Continue to introduce the first part of the "Single sign-on and permission management" series: the essence of single sign-on and permission management. This article talks about HTTP redirection, which is also the basic knowledge for completing single sign-on.
Single sign-on needs to jump between multiple web projects and use redirection technology to automatically complete the login operation. In addition, when the actual resources are migrated to other URLs, redirection technology can be used to automatically jump to the new URL for requests to access the original URL, keeping the original URL valid.
This article mainly introduces the following aspects:
- Redirect Basic Concepts
- Nginx redirect
- Servlet redirection
- Spring uses redirection
basic concept
Fundamental
In the HTTP protocol, the server implements redirection by sending a specific response. After the browser receives the response, it can determine the redirection according to the status code, and use the specified new URL to re-request. The redirected response status code is 3xx, and different status codes indicate different redirection types.
The browser gets the new URL from the Location in the response header and resends the request.
redirect type
Redirection types include permanent redirection, temporary redirection, and special redirection. Different redirection types will affect the operation of the browser on the one hand, and the indexing of search engines on the other hand.
Permanent redirect means that the original URL is no longer used, and a new URL should be selected first. When the search engine robot encounters this status code, it will trigger an update operation and use the new URL. Common status codes are 301, Moved Permanently.
Temporary redirect, if the requested resource is temporarily unavailable but accessible from elsewhere. Search engines do not record this temporary link. Common status codes are 302 Found, 307 Temporary Redirect.
Special redirection, 304 Not Modified resource is not modified, the webpage will be obtained from the local cache; 300 Multiple Choice is a manual redirection, the user can choose the redirected page.
Set redirect method
In addition to the redirection method described above, redirection can also be achieved through the metay element of HTML or JS, but it is recommended to prefer the method described above.
<head>
<meta http-equiv="refresh" content="0;URL=https://www.mi.com" />
</head>The value of the content attribute, the first number indicates how many seconds to wait before jumping.
window.location = "https://www.mi.com";Nginx redirect
rewrite
The main function of nginx's rewrite is to implement URL redirection. The grammar rules are as follows:
rewrite <regex> <replacement> [flag]The regex regular matches the url
replacement replacement content that needs to be redirected, and replaces the regular matching content with the replacement
flag tag, as follows:
- last: After this rule is matched, continue to match the new rewrite downward;
- break: This rule is terminated when the matching is completed, and the following rules are no longer matched;
- redirect: return 302 temporary redirect;
- permanent: return 301 permanent redirect;
The label segment location of the rewirte parameter: server, location, if
rewrite example
Redirect mi.com to www.mi.com
server {
listen 80;
server_name mi.com;
rewrite ^/(.*) http://www.mi.com/$1 permanent;
}return
It can be redirected directly by return, as follows:
server {
listen 80;
server_name example.com;
return 301 $scheme://www.mi.com$request_uri;
}Servlet redirection
First of all, it is necessary to distinguish the concepts of forwarding and redirection. Forwarding is done on the server side, and the address in the browser address bar will not change. It is a request; redirection is done on the browser side, and the browser address bar will change. , is a secondary request.
Whether forwarding or redirecting, do not output content to the client until the method is executed.
Forward
public void doPost(HttpServletRequest request,HttpServletResponse response) throws ServletException,IOException {
response.setContentType("text/html; charset=utf-8");
ServletContext sc = getServletContext();
RequestDispatcher dispatcher = null;
dispatcher = sc.getRequestDispatcher("index.jsp");
dispatcher.forward(request, response);
} redirect
public void doPost(HttpServletRequest request,HttpServletResponse response) throws ServletException,IOException {
response.setContentType("text/html; charset=utf-8");
response.sendRedirect("/index.jsp");
} Spring uses redirection
without parameters
return new ModelAndView("redirect:/toList"); return "redirect:/toList"; with parameters
public String test(RedirectAttributes attributes)
{
attributes.addAttribute("hello", "hello");
return "redirect:/toList";
} This will automatically append parameters to the redirected url.
Spring MVC 3.1 version adds a new feature, Flash attribute, which can pass parameters and solve the problem of repeated submission.
When processing a normal Controller, after the processing is completed, it will be forwarded to a page with a successful operation. If the user presses F5, it will be submitted again. If redirect is used, this problem can be avoided.
public String test(RedirectAttributes attributes) {
attributes.addFlashAttribute("hello", "hello");
return "redirect:/toList";
} 