Jforum 单点登录

JForum預設cookie-based的sso.implementation是net.jforum.sso.CookieUserSSO，但是原始碼並沒有這個CookieUserSSO類別，所以如果我們照著文件做會失敗。在此附上一份經過實際測試沒有問題的CookieUserSSO.java及CookieUserSSO.class檔，如果您的需求是很單純的用Cookie來作SingleSign-On，則下載後重新編譯，將編譯後的class檔放到WEB-INF/classes/net/jforum/sso目錄下，然後重新載入JForum即可。01.packagenet.jforum.sso;02.03.importjavax.servlet.http.Cookie;04.importnet.jforum.context.RequestContext;05.importnet.jforum.JForumExecutionContext;06.importnet.jforum.ControllerUtils;07.importnet.jforum.entities.UserSession;08.importnet.jforum.util.preferences.ConfigKeys;09.importnet.jforum.util.preferences.SystemGlobals;10.importorg.apache.log4j.Logger;11.12.publicclassCookieUserSSOimplementsSSO{13.14.staticfinalLoggerlogger=Logger.getLogger(CookieUserSSO.class.getName());15.16.publicStringauthenticateUser(RequestContextrequest){17.//myapplogincookie,containloggedusername18.CookiemyCookie=ControllerUtils.getCookie(19.SystemGlobals.getValue(ConfigKeys.COOKIE_NAME_USER));20.Stringusername=null;21.22.if(myCookie!=null){23.username=myCookie.getValue();24.}25.returnusername;//jforumusername26.}27.28.publicbooleanisSessionValid(UserSessionuserSession,RequestContextrequest){29.CookieSSOCookie=ControllerUtils.getCookie(30.SystemGlobals.getValue(ConfigKeys.COOKIE_NAME_USER));//myapplogincookie31.StringremoteUser=null;32.33.if(SSOCookie!=null){34.remoteUser=SSOCookie.getValue();//jforumusername35.}36.37.//userhassinceloggedout38.if(remoteUser==null&&39.userSession.getUserId()!=SystemGlobals.getIntValue(ConfigKeys.ANONYMOUS_USER_ID)){40.returnfalse;41.//userhassinceloggedin42.}elseif(remoteUser!=null&&43.userSession.getUserId()==SystemGlobals.getIntValue(ConfigKeys.ANONYMOUS_USER_ID)){44.returnfalse;45.//userhaschangeduser46.}elseif(remoteUser!=null&&!remoteUser.equals(userSession.getUsername())){47.returnfalse;48.}49.returntrue;//myappuserandforumuserthesame50.}51.}另外，還要設定一下jforum-custom.conf，設定範例如下：authentication.type=ssosso.implementation=net.jforum.sso.CookieUserSSOsso.redirect==username紅色字體部分即是您需要依您實際狀況修改的地方，例如上面的例子意思是您的會員登入是在member.andowson.com控管，而login.jsp在驗證完畢後，會寫入一個username的cookie（domain需是andowson.com)，並讀出returnUrl參數來導回到原來的網址去。Jforum单点登录实现你自己的登陆类(SSO)你的类必须实现JF的接口:net.forum.sso.SSO.注意:使用你自定义的接口类后,关于用户注册/用户激活等功能将不再使用了,而你要通过你的来进入注册.(配置注册地址下面有提示)接口类:以下是从JF.net上Copy过来的一个例子,借供参考.也可以参考本站例子：=trunk%2Ftrydone_src%2Fcom%2Ftrydone%2Fforum%2Fsso%2FSimpleSSOImpl.java&attachment=true源码打印1.//注意：例子已经过时，仅供参考，其中大部分类都是用户自定义的，非jforum2.packagenet.jforum.sso;3.4.importjavax.servlet.http.HttpServletRequest;5.importjavax.servlet.http.HttpSession;6.importjavax.servlet.http.Cookie;7.8.importnet.jforum.ActionServletRequest;9.importnet.jforum.ControllerUtils;10.importnet.jforum.entities.UserSession;11.importnet.jforum.util.preferences.ConfigKeys;12.importnet.jforum.util.preferences.SystemGlobals;13.importnet.jforum.JForum;14.15.//导入你所要的类16.17.importorg.apache.log4j.Logger;//这里用log4j做日志处理18.19.publicclassMyUserSSOimplementsSSO{//必须实现接口net.jforum.sso.SSO20.21.staticfinalLoggerlogger=Logger.getLogger(MyUserSSO.class.getName());//初始化日志接口22.23.publicStringauthenticateUser(ActionServletRequestrequest){//实现接口方法(必须)24.UserVOuser=newUserVO();25.CookiemyCookie=ControllerUtils.getCookie(auto-login);//cookie26.27.if(myCookie!=null){28.DAOManagermanager=newJndiDAOManager();//这里连接你的数据库进行用户验证29.UserDAOuserDAO=manager.getUserDAO(manager.getConnection());30.user=userDAO.getUser(HexTool.hexToString(myCookie.getValue()));31.manager.close();32.}else33.returnnull;//没有cookie34.35.36.if(user.isDisabled()){37.logger.warn(***DISABLED_ATTEMPTonForum:+user.getUsername());//logdisabledattempt.38.returnnull;39.}40.41.HttpSessionsession=JForum.getRequest().getSession();42.session.setAttribute(password,user.getPassword());//设置password43.session.setAttribute(email,user.getUsername());//邮箱(也是用户名?)44.45.ControllerUtils.addCookie(JforumSSO,user.getScreenName(),myCookie.getMaxAge());//refresh46.47.returnuser.getScreenName();//返回JForum的用户48.}49.50.publicbooleanisSessionValid(UserSessionuserSession,HttpServletRequestrequest){51.StringremoteUser=null;52.CookieSSOCookie=ControllerUtils.getCookie(JforumSSO);53.if(SSOCookie!=null)remoteUser=SSOCookie.getValue();//jforum用户名54.55.//用户已经退出56.if(remoteUser==null&&57.userSession.getUserId()!=SystemGlobals.getIntValue(ConfigKeys.ANONYMOUS_USER_ID)){58.returnfalse;59.60.//用户已经登陆61.62.}elseif(remoteUser!=null&&63.userSession.getUserId()==SystemGlobals.getIntValue(ConfigKeys.ANONYMOUS_USER_ID)){64.returnfalse;65.66.//userhaschangeduser67.}elseif(remoteUser!=null&&!remoteUser.equals(userSession.getUsername())){68.returnfalse;69.}70.returntrue;//myappuserandforumuserthesame71.}72.}修改SystemGlobals.properties配置,使用你自定义的用户登陆类:源码打印1.authentication.type=sso2.sso.implementation=net.jforum.sso.MyUserSSO//你的类3.sso.redirect=http:/mysite.com/login.jsp//这里是你注册时用的URL地址.现在你可以编译一下你的类,重启服务器,就这么简单.有关其它事项:afterregistrationconfirmationmyappsendstheusertoawelcomepostontheforum.Thiscreatesthef