LtpaTokenIdentifier.java example

Explorer
jinhe-tss-master
/* ==================================================================   
 * Created [2009-4-27 下午11:32:55] by Jon.King 
 * ==================================================================  
 * TSS 
 * ================================================================== 
 * mailTo:jinpujun@hotmail.com
 * Copyright (c) Jon.King, 2009-2012 
 * ================================================================== 
 */

package com.jinhe.tss.um.sso.othersystem;

import java.security.Principal;

import com.jinhe.tss.core.Global;
import com.jinhe.tss.core.exception.BusinessException;
import com.jinhe.tss.core.exception.UserIdentificationException;
import com.jinhe.tss.core.sso.IOperator;
import com.jinhe.tss.core.sso.IPWDOperator;
import com.jinhe.tss.core.sso.context.Context;
import com.jinhe.tss.core.sso.context.RequestContext;
import com.jinhe.tss.core.sso.identifier.BaseUserIdentifier;
import com.jinhe.tss.core.util.Escape;
import com.jinhe.tss.core.web.RewriteableHttpServletRequest;
import com.jinhe.tss.um.service.ILoginService;

/**
 * <p>
 *  LtpaToken身份认证器 <br>
 *  通过验证是否存在LtpaToken以及username来判断用户是否已经登录OA，如果是，则让其在平台登录。 <br>
 *  
 *  用户在OA系统中登录以后，通过以下地址转入到门户中： <br>
 *  http://ip/tss/login.do?identifier=com.jinhe.tss.um.identification.identifier.LtpaTokenIdentifier&username=AdminX&sso=true <br>
 *  需要在PMS的application.properties文件中设置SSO成功后调整的页面地址，例如： <br>
 *  sso.index.page = /pms/default.portal <br>
 *  默认login.do只返回成功信息，但如果有sso=true和sso.index.page的配置同时存在，则会自动sendRedirect至sso.index.page页面。
 * </p>
 */
public class LtpaTokenIdentifier extends BaseUserIdentifier {
    
    public final static String LTPA_TOKEN_NAME = "LtpaToken";
    public final static String LOGIN_NAME = "username";
    
    ILoginService service = (ILoginService) Global.getContext().getBean("LoginService");
 
    protected IOperator validate() throws UserIdentificationException {
        RequestContext requestContext = Context.getRequestContext();
        RewriteableHttpServletRequest request = requestContext.getRequest();

        String ltpaToken = requestContext.getValueFromRequest(LTPA_TOKEN_NAME);
        if(ltpaToken == null) {
            throw new UserIdentificationException("LtpaToken为空，用户可能还没有登录OA，请重新登录");
        }
        
        String loginName;
        Principal userPrincipal = request.getUserPrincipal();
        if(userPrincipal != null){
            loginName = userPrincipal.getName();
        } else {
            loginName = requestContext.getValueFromRequest(LOGIN_NAME);
            if(loginName != null){
                loginName = Escape.unescape(loginName);
            }
        }
        if(loginName == null) throw new BusinessException("取不到用户，请确认已经配置好SSO！");
        
        IPWDOperator operator = service.getOperatorDTOByLoginName(loginName);
        
        if (operator == null) throw new BusinessException("用户在UMS里不存在！");
        
        return operator;
    }
}