SSO单点登录一(Spring+SpringMVC+固定密码)实现的简单的同域SSOdemo
2018-01-30 12:38
405 查看
首先导入spring+springMVC的核心jar文件
编写web.xml文件
[html] view
plain copy
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" id="WebApp_ID" version="3.0">
<display-name>SSO-First-同域</display-name>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/classes/applicationContext.xml</param-value>
</context-param>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<servlet>
<servlet-name>springmvc</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/classes/springmvc-servlet.xml</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>springmvc</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
</web-app>
编写spring和springmvc的配置文件
[html] view
plain copy
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:aop="http://www.springframework.org/schema/aop"
xmlns:context="http://www.springframework.org/schema/context" xmlns:tx="http://www.springframework.org/schema/tx"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx.xsd http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc.xsd">
<mvc:annotation-driven />
<context:component-scan base-package="com.lcl" />
<bean
class="org.springframework.web.servlet.view.InternalResourceViewResolver">
<property name="viewClass"
value="org.springframework.web.servlet.view.JstlView" />
<property name="suffix" value=".jsp"></property>
</bean>
<mvc:interceptors>
<mvc:interceptor>
<!-- 匹配的是url路径, 如果不配置或/**,将拦截所有的Controller -->
<mvc:mapping path="/index/**"/>
<bean class="com.lcl.interceptor.MyInteceptor"></bean>
</mvc:interceptor>
</mvc:interceptors>
</beans>
配置拦截器
[java] view
plain copy
package com.lcl.interceptor;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
import com.lcl.utils.CheckLogin;
public class MyInteceptor extends HandlerInterceptorAdapter{
@Override
public synchronized boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
throws Exception {
Cookie[] cookies = request.getCookies();
//System.out.println("进入Interceptor");
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
<span style="color:#ff0000;"> String currPath = basePath.substring(0, basePath.length()-1) + request.getServletPath();</span>
//System.out.println(currPath);
if(null != cookies){
for(Cookie cookie : cookies){
if("Login".equals(cookie.getName())){
String value = cookie.getValue();
String[] split = value.split("_");
if(CheckLogin.login(split[0],split[1]))
return true;
}
}
}
String username = request.getParameter("username");
String password = request.getParameter("password");
if(null != username && null != password){
if(CheckLogin.login(username, password)){
Cookie ck = new Cookie("Login",username+"_"+password);
<span style="color:#ff0000;">ck.setPath("/");//设置到共有的根路径下</span>
ck.setMaxAge(60);
response.addCookie(ck);
return true;
}
}
<span style="color:#ff0000;">request.getRequestDispatcher("/login.jsp?gotoUrl="+currPath).forward(request, response);</span>
return false;
}
}
主要通过cookie来实现的单点登录 同域下只要将cookie放入根目录下即可 这是最容易实现的方式 以后将补充剩余两种 分别是同父域SSO和完全不完全域SSO
编写登录方法 这里简单登录未通过数据库
[java] view
plain copy
package com.lcl.utils;
public class CheckLogin {
private static final String USERNAME="admin";
private static final String PASSWORD="admin";
public static boolean login(String username, String password) {
if(USERNAME.equals(username)
&& PASSWORD.equals(password))
return true;
return false;
}
}
使用Controller完成路径的跳转 这里只有两个测试用的
[java] view
plain copy
package com.lcl.controller;
import org.springframework.stereotype.Component;
import org.springframework.web.bind.annotation.RequestMapping;
@Component("mycontroller")
@RequestMapping("/index")
public class MyController {
@RequestMapping("index1")
public String index(){
//System.out.println("进入MyController");
return "/index";
}
@RequestMapping("index2")
public String index2(){
return "/index2";
}
}
同域下的SSO登录的核心思想就是在请求资源主页面的时候通过拦截器拦截请求并验证Cookie的合法性 若cookie为空或者不合法则跳转登录界面
若cookie合法则通过拦截器完成请求 同域下SSO相对简单 重点就是将cookie放在跟目录下保证多个资源页面能够共享这个cookie完成登录
[html] view
plain copy
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<%
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<base href="<%=basePath%>">
<title>SSO单点登录页面一</title>
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="0">
<meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
<meta http-equiv="description" content="This is my page">
<!--
<link rel="stylesheet" type="text/css" href="styles.css">
-->
</head>
<body>
SSO单点登录页面一<br/>
</body>
</html>
[html] view
plain copy
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<%
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<base href="<%=basePath%>">
<title>SSO单点登录页面二</title>
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="0">
<meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
<meta http-equiv="description" content="This is my page">
<!--
<link rel="stylesheet" type="text/css" href="styles.css">
-->
</head>
<body>
SSO单点登录页面二<br>
</body>
</html>
[html] view
plain copy
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<%
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<base href="<%=basePath%>">
<title>登录</title>
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="0">
<meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
<meta http-equiv="description" content="This is my page">
<!--
<link rel="stylesheet" type="text/css" href="styles.css">
-->
</head>
<body>
<form action="${gotoUrl}" method="get">
<span>用户名:</span><input type="text" name="username"/>
<span>密码:</span><input type="password" name="password"/>
<input type="submit" value="登录">
<input type="hidden" value="${gotoUrl}">
</form>
</body>
</html>
编写web.xml文件
[html] view
plain copy
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" id="WebApp_ID" version="3.0">
<display-name>SSO-First-同域</display-name>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/classes/applicationContext.xml</param-value>
</context-param>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<servlet>
<servlet-name>springmvc</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/classes/springmvc-servlet.xml</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>springmvc</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
</web-app>
编写spring和springmvc的配置文件
[html] view
plain copy
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:aop="http://www.springframework.org/schema/aop"
xmlns:context="http://www.springframework.org/schema/context" xmlns:tx="http://www.springframework.org/schema/tx"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx.xsd http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc.xsd">
<mvc:annotation-driven />
<context:component-scan base-package="com.lcl" />
<bean
class="org.springframework.web.servlet.view.InternalResourceViewResolver">
<property name="viewClass"
value="org.springframework.web.servlet.view.JstlView" />
<property name="suffix" value=".jsp"></property>
</bean>
<mvc:interceptors>
<mvc:interceptor>
<!-- 匹配的是url路径, 如果不配置或/**,将拦截所有的Controller -->
<mvc:mapping path="/index/**"/>
<bean class="com.lcl.interceptor.MyInteceptor"></bean>
</mvc:interceptor>
</mvc:interceptors>
</beans>
配置拦截器
[java] view
plain copy
package com.lcl.interceptor;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
import com.lcl.utils.CheckLogin;
public class MyInteceptor extends HandlerInterceptorAdapter{
@Override
public synchronized boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
throws Exception {
Cookie[] cookies = request.getCookies();
//System.out.println("进入Interceptor");
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
<span style="color:#ff0000;"> String currPath = basePath.substring(0, basePath.length()-1) + request.getServletPath();</span>
//System.out.println(currPath);
if(null != cookies){
for(Cookie cookie : cookies){
if("Login".equals(cookie.getName())){
String value = cookie.getValue();
String[] split = value.split("_");
if(CheckLogin.login(split[0],split[1]))
return true;
}
}
}
String username = request.getParameter("username");
String password = request.getParameter("password");
if(null != username && null != password){
if(CheckLogin.login(username, password)){
Cookie ck = new Cookie("Login",username+"_"+password);
<span style="color:#ff0000;">ck.setPath("/");//设置到共有的根路径下</span>
ck.setMaxAge(60);
response.addCookie(ck);
return true;
}
}
<span style="color:#ff0000;">request.getRequestDispatcher("/login.jsp?gotoUrl="+currPath).forward(request, response);</span>
return false;
}
}
主要通过cookie来实现的单点登录 同域下只要将cookie放入根目录下即可 这是最容易实现的方式 以后将补充剩余两种 分别是同父域SSO和完全不完全域SSO
编写登录方法 这里简单登录未通过数据库
[java] view
plain copy
package com.lcl.utils;
public class CheckLogin {
private static final String USERNAME="admin";
private static final String PASSWORD="admin";
public static boolean login(String username, String password) {
if(USERNAME.equals(username)
&& PASSWORD.equals(password))
return true;
return false;
}
}
使用Controller完成路径的跳转 这里只有两个测试用的
[java] view
plain copy
package com.lcl.controller;
import org.springframework.stereotype.Component;
import org.springframework.web.bind.annotation.RequestMapping;
@Component("mycontroller")
@RequestMapping("/index")
public class MyController {
@RequestMapping("index1")
public String index(){
//System.out.println("进入MyController");
return "/index";
}
@RequestMapping("index2")
public String index2(){
return "/index2";
}
}
同域下的SSO登录的核心思想就是在请求资源主页面的时候通过拦截器拦截请求并验证Cookie的合法性 若cookie为空或者不合法则跳转登录界面
若cookie合法则通过拦截器完成请求 同域下SSO相对简单 重点就是将cookie放在跟目录下保证多个资源页面能够共享这个cookie完成登录
[html] view
plain copy
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<%
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<base href="<%=basePath%>">
<title>SSO单点登录页面一</title>
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="0">
<meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
<meta http-equiv="description" content="This is my page">
<!--
<link rel="stylesheet" type="text/css" href="styles.css">
-->
</head>
<body>
SSO单点登录页面一<br/>
</body>
</html>
[html] view
plain copy
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<%
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<base href="<%=basePath%>">
<title>SSO单点登录页面二</title>
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="0">
<meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
<meta http-equiv="description" content="This is my page">
<!--
<link rel="stylesheet" type="text/css" href="styles.css">
-->
</head>
<body>
SSO单点登录页面二<br>
</body>
</html>
[html] view
plain copy
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%>
<%
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
%>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<base href="<%=basePath%>">
<title>登录</title>
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="0">
<meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
<meta http-equiv="description" content="This is my page">
<!--
<link rel="stylesheet" type="text/css" href="styles.css">
-->
</head>
<body>
<form action="${gotoUrl}" method="get">
<span>用户名:</span><input type="text" name="username"/>
<span>密码:</span><input type="password" name="password"/>
<input type="submit" value="登录">
<input type="hidden" value="${gotoUrl}">
</form>
</body>
</html>
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- SSO单点登录一(Spring+SpringMVC+固定密码)实现的简单的同域SSOdemo
- SSO单点登录一(Spring+SpringMVC+固定密码)实现的简单的同域SSOdemo
- Spring+SpringMVC+Hiberate+MySql+Bootstrap实现一个简单验证登录实例
- SpringMvc+Mybatis实现一个简单人事管理系统(一)
- 手写Spring基本体系IOC+AOP+MVC+事物管理等简单实现。
- springmvc + myBatis + boostrap技术下简单实现的前后端分页功能
- ASP.NET MVC 中使用Spring.NET实现简单的属性注入
- 用Maven整合SpringMVC+Spring+Hibernate 框架,实现简单的插入数据库数据功能(二)
- 一个简单的基于注解的 Controller (spring 2.5 annotation 方式实现mvc )
- spring mvc + mybatis 的ehcache 的简单实现
- Maven + Spring MVC+Mybatis + MySQL +AngularJS + Bootstrap 实现简单微博应用(二)访问数据库
- Maven + Spring MVC+Mybatis + MySQL +AngularJS + Bootstrap 实现简单微博应用(三)前后台交互
- maven+spring+springmvc+mybatis+ajax 框架下实现简单的聊天室
- springmvc+mybatis+sql server实现简单登录功能【转】
- maven+springMVC+hibernate工程搭建(四简单base层实现及demo)
- SpringMVC+Mybatis整合实现简单权限控制系统代码
- springmvc+mybatis+sql server实现简单登录功能【转】
- 使用springMvc+easyui+mysql实现简单的增删改查
- springmvc+mybatis+sql server实现简单登录功能【转】
- mybatis+oracle+springMVC实现简单分页