This article uses Cookies+filter to implement single sign-on for www.taobao.tgb.com and www.tianmao.tgb.com.
source sharing: Link: http://pan.baidu.com/s/1eQheDpS password: gn9d
Principle of realization
When you log in to Taobao with your user name and password, the user name is stored in a session and in a cookie. When a user logs in to Tianmao, the user name and password can be obtained directly from the cookie without having to log in two times.
Two knowledge point analysis
1. This example uses Tomcat as a server, binds 1 domain names, and this domain name corresponds to 2 different items: One is Taobao and the other is Tianmao.
2. You do not need to enter a port number when visiting the URL.
Three steps:
a) Create a Web Service project with MyEclipse named: sso_cookie_filter, project directory structure
II) index.jsp user Login page
<%@ page language= "java" import= "java.util.*" pageencoding= "UTF-8"%><%@ taglib prefix= "C" uri= "/HTTP/ Java.sun.com/jsp/jstl/core "%><title> Welcome to [Tianmao] website </title>
III) Web. XML for compounding: interceptors, Servlets<!-- Start: Zhaoli-Create a filter filter to intercept all requests--><filter><filter-name>autologin</filter-name> <filter-class>com.tgb.sso.filter.autologinfilter</filter-class></filter><filter-mapping ><filter-name>autologin</filter-name><url-pattern>/*</url-pattern></ filter-mapping><!-- End: Zhaoli-Create filter filter to intercept all requests--><!-- start: Zhaoli-Create Servlet--><servlet ><servlet-name>loginservlet</servlet-name><servlet-class>com.tgb.sso.servlet.loginservlet </servlet-class></servlet><servlet-mapping><servlet-name>loginservlet</servlet-name ><url-pattern>/login</url-pattern></servlet-mapping><!-- End: Zhaoli-Create servlet-->
iv) Writing filters: Autologinfilter.java/** * Custom filter: User intercepts user login information * * @author Lizi * @version 1.0.0 July 14, 2015 19:29:45 */public class Autologinfilter implements Filter {//intercepts all user requests. First, determine if a user name exists in the session. If the user name does not exist in the session, then the user name is determined in the cookie//If there is a user name in cookies, it is placed in the session. public void DoFilter (ServletRequest req, servletresponse resp,filterchain chain) throws IOException, Servletexception {/ /intercept user requests HttpServletRequest request = (httpservletrequest) req;//determine if the session is empty//if user is empty in session, if ( Request.getsession (). getattribute ("user") = = null) {//Get all the cookies in the request and put in the array cookie[] cs = request.getcookies (); /If the cookie is not empty, then all records in all cookies are traversed if (cs = null && cs.length > 0) {for (Cookie C:cs) {String cName = C.getname ( )///Find the current user's cookie (SSO identity here) if (Cname.equals ("SSO")) {//get the corresponding value in SSO, that is: username usernamestring userName = c.getvalue ();// Put the username userName in the session request.getsession (). SetAttribute ("user", UserName);}}} Returns the current request Chain.dofilter (request, RESP);}}
v) Preparation of Servlet:LoginServlet.java/** * User Login servlet * * @author Lizi * @version 1.0.0 July 14, 2015 19:29:45 */public class Loginservlet extends HttpServlet {/ /If the user submits a GET request, the request is forwarded to dopostpublic void Doget (HttpServletRequest request, httpservletresponse response) throws Servletexception, IOException {this.dopost (request, response);} Accept the user's post request public void DoPost (HttpServletRequest request, httpservletresponse response) throws Servletexception, IOException {//Gets user input user name string userName = Request.getparameter ("UserName");//Gets user input polygon string password = Request.getparameter ("password");//If the user name and password are the same, the login succeeds (in fact, the database should be queried) if (userName! = null && password! = null) {if (username.equals (password)) {//The user name is stored in session request.getsession (). SetAttribute ("user", userName);//write a cookie to the client named Ssocookie C = new Cookie (" SSO ", UserName); C.setmaxage (3600);//Set cookie effective time is 1 hours c.setdomain (". tgb.com ");//www.taobao.tgb.com// Www.tianmao.tgb.comc.setPath ("/");//Intercept all requests Response.addcookie (c);//Add cookies to response}}// Jump to index.jsp page response.seNdredirect (Request.getcontextpath () + "/index.jsp");}}
vi) Demo effectEnter in the Taobao website: username Taobao, password is Taobao, click Login. Post Display: Welcome screen
Refresh Tianmao Web page at this time, can be directly displayed: Welcome interface (no login required)
Seven)View cookies in the 360 browser:Tools---Advanced settings--Content settings (Content settings ...) )-->cookie (All Cookies and website data)
Here you can see the following:
A cookie was saved for tgb.com
Saved a session for Taobao.
Saved a session for Tianmao.
four Expand your knowledgePreviously, the project was deployed directly in Tomcat and then accessed through: Localhost:8080/projectname/methodname.
1. This example uses Tomcat as a server, binds 1 domain names, and this domain name corresponds to 2 different items: One is Taobao and the other is Tianmao.
2. You do not need to enter a port number when visiting the URL.
a) access through the domain name (www.taobao.tgb.com, www.tianmao.tgb.com), you need to do the following configuration: 1.tomcat The default startup project directory is: Tomcat\webapps.
Here you need to create a new two folder in the Tomcat installation directory: Taobao, Tianmao ()
Copy the Web-inf entire folder in the MyEclipse to the Taobao and Tianmao folders, and change the Web-inf name as root
2. Modify the C:\Windows\System32\drivers\etc\hosts file and add two nodes
3. Modify the C:\tomcat\apache-tomcat-6.0.35\conf\server.xml file and add two host nodes
End
To access Taobao, you need to enter in the browser: www.taobao.tgb.com:8080
If you need access to Tianmao, you need to enter it in the browser: www.tianmao.tgb.com:8080
II) When accessing, remove the port number 8080? Modify the port number of the C:\tomcat\apache-tomcat-6.0.35\conf\server.xml file, in HTTP, by 8080--->80
Originally:
<connector connectiontimeout= "20000" port= "8080" protocol= "http/1.1" redirectport= "8443"/>
After modification:
<connector connectiontimeout= "20000" port= "" protocol= "http/1.1" redirectport= "8443"/>
Reference article: "Tomcat multi-domain Configuration"
Copyright NOTICE: This article for Bo Master original article, without Bo Master permission not reproduced.
Single Sign-On (i) Single sign-on with Cookie+file.