===================================================
13000150004 q111111
登出接口https://passport.qbao.com/cas/logout?service=http://user.qbao.com/usercenter/logout/logout.html
开通成功后,后台给前端返回
String param = getCurrentUsername() + "," + StringUtil.getMd5Pwd(casKey, getCurrentUsername());
Map<String,Object> map = new HashMap<String,Object>();
map.put("param", param);
map.put("casDomain", casDomain);
map.put("userDomain", userDomain);
return AjaxResult.success(map);
前端
var url ="<fmt:message key='cas.domain' />/cas/logout?service=<fmt:message key='user.domain' />/usercenter/logout/logout.html?username="+data.data.param+",http://enterprise.qbao.com/verify/merchantVerifysuccess.html";
window.location.href = url;
格式化为:
https://passport.qbao.com/cas/logout?service=http://user.qbao.com/usercenter/logout/logout.html?username=u_100000287,e05d3b0f9cdcd0abd584690b7749a6a5,http://enterprise.qbao.com/verify/merchantVerifysuccess.html
user那边的logout,会触发各系统登出
CustomLogoutSuccessHandler
redisUtil.hdel("AUTO_LOGOUT_AUTO_LOGIN", username);
/**
* 防止恶意自动登陆
*/
redisUtil.hset("AUTOLOGIN_FLAG", username, "1");
redisUtil.expire("AUTOLOGIN_FLAG", 300);
request.setAttribute("username", username);
if (usernameArr.length == 3) {
request.setAttribute("backUrl", usernameArr[2]);
request.setAttribute("sign", usernameArr[1]);
} else {
request.setAttribute("sign", usernameArr[1]);
}
request.getRequestDispatcher("/usercenter/autologout/logoutSuccess.html").forward(request, response);
前端:
各系统登出
<script type="text/javascript">
$(document).ready(function() {
$.removeCookie('JSESSIONID', { path: '/' });
$.removeCookie('userName', { path: '/' });
if ("${backUrl}" != "") {
window.location.href = '<fmt:message key="cas.auto.login.url" bundle="${casties}"/>?username=${username}&sign=${sign}&backUrl=${backUrl}';
} else {
window.location.href = '<fmt:message key="cas.auto.login.url" bundle="${casties}"/>?username=${username}&sign=${sign}';
}
});
</script>
直接访问
http://user.qbao.com/usercenter/logout/logout.html?username=u_100000287
失败的原因是,用户非自动登入登出名单里面
String []usernameArr = request.getParameter("username").split(",");
String username = usernameArr[0];
if (StringUtils.isBlank(redisUtil.hget("AUTO_LOGOUT_AUTO_LOGIN", username))) {
return;
}
-----------------------------
为什么登出失败是因为自动登出的JSP里面少了从enterprise登出这个步骤
<script type="text/javascript" src="http://enterprise.qbao.com/account/logout.html"></script>