chx 学习jForum笔记十一 实现单点登录SSO

分为三部分:

1.导入原用户数据库.

2.修改SSO模块,实现登录认证.

3.实现新增用户.

从原表导入,使用以下SQL语句.可直接导入,也可加入\web-inf\config\database\sqlserver2000\sqlserver_2000_data_dump.sql

SET IDENTITY_INSERT jforum_users ON;
insert into jforum_users(user_id,username) select id+1000,emp_name from rswkbase;
update jforum_users set user_password = 'nopass',user_regdate = '2010-12-1' where user_password = ''
SET IDENTITY_INSERT jforum_users OFF;

初始库的导入是为了将原有的论坛内容转移至新论坛。

以下实现SSO功能。

修改SystemGlobals.properties

authentication.type = sso
sso.implementation = net.jforum.sso.RemoteUserSSO

由于原TOMCAT设置的request.getRemoteUser()中得到的是四位用户代码而不是用户名名，所以此处需要进行修改。

SSO模块修改.在net.jforum/sso/RemoteUserSSO.java中

将

else if (remoteUser != null && !remoteUser.equals(userSession.getUsername())) {

 改为

else if (remoteUser != null && !remoteUser.equals(String.valueOf(userSession.getUserId()))) {

在ControllerUtils.java中的checkSSO中新增

将

				if (!utils.userExists(username)) {
					final SessionContext session = JForumExecutionContext.getRequest().getSessionContext();

					String email = (String) session.getAttribute(SystemGlobals.getValue(ConfigKeys.SSO_EMAIL_ATTRIBUTE));
					String password = (String) session.getAttribute(SystemGlobals.getValue(ConfigKeys.SSO_PASSWORD_ATTRIBUTE));

					if (email == null) {
						email = SystemGlobals.getValue(ConfigKeys.SSO_DEFAULT_EMAIL);
					}

					if (password == null) {
						password = SystemGlobals.getValue(ConfigKeys.SSO_DEFAULT_PASSWORD);
					}

					utils.register(password, email);
				}
				

 改为

                boolean _flag = false;
                Integer userId=-1;
                try {
                    userId = Integer.parseInt(username);
                    _flag = utils.userExists(userId);
                } catch (Exception e){
                    _flag = utils.userExists(username);
                }
                if (!_flag) {
                    utils.register(userId);
                }

在SSOUtils.java中新增

    public boolean userExists(final Integer userId) //查询用户是否已注册
    {
        this.dao = DataAccessDriver.getInstance().newUserDAO();
        this.user = this.dao.selectByUserId(userId);
        this.exists = this.user != null;
        if (this.exists){
          this.username = this.user.getUsername();
        }
        return this.exists;
    }

在GenericUserDAO.java中新增

    public User selectByUserId(int userId)
    {
        PreparedStatement p = null;
        ResultSet rs = null;
        try {
            p = JForumExecutionContext.getConnection().prepareStatement(SystemGlobals.getSql("UserModel.selectByUserId"));
            p.setInt(1, userId);

            rs = p.executeQuery();
            User user = null;

            if (rs.next()) {
                user = new User();
                this.fillUserFromResultSet(user, rs);
            }

            return user;
        }
        catch (SQLException e) {
            throw new DatabaseException(e);
        }
        finally {
            DbUtils.close(rs, p);
        }
    }

 在UserDAO.java中新增

    User selectByUserId(int userId) ;

以下实现用户新增功能

在SSOUtils.java中新增

    public void register(final Integer userId) //新用户注册
    {
            // Is a new user for us. Register him
            this.user = new User();
            this.user.setId(userId);
            this.user.setUsername(getname(userId));
            this.user.setPassword(userId.toString());
            this.user.setEmail(getemail(userId));
            this.user.setActive(1);
            this.dao.addNewWithId(this.user);
            // Update the information
            ForumRepository.setLastRegisteredUser(this.user);  //设置最终注册用户
            ForumRepository.incrementTotalUsers(); //注册总人数加一
    }

   private String getname(final Integer userId){//从原数据表中获取用户名
        ResultSet resultSet = null;
        PreparedStatement pstmt = null;
        this.username = "null";
        try
        {
            pstmt = JForumExecutionContext.getConnection().prepareStatement(
                    SystemGlobals.getSql("UserState.getUsername"));
            pstmt.setInt(1, userId);

            resultSet = pstmt.executeQuery();
            if (resultSet.next()) {
                this.username = (resultSet.getString("emp_name"));
            }
        }
        catch (SQLException e)
        {
            throw new ForumException(e);
        }
        finally
        {
            DbUtils.close(resultSet, pstmt);
        }
     return this.username;
    }

   private String getemail(final Integer userId){//从原数据表中获取电子邮箱
        ResultSet resultSet = null;
        PreparedStatement pstmt = null;
        this.email = "null";
        try
        {
            pstmt = JForumExecutionContext.getConnection().prepareStatement(
                    SystemGlobals.getSql("UserState.getEmail"));
            pstmt.setInt(1, userId);

            resultSet = pstmt.executeQuery();
            if (resultSet.next()) {
                this.email = (resultSet.getString("mail"));
            }
        }
        catch (SQLException e)
        {
            throw new ForumException(e);
        }
        finally
        {
            DbUtils.close(resultSet, pstmt);
        }
        return this.email;
    }

在generic_queries.sql 中增加

UserModel.selectByUserId = SELECT * FROM jforum_users WHERE user_id = ?
UserState.getUsername = SELECT emp_name FROM rswkbase WHERE id = ?
UserState.getEmail = SELECT mail FROM chx_base_userstate WHERE user_id = ?

 这两句是从原有的数据表中取相应的内容。

ant dist