1.单点登录代码
package cn.sunline.filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;import javax.servlet.FilterConfig;import javax.servlet.ServletException;import javax.servlet.ServletRequest;import javax.servlet.ServletResponse;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import javax.servlet.http.HttpServletResponseWrapper;import javax.servlet.http.HttpSession;import cn.sunline.Constants;
import cn.sunline.permission.repository.IUser;import cn.sunline.systemconfig.repository.SystemConfigDAOFactory;/**
* 用户session控制。 * @author sunline */public class UserSessionFilter implements Filter {public FilterConfig config;
public void destroy() {
this.config = null; }@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest httpRequest = (HttpServletRequest) request; HttpServletResponseWrapper wrapper = new HttpServletResponseWrapper( (HttpServletResponse) response);// ClientService service= CommonService.getInstance().getClientService("SystemConfigService");
// Object[] param = new Object[]{"IS_UAP"};// Object obj = service.execute("getValue", new JSONArray(param));// String isUap = "";// if(null != obj){ // isUap = (String)obj;// } // String excludePath = Constants.excludePath; //登录登陆页面,通过统一认证与直接登录。// if("TRUE".equals(isUap)){ // excludePath="spservice.jsp";// }else{ // excludePath="login.jsp";// } String includePath = config.getInitParameter("includePath"); //过滤资源后缀参数 //String includePath =Constants.includePath; String redirectPath = httpRequest.getContextPath()+ config.getInitParameter("redirectPath");// String redirectPath = httpRequest.getContextPath() + Constants.redirectPath; //没有登陆转向页面/*if("TRUE".equals(Constants.isUap)){
includePath=includePath+";/dcp"; }*/ String[] excludeList = excludePath.split(";"); String[] includeList = includePath.split(";"); request.setCharacterEncoding("UTF-8"); String userName = request.getParameter("userName"); String sso = request.getParameter("sso"); if("true".equals(sso)){ IUser user1 = SystemConfigDAOFactory.getSmUserDAO().getUserByName(userName); if(user1 != null){ HttpSession session = httpRequest.getSession(); session.setAttribute("authUser", user1); String indexJsp = httpRequest.getContextPath()+"/home/index.jsp";//首页url wrapper.sendRedirect(indexJsp); return; } } if (!this.isContains(httpRequest.getRequestURI(), includeList)) { //只对指定过滤参数后缀进行过滤 chain.doFilter(request, response); return; }if (this.isContains(httpRequest.getRequestURI(), excludeList)) { //对登录页面不进行过滤
chain.doFilter(request, response); return; } Object user = httpRequest.getSession().getAttribute("authUser");//判断用户是否登录 if (user == null) { wrapper.sendRedirect(redirectPath); return; } else { chain.doFilter(request, response); return; } }@Override
public void init(FilterConfig config) throws ServletException { this.config = config; }/**
* 是否包含指定的字符串 * @param urlPath * @param regx * @return */ public boolean isContains(String urlPath, String[] regx) { boolean result = false;for (int i = 0; i < regx.length; i++) {
if (urlPath.indexOf(regx[i]) != -1) { return true; } } return result; }}
2.配置相应的web.xml
<filter>
<filter-name>UserSessionFilter</filter-name> <filter-class>cn.sunline.filter.UserSessionFilter</filter-class> <init-param> <param-name>excludePath</param-name> <param-value>spservice.jsp;login.jsp</param-value> </init-param> <init-param> <param-name>includePath</param-name> <param-value>/pages</param-value> </init-param> <init-param> <param-name>redirectPath</param-name> <param-value>/timeout.jsp</param-value> </init-param> </filter>
页面通过路径可以直接访问到:window.open("http://10.10.66.225:8080/dcp/UserSessionFilter?userName="+prjCd+"&sso="+true);
4.Servlet路径直接访问servlet
路径:http://10.10.66.225:8080/dcp/console/CasRMIServlet?userName="+userName
访问一个CasRMIServlet 类
public class CasRMIServlet extends HttpServlet
web.xml配置信息
<servlet>
<servlet-name>CasRMIServlet</servlet-name> <servlet-class>cn.sunline.framework.rmi.CasRMIServlet</servlet-class> </servlet> <servlet-mapping> <servlet-name>CasRMIServlet</servlet-name> <url-pattern>/console/CasRMIServlet</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>CasRMIServlet</servlet-name> <url-pattern>*.stub</url-pattern> </servlet-mapping>