update

README.md

@@ -29,9 +29,9 @@ authorization_code, refresh_token
 ````
 #### 接口调用
 ````
-1. Get /oauth2/authorize?client_id=SampleClientId&response_type=code&redirect_uri=http://client.sso.com/login/oauth2/code/sso-login&scope=openid profile
-用户同意授权后服务端响应,浏览器重定向到：http://client.sso.com/login?code=1E37Xk，接收code,然后后端调用步骤2获取token
-2. Post /oauth/token?client_id=SampleClientId&client_secret=tgb.258&grant_type=authorization_code&redirect_uri=http://client.sso.com/login/oauth2/code/sso-login&code=1E37Xk
+1. Get /oauth2/authorize?client_id=SampleClientId&response_type=code&redirect_uri=http://localhost:10480/login/oauth2/code/sso-login&scope=openid profile
+用户同意授权后服务端响应,浏览器重定向到：http://localhost:10480/login?code=1E37Xk，接收code,然后后端调用步骤2获取token
+2. Post /oauth/token?client_id=SampleClientId&client_secret=tgb.258&grant_type=authorization_code&redirect_uri=http://localhost:10480/login/oauth2/code/sso-login&code=1E37Xk
 响应：
 {
     "access_token": "a.b.c",
@@ -69,6 +69,10 @@ java -jar oauth2-server-x.y.z.jar --spring.config.additional-location=/path/to/o
 ![client管理](https://raw.githubusercontent.com/jobmission/oauth2-server/master/src/test/resources/static/imgs/clients.png)
 
 
-#### 注意！！！当Server和Client在一台机器上时，请配置域名代理，避免cookie相互覆盖
+#### 注意！！！当Server和Client在一台机器上时，请配置域名代理，避免cookie相互覆盖，或者修改默认的session id
+````
+#修改默认的JSESSIONID为my_session_id
+server.servlet.session.cookie.name=oauth2_session_id
+````
 
 

src/main/java/com/revengemission/sso/oauth2/server/config/CustomAuthenticationSuccessHandler.java

@@ -47,18 +47,20 @@ public void onAuthenticationSuccess(HttpServletRequest request,
             redirectUrl = savedRequest.getRedirectUrl();
         }
 
+        boolean isAjax = "XMLHttpRequest".equals(request
+            .getHeader("X-Requested-With")) || "apiLogin".equals(request
+            .getHeader("api-login"));
+
         LoginHistory loginHistory = new LoginHistory();
         loginHistory.setUsername(authentication.getName());
         loginHistory.setIp(ClientIpUtil.getIpAddress(request));
         loginHistory.setDevice(request.getHeader("User-Agent"));
         loginHistory.setRecordStatus(1);
+        loginHistory.setRemarks("isAjax:" + isAjax + ",redirectUrl:" + redirectUrl);
         loginHistoryService.asyncCreate(loginHistory);
 
         userAccountService.loginSuccess(authentication.getName());
 
-        boolean isAjax = "XMLHttpRequest".equals(request
-            .getHeader("X-Requested-With")) || "apiLogin".equals(request
-            .getHeader("api-login"));
 
         if (isAjax) {
             response.setHeader("Content-Type", "application/json;charset=UTF-8");

src/main/resources/application.properties

@@ -2,6 +2,9 @@
 server.port=35080
 server.servlet.context-path=/
 
+#修改默认的JSESSIONID为oauth2_session_id
+server.servlet.session.cookie.name=oauth2_session_id
+
 spring.thymeleaf.cache=false
 spring.task.scheduling.pool.size=8
 

src/main/resources/sql/init-data.sql

@@ -2,7 +2,7 @@ INSERT INTO oauth_client_entity (id, client_id, application_name, client_secret,
                                  scope, web_server_redirect_uri, access_token_validity, refresh_token_validity, remarks)
 VALUES (1, 'SampleClientId', 'SampleClientId 测试应用', '$2a$10$gcrWom7ubcRaVD1.6ZIrIeJP0mtPLH5J9V/.8Qth59lZ4B/5HMq96',
         'authorization_code,refresh_token', 'openid,profile,message.read,message.write',
-        'http://client.sso.com/login/oauth2/code/sso-login', 7200, 2592000, '测试明文:tgb.258')
+        'http://localhost:10480/login/oauth2/code/sso-login,http://client.sso.com/login/oauth2/code/sso-login', 7200, 2592000, '测试明文:tgb.258')
         ON DUPLICATE KEY UPDATE version = version + 1;
 
 INSERT INTO scope_definition_entity (id, scope, definition)

src/test/java/com/revengemission/sso/oauth2/server/CaptchaTest.java

@@ -22,7 +22,7 @@ public class CaptchaTest {
     public void generateCaptchaTest() {
         ImageCaptchaResourceManager imageCaptchaResourceManager = new DefaultImageCaptchaResourceManager();
         ImageTransform imageTransform = new Base64ImageTransform();
-        ImageCaptchaGenerator imageCaptchaGenerator = new MultiImageCaptchaGenerator(imageCaptchaResourceManager, imageTransform).init(true);
+        ImageCaptchaGenerator imageCaptchaGenerator = new MultiImageCaptchaGenerator(imageCaptchaResourceManager, imageTransform).init();
         /*
                 生成滑块验证码图片, 可选项
                 SLIDER (滑块验证码)