CAS退出默认是转向CAS内置的退出页面,在实际应用中需要跳转到自己指定的页面。退出转向决定于org.jasig.cas.web.LogoutController,我们看一下源代码。
protected ModelAndView handleRequestInternal(
final HttpServletRequest request, final HttpServletResponse response)
throws Exception {
final String ticketGrantingTicketId = this.ticketGrantingTicketCookieGenerator.retrieveCookieValue(request);
final String service = request.getParameter("service");
if (ticketGrantingTicketId != null) {
this.centralAuthenticationService
.destroyTicketGrantingTicket(ticketGrantingTicketId);
this.ticketGrantingTicketCookieGenerator.removeCookie(response);
this.warnCookieGenerator.removeCookie(response);
}
if (this.followServiceRedirects && service != null) {
return new ModelAndView(new RedirectView(service));
}
return new ModelAndView(this.logoutView);
}
可以看出,当this.followServiceRedirects && service != null时才会跳转到自己指定的view,service应该都比较熟悉了,它是客户传的参数,
指定cas中心转向哪里,但我们仅仅传service 还是不行的,还需要把followServiceRedirects属性设为true,下面看看如何修改这个属性
<bean id="logoutController" class="org.jasig.cas.web.LogoutController"
p:centralAuthenticationService-ref="centralAuthenticationService"
p:logoutView="casLogoutView"
p:followServiceRedirects="true"
p:warnCookieGenerator-ref="warnCookieGenerator"
p:ticketGrantingTicketCookieGenerator-ref="ticketGrantingTicketCookieGenerator" />
修改cas-servlet.xml配置文件中的logoutController,新增属性p:followServiceRedirects="true",修改后如下:
<bean id="logoutController" class="org.jasig.cas.web.LogoutController"
p:centralAuthenticationService-ref="centralAuthenticationService"
p:logoutView="casLogoutView"
p:warnCookieGenerator-ref="warnCookieGenerator"
p:ticketGrantingTicketCookieGenerator-ref="ticketGrantingTicketCookieGenerator" >
<property name="followServiceRedirects" value="true" />
</bean>
退出页面如下所示
<a href="https://localhost:8443/cas/logout?service=http://app:8080/app">Logout</a>
参考:
1) http://my.so-net.net.tw/tzuyichao/misc/forfun.cas.04.html
2) http://www.iteye.com/topic/1115922
评论