单点登录,java实现
展开全部
单点登陆的话,你可以使用token来实现,比如一个用户一次只生成一个token,这样别人在访问的时候,就会重新生成一个,之前的就会被踢出线
本回答被网友采纳
已赞过
已踩过<
评论
收起
你对这个回答的评价是?
展开全部
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class LoginFilter implements Filter {
private String loginInfoPath;
public void destroy() {
loginInfoPath = null;
}
public void doFilter(ServletRequest sreq, ServletResponse sresp,
FilterChain chain) throws IOException, ServletException {
HttpServletRequest req = (HttpServletRequest) sreq;
HttpServletResponse resp = (HttpServletResponse) sresp;
Class loginInfoClass = null;
LoginInfoBase loginInfo = null;
try {
loginInfoClass = Class.forName(loginInfoPath);
loginInfo = (LoginInfoBase) loginInfoClass.newInstance();
} catch (ClassNotFoundException e) {
e.printStackTrace();
} catch (InstantiationException e) {
e.printStackTrace();
} catch (IllegalAccessException e) {
e.printStackTrace();
}
loginInfo.setReq(req);
loginInfo.setResp(resp);
//session值为空
if(loginInfo.isSessionEmpty()){
if(loginInfo.init()){
boolean loginResult = loginInfo.doLogin();
if(loginResult){
loginInfo.saveCookie();
}
}
}else{
if(loginInfo.init()){
//另外一套系统已经退出
if("out".equals(loginInfo.getLoginState())){
loginInfo.doLogout();
CookieUtil.delCookie(resp, LoginInfoBase.COOKIE_NAME);
}
}
}
chain.doFilter(sreq, sresp);
}
public void init(FilterConfig config) throws ServletException {
this.loginInfoPath = config.getInitParameter("loginInfoPath");
}
public String getLoginInfoPath() {
return loginInfoPath;
}
public void setLoginInfoPath(String loginInfoPath) {
this.loginInfoPath = loginInfoPath;
}
}
loginInfoPath 在web.xml中配置指明LoginInfoBase的子类的完整路径用来反射
LoginInfoBase代码:
package com.yt.util;
import java.text.SimpleDateFormat;
import java.util.Date;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public abstract class LoginInfoBase {
public static final String SEPARATION = "-->";
public static final String DATE_FORMAT = "yyyy-MM-dd HH:mm:ss";
public static final long COOKIE_TIME = 1800000;
public static final String COOKIE_NAME = "loginInfo";
public static final String COOKIE_PATH = "/";
protected HttpServletRequest req;
protected HttpServletResponse resp;
protected Date sessionTime;
protected String userName;
protected String userPass;
protected String loginState;
public LoginInfoBase() {
super();
}
public LoginInfoBase(HttpServletRequest req, HttpServletResponse resp) {
super();
this.req = req;
this.resp = resp;
}
public LoginInfoBase(String userName, String pwd, Date sessionTime) {
this.userName = userName;
this.userPass = pwd;
this.sessionTime = sessionTime;
}
abstract void doLogout();
abstract boolean isSessionEmpty();
abstract boolean doLogin();
public HttpServletRequest getReq() {
return req;
}
public void setReq(HttpServletRequest req) {
this.req = req;
}
public HttpServletResponse getResp() {
return resp;
}
public void setResp(HttpServletResponse resp) {
this.resp = resp;
}
//初始化登录对象
protected boolean init(){
String loginInfoStr = CookieUtil.getValue(req, LoginInfoBase.COOKIE_NAME);
if(loginInfoStr == null || "".equals(loginInfoStr)){
return false;
}
String[] infoArray = loginInfoStr.split(SEPARATION);
if(infoArray.length>3){
this.userName = DigestUtil.getFromBASE64(infoArray[0]);
this.userPass = DigestUtil.getFromBASE64(infoArray[1]);
this.sessionTime = buildDate(infoArray[2]);
this.loginState = infoArray[3];
}
if(new Date().getTime() - getSessionTime().getTime() > LoginInfo.COOKIE_TIME){
CookieUtil.delCookie(resp, LoginInfo.COOKIE_NAME);
return false;
}
return true;
}
protected void saveCookie(){
setSessionTime(new Date());
setLoginState("in");
CookieUtil.addCookie(resp, LoginInfo.COOKIE_NAME, toString(), "/");
}
public void clearCookie(){
setUserName("XX");
setUserPass("XX");
setSessionTime(new Date());
setLoginState("out");
CookieUtil.addCookie(resp, LoginInfo.COOKIE_NAME, toString(), "/");
}
@Override
public String toString() {
return DigestUtil.getBASE64(userName)+SEPARATION+DigestUtil.getBASE64(userPass)+SEPARATION+formateSessionTime()+SEPARATION+loginState;
}
private String formateSessionTime(){
SimpleDateFormat df = new SimpleDateFormat(DATE_FORMAT);
String timeStr =df.format(sessionTime);
return timeStr;
}
private Date buildDate(String sessionTime) {
SimpleDateFormat df = new SimpleDateFormat(DATE_FORMAT);
Date date = null;
try {
date = df.parse(sessionTime);
}catch (Exception ex){
System.out.println(ex.getMessage());
}
return date;
}
public Date getSessionTime() {
return sessionTime;
}
public void setSessionTime(Date sessionTime) {
this.sessionTime = sessionTime;
}
public String getUserName() {
return userName;
}
public void setUserName(String userName) {
this.userName = userName;
}
public String getUserPass() {
return userPass;
}
public void setUserPass(String userPass) {
this.userPass = userPass;
}
public String getLoginState() {
return loginState;
}
public void setLoginState(String loginState) {
this.loginState = loginState;
}}
已赞过
已踩过<
评论
收起
你对这个回答的评价是?
展开全部
public boolean login() throws LoginException{
try {
if (Cookielogin()) return true;
} catch (IOException ex) {
ex.printStackTrace();
}
if (passwordlogin()) return true;
throw new FailedLoginException();
}
try {
if (Cookielogin()) return true;
} catch (IOException ex) {
ex.printStackTrace();
}
if (passwordlogin()) return true;
throw new FailedLoginException();
}
已赞过
已踩过<
评论
收起
你对这个回答的评价是?
展开全部
看你怎么做了,有开源框架可以帮助你,!
一般用spring 的security比较不错
一般用spring 的security比较不错
本回答被提问者采纳
已赞过
已踩过<
评论
收起
你对这个回答的评价是?
推荐律师服务:
若未解决您的问题,请您详细描述您的问题,通过百度律临进行免费专业咨询