cas 系统实例服务端配置（三）自定义登录不使用webFlow -

01jiangwei01

浏览: 540884 次
性别:
来自: 北京

最近访客更多访客>>

chenxuezhou_yzl

robotmen

xx5333

qiangorqiang

博主相关

博客

微博

相册

留言

关于我

文章分类

社区版块

存档分类

cas 系统实例服务端配置（三）自定义登录不使用webFlow

博客分类：

1，修改org.jasig.cas.web.flow.InitialFlowSetupAction.java将pathPopulated属性改为public

2，在web.xm中添加

<servlet-mapping>
		<servlet-name>cas</servlet-name>
		<url-pattern>/noflow</url-pattern>
</servlet-mapping>

3，在cas-servlet.xml中添加

<bean id="noflowLoginController" class="org.jasig.cas.web.my.noflowlogin.noFlowLoginAction"
    		p:argumentExtractors-ref="argumentExtractors"
    		p:warnCookieGenerator-ref="warnCookieGenerator"
    		p:centralAuthenticationService-ref="centralAuthenticationService"
    		p:ticketGrantingTicketCookieGenerator-ref="ticketGrantingTicketCookieGenerator"
    		p:initialFlowSetupAction-ref="initialFlowSetupAction"
    	></bean>

修改bean,黑体为新增

<bean
		id="handlerMappingC"
		class="org.springframework.web.servlet.handler.SimpleUrlHandlerMapping">
		<property
			name="mappings">
			<props>
				<prop
					key="/logout">
					logoutController
				</prop>
				<prop
					key="/serviceValidate">
					serviceValidateController
				</prop>
				<prop
					key="/validate">
					legacyValidateController
				</prop>
				<prop
					key="noflow">
					noflowLoginController
				</prop>
				 

				<prop
					key="/proxy">
					proxyController
				</prop>
				<prop
					key="/proxyValidate">
					proxyValidateController
				</prop>
				<prop
					key="/samlValidate">
					samlValidateController
				</prop>
				
				<prop
					key="/services/add.html">
					addRegisteredServiceSimpleFormController
				</prop>
				
				<prop
					key="/services/edit.html">
					editRegisteredServiceSimpleFormController
				</prop>
				
				<prop
					key="/services/loggedOut.html">
					serviceLogoutViewController
				</prop>

                <prop key="/services/viewStatistics.html">
                    viewStatisticsController
                </prop>
			
				<prop key="/services/*">manageRegisteredServicesMultiActionController</prop>
				<prop key="/openid/*">openIdProviderController</prop>
                <prop key="/authorizationFailure.html">passThroughController</prop>
                <prop key="/403.html">passThroughController</prop>
			</props>
		</property>
		<property
			name="alwaysUseFullPath" value="true" />
		<!--
		uncomment this to enable sending PageRequest events. 
		<property
			name="interceptors">
			<list>
				<ref bean="pageRequestHandlerInterceptorAdapter" />
			</list>
		</property>
		 -->
	</bean>

4，noFlowLoginAction类的具体内容为：

import java.util.List;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.validation.constraints.NotNull;

import org.hibernate.validator.constraints.NotEmpty;
import org.jasig.cas.CentralAuthenticationService;
import org.jasig.cas.authentication.principal.Credentials;
import org.jasig.cas.authentication.principal.Service;
import org.jasig.cas.authentication.principal.UsernamePasswordCredentials;
import org.jasig.cas.ticket.TicketException;
import org.jasig.cas.web.flow.InitialFlowSetupAction;
import org.jasig.cas.web.support.ArgumentExtractor;
import org.jasig.cas.web.support.CookieRetrievingCookieGenerator;
import org.jasig.cas.web.support.WebUtils;
import org.springframework.util.StringUtils;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.mvc.AbstractController;
import org.springframework.web.servlet.view.RedirectView;

public class noFlowLoginAction extends AbstractController {
	
	
	   @NotNull
	   private CentralAuthenticationService centralAuthenticationService;
	     
	  	@NotNull
	    private CookieRetrievingCookieGenerator warnCookieGenerator;
	 	@NotNull
	    private CookieRetrievingCookieGenerator ticketGrantingTicketCookieGenerator;
	 	
	 	private InitialFlowSetupAction initialFlowSetupAction;
	 
	 
	   
	    /** Extractors for finding the service. */
	    @NotEmpty
	    private List<ArgumentExtractor> argumentExtractors;
	    protected ModelAndView handleRequestInternal(HttpServletRequest request,
				HttpServletResponse response) throws Exception {
	    	
	    	String uName = request.getParameter("username");
	    	String password = request.getParameter("password");
	    	Credentials credentials =new UsernamePasswordCredentials(uName,password);
	    	if (!this.initialFlowSetupAction.pathPopulated) {
	            final String contextPath = request.getContextPath();
	            final String cookiePath = StringUtils.hasText(contextPath) ? contextPath + "/" : "/";
	            logger.info("Setting path for cookies to: "
	                + cookiePath);
	            this.warnCookieGenerator.setCookiePath(cookiePath);
	            this.ticketGrantingTicketCookieGenerator.setCookiePath(cookiePath);
	            this.initialFlowSetupAction.pathPopulated = true;
	        }
	    	 final Service service = WebUtils.getService( this.argumentExtractors, request);
	    	 String ticketGrantingTicketId="";
	    	 String serviceTicket = "";
	 		try {
	 			ticketGrantingTicketId = this.centralAuthenticationService.createTicketGrantingTicket(credentials);
	 			
	 			/***
	        	 * 产生新的票据，并将票据及服务记录在缓存中
	        	 */
	 			serviceTicket=	 this.centralAuthenticationService.grantServiceTicket(ticketGrantingTicketId,service);
	 			
	 			this.ticketGrantingTicketCookieGenerator.removeCookie(response);
	 			
	 			this.ticketGrantingTicketCookieGenerator.addCookie(request, response, ticketGrantingTicketId);
	 		 
	 			this.warnCookieGenerator.addCookie(request, response, "true");
	 			 
	 		} catch (TicketException e) {
	 			 
	 			e.printStackTrace();
	 		}
	 		return new  ModelAndView(new RedirectView(request.getParameter("service")+"?ticket="+serviceTicket));
		}
	    
  
	    
	    public void setWarnCookieGenerator(final CookieRetrievingCookieGenerator warnCookieGenerator) {
	        this.warnCookieGenerator = warnCookieGenerator;
	    }
	    public void setArgumentExtractors(
	        final List<ArgumentExtractor> argumentExtractors) {
	        this.argumentExtractors = argumentExtractors;
	    }
	    public final void setCentralAuthenticationService(final CentralAuthenticationService centralAuthenticationService) {
	        this.centralAuthenticationService = centralAuthenticationService;
	    }
	    public void setTicketGrantingTicketCookieGenerator(
	            final CookieRetrievingCookieGenerator ticketGrantingTicketCookieGenerator) {
	            this.ticketGrantingTicketCookieGenerator = ticketGrantingTicketCookieGenerator;
	        }



		public void setInitialFlowSetupAction(
				InitialFlowSetupAction initialFlowSetupAction) {
			this.initialFlowSetupAction = initialFlowSetupAction;
		}	
	  
}

5，使用方法是：

    <form action="http://localhost:8081/casserver/noflow" method="post">
   	 <table>
   	 		<input type="hidden" id="targetService" name="service" value="http://localhost:8081/casclient4/sso/index.jsp">
            <input type="hidden" name="failpae" value="http://localhost:8081/casclient4/index.jsp">
            <table>
                <tr>
                    <td>用户名:</td>
                    <td><input type="text" name="username"></td>
                </tr>
                <tr>
                    <td>密&nbsp;&nbsp;码:</td>
                    <td><input type="password" name="password"></td>
                </tr>
                <tr><td>验证码</td>
                <td><input type="text" /><img
									src="http://localhost:8081/casserver/random"
									class="sign_img fl mt5"  /></td></tr>
                <tr>
                    <td colspan="2"><input type="submit" value="登陆" /></td>
                </tr>
                
            </table>
   	 </table>
    
    </form>

6，你可以自己测试了

分享到：

cas 系统实例客户配置（四）访问受保护 ... | cas 系统实例配置及使用

2012-03-20 15:09
浏览 10792
评论(4)
分类:企业架构
查看更多

4 楼 wqmain 2013-04-28

你好，按照你的配置，我下面这行在运行是报错：
serviceTicket = this.centralAuthenticationService.grantServiceTicket(ticketGrantingTicketId, service);

报错如下：

java.lang.IllegalArgumentException: 'resourceOperatedUpon' cannot be null.
Check the correctness of @Audit annotation at the following audit point: execution(public abstract java.lang.String org.jasig.cas.CentralAuthenticationService.grantServiceTicket(java.lang.String,org.jasig.cas.authentication.principal.Service))
	at com.github.inspektr.audit.AuditActionContext.assertNotNull(AuditActionContext.java:81)
	at com.github.inspektr.audit.AuditActionContext.<init>(AuditActionContext.java:64)
	at com.github.inspektr.audit.AuditTrailManagementAspect.executeAuditCode(AuditTrailManagementAspect.java:149)
	at com.github.inspektr.audit.AuditTrailManagementAspect.handleAuditTrail(AuditTrailManagementAspect.java:139)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
	at java.lang.reflect.Method.invoke(Method.java:597)

debug发现参数service为空，但argumentExtractors集合是有内容的，请问原因？我cas服务端版本3.5 访问方式：http://localhost/cas/noflow?username=abc&password=123

3 楼 kevinpan45 2012-11-07

你好，Credentials credentials =new UsernamePasswordCredentials(uName,password);这个代码提示没有这种构造方法。我用这样的方法构造，但是用credentials 生成ticket的时候

引用

ticketGrantingTicketId = this.centralAuthenticationService
.createTicketGrantingTicket(credentials);

报了这个异常

引用

TicketCreationException: error.authentication.credentials.bad

请问你的CAS SERVER是什么版本

2 楼 01jiangwei01 2012-06-05

查看“cas 系统实例客户端配置” 解决你的问题

1 楼 tiansskk 2012-05-09

不错很有用，那如何在客户端取值？

发表评论

您还没有登录,请您登录后再发表评论

最近访客更多访客>>

博主相关

文章分类

社区版块

存档分类

最新评论

cas 系统实例服务端配置（三）自定义登录不使用webFlow

评论

发表评论

相关推荐

最近访客 更多访客>>

博主相关

文章分类

社区版块

存档分类

最新评论

cas 系统实例 服务端配置（三） 自定义登录 不使用webFlow

评论

发表评论

相关推荐

cas 进阶篇二

cas 进阶篇一

cas 关注资料

cas 系统实例 客户配置（四） 访问受保护资源跳转到自定义登录页面

cas 系统实例 配置及使用

cas 系统实例 服务端配置（三） 退出到指定页面

cas 系统实例 服务端配置（二） 自定义登录

cas 系统实例 客户端配置

cas 系统实例 服务端配置（一）

cas 简单配置 不用证书

最近访客更多访客>>

cas 系统实例服务端配置（三）自定义登录不使用webFlow

cas 系统实例客户配置（四）访问受保护资源跳转到自定义登录页面

cas 系统实例配置及使用

cas 系统实例服务端配置（三）退出到指定页面

cas 系统实例服务端配置（二）自定义登录

cas 系统实例客户端配置

cas 系统实例服务端配置（一）

cas 简单配置不用证书