1、跨站cookie问题解决

eb3db331 · gary · 5ba69222 · eb3db331
Commit eb3db331 authored Mar 18, 2019 by gary
Hide whitespace changes
Inline Side-by-side

Showing with 25 additions and 6 deletions

IndexController.java ...java/pwc/taxtech/atms/web/controller/IndexController.java +25 -6

No files found.
--- a/atms-web/src/main/java/pwc/taxtech/atms/web/controller/IndexController.java
+++ b/atms-web/src/main/java/pwc/taxtech/atms/web/controller/IndexController.java
@@ -93,25 +93,44 @@ public class IndexController {
        return "redirect:Account/LogOn";
    }

-    @RequestMapping(value = {"/sso/callback"}, method = RequestMethod.GET)
+    @RequestMapping(value = {"/sso/callback"})
    public void ddSSOCallback(@RequestParam(value = "jumpto") String jumpto,
                                @RequestParam(value = "code") String code,
                                HttpServletResponse response) throws IOException, ServletException {
        try{
            String ticketStr = getTicket(code);
+            response.sendRedirect(jumpto+"?code="+code+"&ticketStr="+ticketStr);
+        }catch (Exception e){
+            logger.error("ddSSOCallback error",e);
+        }
+    }
+
+    /**
+     * 18/03/2019 20:46
+     * 跨站cookie的问题，所以做了一次跳转
+     * [code, ticketStr, request, response]
+     * @author Gary J Li
+     * @return
+     */
+    @RequestMapping(value = {"/sso/accept"})
+    public String accept(@RequestParam(value = "code") String code,
+                                @RequestParam(value = "ticketStr") String ticketStr,HttpServletRequest request,
+                                HttpServletResponse response) throws IOException, ServletException {
+        StringBuffer url = request.getRequestURL();
+        String tempContextUrl = url.delete(url.length() - request.getRequestURI().length(), url.length()).append("/").toString();
+        try{
            Cookie codeCookie = new Cookie("ddCode",URLEncoder.encode(code, "UTF-8"));
            codeCookie.setPath("/");
+            codeCookie.setMaxAge(18000);
            Cookie ddTicket = new Cookie("ddTicket",URLEncoder.encode(ticketStr, "UTF-8"));
            ddTicket.setPath("/");
-            Cookie jumptoCookie = new Cookie("ddJumpto",URLEncoder.encode(jumpto, "UTF-8"));
-            jumptoCookie.setPath("/");
+            ddTicket.setMaxAge(18000);
            response.addCookie(codeCookie);
-            response.addCookie(jumptoCookie);
            response.addCookie(ddTicket);
-            response.sendRedirect(jumpto);
-        }catch (Exception e){
+          }catch (Exception e){
            logger.error("ddSSOCallback error",e);
        }
+        return "redirect:"+tempContextUrl+"Account/LogOn";
    }

    @RequestMapping(value = {"/admin", "/admin.html"}, method = RequestMethod.GET)