首先说下问题,我们的项目之前SSO单点登录一直用的http的方式,
这一块登录一直都是正常的,现在要切上正式环境了,SSO服务器那边就改用了https的方式SSO配置如下:
<listener>
<listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class>
</listener>
<!-- 该过滤器用于实现单点登出功能,可选配置。 -->
<filter>
<filter-name>CAS Single Sign Out Filter</filter-name>
<filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CAS Single Sign Out Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- 该过滤器负责用户的认证工作,必须启用它 -->
<filter>
<filter-name>CASFilter</filter-name>
<filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>
<init-param>
<param-name>casServerLoginUrl</param-name>
<param-value>https://sso.hnair.net/login?appid=hnair-pmp</param-value>
</init-param>
<init-param>
<param-name>renew</param-name>
<param-value>false</param-value>
</init-param>
<init-param>
<param-name>gateway</param-name>
<param-value>false</param-value>
</init-param>
<init-param>
<!--这里的server是服务端的IP -->
<param-name>serverName</param-name>
<param-value>http://10.70.35.215</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CASFilter</filter-name>
<url-pattern>/common/huLogin</url-pattern>
</filter-mapping>
<!-- 该过滤器负责对Ticket的校验工作,必须启用它 -->
<filter>
<filter-name>CAS Validation Filter</filter-name>
<filter-class>
org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter
</filter-class>
<init-param>
<param-name>casServerUrlPrefix</param-name>
<param-value>https://sso.hnair.net</param-value>
</init-param>
<init-param>
<param-name>encoding</param-name>
<param-value>UTF-8</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>http://10.70.35.215</param-value>
</init-param>
<init-param>
<param-name>useSession</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>redirectAfterValidation</param-name>
<param-value>true</param-value>
</init-param>
</filter>
JSP代码如下:
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt" %>
<%
String ctx = request.getContextPath();
String basePath = request.getScheme() + "://"
+ request.getServerName() + ":" + request.getServerPort()
+ ctx + "/";
%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
单点登录 $(function(){ var islogout = "${param.islogout}"; if(!islogout){ var casuser = "${casuser}"; if(!casuser){ window.location.href = "<%=basePath%>common/huLogin"; }else{ var loginMsg = "${loginMsg}"; var openner = window.opener; if(loginMsg=="success"){ openner.location.href="<%=basePath%>home/index"; window.close(); }else{ window.location.href = "${logoutUrl}"; } } }else{ window.opener.location.href = "<%=basePath%>common/logout"; window.close(); } });
controller代码如下:
@RequestMapping(value = "/huLogin")
public String huLogin(
HttpServletRequest request, HttpSession session, Model model)
throws BusinessException
{
logger.info("huLogin begin");
//如果session中没有用户信息,则填充用户信息
//从Cas服务器获取登录账户的用户名
....
session.setAttribute(Constants.LOGOUT_URL, casServerUrl);
model.addAttribute(Constants.CASUSER, userName);
logger.info("huLogin end");
return "common/hulogin";
}
请各位大神帮帮忙看看