Liferay嵌套方式集成三方应用
作者:互联网
Liferay系统中添加三方应用的菜单
- Liferay新建一个嵌入式页面
- 填写URL内容,注意URL的域名一定要与liferay应用同域或子域,否则cookie无法获取到
http://www.yicj1.com:9090/hello-web/index.jsp - 选择高级选项卡,填写JavaScript内容
function getCookie(c_name){ if (document.cookie.length>0){ c_start=document.cookie.indexOf(c_name + "=") ; if (c_start!=-1){ c_start=c_start + c_name.length+1 ; c_end=document.cookie.indexOf(";",c_start) ; if (c_end==-1){ c_end=document.cookie.length ; } return unescape(document.cookie.substring(c_start,c_end)) ; } } return "" } var token = getCookie('token') ; var testsrc = document.getElementById('embeddedIframe'); testsrc.src = testsrc.src+'?token='+token;
LoginPortlet将token写入cookies
- 在登录完成后将token写入cookies
/** * 登录完成后向浏览器写入token * 如果在此方法中添加cookies,必须在doview中同步清除 * @author cx * @throws UnsupportedEncodingException */ private void addCookies(String token, HttpServletResponse response) throws UnsupportedEncodingException { String userToken = URLEncoder.encode(token, "utf-8"); response.addHeader("Set-Cookie", "usertokenUrl=" + userToken + "; Path=/; Domain=yicj1.com"); }
三方应用添加Filter根据token登录
- 添加根据token登录的Filter
public class TokenLoginFilter extends OncePerRequestFilter { private Logger log = LoggerFactory.getLogger(TokenLoginFilter.class) ; @Override protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException { //log.info("========> TokenLoginFilter exec "); String url = request.getRequestURL().toString() ; log.info("request url : {}", url); // 如果用户未登录则根据token登录 String token = request.getParameter("token") ; HttpSession session = request.getSession() ; log.info("session id : {}, request token : {}", session.getId(), token); if (!StringUtils.isEmpty(token)) { // 根据token解析出用户信息,并保存到session log.info("用户信息保存到session中..."); User user = new User() ; user.setUsername(token); request.getSession().setAttribute("user", user); } // 执行下一个过滤器 filterChain.doFilter(request, response); } } - 添加认证Filter(如三方应用存在则不需要重复添加)
public class AuthenticationFilter extends OncePerRequestFilter { private Logger log = LoggerFactory.getLogger(AuthenticationFilter.class) ; @Override protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException { //log.info("====> AuthenticationFilter exec () "); String url = request.getRequestURL().toString() ; log.info("request url : {}", url); String contextpath = request.getContextPath() ; HttpSession session = request.getSession() ; User user = (User)session.getAttribute("user") ; log.info(session.getId() + " <==> log user info : {}", user); // 如果用户未登录则跳转到登录页面 if (!isLoginOper(request) && user == null) { response.sendRedirect(contextpath + "/login.jsp"); }else { filterChain.doFilter(request, response); } } /** * 判断是否为登录操作 * @param request * @return */ private boolean isLoginOper(HttpServletRequest request) { String uri = request.getRequestURI() ; String contextpath = request.getContextPath() ; //log.info("uri : {}", uri); //log.info("contextpath : {}", contextpath); return uri.startsWith(contextpath +"/login.jsp") || uri.contentEquals(contextpath + "/login"); } }
注意事项
- Liferay中配置的三方应用的URL一定要与Liferay应用同域或则为子域。(可通过nginx反向代理三方应用的域名)
- 经测试发现不同域时,三方应用内部任意一次请求sessionId都会变化(三方应用内部后台请求或超链接)。
标签:三方,info,log,request,嵌套,token,session,user,Liferay 来源: https://blog.csdn.net/yichengjie_c/article/details/118765895