponse response = (HttpServletResponse) servletResponse; String test = ((HttpServletRequest) servletRequest).getServletPath(); String urlString = request.getRequestURI(); System.out.println("service请求链接:"+urlString); if("/yxy_author/login".equals(urlString)||"/yxy_author/ticketService".equals(urlString)||urlString.contains("css")||urlString.contains("js")){ filterChain.doFilter(servletRequest, servletResponse); return; } String service = request.getParameter("service"); String ticket = request.getParameter("ticket"); Cookie[] cookies = request.getCookies(); String username = ""; if (null != cookies) { for (Cookie cookie : cookies) { if ("sso".equals(cookie.getName())) { username = cookie.getValue(); break; } } } if (null == service && null != ticket) { filterChain.doFilter(servletRequest, servletResponse); } if (null != username && !"".equals(username)) { System.out.println("service用户名:"+username); long time = System.currentTimeMillis(); String timeString = username + time; MemCached memCached = (MemCached) SpringUtil.getBean("memcachedClient"); memCached.set(timeString, 1000,username); StringBuilder url = new StringBuilder(); if(service!=null){ url.append(service); if (0 <= service.indexOf("?")) { url.append("&"); } else { url.append("?"); } url.append("ticket=").append(timeString); } response.sendRedirect(url.toString()); } else { filterChain.doFilter(servletRequest, servletResponse); } }
授权中心login
@RequestMapping(value = "/ticketService") @ResponseBody public ApiResult ticketService(HttpServletRequest request, HttpServletResponse response){ ApiResult apiResult = new ApiResult(); String ticket = request.getParameter("ticket"); String username = memcachedClient.get(ticket); memcachedClient.delete(ticket); // Object customVO = memcachedClient.get(ticket+".user"); // memcachedClient.delete(ticket+".user"); Map<String, Object> data = new HashMap<String, Object>(); data.put("username",username); // data.put("customVO", customVO); apiResult.setData(data); return apiResult; } /** * @param loginname * @param pwd * @return 登录 * @throws IOException */ @RequestMapping(value = "/login") public String login(@RequestParam(required = false) String loginname, @RequestParam(required = false) String pwd, String service,HttpServletResponse response) throws IOException { if(loginname!=null&&loginname.trim().length()>0&&pwd!=null&&pwd.trim().length()>0){ ImCustom admin = imCustomService.findLoginName(loginname); if (admin != null) { if(admin.getStatus() == 1){ if (admin.getPwd().equals(MD5.sign(pwd + PropertiesUtil.config.get("md5.key")))) { if (admin.getStatus() == 1) { String sysIds = admin.getSysIds(); List<AdminAuthorSys> adminAuthorSys = new ArrayList<AdminAuthorSys>(); String[] sysIdsArrStrings = sysIds.split(","); for (int i = 0; i < sysIdsArrStrings.length; i++) { String sysIdString = sysIdsArrStrings[i]; AdminAuthorSys adminAuthorSyss = adminAuthorSysService.find(Integer.parseInt(sysIdString)); adminAuthorSys.add(adminAuthorSyss); } ImCustomVO customVO = new ImCustomVO(); BeanUtils.copyProperties(admin, customVO); customVO.setAdminSyses(adminAuthorSys); ServletContext ContextA =getSession().getServletContext(); ContextA.setAttribute("session",getSession() ); getSession().setAttribute("admin", customVO);//这样保存只能在当前应用内看 System.out.println("44444444444444444444444444444444"); //设置cookie Cookie cookie = new Cookie("sso", admin.getUname()); cookie.setPath("/"); response.addCookie(cookie); //admin1503379134793 admin //admin1503379134793.user com.cyt.babyhealth.tj.entity.ImCustomVO@399f315c long time = System.currentTimeMillis(); String timeString = admin.getUname() + time; memcachedClient.set(timeString, 10000, admin.getUname()); // JSONObject.toJSON(customVO); //要想在应用外用,则需要session共享,放在memcached中 // memcachedClient.set(timeString+".user", 10000, JSONObject.toJSON(customVO)); if (null != service) { StringBuilder url = new StringBuilder(); url.append(service); if (0 <= service.indexOf("?")) { url.append("&"); } else { url.append("?"); } url.append("ticket=").append(timeString); response.sendRedirect(url.toString()); return null; }else { response.sendRedirect("/yxy_author/index.jsp"); return null; } } else { getRequest().setAttribute("error", "该用户禁止登录"); } } else { getRequest().setAttribute("error", "密码错误"); } }else{ getRequest().setAttribute("error", "用户已被禁止"); } } else { getRequest().setAttribute("error", "该用户不存在"); } } return "/login"; } /** * @return 退出登录 */ @RequestMapping(value = "/logout") public String logout() { getSession().invalidate(); return "/login"; }
最後記得web.xml配置
<filter> <filter-name>ssoServerFilter</filter-name> <filter-class>com.cyt.babyhealth.tj.filter.SSOServerFilter</filter-class> </filter> <filter-mapping> <filter-name>ssoServerFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping>
相关文章推荐
- springMVC拦截器和过滤器总结
- springMVC拦截器和过滤器总结
- shiro过滤器,web.xml中默认访问页面,springMVC拦截器执行顺序
- springMVC拦截器和过滤器总结
- 浅谈springMVC拦截器和过滤器总结
- shiro过滤器,web.xml中默认访问页面,springMVC拦截器执行顺序
- Mac下android工程编译,批量打包的一些总结
- Android Webview的一些使用总结和遇到过得坑
- 关于java和web工程项目中各种路径的获取总结
- 为springmvc设置servelet、拦截器(interceptor)、监听器(listener)、过滤器(filter),类型转换器
- 关于com工程依赖的一些总结
- [Java面试六]SpringMVC总结以及在面试中的一些问题.
- Web——过滤器与拦截器
- 过滤器(servlet.filter)和拦截器(springmvc.interceptor)区别
- SpringMVC之Web-拦截器(八)
- springMVC web工程之 HelloWorld
- Spring MVC学习总结(5)——SpringMVC项目关于安全的一些配置与实现方式
- 关于使用webview的一些坑和经验总结
- java 过滤器(Filter)与springMVC 拦截器(interceptor)的实现案例
- Spring拦截器与过滤器等总结