package com.lch.httpclient;
import java.io.IOException;
import org.apache.commons.httpclient.Cookie;
import org.apache.commons.httpclient.Header;
import org.apache.commons.httpclient.HttpClient;
import org.apache.commons.httpclient.HttpException;
import org.apache.commons.httpclient.HttpMethod;
import org.apache.commons.httpclient.HttpStatus;
import org.apache.commons.httpclient.NameValuePair;
import org.apache.commons.httpclient.methods.GetMethod;
import org.apache.commons.httpclient.methods.PostMethod;
import org.apache.commons.httpclient.params.DefaultHttpParams;
import org.apache.commons.httpclient.params.HttpMethodParams;
import org.apache.commons.httpclient.protocol.Protocol;
public class DominoLogin {
public static void main(String[] args) throws HttpException, IOException {
Protocol myhttps = new Protocol("https", new MySecureProtocolSocketFactory (), 443);
Protocol.registerProtocol("https", myhttps);
HttpClient client = new HttpClient();
client.getHostConfiguration().setHost("127.0.0.1", 8443, myhttps);
// HttpMethod method = getGetMethod();
HttpMethod method = getPostMethod();
//method.addRequestHeader("Content-Type","text/html; charset=gb2312");
method.getParams().setContentCharset("utf-8");// 设置字符编码
// method.addRequestHeader("(Request-Line)", "POST /cas/login;jsessionid=29BF7E8BBDDB367B845F574EA11DFE0F HTTP/1.1");
// method.addRequestHeader("Accept", "image/gif, image/jpeg, image/pjpeg, image/pjpeg, application/x-shockwave-flash, application/QVOD, application/QVOD, application/msword, application/vnd.ms-excel, application/vnd.ms-powerpoint, */*");
// method.addRequestHeader("Accept-Encoding", "gzip, deflate");
// method.addRequestHeader("Accept-Language", "zh-cn");
// method.addRequestHeader("Cache-Control", "no-cache");
// method.addRequestHeader("Connection", "Keep-Alive");
// method.addRequestHeader("Content-Length", "151");
// method.addRequestHeader("Content-Type", "application/x-www-form-urlencoded");
// method.addRequestHeader("Cookie", "JSESSIONID=29BF7E8BBDDB367B845F574EA11DFE0F");
// method.addRequestHeader("Host", "localhost:8443");
// method.addRequestHeader("Referer", "https://localhost:8443/cas/login");
// method.addRequestHeader("User-Agent", "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; GTB6.5)");
DefaultHttpParams.getDefaultParams().setBooleanParameter(HttpMethodParams.SINGLE_COOKIE_HEADER, true);
int statuscode = client.executeMethod(method);
System.out.println(method.getStatusLine());
if((statuscode == HttpStatus.SC_MOVED_TEMPORARILY) ||
(statuscode == HttpStatus.SC_MOVED_PERMANENTLY) ||
(statuscode == HttpStatus.SC_SEE_OTHER)||
(statuscode == HttpStatus.SC_TEMPORARY_REDIRECT)){
System.out.println(statuscode);
Header header = method.getResponseHeader("location");
System.out.println(header);
if(header != null){
String newuri = header.getValue();
if((newuri != null) || (!newuri.equals(""))){
newuri = "/";
GetMethod redirect = new GetMethod(newuri);
client.executeMethod(redirect);
System.out.println("Redirect: " + redirect.getStatusLine().toString() );
System.out.println("***************************");
System.out.println(redirect.getResponseBodyAsString());
redirect.releaseConnection();
}else{
System.out.println("Invalid redirect");
}
}
}
method.setRequestHeader("charset", "utf-8");
// String response = new
// String(method.getResponseBodyAsString().getBytes("UTF-8"));
String response = method.getResponseBodyAsString();
System.out.println(response);
System.out.println("*********************************************");
Cookie[] cookies = client.getState().getCookies();
client.getState().addCookies(cookies);
for(int i=0;i <cookies.length;i++)
{
System.out.print(cookies[i].toString());
}
method.releaseConnection();
}
private static HttpMethod getPostMethod() {
PostMethod post = new PostMethod("/cas/login");
NameValuePair username = new NameValuePair("username", "admin");
NameValuePair password = new NameValuePair("password", "admin");
NameValuePair lt = new NameValuePair("lt", "_cD3B3A7E7-A323-F1FB-340B-18A914EE256D_k1CCD75E1-36E0-C3EC-B56A-21B0AB07C99E");
NameValuePair _eventId = new NameValuePair("_eventId", "submit");
NameValuePair locale = new NameValuePair("locale", "zh_CN");
NameValuePair jsessionid = new NameValuePair("jsessionid", "C9E3DF7018D7D5FF2384A7F990C552A9");
NameValuePair warn = new NameValuePair("warn", "true");
post.setRequestBody(new NameValuePair[] { username, password, lt, _eventId, locale, jsessionid, warn});
return post;
}
// private static HttpMethod getGetMethod() {
// return new GetMethod("/search.asp?action=mobile&mobile=1368359");
// }
}
package com.lch.httpclient;
import java.io.IOException;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.net.SocketAddress;
import java.net.UnknownHostException;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.SocketFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import org.apache.commons.httpclient.ConnectTimeoutException;
import org.apache.commons.httpclient.params.HttpConnectionParams;
import org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory;
public class MySecureProtocolSocketFactory implements SecureProtocolSocketFactory {
static{
System.out.println(">>>>in MySecureProtocolSocketFactory>>");
}
private SSLContext sslcontext = null;
private SSLContext createSSLContext() {
SSLContext sslcontext=null;
try {
sslcontext = SSLContext.getInstance("SSL");
sslcontext.init(null, new TrustManager[]{new TrustAnyTrustManager()}, new java.security.SecureRandom());
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (KeyManagementException e) {
e.printStackTrace();
}
return sslcontext;
}
private SSLContext getSSLContext() {
if (this.sslcontext == null) {
this.sslcontext = createSSLContext();
}
return this.sslcontext;
}
public Socket createSocket(Socket socket, String host, int port, boolean autoClose)
throws IOException, UnknownHostException {
return getSSLContext().getSocketFactory().createSocket(
socket,
host,
port,
autoClose
);
}
public Socket createSocket(String host, int port) throws IOException,
UnknownHostException {
return getSSLContext().getSocketFactory().createSocket(
host,
port
);
}
public Socket createSocket(String host, int port, InetAddress clientHost, int clientPort)
throws IOException, UnknownHostException {
return getSSLContext().getSocketFactory().createSocket(host, port, clientHost, clientPort);
}
public Socket createSocket(String host, int port, InetAddress localAddress,
int localPort, HttpConnectionParams params) throws IOException,
UnknownHostException, ConnectTimeoutException {
if (params == null) {
throw new IllegalArgumentException("Parameters may not be null");
}
int timeout = params.getConnectionTimeout();
SocketFactory socketfactory = getSSLContext().getSocketFactory();
if (timeout == 0) {
return socketfactory.createSocket(host, port, localAddress, localPort);
} else {
Socket socket = socketfactory.createSocket();
SocketAddress localaddr = new InetSocketAddress(localAddress, localPort);
SocketAddress remoteaddr = new InetSocketAddress(host, port);
socket.bind(localaddr);
socket.connect(remoteaddr, timeout);
return socket;
}
}
//自定义私有类
private static class TrustAnyTrustManager implements X509TrustManager {
public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
}
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
}
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[]{};
}
}
}
package com.lch.test;
import java.io.IOException;
import org.apache.commons.httpclient.Header;
import org.apache.commons.httpclient.HttpClient;
import org.apache.commons.httpclient.HttpException;
import org.apache.commons.httpclient.HttpMethod;
import org.apache.commons.httpclient.HttpStatus;
import org.apache.commons.httpclient.NameValuePair;
import org.apache.commons.httpclient.methods.GetMethod;
import org.apache.commons.httpclient.methods.PostMethod;
public class DominoLT {
public static void main(String[] args) throws HttpException, IOException {
HttpClient client = new HttpClient();
client.getHostConfiguration().setHost("******", 808, "http");
//HttpMethod method = getGetMethod();
HttpMethod method = getPostMethod();
method.getParams().setContentCharset("GB2312");
int statuscode = client.executeMethod(method);
System.out.println(method.getStatusLine());
method.setRequestHeader("charset", "gb2312");
//String response = new String(method.getResponseBodyAsString().getBytes("UTF-8"));
String response = method.getResponseBodyAsString();
System.out.println(response);
if((statuscode == HttpStatus.SC_MOVED_TEMPORARILY) ||
(statuscode == HttpStatus.SC_MOVED_PERMANENTLY) ||
(statuscode == HttpStatus.SC_SEE_OTHER)||
(statuscode == HttpStatus.SC_TEMPORARY_REDIRECT)){
System.out.println(statuscode);
Header header = method.getResponseHeader("location");
System.out.println(header);
String newuri = header.getValue();
PostMethod redirect = new PostMethod(newuri);
client.executeMethod(redirect);
System.out.println("Redirect: " + redirect.getStatusLine().toString() );
System.out.println("************0***************");
System.out.println(redirect.getResponseBodyAsString());
System.out.println("************1***************");
PostMethod Red = new PostMethod("http://*******/cxoanew/index.nsf/SForm01?OpenForm");
client.executeMethod(Red);
System.out.println(Red.getResponseBodyAsString());
System.out.println("************2***************");
redirect.releaseConnection();
}
method.releaseConnection();
}
private static HttpMethod getPostMethod() {
PostMethod post = new PostMethod("/names.nsf?Login");
NameValuePair username = new NameValuePair("username","****");
NameValuePair password = new NameValuePair("password","****");
post.setRequestBody(new NameValuePair[] {username, password});
return post;
}
private static HttpMethod getGetMethod() {
return new GetMethod("/names.nsf?Login?username=*****&password=****");
}
}
分享到:
相关推荐
**无HTTPS验证的CAS单点登录详解** CAS(Central Authentication Service,中央认证服务)是一种广泛应用于Web应用程序的身份验证框架,旨在提供一种集中化的身份验证机制,使得用户只需一次登录即可访问多个相互...
在这个场景中,我们关注的是`cas-shiro-https`的实现,它结合了CAS(Central Authentication Service)服务器、Shiro安全框架以及HTTPS安全协议。下面将详细阐述这些知识点。 首先,CAS是Java开发的一个开源身份...
6. **安全策略**:确保所有通信都使用HTTPS,以保护用户凭证的安全传输。此外,还要考虑会话管理,防止会话劫持和重放攻击。 7. **测试与调试**:完成配置后,要进行详尽的测试,确保所有系统都能正确地进行认证互...
cas 单点登录 修改https访问协议为http
6. **安全考虑**:确保在传输过程中使用HTTPS加密,防止凭证在传输过程中被截获。同时,定期更新AD和CAS服务器的证书,以保持系统的安全性。 通过以上步骤,我们可以将CAS与AD域有效地结合在一起,提供便捷且安全的...
- 使用HTTPS确保通信安全。 - 对用户输入进行验证和过滤,防止SQL注入、XSS攻击等。 - 对服务票据进行安全处理,避免被窃取或滥用。 总结,自定义CAS登录页面涉及到前端页面设计、后端配置以及与CAS服务器的交互等...
5. **证书配置**:对于HTTPS支持,需要配置SSL证书。 6. **启动服务**:完成以上步骤后,运行`mvn spring-boot:run`或相应的启动脚本来启动CAS服务。 **自定义与扩展:** CAS的`overlay`概念允许开发者在不修改...
【标题】:“CAS 取消Https协议 附” 在IT领域,CAS(Central Authentication Service)是一种广泛使用的单点登录(Single Sign-On, SSO)框架,它为各种应用系统提供了安全的身份验证服务。当我们提到“取消HTTPS...
4. SSL配置:为了保护传输的安全,通常需要配置SSL/TLS以启用HTTPS。 5. 服务注册:注册你的应用服务到CAS服务器,以便它们能接受SSO认证。 6. 客户端集成:在你的应用中集成CAS客户端库,实现与CAS服务器的交互。 ...
在本资源中,您将找到一个已配置好的CAS服务器代码,适用于HTTPS环境,这意味着它可以提供安全的通信,防止数据在传输过程中被窃取。 CAS服务器的主要功能包括: 1. 用户身份验证:当用户尝试访问受保护的资源时,...
6. **安全性**:CAS通过HTTPS等安全协议传输票证,确保了通信的安全性。同时,它还支持票证的过期和重用策略,增强了系统的安全性。 7. **可扩展性**:CAS的架构设计允许开发者轻松添加自定义功能,如自定义认证...
<casServerLoginUrl>https://cas.example.com/cas/login</casServerLoginUrl> <casServerUrlPrefix>https://cas.example.com/cas</casServerUrlPrefix> <serverName>http://yourapp.example.com</serverName> ...
cas.server-login-url=https://cas.example.com/cas/login cas.client-name=my-app cas.client-id=my-client-id cas.client-secret=my-client-secret ``` 此外,你还需要在Spring Boot应用中配置...
CAS客户端跳过https验证
CAS(Central Authentication Service,中央认证服务)是一种广泛使用的开源身份验证...参考提供的博客链接(https://blog.csdn.net/fancheng614/article/details/84038266),可以获取更具体的实现步骤和示例代码。
在实际应用中,可能还需要考虑一些额外因素,比如HTTPS加密通信、多环境配置、自定义登录行为、CAS服务器的扩展功能(如票据管理、审计日志等)。总的来说,整合Spring、Spring Web MVC和CAS客户端能帮助构建一个既...
Apereo CAS 6.3.2 是一个广泛使用的开源单点登录(Single Sign-On, SSO)服务器,基于 Java 技术栈构建,特别适用于教育和企业环境。它提供了安全的身份验证和授权服务,允许用户通过单一登录界面访问多个应用程序。...
- **CAS服务器部署**:将CAS服务部署在Tomcat容器中,并配置相关的SSL证书以确保安全的HTTPS连接。 - **CAS用户名密码存储**:CAS服务的用户名和密码信息存储在MySQL数据库中,便于统一管理和维护。 ##### 2.4 CAS...
这个版本的CAS客户端支持CAS协议的多个版本,包括基础的CAS协议以及CAS 2.0和3.0协议,可以处理HTTP和HTTPS的重定向。 **3. 配置CAS客户端** 在Java Web应用中,集成CAS通常需要以下步骤: - **添加依赖**:将`cas-...
cas-server-webapp-4.0.0.war--cas server去掉https验证.下载后直接部署tomcat即可,建议下载后将名称改为cas.war