同一tomcat 下的两个应用共享 Session 2 (SSO)

asdrtu

　　D:\feiHuang\解决方案备份
 
 
1. 在 “%TOMCAT_HOME%\conf\Catalina\localhost" 目前下增加两个xml 文件：
    1) project_a.xml
        <!--
<Context cookies="true" debug="0" docBase="d:/workspace/project_a/web" path="/project_a" reloadable="true" crossContext="true">
</Context>
-->
 
<Context docBase="d:/workspace/project_a/web" path="/project_a" reloadable="ture" crossContext="true" cookies="true">
</Context>
 
    2)  project_b.xml
        <Context className="org.apache.catalina.core.StandardContext" cookies="true" crossContext="true" 
docBase="d:/workspace/project_b/WebContent" path="/Enterprise" privileged="false" reloadable="true" useNaming="true">                 
<Resource auth="Container" name="jdbc/project_b" type="javax.sql.DataSource"
               maxActive="10" maxIdle="5" maxWait="-1"
               username="project_b" password="123456" driverClassName="net.sourceforge.jtds.jdbc.Driver"
               url="jdbc:jtds:sqlserver://project_b:1433;DatabaseName=project_b"
               factory="org.apache.commons.dbcp.BasicDataSourceFactory"/>   
</Context>
 
2.  project_a 在session 里设置参数的时候调用以下代码：
     public static void setGlobalAuthInfo(HttpServletRequest request,
                                         HttpServletResponse response,                                         
                                         User user) {
HttpSession session = request.getSession();
        String sessionId = session.getId();
        Cookie cookie = new Cookie(Constants.GLOBAL_COOKIE_KEY,sessionId);
        cookie.setPath("/");
        response.addCookie(cookie);
        storeCrossContextData(session,user);
        Cookie cookieS = new Cookie(Constants.JSESSION_COOKIE_KEY,sessionId);
        cookieS.setPath("/");
        cookieS.setMaxAge(30*24*3600);
        response.addCookie(cookieS);
        
        Cookie cookieCode = new Cookie(Constants.USERCODE_COOKIE_KEY,user.getCode());
        cookieCode.setPath("/");
        cookieCode.setMaxAge(30*24*3600);
        response.addCookie(cookieCode);
    }
 
    private static synchronized void storeCrossContextData(HttpSession session,User user) {
        ServletContext context = session.getServletContext();
        Hashtable store = (Hashtable)context.getAttribute(Constants.CROSS_CONTEXT_DATA_KEY);
        if (store==null) {
            store = new Hashtable();
        }
        store.put(session.getId(),user.getCode());
        context.setAttribute(Constants.CROSS_CONTEXT_DATA_KEY,store);
    }
 
 3.  在 project_b 里，
        首先检查 project-b 里的是否已经设置好session 属性；如果没有则走以下流程：
 
       先通过以下方法得到 project_a 里的 sessionID,
      private static String getCookie(HttpServletRequest request) {
String id = "";
Cookie[] cookies = request.getCookies();
if (cookies==null) return id;
for (int i=0;i<cookies.length;i++) {
if ("GlobalSessionId".equals(cookies.getName())) {
id = cookies.getValue();
break;
}
}
return id;
}
 
       再通过以下参数获取登陆用户名，接下来根据登陆帐号从数据库获取相关信息并在 project_b 里的session 里设置好参数。
 
private String getLongName(HttpServletRequest request, HttpServletResponse response) {
String code = "";
String id = getCookie(request);
if ("".equals(id)) return code;
HttpSession session = request.getSession();
ServletContext c = servletContext.getContext("/positec");
if (c==null) return code;
Hashtable table = (Hashtable)c.getAttribute("CrossContextData");
if (table==null || table.size()<=0) return code;
code = (String)table.get(id);
if (code==null) code = "";
return code;
}