1、在tonmcat 中的server.xml 文件中配置 crossContext="true"
<Context docBase="E:\\work\\bpm_develop\\web" path="" privileged="true" crossContext="true" antiResourceLocking="false" antiJARLocking="false" reroadable="true"></Context> <Context docBase="E:\\work\\attach\\web" path="/attach" privileged="true" crossContext="true" antiResourceLocking="false" antiJARLocking="false" reroadable="true"></Context>
2、在登录的时候赋值
应用1 session.getServletContext().setAttribute("bpmSession",ClientManager.getInstance().getAllSessionMap());
3、在应用2的过滤器中取值
ServletContext sContext = session.getServletContext(); ServletContext bpmContext = sContext.getContext("/");//session共享的另一系统的标识,如果是默认应用“/”,如果不是“/appName” Map<String,Object> bpmSessionMap = (Map) bpmContext.getAttribute("bpmSession");
##如果要验证session是否过期,可以在应用1中将每次登录的session存在全局的map中,将这个map共享出来,然后在应用1中需要添加session权限的url后面增加?sid=XXX将id传回应用2的过滤器中做验证
package com.security; import java.io.IOException; import java.util.Map; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletContext; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; public class SecurityServlet extends HttpServlet implements Filter { private static final long serialVersionUID = 1L; public void doFilter(ServletRequest req, ServletResponse resp, FilterChain arg2) throws IOException, ServletException { HttpServletResponse response = (HttpServletResponse) resp; HttpServletRequest request = (HttpServletRequest) req; HttpSession session = request.getSession(); ServletContext sContext = session.getServletContext(); ServletContext bpmContext = sContext.getContext("/");//session共享的另一系统的标识,如果是默认应用“/”,如果不是“/appName” String strBackUrl = "http://" + request.getServerName() //服务器地址 + ":" + request.getServerPort(); //端口号 if(bpmContext==null){ response.sendRedirect(strBackUrl); return ; } String sid = request.getParameter("sid"); if(sid==null||sid==""){ response.sendRedirect(strBackUrl); return ; } Map<String,Object> bpmSessionMap = (Map) bpmContext.getAttribute("bpmSession"); if(bpmSessionMap==null) { response.sendRedirect(strBackUrl); return ; } if(!bpmSessionMap.containsKey(sid)){ response.sendRedirect(strBackUrl); return ; } arg2.doFilter(req, resp); return; } public void init(FilterConfig arg0) throws ServletException { } }
session共享的方法
本文由 admin 创作,采用 知识共享署名4.0
国际许可协议进行许可
本站文章除注明转载/出处外,均为本站原创或翻译,转载前请务必署名
最后编辑时间为:2022-08-09 21:16:20