概述
下载地址:https://gitee.com/xuxueli0323/xxl-sso
文档地址:https://www.xuxueli.com/xxl-sso/
概述
XXL-SSO 是一个分布式单点登录框架。只需要登录一次就可以访问所有相互信任的应用系统。
拥有"轻量级、分布式、跨域、Cookie+Token均支持、Web+APP均支持"等特性。现已开放源代码,开箱即用。
特性
- 1、简洁:API直观简洁,可快速上手
- 2、轻量级:环境依赖小,部署与接入成本较低
- 3、单点登录:只需要登录一次就可以访问所有相互信任的应用系统
- 4、分布式:接入SSO认证中心的应用,支持分布式部署
- 5、HA:Server端与Client端,均支持集群部署,提高系统可用性
- 6、跨域:支持跨域应用接入SSO认证中心
- 7、Cookie+Token均支持:支持基于Cookie和基于Token两种接入方式,并均提供Sample项目
- 8、Web+APP均支持:支持Web和APP接入
- 9、实时性:系统登陆、注销状态,全部Server与Client端实时共享
- 10、CS结构:基于CS结构,包括Server"认证中心"与Client"受保护应用"
- 11、记住密码:未记住密码时,关闭浏览器则登录态失效;记住密码时,支持登录态自动延期,在自定义延期时间的基础上,原则上可以无限延期
- 12、路径排除:支持自定义多个排除路径,支持Ant表达式,用于排除SSO客户端不需要过滤的路径
基本流程
项目结构
XXl-SSO 的实现原理
项目配置
- 在需要信任的认证的项目中引入项目中引入jar包
<dependence><groupId>com.xuxueli</groupId><artifactId>xxl-sso</artifactId><version>1.1.1-SNAPSHOT</version></dependence>
- 单独部署xxl-sso-sever 服务,xxl-sso 中的登录/登录调用xxl-sso-sever服务。 在xxl-sso-sever 中做登录/登出的业务操作,一般会调用业务系统的人员组件实现用户的登录/退出的业务操作。
目前开源的这个xxl-sso中存在的问题
- 项目的包名一般不符合一般公司的应用要求
- 项目中用户的sessionid的存储,登录/退出都是基于缓存的测试案例,没有做真正的登录业务操作
基于以上问题,一般公司拿到项目源码后会进行本地化改造,符合本公司的项目工程应用
sso-core start 组件化的实现单点登录自动配置原理
- spring.factories
org.springframework.boot.autoconfigure.EnableAutoConfiguration=\ com.xxl.sso.core.filter.XxlSsoConfig,\ com.xxl.sso.core.conf.FeignAutoConfiguration
需要被认证服务中的xxl.sso.的属性初始化,以及sso-core 包中的fegin接口
``
@Configuration
@EnableFeignClients(basePackages = "com.xxl.sso.core.api")
@ComponentScan("com.xxl.sso.core.store")
public class FeignAutoConfiguration {}
package com.xxl.sso.core.filter;import com.xxl.sso.core.conf.Conf;
import com.xxl.sso.core.web.SsoReceiveController;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.Ordered;/*** @author xuxueli 2018-11-15*/
@Configuration
@ConditionalOnProperty(prefix = "xxl.sso", name = "enable", havingValue = "true")
@EnableConfigurationProperties(XxlSsoProperties.class)
public class XxlSsoConfig {@Beanpublic FilterRegistrationBean<XxlSsoWebFilter> xxlSsoFilterRegistration(XxlSsoProperties xxlSsoProperties) {//filter initFilterRegistrationBean<XxlSsoWebFilter> registration = new FilterRegistrationBean<XxlSsoWebFilter>();registration.setName("XxlSsoWebFilter");registration.setOrder(Ordered.HIGHEST_PRECEDENCE);registration.addUrlPatterns(xxlSsoProperties.getUrlPatterns());registration.setFilter(new XxlSsoWebFilter(xxlSsoProperties));registration.addInitParameter(Conf.SSO_SERVER, xxlSsoProperties.getServer());registration.addInitParameter(Conf.SSO_LOGOUT_PATH, xxlSsoProperties.getLogoutPath());registration.addInitParameter(Conf.SSO_EXCLUDED_PATHS, xxlSsoProperties.getExcludedPaths());registration.setEnabled(xxlSsoProperties.getEnable());return registration;}@Beanpublic SsoReceiveController receiveController(){return new SsoReceiveController();}}
单点登录属性配置
@Component
@ConfigurationProperties(prefix = "xxl.sso")
@Data
public class XxlSsoProperties {/*** sso后端服务地址*/private String server;/*** 登出地址*/private String logoutPath;/*** 不需要拦截的url*/private String excludedPaths;/*** 需要拦截的路径*/private String urlPatterns;/*** 接入业务系统前端地址*/private String clientWebUrl;/*** 接收session*/private String receiveSession;/*** 业务系统是否是前后端分离*/private Boolean redirect = false;/*** 登录校验开关*/private Boolean enable = false;/*** 是否仅允许单个客户端登录*/private Boolean singleClientEnable = false;/**登录地址*/private String loginPage;/**用户管理页*/private String userMgrPage;private String redirectUrl;private String toUrl;}
xxl.sso需要单点登录应用的配置
提供是否开启、后端服务认证服务地址、后端跳转地址、退出/未登录等跳转前端页面地址、不需要请求拦截的地址等配置、门户首页地址、退出登录请求接口、用户认证方式
xxl:sso:# 是否开启登录校验enable: false# 是否仅允许单个客户端登录singleClientEnable: ${singleClientEnable:false}# sso后端服务地址server: ${xxlSsoServer:http:///前端ip:5011}# 默认跳转后端redirectUrl: ${xxlSsoRedirectUrl:http:///前端ip:5011/sso-server/sso/receive}# 默认跳转前端页面toUrl: ${xxlSsoToUrl:http:///前端ip:5011}# 登录页loginPage: ${loginPage:http:///前端ip:5011/sso-server/static/login.html}# 用户管理页userMgrPage: ${userMgrPage:http:///前端ip:5011/usercenter-admin-web/}# 登出接口logoutPath: ${xxlLogoutPath:/logout}# 不需要拦截的urlexcludedPaths: /*.html,/*.ico,/**/*.html,/**/*.css,/**/*.js,/**/*.png,/**/*.jpg,/**/*.docx,/sso/login,/potral/**,/restapi/**,/swagger-ui.html,/v2/api-docs,/swagger-resources/**,/webjars/**,/doc.html,/sso-server/doLogin2,/doGetLoginType/**,/usercenter-admin-app/admin/sysCarousel/**,/usercenter/sysCache/**# sso需要的redis地址redisAddress: redis://xxl-qweqwe:xxx_2024@/前端ip:6379/0# 需要拦截的url,默认所有请求都拦截,这里配置/*不要/**urlPatterns: ${xxlUrlPatterns:/admin/*}redis:expire:minute: ${xxlRedisExpireMinute:1440}#mysql替换redis开关(true:使用mysql替换redis)mysqlSubstitute: ${xxlSsoMysqlSubstitute:false}#cache过期时间(mysql过期时间读取此配置)cache:expireMinute: ${xxlCacheExpireMinute:1440}#登出是否跳门户首页logout2ComacPortal:#匹配的地址清单,多个逗号分割matchedUrls:#门户首页地址comacPortalUrl:
单点登录过滤
XxlSsoWebFilter (sso-core)
-
需要单点登录用户的认证的服务引用,拦截用户的所有后台请求
-
判断请求路径是否在excludedPaths检验的路径中,如果是则拦截请求返回,跳过单点登录校验返回
-
检查用户是否是退出/loginout ,如果是退出操作,则
2.1 清除用户的登录缓存
2.2 判断是否是前后端分离项目,如果不是则直接重定向至退出登录页res.sendRedirect(logoutPageUrl);
重定向地址为 /xxxxxx-admin-app/logout
2.3 如果是前后端分离项目,则返回前端状态返回501,设置登录跳转的redirect_url为前端系统页面地址
重定向地址为 /xxxxxx-admin-app/logout?redirect_url= -
判断用户是否登录,根据用户请求的xxl_sso_sessionid 获取登录用户,如果获取不到怎,则返会状态501,提示sso not login,返回数据包含跳转地址,由前端去控制是否跳转至登录页
返回包含的数据为
-
http://前端IP:5011/sso-server/sso/receive/login?redirect_url=http://前端IP:5011/xxx-admin-app/sso/receive&to_url=
4. 如果能获取到登录用户,则在request中设置登录用户,xxl_sso_user,保存登录的用户
public class XxlSsoWebFilter extends HttpServlet implements Filter {private static Logger logger = LoggerFactory.getLogger(XxlSsoWebFilter.class);private static final AntPathMatcher antPathMatcher = new AntPathMatcher();private String ssoServer;private String logoutPath;private String excludedPaths;private XxlSsoProperties xxlSsoProperties;public XxlSsoWebFilter (XxlSsoProperties xxlSsoProperties){this.xxlSsoProperties = xxlSsoProperties;}@Overridepublic void init(FilterConfig filterConfig) throws ServletException {ssoServer = filterConfig.getInitParameter(Conf.SSO_SERVER);logoutPath = filterConfig.getInitParameter(Conf.SSO_LOGOUT_PATH);excludedPaths = filterConfig.getInitParameter(Conf.SSO_EXCLUDED_PATHS);logger.info("XxlSsoWebFilter init,xxlSsoProperties:{}",JSON.toJSONString(xxlSsoProperties));}@Overridepublic void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {HttpServletRequest req = (HttpServletRequest) request;HttpServletResponse res = (HttpServletResponse) response;logger.info("-过滤请求--->{}", request.toString());logger.info("--过滤参数--->{}", request.getParameterMap().toString());logger.info("-过滤响应--->{}", response.toString());// make urlString servletPath = req.getServletPath();logger.info("servlet path={}",servletPath);// excluded path checkif (excludedPaths!=null && excludedPaths.trim().length()>0) {for (String excludedPath:excludedPaths.split(",")) {String uriPattern = excludedPath.trim();// 支持ANT表达式if (antPathMatcher.match(uriPattern, servletPath)) {// excluded path, allowchain.doFilter(request, response);return;}}}// logout path checkif (logoutPath!=null&& logoutPath.trim().length()>0&& logoutPath.equals(servletPath)) {logger.info("######################XxlSsoWebFilter logoutPath:{}",logoutPath);// remove cookieSsoWebLoginHelper.logout(req, res);// redirect logoutString logoutPageUrl = ssoServer.concat(Conf.SSO_LOGOUT);//判断业务系统是否是前后端分离if (xxlSsoProperties.getRedirect()){Map<String,String> dataMap = new HashMap<>();dataMap.put("loginPageUrl",logoutPageUrl+"?redirect_url=");ResponseUtils.writeResponse(res,BaseResult.buildError(Conf.SSO_LOGIN_FAIL_RESULT.getCode(),Conf.SSO_LOGIN_FAIL_RESULT.getMsg(),dataMap));return;}res.sendRedirect(logoutPageUrl);return;}// valid login user, cookie + redirectXxlSsoUser xxlUser = SsoWebLoginHelper.loginCheck(req, res);// valid login failif (xxlUser == null) {String header = req.getHeader("content-type");boolean isJson= header!=null && header.contains("json");if (isJson) {// json msgres.setContentType("application/json;charset=utf-8");Map<String,String> dataMap = new HashMap<>();dataMap.put("loginPageUrl", ssoServer.concat(Conf.SSO_LOGIN) + "?" + Conf.REDIRECT_URL + "=" + xxlSsoProperties.getClientWebUrl() + xxlSsoProperties.getReceiveSession() + "&"+ Conf.TO_URL + "=");ResponseUtils.writeResponse(res, BaseResult.buildError(Conf.SSO_LOGIN_FAIL_RESULT.getCode(), Conf.SSO_LOGIN_FAIL_RESULT.getMsg(),dataMap));return;} else {// total linkString link = req.getRequestURL().toString();// redirect logoutString loginPageUrl = ssoServer.concat(Conf.SSO_LOGIN)+ "?" + Conf.REDIRECT_URL + "=" + link;//判断业务系统是否是前后端分离if (xxlSsoProperties.getRedirect()){res.getWriter().println("{\"code\":" + Conf.SSO_LOGIN_FAIL_RESULT.getCode() + ", \"msg\":\"" + Conf.SSO_LOGIN_FAIL_RESULT.getMsg() + "\", \"loginPageUrl\":\"" + ssoServer.concat(Conf.SSO_LOGIN) + "?" + Conf.REDIRECT_URL + "="+xxlSsoProperties.getClientWebUrl()+xxlSsoProperties.getReceiveSession()+"&"+Conf.TO_URL+"=" + "\"}");return;}res.sendRedirect(loginPageUrl);return;}}// ser sso userrequest.setAttribute(Conf.SSO_USER, xxlUser);// already login, allowchain.doFilter(request, response);return;}}
XxlSsoTokenFilter(sso-core)
需要单点登录用户的认证的服务引用,拦截用户的所有后台请求
- 判断请求路径是否在excludedPaths检验的路径中,如果是则拦截请求返回,跳过单点登录校验
- 检查用户是否是退出/loginout ,如果是退出操作,则清除用户的登录缓存,返回状态200,退出登录成功!
- 判断用户是否登录,根据用户请求的xxl_sso_sessionid 获取登录用户,如果获取不到怎,则返会状态501,提示sso not login
- 如果能获取到登录用户,则在request中设置登录用户,xxl_sso_user,保存登录的用户
public class XxlSsoTokenFilter extends HttpServlet implements Filter {private static Logger logger = LoggerFactory.getLogger(XxlSsoTokenFilter.class);private static final AntPathMatcher antPathMatcher = new AntPathMatcher();private String ssoServer;private String logoutPath;private String excludedPaths;@Overridepublic void init(FilterConfig filterConfig) throws ServletException {ssoServer = filterConfig.getInitParameter(Conf.SSO_SERVER);logoutPath = filterConfig.getInitParameter(Conf.SSO_LOGOUT_PATH);excludedPaths = filterConfig.getInitParameter(Conf.SSO_EXCLUDED_PATHS);logger.info("XxlSsoTokenFilter init.");}@Overridepublic void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {HttpServletRequest req = (HttpServletRequest) request;HttpServletResponse res = (HttpServletResponse) response;// make urlString servletPath = req.getServletPath();// excluded path checkif (excludedPaths!=null && excludedPaths.trim().length()>0) {for (String excludedPath:excludedPaths.split(",")) {String uriPattern = excludedPath.trim();// 支持ANT表达式if (antPathMatcher.match(uriPattern, servletPath)) {// excluded path, allowchain.doFilter(request, response);return;}}}// logout filterif (logoutPath!=null&& logoutPath.trim().length()>0&& logoutPath.equals(servletPath)) {// logoutSsoTokenLoginHelper.logout(req);// responseres.setStatus(HttpServletResponse.SC_OK);res.setContentType("application/json;charset=UTF-8");res.getWriter().println("{\"code\":"+ReturnT.SUCCESS_CODE+", \"msg\":\"\"}");return;}// login filterXxlSsoUser xxlUser = SsoTokenLoginHelper.loginCheck(req);if (xxlUser == null) {// responseres.setStatus(HttpServletResponse.SC_OK);res.setContentType("application/json;charset=UTF-8");res.getWriter().println("{\"code\":"+Conf.SSO_LOGIN_FAIL_RESULT.getCode()+", \"msg\":\""+ Conf.SSO_LOGIN_FAIL_RESULT.getMsg() +"\"}");return;}// ser sso userrequest.setAttribute(Conf.SSO_USER, xxlUser);// already login, allowchain.doFilter(request, response);return;}
}
用户未登录跳转至用户认证页面
1.请求关接口
包括
-
-
js css等前端静态页面
-
GET /flow-platform/message/msgtype? 获取消息类型
GET /flow-platform/message/msgtype? HTTP/1.1
Host: /前端ip:5011
Connection: keep-alive
Access-Control-Allow-Origin: *
Accept: application/json
x-requested-with: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json
Referer: http://前端ip:5011/xxxxx-web/home
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9
HTTP/1.1 200
Server: nginx/1.26.1
Date: Sat, 14 Sep 2024 09:36:56 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 197
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,__gsuite_user_id,__gsuite_user_name
{“code”:501,“message”:“sso not login.”,“data”:{“loginPageUrl”:“http:/10.216.40.123:8089/sso-server/login?redirect_url=http:///前端ip:5011/flowplatform-web/flow-platform/sso/receive&to_url=”}}
-
用户退出
POST /usercenter-admin-app/logout HTTP/1.1
Host: /前端ip:5011
Connection: keep-alive
Content-Length: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json
Accept: */*
Origin: http:///前端ip:5011
Referer: http:/前端ip:5011/usercenter-admin-web/authoritymanage/usermanage
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9
Cookie: xxl_sso_sessionid=99779001_d9b3bd189e2540b78523e707ab6fcefb; JSESSIONID=node01rkxul7artxv61t4oxv8fffog05184.node0HTTP/1.1 200 OK
Server: nginx/1.26.1
Date: Wed, 18 Sep 2024 03:37:49 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 135
Connection: keep-alive
Set-Cookie: xxl_sso_sessionid=""; Version=1; Path=/; Domain="http://cmos-base-usercenter/"; HttpOnly; Max-Age=0; Expires=Thu, 01-Jan-1970 00:00:00 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,__gsuite_user_id,__gsuite_user_name{"code":501,"message":"sso not login.","data":{"loginPageUrl":"http:///前端ip:5011/sso-server/sso/receive/logout?redirect_url="}}GET /sso-server/sso/receive/logout?redirect_url=http%3A%2F%2F前端ip%3A5011%2Fusercenter-admin-web%2F HTTP/1.1
Host: 前端ip
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Referer: http://前端ip:5011/usercenter-admin-web/authoritymanage/usermanage
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9
Cookie: xxl_sso_sessionid=99779001_d9b3bd189e2540b78523e707ab6fcefb; JSESSIONID=node01rkxul7artxv61t4oxv8fffog05184.node0HTTP/1.1 404
Server: nginx/1.26.1
Date: Wed, 18 Sep 2024 03:37:50 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 341
Connection: keep-alive
Content-Language: zh-CN<html><body><h1>Whitelabel Error Page</h1><p>This application has no explicit mapping for /error, so you are seeing this as a fallback.</p><div id='created'>Wed Sep 18 11:41:48 CST 2024</div><div>There was an unexpected error (type=Not Found, status=404).</div><div>No handler found for GET /sso-server/sso/receive/logout</div></body></html>
GET /favicon.ico HTTP/1.1
Host: 前端ip:5011
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://前端ip:5011/sso-server/sso/receive/logout?redirect_url=http%3A%2F%2F前端ip%3A5011%2Fusercenter-admin-web%2F
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9
Cookie: xxl_sso_sessionid=99779001_d9b3bd189e2540b78523e707ab6fcefb; JSESSIONID=node01rkxul7artxv61t4oxv8fffog05184.node0
后台业务操作
退出登录后台操作
SsoTokenLoginHelper.logout(req)
- 根据对象请求头获取xxl_sso_sessionid
- 根据对象请求头xxl_sso_sessionid 删除缓存记录
如果是记录在mysql 中,则缓存记录表结果如下
如果是记录在mysql 中,则缓存记录表结果如下
id | bigint | 非空 | 主键id |
---|---|---|---|
cache_key | varchar | 缓存键 | |
cache_value | text | 缓存值 | |
gmt_expiration | datetime | 有效期 |
如果是记录在redis中则,根据xxl_sso_sessionid 删除redis中的缓存
检查登录
// valid login user, cookie + redirectXxlSsoUser xxlUser = SsoWebLoginHelper.loginCheck(req, res);
public static XxlSsoUser loginCheck(HttpServletRequest request, HttpServletResponse response){String cookieSessionId = CookieUtil.getValue(request, Conf.SSO_SESSIONID);XxlSsoUser xxlUser = SsoTokenLoginHelper.loginCheck(cookieSessionId);if (xxlUser != null) {return xxlUser;}// remove old cookieSsoWebLoginHelper.removeSessionIdByCookie(request, response);// set new cookieString paramSessionId = request.getParameter(Conf.SSO_SESSIONID);xxlUser = SsoTokenLoginHelper.loginCheck(paramSessionId);if (xxlUser != null) {CookieUtil.set(request,response, Conf.SSO_SESSIONID, paramSessionId, false); // expire when browser close (client cookie)return xxlUser;}return null;}
- CookieUtil.getValue 方法
/*** 查询value** @param request* @param key* @return*/public static String getValue(HttpServletRequest request, String key) {Cookie cookie = get(request, key);if (cookie != null) {return cookie.getValue();}return null;}
- SsoTokenLoginHelper.loginCheck方法
/*** login check** @param sessionId* @return*/public static XxlSsoUser loginCheck(String sessionId){String storeKey = SsoSessionIdHelper.parseStoreKey(sessionId);if (storeKey == null || "null".equals(storeKey)) {return null;}XxlSsoUser xxlUser = SsoLoginStore.get(storeKey);if (xxlUser != null) {String version = SsoSessionIdHelper.parseVersion(sessionId);if (xxlUser.getVersion().equals(version)) {// After the expiration time has passed half, Auto refreshif ((System.currentTimeMillis() - xxlUser.getExpireFreshTime()) > xxlUser.getExpireMinute()/2) {xxlUser.setExpireFreshTime(System.currentTimeMillis());SsoLoginStore.put(storeKey, xxlUser);}return xxlUser;}}return null;}
根据缓存的session-id,一般是从缓存或者接口中查询session-id 对应的用户信息
如果从数据库中查询
@Overridepublic BaseResult<SysCacheResVO> cacheValAqusitionByCacheKey(@RequestBody SysCacheKeyReqVO vo) {log.info("SysCacheController cacheValAqusitionByCacheKey() executed.param is {}", vo.getCacheKey());if (mysqlSubstitute) {if (ObjectUtils.isEmpty(vo) || ObjectUtils.isEmpty(vo.getCacheKey())) {log.error("SysCacheController cacheEvictionByCacheKey() param cacheKey is null");return BaseResult.buildError("SysCacheController cacheValAqusitionByCacheKey() param cacheKey is null.");}ReturnT<SysCacheResVO> result = sysCacheService.findByCacheKey(vo.getCacheKey());if (ReturnT.FAIL_CODE != result.getCode()) {log.debug("###############SysCacheController cacheValAqusitionByCacheKey in mysql, cacheKey:{},xxlSsoUser:{}", result.getData().getCacheKey(), result.getData().getCacheValueObj());log.info("SysCacheController cacheValAqusitionByCacheKey() successfully executed.");return BaseResult.buildSuccess(result.getData());} else {log.error("SysCacheController cacheValAqusitionByCacheKey() failed to execute.");return BaseResult.buildError("SysCacheController cacheValAqusitionByCacheKey() failed to execute.");}} else {if (!ObjectUtils.isEmpty(vo) && !ObjectUtils.isEmpty(vo.getCacheKey())) {Object objectValue = JedisUtil.getObjectValue(vo.getCacheKey());XxlSsoUser xxlUser = (XxlSsoUser) objectValue;SysCacheResVO sysCacheResVO = new SysCacheResVO();sysCacheResVO.setCacheKey(vo.getCacheKey());sysCacheResVO.setCacheValueObj(xxlUser);log.info("###############SysCacheController cacheValAqusitionByCacheKey in redis, cacheKey:{},xxlSsoUser:{}", vo.getCacheKey(), xxlUser);return BaseResult.buildSuccess(sysCacheResVO);} else {log.error("SysCacheController cacheValAqusitionByCacheKey() objectValue is null.");return BaseResult.buildSuccess(null);}}}
@Overridepublic BaseResult<SysCacheResVO> xxxxxcacheValAqusitionByCacheKey(@RequestBody SysCacheKeyReqVO vo) {log.info("SysCacheController cacheValAqusitionByCacheKey() executed.param is {}", vo.getCacheKey());if (mysqlSubstitute) {if (ObjectUtils.isEmpty(vo) || ObjectUtils.isEmpty(vo.getCacheKey())) {log.error("SysCacheController cacheEvictionByCacheKey() param cacheKey is null");return BaseResult.buildError("SysCacheController cacheValAqusitionByCacheKey() param cacheKey is null.");}ReturnT<SysCacheResVO> result = sysCacheService.findByCacheKey(vo.getCacheKey());if (ReturnT.FAIL_CODE != result.getCode()) {log.info("SysCacheController cacheValAqusitionByCacheKey() successfully executed.");return BaseResult.buildSuccess(result.getData());} else {log.error("SysCacheController cacheValAqusitionByCacheKey() failed to execute.");return BaseResult.buildError("SysCacheController cacheValAqusitionByCacheKey() failed to execute.");}} else {if (!ObjectUtils.isEmpty(vo) && !ObjectUtils.isEmpty(vo.getCacheKey())) {Object objectValue = JedisUtil.getObjectValue(vo.getCacheKey());XxlSsoUser xxlUser = (XxlSsoUser) objectValue;SysCacheResVO sysCacheResVO = new SysCacheResVO();sysCacheResVO.setCacheKey(vo.getCacheKey());sysCacheResVO.setCacheValueObj(xxlUser);return BaseResult.buildSuccess(sysCacheResVO);} else {return BaseResult.buildSuccess(null);}}}
如果从数据库中查询如下
@Transactional(propagation = Propagation.REQUIRES_NEW, rollbackFor = Exception.class)@Overridepublic ReturnT<SysCacheResVO> findXXXByCacheKey(String cacheKey) {SysCacheResVO sysCacheResVO = new SysCacheResVO();CompletableFuture<SysCache> selectCompletableFuture = CompletableFuture.supplyAsync(() -> {SysCache sysCache = sysCacheDomain.getOneByCacheKey(cacheKey);return sysCache;}, executor).thenApply((sysCache) -> {//根据查询结果判断是否删除if(!ObjectUtils.isEmpty(sysCache)){LocalDateTime expiration = sysCache.getGmtExpiration();if(null != expiration){//-1:小于int compareResult = expiration.compareTo(LocalDateTime.now());//过期删除数据库对象,并返回nullif(compareResult <= 0 && !ObjectUtils.isEmpty(sysCache.getId())){//过期int deleteResult = sysCacheDomain.deleteById(sysCache.getId());if(deleteResult > 0){sysCache = null;}}}}return sysCache;});try {CompletableFuture.allOf(selectCompletableFuture).get();SysCache sysCache = selectCompletableFuture.get();if(!ObjectUtils.isEmpty(sysCache) && !ObjectUtils.isEmpty(sysCache.getCacheValue())){sysCacheResVO.setCacheKey(cacheKey); sysCacheResVO.setCacheValueObj(JedisUtil.unserialize(Base64.getDecoder().decode(sysCache.getCacheValue())));}} catch (Exception e) {log.error("SysCacheService findByCacheKey() 异步线程异常:", e);return new ReturnT(ReturnT.FAIL_CODE, "findByCacheKey异步执行异常");}return new ReturnT(sysCacheResVO);}
- XxlSsoUser
public class XxlSsoUser implements Serializable {private static final long serialVersionUID = 42L;// fieldprivate String userid;private String username;private String userCode;private Long employeeId;private String employeeCode;private Map<String, String> plugininfo;private String version;private int expireMinute;private long expireFreshTime;}
/sso/receive 登录跳转 移除掉SSO_SESSIONID和TO_URL两个参数
@GetMapping("/sso/receive")public void xxxreceive(HttpServletRequest request, HttpServletResponse response) throws IOException {StringBuilder builder = new StringBuilder();// 作为baseUrlString toUrl = request.getParameter(Conf.TO_URL);builder.append(toUrl);for (Map.Entry entry : request.getParameterMap().entrySet()) {String key = entry.getKey().toString();// 排除这两个参数if ((!Conf.SSO_SESSIONID.equals(key)) && (!Conf.TO_URL.equals(key))) {builder.append("&").append(key).append("=").append(request.getParameter(key));}}response.sendRedirect(builder.toString());}