コード例 #1
0
ファイル: RmSsoLogin.java プロジェクト: show123456/javasec
  /**
   * 处理待跳转的url
   *
   * @param request
   * @param response
   * @param filterChain
   * @throws IOException
   */
  public static boolean doRedirectUrl(
      ServletRequest request, ServletResponse response, FilterChain filterChain, String pUrl) {
    try {
      HttpServletRequest req = (HttpServletRequest) request;
      HttpServletResponse res = (HttpServletResponse) response;
      Element thisNode = null;
      for (Object nodeObj :
          RmLoadConfig.getRmClusterDoc()
              .selectNodes(
                  "/rm/org.quickbundle.project.login.RmSsoLogin/redirectGroup[@enable='true']/redirectUrls/url")) {
        Element node = (Element) nodeObj;
        if (node.getText().equals(pUrl)) {
          thisNode = node;
          break;
        }
      }
      if (thisNode == null) {
        throw new RmRuntimeException("配置文件读取错误");
      }
      String targetUrlPrefix = null;
      for (Object baseUrlObj : thisNode.selectNodes("../../redirectTargets/baseUrl")) {
        // TODO 可扩展为负载均衡算法
        Element eleUrlPrefix = (Element) baseUrlObj;
        targetUrlPrefix = eleUrlPrefix.getText();
        break;
      }

      if (targetUrlPrefix.length() == 0) {
        throw new RmRuntimeException("未配置跳转到的目标地址");
      }
      // 带着sso信息跳转到目标服务器
      if (RmClusterConfig.getLocalhostInfo() != null
          && targetUrlPrefix.startsWith(RmClusterConfig.getLocalhostInfo().getLocalhostUrlPath())) {
        // throw new RmRuntimeException("不能跳转到自身,可能导致循环跳转");
        // 如果判断为跳到本机,忽略跳转
        filterChain.doFilter(request, response);
        return true;
      }
      res.sendRedirect(rebuildUri(req, targetUrlPrefix));
      return true;
    } catch (Exception e) {
      log.error("doRedirectUrl():" + e.toString() + " cause:" + e.getCause());
      // save error
      request.setAttribute("org.apache.struts.action.EXCEPTION", e);
      return false;
    }
  }
コード例 #2
0
ファイル: RmSsoLogin.java プロジェクト: show123456/javasec
 public static RmSsoVo createInstance(String sessionId) {
   RmSsoVo instance = new RmSsoVo();
   instance.setNodeId(RmClusterConfig.getSingleton().getSelfId());
   instance.setExpired(String.valueOf(System.currentTimeMillis() + defaultExpired));
   instance.setSessionId(sessionId);
   instance.setHash(
       Md5Token.getInstance()
           .getLongToken(
               Md5Token.getInstance()
                       .getLongToken(instance.nodeId + instance.expired + instance.sessionId)
                   + privateKey));
   return instance;
 }
コード例 #3
0
ファイル: RmSsoLogin.java プロジェクト: show123456/javasec
  public static boolean doSsoLogin(
      ServletRequest request, ServletResponse response, FilterChain filterChain) {
    try {
      HttpSession session = ((HttpServletRequest) request).getSession(true);
      // 临时登录超时时间
      session.setMaxInactiveInterval(60 * 3);
      String ssoValue = request.getParameter(ssoKey);
      try {
        ssoValue = RmCryptoHelper.decryptDesBase64(ssoValue);
      } catch (Exception e) {
        e.printStackTrace();
      }
      String[] ssoValueArgs = ssoValue.split(splictKeyRegex);
      String nodeId = ssoValueArgs[0];
      String sessionId = ssoValueArgs[2];
      String callWsUrl =
          RmClusterConfig.getSingleton()
              .getSelfNode()
              .get(RmClusterConfig.NodeKey.webServiceUrl.name());
      String address = callWsUrl + "RmSsoLogin";
      JaxWsProxyFactoryBean jw = new JaxWsProxyFactoryBean();
      jw.setServiceClass(IRmSsoService.class);
      jw.setAddress(address);
      Object obj = jw.create();
      IRmSsoService ssoService = (IRmSsoService) obj;

      RmUserVo userVo = ssoService.copyLogin(sessionId, ssoValue);
      session.setAttribute(IGlobalConstants.RM_USER_VO, userVo);
      session.setAttribute(IGlobalConstants.RM_SSO_TEMP, IGlobalConstants.RM_YES);
      return true;
    } catch (Exception e) {
      log.error("doSsoLogin():" + e.toString() + " cause:" + e.getCause());
      // save error
      request.setAttribute("org.apache.struts.action.EXCEPTION", e);
      return false;
    }
  }