|
我在系统设置里面设置了sso的配置为:SSO名称:demo;密钥(最少8位):demopassword;加密代码:
String sso_client_name = "demo";String sso_key = "demopassword";//sso_url在O2OA平台中准备好的单点登录页面模板//文件路径:o2server/servers/webserver/x_desktop/sso.htmlString sso_url = "http://192.168.1.63/x_desktop/sso.html";//login_uid为在第三方系统中识别的登录账号名,这里理解为双方系统账号是统一的账号String login_uid = "張三";//获取当前时间long time = new Date().getTime();//将用户账号和登录时间一起使用sso_key进行信息加密String xtoken = null;try { xtoken = Crypto.encrypt( login_uid + "#" + time, sso_key ); System.out.println(sso_url + "?client=" + sso_client_name + "&xtoken=" + xtoken);我在浏览器访问组装好的地址:http://ip:port/x_desktop/sso.html?client=demo&xtoken=O9fJvqwnTVxWSiDW8wF_Qx_T_5Tydj9B;xtoken按照api上的加密方式加密后无法登录,被弹出到了index.html页面了;
我的sso.html也按照api上改了,代码为
<script>
COMMON.setContentPath("/x_desktop");
COMMON.AjaxModule.load("mwf", function(){
MWF.getJSON("res/config/config.json", function(config){
getServiceAddress(config, function(address){
var uri = new URI(window.location.toString());
var xtoken = uri.getData("xtoken");
var client = uri.getData("client");
if (xtoken){
var res = new Request.JSON({
url: address+"/jaxrs/sso",
secure: false,
method: "POST",
noCache: true,
withCredentials: true,
onSuccess: function(responseJSON, responseText){
window.location = "/index.html" ;
}.bind(this),
onFailure: function(xhr){
window.location = "/index.html";
}.bind(this),
onError: function(text, error){
window.location = "/index.html";
}.bind(this)
});
res.setHeader("Content-Type", "application/json; charset=utf-8");
var json = {"token": xtoken, "client": client};
res.send(JSON.encode(json));
}else{
window.location = "/index.html";
}
});
});
});
</script>
我走debugger看到走这个判断了 onFailure |
|