使用原理

• 1.1 社区系统点击进入被登录系统（psmp）时，传来的请求携带着session_id，psmp判断是否单点登录
• 2.1(携带session_id) YES:则像社区系统发送请求验证该session_id，验证通过则直接进入首页，否则进入登录页面
• 2.2（未携带session_id） NO:进入登录页面

注：社区系统和psmp的登录账号需要保持一致，否则无法登陆

具体实现

web.xml里面设置过滤器和分发器

过滤器

<filter>
    <filter-name>SessionFilter</filter-name>
    <filter-class>com.ztesoft.uboss.login.filter.SessionFilter</filter-class>
    <init-param>
        <param-name>ExcludeFile</param-name>
        <param-value>/callremoteservice.do,/mcallremoteservice.do,/Login.jsp,/Login_chongqizongzhi.jsp,/Login_version20.jsp,/UlepLogin.jsp,loginservlet.do,ssologin.do, ssoeventNum.do,ssoeventList.do,logout.jsp,Error.jsp, /modules/bpmn/flowdesigner/draw/showFlow.jsp,/modules/bpmn/flowdesigner/draw/showView.jsp,/modules/bpmn/flowdesigner/draw/showFlow.jsp ,/modules/bpmn/flowdesigner/draw/showsubFlow.jsp,/modules/bpmn/flowdesigner/draw/flowActiviti.jsp,/modules/form ,modules/admin/report/release/reportTemplate.jsp,PreviewNotice.jsp,/sso.jsp
        </param-value>
    </init-param>
</filter>

servlet

<servlet id="Servlet_1172640229695">
        <servlet-name>loginservlet</servlet-name>
        <servlet-class>
            <!-- com.ztesoft.uboss.web.servlet.LoginServlet -->
            com.ztesoft.uboss.login.servlet.LoginServlet
        </servlet-class>
    </servlet>

<servlet-mapping id="ServletMapping_1172640229856">
        <servlet-name>loginservlet</servlet-name>
        <url-pattern>/loginservlet.do</url-pattern>
    </servlet-mapping>

SessionFilter

在doFilter（）方法里面，加上一句判断

String session_id = request.getParameter("session_id");
if (!StringUtils.isBlank(session_id)) { // 单点登录方式
    String strWebRoot = getWebRoot(request);
    String curURL = "loginservlet.do?action=login&sessionID=" + session_id;
    response.sendRedirect(strWebRoot + curURL);
    filterChain.doFilter(request, response);
    return;
}

LoginServlet

在login（）方法里面加上一句判断

// 天津一部单点登录
sessionId = request.getParameter("sessionID");
    String responseBody = "";
    if (StringUtil.isNotEmpty(sessionId)) {
        String url = ConfigurationMgr.instance().getString("SSO_URL");
        //String url ="http://10.45.8.27:8080/ccm/sso/entrance/sessionLoad?session_id=" + sessionId;
        if (StringUtil.isEmpty(url)) {
            SMSLoginState ssoResult = SMSLoginState.USRCODE_ERR;
            logger.info("LOGIN FAILED TO GET AUTH URL.");
            LoginUtil.gotoAnotherLink(request, response, ssoResult, loginJsp);
            return;
        }
        responseBody = callHttpClientRequest(url, sessionId);
        JSONObject jsonResponse = JSONObject.fromObject(responseBody);
        if (jsonResponse.getBoolean("success")) {
            ssoLoginUserCode = jsonResponse.getString("acc_login_name");
            //ssoLoginUserCode="imcp";
            // 代表sso登录成功
            if (StringUtil.isNotEmpty(ssoLoginUserCode)) {
                logger.debug("SSO Auth success. User Code: " + ssoLoginUserCode);
                loginDict.set("SSO_AUTH_SUCCESS_CODE", ssoLoginUserCode);
                loginDict.set("USER_CODE", ssoLoginUserCode);
                loginDict.set("SESSION_ID", sessionId);
                userCode = ssoLoginUserCode;
                loginDict.setValueByName("LOGIN_PATTERN", 0);
                loginServ.login(loginDict);
            }
        } else {
            SMSLoginState ssoResult = SMSLoginState.USRCODE_ERR;
            LoginUtil.gotoAnotherLink(request, response, ssoResult,
                loginJsp);
            logger.info("SSO AUTH FAILED.");
            return;
        }
    } else {
        loginServ.login(loginDict);
    }