E8电脑端单点登录总结
本文章主要在于解释泛微Ecology8版本中如果单点进入系统。
首先,系统标准的单点进入需要有OA的登录账号、不论OA自身还是其它系统访问OA都需要有对应的账号或者其它唯一对应关系。
再有,系统中的VerifySSoLogin.jsp只支持loginid的对应,即不论异构系统中哪个字段对应OA的登录账号,但OA中按照loginid字段处理。
如果异构系统与OA的人员对应关系不是以OA中的loginid对应的,请按照【如果对应关系不是loginid】目录中的内容自行开发验证登录页。
VerifySSoLogin.jsp总体逻辑
/login/VerifySSoLogin.jsp?para=XXX
para详解
通过下图我们可以得到如下信息:
1.该jsp中接受para参数
2.从配置文件取出pwd参数(密钥)
3.AES解密para参数
4.分隔出gopage和loginid
image.png
尝试写一个可以单点进入OA的jsp
示例代码
<%@page language="java" contentType="text/html; charset=UTF-8"%>
<%@page import="weaver.general.AES"%>
<%@page import="weaver.general.BaseBean"%>
<%
try {
//获取AES加密Key
String pwd = new BaseBean().getPropValue("AESpassword", "pwd");
//要访问OA具体页面的地址
String gopage = "/wui/main.jsp";
//OA的登录账号
String loginid = "llh";
//拼接成一个字符串
String url = gopage + "#" + loginid;
//加密成para参数
String para = AES.encrypt(url, pwd);
//访问OA的具体地址
response.sendRedirect("/login/VerifySSoLogin.jsp?para=" + para);
} catch (Exception e) {
new BaseBean().writeLog(e);
response.sendRedirect("/login/Login.jsp");
return;
}
%>
如果对应关系不是loginid
请新建一个jsp,参照/login/VerifySSoLogin.jsp 重写一个jsp页面,修改查询人员sql(如下图所示)。
1586245211(1).jpg
第三方用到AES加密类
将加密类 AES发给第三方,按照该类加密encrypt 方法加密。
请务必然第三方采用该类加密,否则系统无法解密。
AES加密解密类
该代码为反编译代码,亲测可以放心使用。
package weaver.general;
import com.sun.crypto.provider.SunJCE;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SecureRandom;
import java.security.Security;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import sun.security.provider.Sun;
public class AES {
static {
if (null == Security.getProvider("SunJCE")) {
Security.addProvider(new SunJCE());
}
if (null == Security.getProvider("SUN")) {
Security.addProvider(new Sun());
}
}
/**
*加密类
*paramString1 加密的字符串
*paramString2 加密key
**/
public static String encrypt(String paramString1, String paramString2) {
byte[] arrayOfByte1 = null;
try {
KeyGenerator localKeyGenerator = KeyGenerator.getInstance("AES");
SecureRandom localSecureRandom = SecureRandom.getInstance("SHA1PRNG");
localSecureRandom.setSeed(paramString2.getBytes());
localKeyGenerator.init(128, localSecureRandom);
SecretKey localSecretKey = localKeyGenerator.generateKey();
byte[] arrayOfByte2 = localSecretKey.getEncoded();
SecretKeySpec localSecretKeySpec = new SecretKeySpec(arrayOfByte2, "AES");
Cipher localCipher = Cipher.getInstance("AES", "SunJCE");
byte[] arrayOfByte3 = paramString1.getBytes();
localCipher.init(1, localSecretKeySpec);
arrayOfByte1 = localCipher.doFinal(arrayOfByte3);
} catch (NoSuchProviderException localNoSuchProviderException) {
localNoSuchProviderException.printStackTrace();
} catch (NoSuchAlgorithmException localNoSuchAlgorithmException) {
localNoSuchAlgorithmException.printStackTrace();
} catch (NoSuchPaddingException localNoSuchPaddingException) {
localNoSuchPaddingException.printStackTrace();
} catch (InvalidKeyException localInvalidKeyException) {
localInvalidKeyException.printStackTrace();
} catch (IllegalBlockSizeException localIllegalBlockSizeException) {
localIllegalBlockSizeException.printStackTrace();
} catch (BadPaddingException localBadPaddingException) {
localBadPaddingException.printStackTrace();
}
return arrayOfByte1 == null ? "" : parseByte2HexStr(arrayOfByte1);
}
public static String decrypt(String paramString1, String paramString2) {
byte[] arrayOfByte1 = null;
byte[] arrayOfByte2 = parseHexStr2Byte(paramString1);
try {
KeyGenerator localKeyGenerator = KeyGenerator.getInstance("AES");
SecureRandom localSecureRandom = SecureRandom.getInstance("SHA1PRNG");
localSecureRandom.setSeed(paramString2.getBytes());
localKeyGenerator.init(128, localSecureRandom);
SecretKey localSecretKey = localKeyGenerator.generateKey();
byte[] arrayOfByte3 = localSecretKey.getEncoded();
SecretKeySpec localSecretKeySpec = new SecretKeySpec(arrayOfByte3, "AES");
Cipher localCipher = Cipher.getInstance("AES", "SunJCE");
localCipher.init(2, localSecretKeySpec);
arrayOfByte1 = localCipher.doFinal(arrayOfByte2);
} catch (NoSuchProviderException localNoSuchProviderException) {
localNoSuchProviderException.printStackTrace();
} catch (NoSuchAlgorithmException localNoSuchAlgorithmException) {
localNoSuchAlgorithmException.printStackTrace();
} catch (NoSuchPaddingException localNoSuchPaddingException) {
localNoSuchPaddingException.printStackTrace();
} catch (InvalidKeyException localInvalidKeyException) {
localInvalidKeyException.printStackTrace();
} catch (IllegalBlockSizeException localIllegalBlockSizeException) {
localIllegalBlockSizeException.printStackTrace();
} catch (BadPaddingException localBadPaddingException) {
localBadPaddingException.printStackTrace();
}
return arrayOfByte1 == null ? "" : new String(arrayOfByte1);
}
private static String parseByte2HexStr(byte[] paramArrayOfByte) {
StringBuffer localStringBuffer = new StringBuffer();
for (int i = 0; i < paramArrayOfByte.length; i++) {
String str = Integer.toHexString(paramArrayOfByte[i] & 0xFF);
if (str.length() == 1) {
str = '0' + str;
}
localStringBuffer.append(str.toUpperCase());
}
return localStringBuffer.toString();
}
private static byte[] parseHexStr2Byte(String paramString) {
if (paramString.length() < 1) {
return null;
}
byte[] arrayOfByte = new byte[paramString.length() / 2];
for (int i = 0; i < paramString.length() / 2; i++) {
int j = Integer.parseInt(paramString.substring(i * 2, i * 2 + 1), 16);
int k = Integer.parseInt(paramString.substring(i * 2 + 1, i * 2 + 2), 16);
arrayOfByte[i] = ((byte) (j * 16 + k));
}
return arrayOfByte;
}
}
