✅P233_商城业务-认证服务-单点登录流程-1
2024/2/14大约 3 分钟
一、单点登录核心逻辑
核心:三个系统即使域名不一样,想办法给三个系统同步同一个用户的票据;
- 中央认证服务器;ssoserver.com
- 其他系统,想要登录去ssoserver.com登录,登录成功跳转回来
- 只要有一个登录,其他都不用登录
- 全系统统一一个
sso-sessionid;所有系统可能域名都不相同
二、单点登录第一步流程
三、单点登录服务端
3.1 cfmall-test-sso-server认证中心
3.2 pom.xml
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>com.gyz.cfmall</groupId>
<artifactId>cfmall-test-sso-server</artifactId>
<version>0.0.1-SNAPSHOT</version>
<name>单点登录服务端</name>
<description>cfmall-test-sso-server</description>
<properties>
<java.version>1.8</java.version>
<spring-boot.version>2.3.12.RELEASE</spring-boot.version>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-thymeleaf</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
<optional>true</optional>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-redis</artifactId>
</dependency>
</dependencies>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-dependencies</artifactId>
<version>${spring-boot.version}</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
</plugins>
</build>
</project>3.3 application.properties配置
配置端口号:cfmall-test-sso-server/src/main/resources/application.properties
server.port=8082配置认证中心地址:cfmall-test-sso-client/src/main/resources/application.properties
sso.server.url=http://ssoserver.com:8082/login.html3.4 服务端Controller
cfmall-test-sso-server/src/main/java/com/gyz/cfmall/controller/LoginController.java
package com.gyz.cfmall.controller;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
@Controller
public class LoginController {
@GetMapping("/login.html")
public String login() {
return "login";
}
/**
* 处理登录请求
* @return
*/
@GetMapping("/doLogin")
public String doLogin() {
return "";
}
}3.5 login.html
cfmall-test-sso-server/src/main/resources/templates/login.html
<!DOCTYPE html>
<html lang="en" xmlns:th="http://www.thymeleaf.org">
<head>
<meta charset="UTF-8">
<title>欢迎登录</title>
</head>
<body>
<form action="/doLogin" method="post">
用户名 <input type="text" name="username"/><br/>
密 码 <input name="password" type="passWord"/><br/>
<input type="submit" value="登录"/>
</form>
</body>
</html>四、单点登录客户端
4.1 cfmall-test-sso-client客户端服务
4.2 pom.xml
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>com.gyz.cfmall</groupId>
<artifactId>cfmall-test-sso-client2</artifactId>
<version>0.0.1-SNAPSHOT</version>
<name>单点登录客户端2</name>
<description>cfmall-test-sso-client</description>
<properties>
<java.version>1.8</java.version>
<spring-boot.version>2.3.12.RELEASE</spring-boot.version>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-thymeleaf</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
<optional>true</optional>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
</dependencies>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-dependencies</artifactId>
<version>${spring-boot.version}</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
</plugins>
</build>
</project>4.3 application.properties配置
server.port=8083
sso.server.url=http://ssoserver.com:8082/login.html
spring.redis.host=192.168.17.1304.4 客户端Controller
当认证中心认证完成之后,要让认证中心知道跳转回的地址?解决方案就是在请求参数中携带跳转回的地址redirect_url
cfmall-test-sso-client/src/main/java/com/gyz/cfmall/controller/HelloController.java
package com.gyz.cfmall.controller;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.ResponseBody;
import javax.servlet.http.HttpSession;
import java.util.ArrayList;
import java.util.List;
@Controller
public class HelloController {
@Value("${sso.server.url}")
private String SSOServerUrl;
/**
* 无需认证即可访问
*
* @return
*/
@GetMapping("/hello")
@ResponseBody
public String hello() {
return "hello";
}
@GetMapping("/employees")
public String employees(Model model, HttpSession session) {
Object loginUser = session.getAttribute("loginUser");
if (loginUser == null) {
return "redirect:" + SSOServerUrl + "?redirect_url=http://client1.com:8083/employees";
} else {
List<Object> emps = new ArrayList<>();
emps.add("zhangsan");
emps.add("lisi");
model.addAttribute("emps", emps);
return "employees";
}
}
}4.5 employees.html
<!DOCTYPE html>
<html lang="en" xmlns:th="http://www.thymeleaf.org">
<head>
<meta charset="UTF-8">
<title>员工列表</title>
</head>
<body>
<h1>欢迎:[[${session.loginUser}]]</h1>
<ul>
<li th:each="emp:${emps}">员工姓名:[[${emp}]]</li>
</ul>
</body>
</html>