`
猫不吃的鱼
  • 浏览: 159187 次
  • 性别: Icon_minigender_1
  • 来自: 芜湖市
社区版块
存档分类
最新评论

结合openId身份识别

    博客分类:
  • JAVA
openid 
阅读更多
openID是一个分散式身份识别协议,在其基础上实现了网上身份认证系统。可以将您的系统使用openID来作为用户登录,让你的程序支持opendID。我使用的是http://www.openid.org.cn/ 作为openID提供商,使用openid4java库编写openID依赖方。
以下根据openid4java文档写的一个demo

发起openID请求的action 
//yuyong 2012-2-10
public class OpenIDLoginAction extends ActionSupport implements ServletRequestAware,ServletResponseAware{
   private ISampleConsumerManager sampleConsumerManager;
	private AuthRequest authReq;
	private String openID=null;
    ActionContext context = ActionContext.getContext();    
    HttpServletRequest request = null;    
    HttpServletResponse response = null;  
    Map<String,Object>pm=null;
    String actionURL;
	public String execute()throws Exception{
		if(openID!=null&&openID.startsWith("http://")){
			openID=openID.replaceAll("http://", "");
		}
		String returnToUrl="http://localhost:8181/SSO/firstPageAction.action";
		ActionContext context = ActionContext.getContext();
		Map params = context.getParameters();
		authReq=sampleConsumerManager.authRequest(openID, returnToUrl,request,response, request.getSession());
		Map<String,Object>pm=authReq.getParameterMap();
		this.pm=pm;
		this.actionURL=authReq.getOPEndpoint();
		request.setAttribute("pm", pm);
		request.setAttribute("actionURL", authReq.getOPEndpoint());
		return SUCCESS;
	}

}


将用户的OpenID帐户和返回url封装成openID请求 AuthRequest 
//yuyong 2012-2-10
public class SampleConsumerManager implements ISampleConsumerManager{
	public ConsumerManager manager;
	
	public SampleConsumerManager()throws ConsumerException{
		manager=new ConsumerManager();
		manager.setAssociations(new InMemoryConsumerAssociationStore());
		manager.setNonceVerifier(new InMemoryNonceVerifier(5000));
	}
	
	//将openID,返回url封装为一个openID请求
	public AuthRequest authRequest(String userSuppliedString,
			String returnToUrl, HttpServletRequest httpReq,
			HttpServletResponse httpResp,HttpSession session)
			throws IOException {
		try {
			List discoveries=manager.discover(userSuppliedString);
			DiscoveryInformation discovered=manager.associate(discoveries);
			session.setAttribute("discovered", discovered);
			AuthRequest authReq=manager.authenticate(discovered, returnToUrl);
			httpResp.sendRedirect(authReq.getDestinationUrl(true));
			return authReq;
		} catch (DiscoveryException e) {
			e.printStackTrace();
		} catch (MessageException e) {
			e.printStackTrace();
		} catch (ConsumerException e) {
			e.printStackTrace();
		}
		
		return null;
	}
        //验证openID登录验证的返回
	public Identifier verifyResponse(HttpServletRequest httpReq,
			HttpSession session) throws IOException {
		ParameterList openidResp=new ParameterList(httpReq.getParameterMap());
		DiscoveryInformation discovered=(DiscoveryInformation) session.getAttribute("discovered");
		StringBuffer receivingURL=httpReq.getRequestURL();
		String queryString=httpReq.getQueryString();
		if(queryString!=null&&queryString.length()>0)
			receivingURL.append("?").append(httpReq.getQueryString());
		try {
			VerificationResult verification=manager.verify(receivingURL.toString(), openidResp, discovered);
			Identifier verified=verification.getVerifiedId();
			return verified;
		} catch (MessageException e) {
			e.printStackTrace();
		} catch (DiscoveryException e) {
			e.printStackTrace();
		} catch (AssociationException e) {
			e.printStackTrace();
		}
		
		return null;
	}

}


应用程序验证openID请求验证的返回 
//yuyong 2012-2-10
public class FirstPageAction extends ActionSupport implements ServletRequestAware,ServletResponseAware{
	private ISampleConsumerManager sampleConsumerManager=null;
	private HttpServletRequest request=null;
	private HttpServletResponse response=null;
	private HttpSession session=null;
	public String execute()throws Exception{
		if(sampleConsumerManager.verifyResponse(request, session)!=null)
			return SUCCESS;
		else 
			return ERROR;
	}
}


struts.xml 
<action name="openIDLoginAction" class="openIDLoginAction">
        <param name="openID">
        	http://yuyongwuhu.openid.org.cn/
        </param>
        	<result name="success">/continue.jsp</result>
</action>
        
<action name="firstPageAction" class="FirstPageAction">
        <result name="success">/success.jsp</result>
        <result name="error">/error.jsp</result>
</action>


continue.jsp 提交封装后的openID请求到openID OP端 
<body onload="document.forms['openid-form-redirection'].submit();">
    <form id="openid-form-redirection" action="<s:property value="#request.actionURL"/>">
    	<s:iterator value="#request.pm">
    		<input type="hidden" name="<s:property value="key"/>" value="<s:property value="value"/>" />
    	</s:iterator>
    </form>
</body>


只是为了实现第一个demo,只是为了看到效果,所以代码组织的不太规范。
大致过程是 SampleConsumerManager 通过Discovery进程,根据用户OpenID的帐户
定位到相应的openID提供商,然后将相应参数提交到openID op端的action。
op端提供一个页面输入密码。验证成功后,返回到 returnToUrl ,应用中,在
returnToUrl中的action验证op的response。
1
0
分享到:
| 穷举法和回溯法求解八皇后
评论
发表评论

您还没有登录,请您登录后再发表评论

相关推荐

Magicbox
Global site tag (gtag.js) - Google Analytics