public abstract class AbstractKissoService extends KissoServiceSupport implements KissoService
SSO 单点登录服务抽象实现类
config, logger| 构造器和说明 |
|---|
AbstractKissoService() |
| 限定符和类型 | 方法和说明 |
|---|---|
AuthToken |
askCiphertext(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
String privateKey)
生成跨域询问票据
|
void |
authSSOCookie(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
Token token)
当前访问域下设置登录Cookie 设置防止伪造SESSIONID攻击
|
boolean |
clearLogin(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
清除登录状态
|
void |
clearRedirectLogin(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
重新登录 退出当前登录状态、重定向至登录页.
|
String |
getLoginCount(javax.servlet.http.HttpServletRequest request)
在线人数(总数)
|
Token |
getToken(javax.servlet.http.HttpServletRequest request)
获取当前请求 Token
从 Cookie 解密 token 使用场景,拦截器,非拦截器建议使用 attrToken 减少二次解密
|
void |
logout(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
SSO 退出登录
|
AuthToken |
ok(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
String replyTxt,
String atPk,
String ssoPrk)
验证回复密文,成功!
|
AuthToken |
replyCiphertext(javax.servlet.http.HttpServletRequest request,
String askData)
生成跨域回复票据
|
void |
setSSOCookie(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
Token token)
当前访问域下设置登录Cookie
request.setAttribute(SSOConfig.SSO_COOKIE_MAXAGE, -1);
可以设置 Cookie 超时时间 ,默认读取配置文件数据 。
|
attrToken, checkIp, encryptCookie, getConfig, getJsonToken, getToken, getToken, logout, setConfig, setSSOCookie, tokenCacheKeypublic Token getToken(javax.servlet.http.HttpServletRequest request)
从 Cookie 解密 token 使用场景,拦截器,非拦截器建议使用 attrToken 减少二次解密
getToken 在接口中 KissoServicerequest - public String getLoginCount(javax.servlet.http.HttpServletRequest request)
getLoginCount 在接口中 KissoServicerequest - 查询请求public void setSSOCookie(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
Token token)
request.setAttribute(SSOConfig.SSO_COOKIE_MAXAGE, -1); 可以设置 Cookie 超时时间 ,默认读取配置文件数据 。 -1 浏览器关闭时自动删除 0 立即删除 120 表示Cookie有效期2分钟(以秒为单位)
setSSOCookie 在接口中 KissoServicerequest - response - public void authSSOCookie(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
Token token)
request - response - public boolean clearLogin(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
clearLogin 在接口中 KissoServicerequest - response - public void clearRedirectLogin(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
throws IOException
重新登录 退出当前登录状态、重定向至登录页.
clearRedirectLogin 在接口中 KissoServicerequest - response - IOExceptionpublic void logout(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response)
throws IOException
IOExceptionpublic AuthToken askCiphertext(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, String privateKey)
生成跨域询问票据
askCiphertext 在接口中 KissoServicerequest - response - privateKey - RSA 私钥(业务系统私钥,用于签名)AuthTokenpublic AuthToken replyCiphertext(javax.servlet.http.HttpServletRequest request, String askData)
生成跨域回复票据
replyCiphertext 在接口中 KissoServiceauthToken - 跨域信任 TokenuserId - 用户IDaskTxt - 询问密文AuthTokenpublic AuthToken ok(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, String replyTxt, String atPk, String ssoPrk)
验证回复密文,成功! 返回 绑定用户ID 等信息
ok 在接口中 KissoServicerequest - response - authToken - 跨域信任 TokenreplyTxt - 回复密文atPk - RSA 公钥 (业务系统公钥,验证authToken签名)ssoPrk - RSA 公钥 (SSO 回复密文公钥验证签名)AuthTokenCopyright © 2016. All rights reserved.