AccessToken

对于一些具有统一登录模块的框架,比如使用常用的token值来标识用户身份,在与BaskServer系统整合时,会在访问BaskServer相关的URL中加入token值,比如:

http://192.168.18.100:8080/baskserver/home?tenantId=basksoft&accessToken=xxxxxxxxxxxx

希望BaskServer系统会根据token值来判断用户身份。

  1. 配置一个Filter,接收Request,判断token值是否正确,如果正确,则将用户信息放入Cookie或Session中。
  2. 在SecurityProvider 的getLoginUser方法中,判断Cookie或Session中是否有token用户信息,如果有则根据Token的值解析用户信息,并返回BaskServer的User对象。如果没有,则返回空对象。

Filter参考代码(Cookie):

public class BaskOriginFilter extends BaskFilter{
    @Override
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
            throws IOException, ServletException {
        HttpServletResponse res=(HttpServletResponse)response;
        res.setHeader("Access-Control-Allow-Origin", "*");
        res.setHeader("Access-Control-Allow-Headers", "*");

        HttpServletRequest req = (HttpServletRequest)request;
        String accessToken = req.getParameter("accessToken");
        if (StringUtils.isNoneBlank(accessToken)) {
            setAccessCookie(req, res, accessToken);
        }

        super.doFilter(request, response, chain);
    }

    private static final String COOKIE_KEY = "accessToken";
    private void setAccessCookie(HttpServletRequest req, HttpServletResponse res, String accessToken) {
        Cookie[] cookies = req.getCookies();
        Cookie accessCookie = null;
        if (cookies!=null) {
            for(Cookie cookie : cookies){
                if (COOKIE_KEY.equals(cookie.getName())) {
                    accessCookie = cookie;
                    break;
                }
            }
        }
        if (accessCookie==null) {
            accessCookie = new Cookie(COOKIE_KEY, accessToken);
            res.addCookie(accessCookie);
        } else {
            accessCookie.setValue(accessToken);
            System.out.println(accessCookie.getValue());
        }
    }

}

Filter参考代码(Session):

public class BaskOriginFilter extends BaskFilter{
    @Override
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
            throws IOException, ServletException {
        HttpServletResponse res=(HttpServletResponse)response;
        res.setHeader("Access-Control-Allow-Origin", "*");
        res.setHeader("Access-Control-Allow-Headers", "*");

        HttpServletRequest req = (HttpServletRequest)request;
        String accessToken = req.getParameter("accessToken");
        if (StringUtils.isNoneBlank(accessToken)) {
            req.getSession().setAttribute("accessToken", accessToken);
        }

        super.doFilter(request, response, chain);
    }


}

SecurityProvider参考代码(Cookie):

public class MockSecurityProvider extends DefaultSecurityProvider {

    @Override
    public User getLoginUser(HttpServletRequest req) {
        User user=super.getLoginUser(req);
        if(user==null) {
            Cookie[] cookies = req.getCookies();
            Cookie accessCookie = null;
            if (cookies!=null) {
                for(Cookie cookie : cookies){
                    if (COOKIE_KEY.equals(cookie.getName())) {
                        accessCookie = cookie;
                        break;
                    }
                }
            }
            String accessToken = null;
            if (accessCookie!=null) {
                accessToken = accessCookie.getValue();
            }
            if(accessToken!=null) {
                Object userObject = // 根据accessToken获取用户信息
                ArrayList<Tenant> tenants = new ArrayList<Tenant>();
                Tenant tenant=new Tenant();
                tenant.setId(系统中已经创建的租户ID);
                tenant.setCreateUser(系统管理员账号);
                tenants.add(tenant);
                return new DefaultUser(用户系统账号, 用户名称, true, tenants);
            }

        }
        return user;
    }

SecurityProvider参考代码(Session):

public class MockSecurityProvider extends DefaultSecurityProvider {

    @Override
    public User getLoginUser(HttpServletRequest req) {
        User user=super.getLoginUser(req);
        if(user==null) {
            String accessToken = req.getSession().getAttribute("accessToken");
            if(accessToken!=null) {
                Object userObject = // 根据accessToken获取用户信息
                ArrayList<Tenant> tenants = new ArrayList<Tenant>();
                Tenant tenant=new Tenant();
                tenant.setId(系统中已经创建的租户ID);
                tenant.setCreateUser(系统管理员账号);
                tenants.add(tenant);
                return new DefaultUser(用户系统账号, 用户名称, true, tenants);
            }

        }
        return user;
    }

results matching ""

    No results matching ""