一、什么是单点登录SSO(Single Sign-On)
SSO是一种统一认证和授权机制,指访问同一服务器不同应用中的受保护资源的同一用户,只需要登录一次,即通过一个应用中的安全验证后,再访问其他应用中的受保护资源时,不再需要重新登录验证。
二、单点登录解决了什么问题
解决了用户只需要登录一次就可以访问所有相互信任的应用系统,而不用重复登录。
三、单点登录的技术实现机制
如下图所示:
登录成功 生成ticket身份令牌 并添加到Cookie 访问其他业务则验证ticket 存在则不需要再次登录 并获取Cookie 这里可以考虑拦截器进行验证
下面一个简单的实例 利用struts2实现一次登录 就可以访问所有
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%><%String path = request.getContextPath();String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";%><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"><html><head><base href="<%=basePath%>"><title>My JSP 'login.jsp' starting page</title><meta http-equiv="pragma" content="no-cache"><meta http-equiv="cache-control" content="no-cache"><meta http-equiv="expires" content="0"> <meta http-equiv="keywords" content="keyword1,keyword2,keyword3"><meta http-equiv="description" content="This is my page"><!--<link rel="stylesheet" type="text/css" href="styles.css">--><!-- 登录页面 --></head><body><center><h1>请登录</h1><form action="${pageContext.request.contextPath}/sso/doLogin.action" name="doLogin" method="post">用户名:<input type="text" name="username"/>密码:<input type="password" name="password"/><input type="hidden" name="gotoUrl" value="${gotoUrl}"/><input type="submit" /></form></center></body></html>
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%><%String path = request.getContextPath();String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";%><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"><html><head><base href="<%=basePath%>"><title>欢迎访问DEMO1</title><meta http-equiv="pragma" content="no-cache"><meta http-equiv="cache-control" content="no-cache"><meta http-equiv="expires" content="0"> <meta http-equiv="keywords" content="keyword1,keyword2,keyword3"><meta http-equiv="description" content="This is my page"><!--<link rel="stylesheet" type="text/css" href="styles.css">--></head><body>欢迎访问DEMO1的主页</body></html>
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%><%String path = request.getContextPath();String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";%><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"><html><head><base href="<%=basePath%>"><title>欢迎访问DEMO2</title><meta http-equiv="pragma" content="no-cache"><meta http-equiv="cache-control" content="no-cache"><meta http-equiv="expires" content="0"> <meta http-equiv="keywords" content="keyword1,keyword2,keyword3"><meta http-equiv="description" content="This is my page"><!--<link rel="stylesheet" type="text/css" href="styles.css">--></head><body>欢迎访问DEMO2的主页</body></html>
<?xml version="1.0" encoding="UTF-8" ?><!DOCTYPE struts PUBLIC "-//Apache Software Foundation//DTD Struts Configuration 2.1//EN" "/dtds/struts-2.1.dtd"><!--struts2配置 --><struts><package name="sso" extends="struts-default" namespace="/sso"><action name="doLogin" class="com.kero99.ygc.sso.SSOAction" method="doLogin"><result name="success" type="redirect">/${gotoUrl}</result></action> </package><package name="dome1" extends="struts-default" namespace="/demo1"> <action name="main" class="com.kero99.ygc.demo1.Demo1Action" method="main"><result name="success">/success1.jsp</result><result name="login">/login.jsp</result> </action></package><package name="dome2" extends="struts-default" namespace="/demo2"> <action name="main" class="com.kero99.ygc.demo2.Demo2Action" method="main"><result name="success">/success2.jsp</result> <result name="login">/login.jsp</result> </action></package></struts>
//需要的struts2 jar
//结构流程图
package com.kero99.ygc.sso;import javax.servlet.http.Cookie;import javax.servlet.http.HttpServletResponse;import org.apache.struts2.ServletActionContext;import com.kero99.ygc.util.SSOCheck;import com.opensymphony.xwork2.ActionSupport;public class SSOAction extends ActionSupport {/*** SSO 登录验证 并添加到 Cookie 为了方便失败为null * eg:http://localhost:8082/0702_V1.0_sso/demo1/main.action* 本人的访问路径0702_V1.0_sso web Context root 可以进行更改成本地的* gotoUrl 为 重定向路径 * util 下user=ygc pwd=123 为登录验证* ckeckCookie 验证Cookie是否存在 * /demo1/main.action* /demo2/main.action* 进行测试* */private static final long serialVersionUID = 1L;private String username;private String password;private String gotoUrl;//登录接口public String doLogin(){System.out.println("login方法执行了...");boolean ok=SSOCheck.checkLogin(username, password);if(ok){Cookie cookie=new Cookie("ssocookie","sso");cookie.setPath("/");HttpServletResponse response=ServletActionContext.getResponse();response.addCookie(cookie);return SUCCESS;}return null;}public String getGotoUrl() {return gotoUrl;}public void setGotoUrl(String gotoUrl) {this.gotoUrl = gotoUrl;}public String getUsername() {return username;}public void setUsername(String username) {this.username = username;}public String getPassword() {return password;}public void setPassword(String password) {this.password = password;}}
package com.kero99.ygc.util;import javax.servlet.http.Cookie;import javax.servlet.http.HttpServletRequest;public class SSOCheck {private static final String USERNAME="ygc";private static final String PASSWORD="123";//验证登录public static boolean checkLogin(String username,String password){if(username.equals(USERNAME) && password.equals(PASSWORD)){return true;}return false;}//登录效验接口public static boolean ckeckCookie(HttpServletRequest request){Cookie[] cookies=request.getCookies();if(cookies!=null){for(Cookie cookie:cookies){if(cookie.getName().equals("ssocookie") && cookie.getValue().equals("sso")){return true;}}}return false;}}
package com.kero99.ygc.demo1;import javax.servlet.http.HttpServletRequest;import org.apache.struts2.ServletActionContext;import com.kero99.ygc.util.SSOCheck;import com.opensymphony.xwork2.ActionSupport;public class Demo1Action extends ActionSupport {/*** Demo1接口*/private static final long serialVersionUID = 1L;private String gotoUrl;public String main(){HttpServletRequest request=ServletActionContext.getRequest();if(SSOCheck.ckeckCookie(request)){return SUCCESS;}gotoUrl="/demo1/main.action";return LOGIN;}public String getGotoUrl() {return gotoUrl;}public void setGotoUrl(String gotoUrl) {this.gotoUrl = gotoUrl;}}
package com.kero99.ygc.demo2;import javax.servlet.http.HttpServletRequest;import org.apache.struts2.ServletActionContext;import com.kero99.ygc.util.SSOCheck;import com.opensymphony.xwork2.ActionSupport;public class Demo2Action extends ActionSupport {/*** Demo2接口*/private static final long serialVersionUID = 1L;private String gotoUrl;public String main(){HttpServletRequest request=ServletActionContext.getRequest();if(SSOCheck.ckeckCookie(request)){return SUCCESS;}gotoUrl="/demo2/main.action";return LOGIN;}public String getGotoUrl() {return gotoUrl;}public void setGotoUrl(String gotoUrl) {this.gotoUrl = gotoUrl;}}
![[精华][推荐]CAS SSO实现单点登录实例源码](https://900zi.500zi.com/uploadfile/img/15/894/66ff5c3a5864472373c188b048191b1d.jpg)
![[精华][推荐]CAS SSO 实现单点登录实例源码](https://900zi.500zi.com/uploadfile/img/15/927/55c503fac45874fab10f91211a242e6b.jpg)
