Single Sign On 一处登陆、处处可用
参考:https://gitee.com/xuxueli0323/xxl-sso.git
一、项目搭建结构:
- gulimall-test-sso-client 登录服务器 8080 ssoserver.com
- gulimall-test-sso-client 项目1 8081 client1.com
127.0.0.1 ssoserver.com 127.0.0.1 client1.com 127.0.0.1 client2.com
核心:
三个系统即使域名不一样,想办法给三个系统同步同一个用户的票据
1、 中央认责服务器:ssoserver.com
2、 其他系统‘想要登录去 ssoserver.com 登录,登录成功跳转回来
3、只要一个登录,其他都不用登录
4、全系统一个ss0-sessionid; 所有系统可能域名都不相同
二、项目流程图 三、项目代码 1.gulimall-test-sso-clientpom
org.springframework.boot spring-boot-starter-data-redis org.springframework.boot spring-boot-starter-thymeleaf org.springframework.boot spring-boot-starter-web org.projectlombok lombok true
controller
import org.springframework.http.ResponseEntity;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.client.RestTemplate;
import org.thymeleaf.util.StringUtils;
import javax.servlet.http.HttpSession;
import java.util.ArrayList;
@Controller
public class HelloController {
@ResponseBody
@GetMapping(value = "/hello")
public String hello(){
return "hello";
}
@GetMapping(value = "/employees")
public String employees(Model model, HttpSession session, @RequestParam(value = "token", required = false) String token) {
if(!StringUtils.isEmpty(token)){
RestTemplate restTemplate = new RestTemplate();
ResponseEntity forEntity = restTemplate.getForEntity("http://ssoserver.com:8080/userinfo?token=" + token, String.class);
String body = forEntity.getBody();
session.setAttribute("loginUser",body);
}
Object logUser = session.getAttribute("loginUser");
if(logUser == null){
return "redirect:" + "http://ssoserver.com:8080/login.html"+"?redirect_url=http://client1.com:8081/employees";
}else{
ArrayList emps = new ArrayList<>();
emps.add("张三");
emps.add("李四");
model.addAttribute("emps",emps);
return "employees";
}
}
}
application.properties
# 应用名称 spring.application.name=gulimall-test-sso-client # 应用服务 WEB 访问端口 server.port=8081 # THYMELEAF (ThymeleafAutoConfiguration) # 开启模板缓存(默认值: true ) spring.thymeleaf.cache=false spring.redis.host=192.168.56.10 spring.redis.port=6379
employees.html
员工列表
欢迎:[[${session.loginUser}]]
- 姓名:[[${emp}]]
pom
org.springframework.boot spring-boot-starter-web org.springframework.boot spring-boot-starter-thymeleaf org.projectlombok lombok true org.springframework.boot spring-boot-starter-data-redis
controller
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.redis.core.StringRedisTemplate;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.*;
import org.thymeleaf.util.StringUtils;
import javax.servlet.http.cookie;
import javax.servlet.http.HttpServletResponse;
import java.util.UUID;
@Controller
public class LoginController {
@Autowired
private StringRedisTemplate redisTemplate;
@ResponseBody
@GetMapping(value = "/userinfo")
public String userinfo(@RequestParam(value = "token")String token){
String s = redisTemplate.opsForValue().get(token);
return s;
}
@GetMapping("/login.html")
public String loginPage(@RequestParam("redirect_url") String url, Model model, @cookievalue(value = "sso_token", required = false) String sso_token) {
if(!StringUtils.isEmpty(sso_token)){
return "redirect:"+url+"?token="+sso_token;
}
model.addAttribute("url",url);
return "login";
}
@PostMapping(value = "/doLogin")
public String doLogin(@RequestParam("username") String username, @RequestParam("password") String password, @RequestParam("redirect_url") String url, HttpServletResponse response) {
// 登录成功跳转,跳回到登录页
if(!StringUtils.isEmpty(username) && !StringUtils.isEmpty(password)){
String uuid = UUID.randomUUID().toString().replace("_", "");
redisTemplate.opsForValue().set(uuid, username);
cookie sso_token = new cookie("sso_token", uuid);
response.addcookie(sso_token);
return "redirect:" + url + "?token=" + uuid;
}
return "login";
}
}
application.properties
# 应用名称 spring.application.name=gulimall-test-sso-server # 应用服务 WEB 访问端口 server.port=8080 spring.redis.host=192.168.56.10 spring.redis.port=6379
login.html
登录页
四、效果展示
- http://client1.com:8081/employees
