`
elan1986
  • 浏览: 168733 次
  • 性别: Icon_minigender_1
  • 来自: 北京
社区版块
存档分类
最新评论
阅读更多
package com.lch.httpclient;

import java.io.IOException;

import org.apache.commons.httpclient.Cookie;
import org.apache.commons.httpclient.Header;
import org.apache.commons.httpclient.HttpClient;
import org.apache.commons.httpclient.HttpException;
import org.apache.commons.httpclient.HttpMethod;
import org.apache.commons.httpclient.HttpStatus;
import org.apache.commons.httpclient.NameValuePair;
import org.apache.commons.httpclient.methods.GetMethod;
import org.apache.commons.httpclient.methods.PostMethod;
import org.apache.commons.httpclient.params.DefaultHttpParams;
import org.apache.commons.httpclient.params.HttpMethodParams;
import org.apache.commons.httpclient.protocol.Protocol;

public class DominoLogin {
	public static void main(String[] args) throws HttpException, IOException {
		
		Protocol myhttps = new Protocol("https", new MySecureProtocolSocketFactory (), 443);
		Protocol.registerProtocol("https", myhttps);
		
		HttpClient client = new HttpClient();
		client.getHostConfiguration().setHost("127.0.0.1", 8443, myhttps);

		// HttpMethod method = getGetMethod();
		HttpMethod method = getPostMethod();
		//method.addRequestHeader("Content-Type","text/html; charset=gb2312");
		method.getParams().setContentCharset("utf-8");// 设置字符编码
		
		
//		method.addRequestHeader("(Request-Line)", "POST /cas/login;jsessionid=29BF7E8BBDDB367B845F574EA11DFE0F HTTP/1.1");
//		method.addRequestHeader("Accept", "image/gif, image/jpeg, image/pjpeg, image/pjpeg, application/x-shockwave-flash, application/QVOD, application/QVOD, application/msword, application/vnd.ms-excel, application/vnd.ms-powerpoint, */*");
//		method.addRequestHeader("Accept-Encoding", "gzip, deflate");
//		method.addRequestHeader("Accept-Language", "zh-cn");
//		method.addRequestHeader("Cache-Control", "no-cache");
//		method.addRequestHeader("Connection", "Keep-Alive");
//		method.addRequestHeader("Content-Length", "151");
//		method.addRequestHeader("Content-Type", "application/x-www-form-urlencoded");
//		method.addRequestHeader("Cookie", "JSESSIONID=29BF7E8BBDDB367B845F574EA11DFE0F");
//		method.addRequestHeader("Host", "localhost:8443");
//		method.addRequestHeader("Referer", "https://localhost:8443/cas/login");
//		method.addRequestHeader("User-Agent", "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; GTB6.5)");
		DefaultHttpParams.getDefaultParams().setBooleanParameter(HttpMethodParams.SINGLE_COOKIE_HEADER, true);

		int statuscode = client.executeMethod(method);
		System.out.println(method.getStatusLine());
		
		if((statuscode == HttpStatus.SC_MOVED_TEMPORARILY) ||
		   (statuscode == HttpStatus.SC_MOVED_PERMANENTLY) ||
		   (statuscode == HttpStatus.SC_SEE_OTHER)||
		   (statuscode == HttpStatus.SC_TEMPORARY_REDIRECT)){
			System.out.println(statuscode);
			Header header = method.getResponseHeader("location");
			System.out.println(header);
			if(header != null){
				String newuri = header.getValue();
				if((newuri != null) || (!newuri.equals(""))){
					newuri = "/";
					
					GetMethod redirect = new GetMethod(newuri);
					
					client.executeMethod(redirect);
					
					System.out.println("Redirect: " + redirect.getStatusLine().toString() );
					System.out.println("***************************");
					System.out.println(redirect.getResponseBodyAsString());
					redirect.releaseConnection();
				}else{
					System.out.println("Invalid redirect");
				}
			}
		}
		
		method.setRequestHeader("charset", "utf-8");
		// String response = new
		// String(method.getResponseBodyAsString().getBytes("UTF-8"));
		String response = method.getResponseBodyAsString();
		System.out.println(response);
		
		System.out.println("*********************************************");
		Cookie[] cookies = client.getState().getCookies();
		client.getState().addCookies(cookies);
		for(int i=0;i <cookies.length;i++)  
		{  
		  System.out.print(cookies[i].toString());  
		}   
		
		method.releaseConnection();
	}

	private static HttpMethod getPostMethod() {
		PostMethod post = new PostMethod("/cas/login");
		NameValuePair username = new NameValuePair("username", "admin");
		NameValuePair password = new NameValuePair("password", "admin");
		NameValuePair lt = new NameValuePair("lt", "_cD3B3A7E7-A323-F1FB-340B-18A914EE256D_k1CCD75E1-36E0-C3EC-B56A-21B0AB07C99E");
		NameValuePair _eventId = new NameValuePair("_eventId", "submit");
		NameValuePair locale = new NameValuePair("locale", "zh_CN");
		NameValuePair jsessionid = new NameValuePair("jsessionid", "C9E3DF7018D7D5FF2384A7F990C552A9");
		NameValuePair warn = new NameValuePair("warn", "true");
		
		
		
		
		post.setRequestBody(new NameValuePair[] { username, password, lt, _eventId, locale, jsessionid, warn});
		return post;
	}

//	private static HttpMethod getGetMethod() {
//		return new GetMethod("/search.asp?action=mobile&mobile=1368359");
//	}
}



package com.lch.httpclient;

import java.io.IOException;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.net.SocketAddress;
import java.net.UnknownHostException;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

import javax.net.SocketFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

import org.apache.commons.httpclient.ConnectTimeoutException;
import org.apache.commons.httpclient.params.HttpConnectionParams;
import org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory;

public class MySecureProtocolSocketFactory implements SecureProtocolSocketFactory {
    static{
        System.out.println(">>>>in MySecureProtocolSocketFactory>>");
    }
    private SSLContext sslcontext = null;
    
    private SSLContext createSSLContext() {
        SSLContext sslcontext=null;
        try {
            sslcontext = SSLContext.getInstance("SSL");
            sslcontext.init(null, new TrustManager[]{new TrustAnyTrustManager()}, new java.security.SecureRandom());
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
        } catch (KeyManagementException e) {
            e.printStackTrace();
        }
        return sslcontext;
    }
    
    private SSLContext getSSLContext() {
        if (this.sslcontext == null) {
            this.sslcontext = createSSLContext();
        }
        return this.sslcontext;
    }
    
    public Socket createSocket(Socket socket, String host, int port, boolean autoClose)
            throws IOException, UnknownHostException {
        return getSSLContext().getSocketFactory().createSocket(
                socket,
                host,
                port,
                autoClose
            );
    }

    public Socket createSocket(String host, int port) throws IOException,
            UnknownHostException {
        return getSSLContext().getSocketFactory().createSocket(
                host,
                port
            );
    }
    
    
    public Socket createSocket(String host, int port, InetAddress clientHost, int clientPort)
            throws IOException, UnknownHostException {
        return getSSLContext().getSocketFactory().createSocket(host, port, clientHost, clientPort);
    }

    public Socket createSocket(String host, int port, InetAddress localAddress,
            int localPort, HttpConnectionParams params) throws IOException,
            UnknownHostException, ConnectTimeoutException {
        if (params == null) {
            throw new IllegalArgumentException("Parameters may not be null");
        }
        int timeout = params.getConnectionTimeout();
        SocketFactory socketfactory = getSSLContext().getSocketFactory();
        if (timeout == 0) {
            return socketfactory.createSocket(host, port, localAddress, localPort);
        } else {
            Socket socket = socketfactory.createSocket();
            SocketAddress localaddr = new InetSocketAddress(localAddress, localPort);
            SocketAddress remoteaddr = new InetSocketAddress(host, port);
            socket.bind(localaddr);
            socket.connect(remoteaddr, timeout);
            return socket;
        }
    }
    
    //自定义私有类
    private static class TrustAnyTrustManager implements X509TrustManager {
       
        public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
        }
   
        public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
        }
   
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[]{};
        }
    }
    

}





package com.lch.test;

import java.io.IOException;

import org.apache.commons.httpclient.Header;
import org.apache.commons.httpclient.HttpClient;
import org.apache.commons.httpclient.HttpException;
import org.apache.commons.httpclient.HttpMethod;
import org.apache.commons.httpclient.HttpStatus;
import org.apache.commons.httpclient.NameValuePair;
import org.apache.commons.httpclient.methods.GetMethod;
import org.apache.commons.httpclient.methods.PostMethod;

public class DominoLT {

	public static void main(String[] args) throws HttpException, IOException {
		HttpClient client = new HttpClient();
		client.getHostConfiguration().setHost("******", 808, "http");
		
		//HttpMethod method = getGetMethod();
		HttpMethod method = getPostMethod();
		method.getParams().setContentCharset("GB2312");
		
		int statuscode = client.executeMethod(method);
		System.out.println(method.getStatusLine());
		method.setRequestHeader("charset", "gb2312");
		//String response = new String(method.getResponseBodyAsString().getBytes("UTF-8"));
		String response = method.getResponseBodyAsString();
		System.out.println(response);
		
		if((statuscode == HttpStatus.SC_MOVED_TEMPORARILY) ||
		   (statuscode == HttpStatus.SC_MOVED_PERMANENTLY) ||
		   (statuscode == HttpStatus.SC_SEE_OTHER)||
		   (statuscode == HttpStatus.SC_TEMPORARY_REDIRECT)){
			
			System.out.println(statuscode);
			Header header = method.getResponseHeader("location");
			System.out.println(header);
			String newuri = header.getValue();
			PostMethod redirect = new PostMethod(newuri);
			client.executeMethod(redirect);
			System.out.println("Redirect: " + redirect.getStatusLine().toString() );
			System.out.println("************0***************");
			System.out.println(redirect.getResponseBodyAsString());
			System.out.println("************1***************");
			
			PostMethod Red = new PostMethod("http://*******/cxoanew/index.nsf/SForm01?OpenForm");
			client.executeMethod(Red);
			System.out.println(Red.getResponseBodyAsString());
			System.out.println("************2***************");
			redirect.releaseConnection();
		}
		
		method.releaseConnection();
	}

	private static HttpMethod getPostMethod() {
		PostMethod post = new PostMethod("/names.nsf?Login");
		
		NameValuePair username = new NameValuePair("username","****");
		NameValuePair password = new NameValuePair("password","****");
		
		post.setRequestBody(new NameValuePair[] {username, password});
		return post;
	}

	private static HttpMethod getGetMethod() {
		return new GetMethod("/names.nsf?Login?username=*****&password=****");
	}
}
分享到:
评论
1 楼 xfei6868 2011-03-23  
项目配置了cas,登录后,有时候有些提交或者查询仍然会去cas验证一下。
这时候验证回来会跟一个cas的串,但是如果是post提交,post的数据就没了。

相关推荐

    无https验证的CAS单点登录

    **无HTTPS验证的CAS单点登录详解** CAS(Central Authentication Service,中央认证服务)是一种广泛应用于Web应用程序的身份验证框架,旨在提供一种集中化的身份验证机制,使得用户只需一次登录即可访问多个相互...

    cas-shiro-https单点登录实现

    在这个场景中,我们关注的是`cas-shiro-https`的实现,它结合了CAS(Central Authentication Service)服务器、Shiro安全框架以及HTTPS安全协议。下面将详细阐述这些知识点。 首先,CAS是Java开发的一个开源身份...

    cas4.2.7 实现其他系统和cas互相认证互信

    6. **安全策略**:确保所有通信都使用HTTPS,以保护用户凭证的安全传输。此外,还要考虑会话管理,防止会话劫持和重放攻击。 7. **测试与调试**:完成配置后,要进行详尽的测试,确保所有系统都能正确地进行认证互...

    cas 单点登录修改https为http

    cas 单点登录 修改https访问协议为http

    cas集成AD域

    6. **安全考虑**:确保在传输过程中使用HTTPS加密,防止凭证在传输过程中被截获。同时,定期更新AD和CAS服务器的证书,以保持系统的安全性。 通过以上步骤,我们可以将CAS与AD域有效地结合在一起,提供便捷且安全的...

    cas 自定义登录页面

    - 使用HTTPS确保通信安全。 - 对用户输入进行验证和过滤,防止SQL注入、XSS攻击等。 - 对服务票据进行安全处理,避免被窃取或滥用。 总结,自定义CAS登录页面涉及到前端页面设计、后端配置以及与CAS服务器的交互等...

    Cas5.2.6(cas-overlay-template-5.2.6)服务端

    5. **证书配置**:对于HTTPS支持,需要配置SSL证书。 6. **启动服务**:完成以上步骤后,运行`mvn spring-boot:run`或相应的启动脚本来启动CAS服务。 **自定义与扩展:** CAS的`overlay`概念允许开发者在不修改...

    CAS 取消Https协议 附

    【标题】:“CAS 取消Https协议 附” 在IT领域,CAS(Central Authentication Service)是一种广泛使用的单点登录(Single Sign-On, SSO)框架,它为各种应用系统提供了安全的身份验证服务。当我们提到“取消HTTPS...

    cas-4.1.7最新

    4. SSL配置:为了保护传输的安全,通常需要配置SSL/TLS以启用HTTPS。 5. 服务注册:注册你的应用服务到CAS服务器,以便它们能接受SSO认证。 6. 客户端集成:在你的应用中集成CAS客户端库,实现与CAS服务器的交互。 ...

    单点登录CAS应用代码(HTTPS)

    在本资源中,您将找到一个已配置好的CAS服务器代码,适用于HTTPS环境,这意味着它可以提供安全的通信,防止数据在传输过程中被窃取。 CAS服务器的主要功能包括: 1. 用户身份验证:当用户尝试访问受保护的资源时,...

    cas-3.4.1_单点登录_CAS_

    6. **安全性**:CAS通过HTTPS等安全协议传输票证,确保了通信的安全性。同时,它还支持票证的过期和重用策略,增强了系统的安全性。 7. **可扩展性**:CAS的架构设计允许开发者轻松添加自定义功能,如自定义认证...

    cas .net客户端的配置代码

    &lt;casServerLoginUrl&gt;https://cas.example.com/cas/login&lt;/casServerLoginUrl&gt; &lt;casServerUrlPrefix&gt;https://cas.example.com/cas&lt;/casServerUrlPrefix&gt; &lt;serverName&gt;http://yourapp.example.com&lt;/serverName&gt; ...

    cas 普通方式和SpringBoot方式客户端 普通方式服务端

    cas.server-login-url=https://cas.example.com/cas/login cas.client-name=my-app cas.client-id=my-client-id cas.client-secret=my-client-secret ``` 此外,你还需要在Spring Boot应用中配置...

    cas-client-core-3.3.2绕过https.jar

    CAS客户端跳过https验证

    CAS自定义加密和登录验证

    CAS(Central Authentication Service,中央认证服务)是一种广泛使用的开源身份验证...参考提供的博客链接(https://blog.csdn.net/fancheng614/article/details/84038266),可以获取更具体的实现步骤和示例代码。

    整合spring+springWebMVC+cas客户端

    在实际应用中,可能还需要考虑一些额外因素,比如HTTPS加密通信、多环境配置、自定义登录行为、CAS服务器的扩展功能(如票据管理、审计日志等)。总的来说,整合Spring、Spring Web MVC和CAS客户端能帮助构建一个既...

    apereo cas6.3.2可执行war,集成mysql的jdbc认证模块

    Apereo CAS 6.3.2 是一个广泛使用的开源单点登录(Single Sign-On, SSO)服务器,基于 Java 技术栈构建,特别适用于教育和企业环境。它提供了安全的身份验证和授权服务,允许用户通过单一登录界面访问多个应用程序。...

    django+cas环境部署

    - **CAS服务器部署**:将CAS服务部署在Tomcat容器中,并配置相关的SSL证书以确保安全的HTTPS连接。 - **CAS用户名密码存储**:CAS服务的用户名和密码信息存储在MySQL数据库中,便于统一管理和维护。 ##### 2.4 CAS...

    cas单点登录需要的jar包

    这个版本的CAS客户端支持CAS协议的多个版本,包括基础的CAS协议以及CAS 2.0和3.0协议,可以处理HTTP和HTTPS的重定向。 **3. 配置CAS客户端** 在Java Web应用中,集成CAS通常需要以下步骤: - **添加依赖**:将`cas-...

    cas-server-webapp-4.0.0.war--cas server去掉https验证

    cas-server-webapp-4.0.0.war--cas server去掉https验证.下载后直接部署tomcat即可,建议下载后将名称改为cas.war

Global site tag (gtag.js) - Google Analytics