本文介绍使用Restlet框架实现单点登录(SSO)的过程,包括如何配置路由、处理登录认证及用户验证等核心功能。文章还探讨了Restlet中表示、资源、变体和路由器等关键类的应用,并讨论了在多应用间实现统一认证所面临的挑战。
面临的问题:
1、多应用之间的身份验证:SSO + filter 解决方案
2、cookie与域的关系
3、安全协议SSL的支持
4、Restlet 之间访问:apache开源的httpclient包(存在的问题:会话管理,ssl等问题,需要验证的问题:会不会走filter)
Restlet 需要明白的几个类:
1、Representation
2、ServerResource
3、Variant
4、Router
示例:
public class SSOApplication extends Application {
public SSOApplication() {
super();
}
public synchronized Restlet createInboundRoot() {
Router router = new Router(this.getContext());
router.attach("/login", LoginServerResource.class);
router.attach("/user", UserServerResource.class);
router.attach("/authe", AutheServerResource.class);
return router;
}
}
public class LoginServerResource extends ServerResource {
@Get
public InputRepresentation hello() {
InputStream editorStream = this.getClass().getClassLoader()
.getResourceAsStream("login.html");
InputRepresentation editorResultRepresentation = new InputRepresentation(
editorStream);
editorResultRepresentation.setMediaType(MediaType.TEXT_HTML);
return editorResultRepresentation;
}
}
public class UserServerResource extends ServerResource {
@Post
public void getLogin(Representation entity) {
Form form = new Form(entity);
String itemName = form.getFirstValue("name");
String itemPassword = form.getFirstValue("password");
if ("tdp".equals(itemName)) {
// 跳转到主页
this.getResponse().redirectPermanent("./users");
} else {
this.getResponse().redirectPermanent("./login");
}
}
}
遇到的问题:meta不一致,解决办法,设置editorResultRepresentation.setMediaType(MediaType.TEXT_HTML);
restlet filter
org.restlet.routing.Filter
restlet Authorizer
org.restlet.security.Authorizer
1、多应用之间的身份验证:SSO + filter 解决方案
2、cookie与域的关系
3、安全协议SSL的支持
4、Restlet 之间访问:apache开源的httpclient包(存在的问题:会话管理,ssl等问题,需要验证的问题:会不会走filter)
Restlet 需要明白的几个类:
1、Representation
2、ServerResource
3、Variant
4、Router
示例:
public class SSOApplication extends Application {
public SSOApplication() {
super();
}
public synchronized Restlet createInboundRoot() {
Router router = new Router(this.getContext());
router.attach("/login", LoginServerResource.class);
router.attach("/user", UserServerResource.class);
router.attach("/authe", AutheServerResource.class);
return router;
}
}
public class LoginServerResource extends ServerResource {
@Get
public InputRepresentation hello() {
InputStream editorStream = this.getClass().getClassLoader()
.getResourceAsStream("login.html");
InputRepresentation editorResultRepresentation = new InputRepresentation(
editorStream);
editorResultRepresentation.setMediaType(MediaType.TEXT_HTML);
return editorResultRepresentation;
}
}
public class UserServerResource extends ServerResource {
@Post
public void getLogin(Representation entity) {
Form form = new Form(entity);
String itemName = form.getFirstValue("name");
String itemPassword = form.getFirstValue("password");
if ("tdp".equals(itemName)) {
// 跳转到主页
this.getResponse().redirectPermanent("./users");
} else {
this.getResponse().redirectPermanent("./login");
}
}
}
遇到的问题:meta不一致,解决办法,设置editorResultRepresentation.setMediaType(MediaType.TEXT_HTML);
restlet filter
org.restlet.routing.Filter
restlet Authorizer
org.restlet.security.Authorizer
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
