ssoauth.java

它统一管理各个应用系统用户的身份验证

package auth;

import java.io.*;
import java.util.*;
import java.util.concurrent.*;

import javax.servlet.*;
import javax.servlet.http.*;
import ldap.LdapBean;

/**
 *
 * @author Guo ShuYang
 * @version
 */
//类SSOAuth用来验证Web应用派发过来的用户的信息的合法性，是单点登录系统的核心类
public class SSOAuth extends HttpServlet {   
  
	static private ConcurrentMap<String, String> accounts;	//用来存储从ldap目录中读取的用户信息
    static private ConcurrentMap<String, String> SSOIDs;	//用来存储临时生成的用户身份标识
    String cookiename = " ";	// 本应用中使用的cookie的名字
    String domainname = " ";	// 本应用部署的服务器的域名
	private String gotoURL = " ";	// 身份验证成功派发到的目标地址
	LdapBean ldap = new LdapBean();	// 从ldap目录中读取用户信息的Bean类
    
    // 初始化系统的一些参数
	public void init(ServletConfig config) throws ServletException {
        super.init(config);
        domainname= config.getInitParameter("domainname");
        cookiename = config.getInitParameter("cookiename");
        SSOIDs = new ConcurrentHashMap<String, String>();
        accounts=new ConcurrentHashMap<String, String>();
        accounts=ldap.getAccountsInfo();
    }
    
	// 处理来自Web应用派发过来的请求
    protected void processRequest(HttpServletRequest request, HttpServletResponse response)
    throws ServletException, IOException {
        PrintWriter out = response.getWriter();
        String action = request.getParameter("action");	//查新请求的动作类型
        gotoURL = request.getParameter("goto");
		String result="failed";
        if (action==null) {  //第一次登录系统，派发到登录页面
            handlerFromLogin(request,response);
        } 
        else if (action.equals("authcookie")){ //验证cookie有效性
            String myCookie = request.getParameter("cookiename");
            if (myCookie != null)  result = authCookie(myCookie);
            out.print(result);
            out.close();
        } 
        else if (action.equals("authuser")) { //验证用户信息有效性
            result=authNameAndPasswd(request,response);
            out.print(result);
            out.close();
        }  
        else if (action.equals("logout")) {	//处理注销服务
            String myCookie = request.getParameter("cookiename");
            logout(myCookie);
            out.close();
        }
    }   
    
      
    // 静态函数，验证cookie的有效性
    static public String authCookie(String value){
        String result = (String) SSOIDs.get(value);
        if (result == null) {
            result = "failed";
            System.out.println("Authentication failed!");
        } else {
            System.out.println("Authentication success!");
        }
        return result;
    }
    
    // 静态函数，验证用户名的有效性
    static public String authUserAndPass(String username, String password){
        String pass = (String)accounts.get(username);
        if ((pass==null)||(!pass.equals(password))) 
        	return "failed";
        String newID = createUID();
        SSOIDs.put(newID, username);
        return username;
    }    
    
    //验证用户的密码有效性
    protected String authNameAndPasswd(HttpServletRequest request,HttpServletResponse response){
        String username = request.getParameter("username");
        String password = request.getParameter("password");
        String pass = (String)accounts.get(username);
        if ((pass==null)||(!pass.equals(password)))
        	return "failed";  
        String newID = createUID();
        SSOIDs.put(newID, username);
        return newID;
    }
    
    // <editor-fold defaultstate="collapsed" desc="HttpServlet methods. Click on the + sign on the left to edit the code.">
    /** Handles the HTTP <code>GET</code> method.
     * @param request servlet request
     * @param response servlet response
     */
    protected void doGet(HttpServletRequest request, HttpServletResponse response)
    throws ServletException, IOException {
        processRequest(request, response);
    }
    
    /** Handles the HTTP <code>POST</code> method.
     * @param request servlet request
     * @param response servlet response
     */
    protected void doPost(HttpServletRequest request, HttpServletResponse response)
    throws ServletException, IOException {
        processRequest(request, response);
    }
    
    /** Returns a short description of the servlet.
     */
    public String getServletInfo() {
        return "Short description";
    }
    // </editor-fold>
    
   
    //创建用户的身份标识
    static private String createUID() {
        Date now = new Date();
        long time = now.getTime();
        return "Auth"+time;
    }
    
    //用户注销
    private void logout(String UID){
        System.out.println("Logout for " + UID);
        SSOIDs.remove(UID);
    }

    // 用户第一次使用Web应用
    private void handlerFromLogin(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        String username = request.getParameter("username");
        String password = request.getParameter("password");
        String pass = (String)accounts.get(username);
        // 验证失败就派发到失败页面
        if ((pass==null)||(!pass.equals(password))) 
            getServletContext().getRequestDispatcher("/failed.html").forward(request, response);
        else {
            String gotoURL = request.getParameter("goto");          
            String newID = createUID();
            SSOIDs.put(newID, username);     
            //设置cookie的值，并添加到response中
            Cookie ticketCookie = new Cookie(cookiename, "123456"); 
            ticketCookie.setMaxAge(86400);
            ticketCookie.setValue(newID);          
            ticketCookie.setPath("/");   
            response.addCookie(ticketCookie);
           
            if (gotoURL != null) {
                PrintWriter out = response.getWriter();             
                response.sendRedirect(gotoURL);// 验证身份合法后，派发到本来想访问的目标资源处
                out.close();
                return;
            }            
        }
        
    }
    
}