Java EEºÍDominoϵͳ¼ä¿çÓòSSOµÄʵÏÖ

1. SSOÐèÇó
µ¥µãµÇ¼£¨Single Sign On, SSO£©ÊÇÆóÒµÓ¦Óü¯³ÉÖÐ×î³£¼ûµÄÐèÇó¡£Ò칹ϵͳ¼äÍùÍù¶¼Óи÷×ÔµÄÓû§¹ÜÀíºÍÉí·ÝÑéÖ¤»úÖÆ£¬Îª
±ÜÃâÓû§ÔÚ½øÐÐϵͳÇл»Ê±Æµ·±ÊäÈëÓû§ÃûºÍÃÜÂ룬Òò´Ë±ØÐëҪʵÏÖµ¥µãµÇ¼¡£
2. SSOÔ­Àí
˵µ½SSOµÄÔ­Àí£¬ÏȵÃ˵һ°ãWebÓ¦ÓõÄÉí·ÝÑéÖ¤Ô­Àí¡£WebÉí·ÝÑéÖ¤Ö®ËùÒÔÄܳÉΪÎÊÌâÖ÷ÒªÔÚÓÚHTTPЭÒéµÄÎÞ״̬ÐÔ£¬Õâµ¼
ÖÂÁËÿ´ÎHTTPµÄÇëÇóºÍÏìÓ¦µÄÎÞ¹ØÐÔ¡£¶øÓ¦ÓõÄ״̬±£³ÖÊǴ󲿷ÖÓ¦ÓÃϵͳµÄÒ»°ãÐÔÐèÇó£¬Òò´Ë±ØÐë½èÖúÆäËû»úÖÆ£¬Õâ¾ÍÊÇCookie¡£
2.1. CookieµÄÔ­Àí
Ò»¸öCookieÓÉname¡¢value¡¢domain¡¢path¡¢expires×é³É¡£¿ÉÒÔ¸øHTTPÏìÓ¦Ìí¼ÓCookie£¬È»ºóCookie¾Í×÷ΪHTTPÏìÓ¦µÄ
Headers·µ»Ø¸øä¯ÀÀÆ÷£¬ÀýÈçDominoµÄµÇ¼³É¹¦ºóµÄCookieÏìӦͷΪ£º
Set-Cookie: DomAuthSessId=1AD479C4D11CD10278A4C523320A6918; path=/
ûÓÐÉèÖÃexpires¾Í±íʾ½öÔÚµ±Ç°ä¯ÀÀÆ÷½ø³ÌÉúÃüÆÚÄÚÓÐЧ£¬²»±£´æµ½¿Í»§»úÉÏ£»Èôexpiresʱ¼ä´óÓÚµ±Ç°Ê±¼ä£¬Ôòä¯ÀÀÆ÷ÔÚÊÕµ½
Õâ¸ö CookieÒÔºó½«ÆäдÈëµ½¿Í»§»úÎļþÖУ¬Ò»°ãÊDZ£´æÔÚC:\Documents and Settings\Administrator\Cookies\Ï¡£
ûÓÐÉèÖÃdomain¾Í±íʾֻÔÚµ±Ç°ÓòÄÚÓÐЧ¡£
µ±¿Í»§»úÔÙ´ÎÇëÇó¸ÃÓòÄÚµÄÆäËû×ÊԴʱ£¬ä¯ÀÀÆ÷»á×Ô¶¯½«¸ÃÓòÄÚµÄCookie¸½ÔÚÇëÇóµÄHeadersÒ»Æð·¢Ë͸øWeb·þÎñÆ÷£¬ÐÎÈ磺
Cookie: DomAuthSessId=1AD479C4D11CD10278A4C523320A6918
Èç´ËWebÓ¦ÓþÍÄܹ»Í¨¹ý¶ÁÈ¡HTTPÇëÇóHeadersÀïÃæµÄCookieÖµÀ´ÅжÏÓû§Éí·Ý£¬ÕâÑùÒ²¾Í¼ä½ÓʵÏÖÁËHTTPµÄ״̬±£³ÖÐè
Çó¡£
2.2. SSOÔ­Àí
Á˽âµÄCookieµÄÔ­ÀíÒÔºó¾Í²»ÄÑÀí½âSSOµÄÔ­ÀíÁË¡£SSOµÄÄ¿µÄÊÇΪÁËʵÏÖÁ½¸ö»ò¶à¸öÓ¦ÓÃϵͳ¼äµÄµ¥µãµÇ¼£¬ÆäʵÏÖÊÖ¶ÎÎÞ
·ÇÊÇÔڵǼAϵͳµÄ ͬʱ×Ô¶¯µÇ¼µ½Bϵͳ¡¢Cϵͳ……£¬½áºÏCookieÒ²¾ÍÊÇ˵ÔÚSSOµÇ¼ʱͬʱȥAϵͳ¡¢Bϵͳ¡¢Cϵͳ½øÐÐÑéÖ¤£¬²¢½«À´×Ô¸÷ϵͳµÄCookie·µ»Ø¸ø ä¯ÀÀÆ÷£¬¾ÍÊÇÕâô¼òµ¥¡£
Ò»°ãÇé¿öÏ£¬×öSSOҪͳһµÇ¼½çÃ棬Õâ¿ÉÒÔͨ¹ý½«¸÷Ó¦ÓÃϵͳµÄµÇ¼½çÃæÖض¨Ïòµ½Ö¸¶¨µÄµÇ¼ҳÀ´ÊµÏÖ¡£
2.3. CookieµÄ¾ÖÏÞ
Èç¹û½ö½öÈçÉÏËù˵Õâô¼òµ¥£¬ÄÇÒ²¾Í²»»á´´ÔìʲôSSOµÄ¸ÅÄîÁË¡£ÎÊÌâ³öÔÚCookieµÄdomainÉÏ¡£³öÓÚä¯ÀÀÆ÷°²È«µÄ¿¼ÂÇ£¬HTTPÏìÓ¦ HeadersÖеÄCookieµÄdomainÖ»ÓÐÓëHTTPÇëÇóÓò£¨a.abc.com£©Ò»Ö»òΪÉϼ¶Óò£¨abc.com£©Ê±£¬Cookie²ÅÄÜÉúЧ¡£
Ò²¾ÍÊÇ˵£º
ÈôA¡¢BϵͳÓòÃû·Ö±ðΪa.abc.comºÍb.abc.com£¬µÇ¼ϵͳA£¬Í¬Ê±Ð´À´×ÔÁ½¸öϵͳµÄCookieµ½ä¯ÀÀÆ÷£¬ÇÒCookieµÄdomainÉèΪ.abc.com£¬ÄÇôä¯ÀÀ