cas 系统实例 服务端配置(二) 自定义登录 博客分类: cas
程序员文章站
2024-03-13 22:47:58
...
学习一下,自定义登录
在web.xml中增加remoteLogin,例如:
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/myRemoteLogin</url-pattern>
</servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/myRemoteLogin</url-pattern>
</servlet-mapping>
在cas-servlet.xml 中增加新的bean并添加相应的映射
<webflow:flow-registry id="flowRegistry" flow-builder-services="builder">
<webflow:flow-location path="/WEB-INF/login-webflow.xml" id="login" />
<webflow:flow-location path="/WEB-INF/mylogin-webflow.xml" id="myRemoteLogin" />
</webflow:flow-registry>
<webflow:flow-location path="/WEB-INF/login-webflow.xml" id="login" />
<webflow:flow-location path="/WEB-INF/mylogin-webflow.xml" id="myRemoteLogin" />
</webflow:flow-registry>
<bean id="remoteLoginAction"
class="org.jasig.cas.web.my.login.RemoteLoginAction"
p:argumentExtractors-ref="argumentExtractors"
p:warnCookieGenerator-ref="warnCookieGenerator"
p:centralAuthenticationService-ref="centralAuthenticationService"
p:initialFlowSetupAction-ref="initialFlowSetupAction"
p:ticketGrantingTicketCookieGenerator-ref="ticketGrantingTicketCookieGenerator"
/>
<bean id="generateResponse" class="org.jasig.cas.web.my.login.GenerateResponse"></bean>
class="org.jasig.cas.web.my.login.RemoteLoginAction"
p:argumentExtractors-ref="argumentExtractors"
p:warnCookieGenerator-ref="warnCookieGenerator"
p:centralAuthenticationService-ref="centralAuthenticationService"
p:initialFlowSetupAction-ref="initialFlowSetupAction"
p:ticketGrantingTicketCookieGenerator-ref="ticketGrantingTicketCookieGenerator"
/>
<bean id="generateResponse" class="org.jasig.cas.web.my.login.GenerateResponse"></bean>
mylogin-webflow.xml代码如下:
<?xml version="1.0" encoding="UTF-8"?> <flow xmlns="http://www.springframework.org/schema/webflow" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/webflow http://www.springframework.org/schema/webflow/spring-webflow-2.0.xsd"> <!-- 开始 --> <on-start> <!-- 定义执行方法 到数据库相关验证 --> <evaluate expression="remoteLoginAction" /> </on-start> <!-- 判断是否有错误 --> <decision-state id="hasError"> <if test="flowScope.error neq null && flowScope.error neq '' " then="hasfailPageCheck" else="sendTicketGrantingTicket" /> </decision-state> <!-- 取得错误信息,及返回页面 --> <action-state id="hasfailPageCheck"> <evaluate expression="generateResponse.getResponse( flowRequestContext,true)" result-type="org.jasig.cas.authentication.principal.Response" result="flowScope.response" /> <transition to="postView" /> </action-state> <action-state id="sendTicketGrantingTicket"> <evaluate expression="sendTicketGrantingTicketAction" /> <transition to="serviceCheck" /> </action-state> <decision-state id="serviceCheck"> <if test="flowScope.service neq null" then="generateServiceTicket" else="viewGenericLoginSuccess" /> </decision-state> <!-- 产生service票据 --> <action-state id="generateServiceTicket"> <evaluate expression="generateServiceTicketAction" /> <transition on="success" to ="getReturnResponse" /> <transition on="gateway" to="hasError" /> </action-state> <!-- 取得正常返回,及返回页面 --> <action-state id="getReturnResponse"> <evaluate expression="generateResponse.getResponse( flowRequestContext,false)" result-type="org.jasig.cas.authentication.principal.Response" result="flowScope.response" /> <transition to="redirectView" /> </action-state> <end-state id="postView" view="postResponseView"> <on-entry> <set name="requestScope.parameters" value="flowScope.response.attributes" /> <set name="requestScope.originalUrl" value="flowScope.response.url" /> </on-entry> </end-state> <end-state id="viewGenericLoginSuccess" view="casLoginGenericSuccessView" /> <end-state id="redirectView" view="externalRedirect:http://localhost:8081/casclient4/sso/index.jsp" /> <global-transitions> <transition to="viewServiceErrorView" on-exception="org.springframework.webflow.execution.repository.NoSuchFlowExecutionException" /> <transition to="viewServiceSsoErrorView" on-exception="org.jasig.cas.services.UnauthorizedSsoServiceException" /> <transition to="viewServiceErrorView" on-exception="org.jasig.cas.services.UnauthorizedServiceException" /> </global-transitions> </flow>
RemoteLoginAction.java
package org.jasig.cas.web.my.login; import java.util.List; import javax.servlet.http.HttpServletRequest; import javax.validation.constraints.NotNull; import org.hibernate.validator.constraints.NotEmpty; import org.jasig.cas.CentralAuthenticationService; import org.jasig.cas.authentication.principal.Credentials; import org.jasig.cas.authentication.principal.Service; import org.jasig.cas.authentication.principal.UsernamePasswordCredentials; import org.jasig.cas.ticket.TicketException; import org.jasig.cas.web.flow.InitialFlowSetupAction; import org.jasig.cas.web.support.ArgumentExtractor; import org.jasig.cas.web.support.CookieRetrievingCookieGenerator; import org.jasig.cas.web.support.WebUtils; import org.springframework.util.StringUtils; import org.springframework.webflow.action.AbstractAction; import org.springframework.webflow.execution.Event; import org.springframework.webflow.execution.RequestContext; /** * 远程登陆票据提供Action. * 根据InitialFlowSetupAction修改. * 由于InitialFlowSetupAction为final类,因此只能将代码复制过来再进行修改. * * @author GuoLin */ public class RemoteLoginAction extends AbstractAction { /** CookieGenerator for the Warnings. */ @NotNull private CookieRetrievingCookieGenerator warnCookieGenerator; /** Extractors for finding the service. */ @NotEmpty private List<ArgumentExtractor> argumentExtractors; /** Core we delegate to for handling all ticket related tasks. */ @NotNull private CentralAuthenticationService centralAuthenticationService; @NotNull private CookieRetrievingCookieGenerator ticketGrantingTicketCookieGenerator; private InitialFlowSetupAction initialFlowSetupAction; protected Event doExecute(final RequestContext context) { final HttpServletRequest request = WebUtils.getHttpServletRequest(context); /*** * 必须的 */ context.getFlowScope().put( "warnCookieValue", Boolean.valueOf(this.warnCookieGenerator.retrieveCookieValue(request))); String uName = request.getParameter("username"); String password = request.getParameter("password"); Credentials credentials =new UsernamePasswordCredentials(uName,password); if (!this.initialFlowSetupAction.pathPopulated) { final String contextPath = request.getContextPath(); final String cookiePath = StringUtils.hasText(contextPath) ? contextPath + "/" : "/"; logger.info("Setting path for cookies to: " + cookiePath); this.warnCookieGenerator.setCookiePath(cookiePath); this.ticketGrantingTicketCookieGenerator.setCookiePath(cookiePath); this.initialFlowSetupAction.pathPopulated = true; } context.getFlowScope().put("credentials", credentials); String createTicketGrantingTicket; try { createTicketGrantingTicket = this.centralAuthenticationService.createTicketGrantingTicket(credentials); /*** * 必须的 */ WebUtils.putTicketGrantingTicketInRequestScope(context,createTicketGrantingTicket ); } catch (TicketException e) { context.getFlowScope().put("error", "error.userOrPassword.error"); e.printStackTrace(); } // putWarnCookieIfRequestParameterPresent(context); final Service service = WebUtils.getService(this.argumentExtractors, context); if (service != null && logger.isDebugEnabled()) { logger.debug("Placing service in FlowScope: " + service.getId()); } context.getFlowScope().put("service", service); return result("submit"); } public void setWarnCookieGenerator(final CookieRetrievingCookieGenerator warnCookieGenerator) { this.warnCookieGenerator = warnCookieGenerator; } public void setArgumentExtractors( final List<ArgumentExtractor> argumentExtractors) { this.argumentExtractors = argumentExtractors; } public final void setCentralAuthenticationService(final CentralAuthenticationService centralAuthenticationService) { this.centralAuthenticationService = centralAuthenticationService; } public void setInitialFlowSetupAction( InitialFlowSetupAction initialFlowSetupAction) { this.initialFlowSetupAction = initialFlowSetupAction; } public void setTicketGrantingTicketCookieGenerator( final CookieRetrievingCookieGenerator ticketGrantingTicketCookieGenerator) { this.ticketGrantingTicketCookieGenerator = ticketGrantingTicketCookieGenerator; } }
GenerateResponse.java
package org.jasig.cas.web.my.login; import java.util.HashMap; import java.util.Map; import javax.servlet.http.HttpServletRequest; import org.jasig.cas.authentication.principal.Response; import org.jasig.cas.web.support.WebUtils; import org.springframework.webflow.execution.RequestContext; public class GenerateResponse { public Response getResponse( final RequestContext context,boolean haveError) { String orgUrl = ""; final Map<String, String> parameters = new HashMap<String, String>(); final HttpServletRequest request = WebUtils.getHttpServletRequest(context); if(haveError) { orgUrl =request.getParameter("failpae"); String error = (String) context.getFlowScope().get("error"); parameters.put("error", error); parameters.put("result", "false"); }else { orgUrl =request.getParameter("service"); parameters.put("result", "true"); } context.getFlowScope().put("responseUrl", orgUrl); Response ret = Response.getRedirectResponse(orgUrl, parameters); return ret; } }
客户端端方法:
<form id="myLoginForm" action="http://localhost:8081/casserver/myRemoteLogin" method="post"> <input type="hidden" id="targetService" name="service" value="http://localhost:8081/casclient4/sso/index.jsp"> <input type="hidden" name="failpae" value="http://localhost:8081/casclient4/index.jsp"> <table> <tr> <td>用户名:</td> <td><input type="text" name="username"></td> </tr> <tr> <td>密 码:</td> <td><input type="password" name="password"></td> </tr> <tr><td>验证码</td> <td><input type="text" /><img src="http://localhost:8081/casserver/random" class="sign_img fl mt5" /></td></tr> <tr> <td colspan="2"><input type="submit" value="登陆" /></td> </tr> </table> </form>