SSO除了支持表单的方式进行认证外还可以使用rest接口进行认证,参考:http://jasig.github.io/cas/4.0.x/protocol/REST-Protocol.html
操作步骤如下:
1、将cas-server-support-rest-4.1.3.jar放到cas server的lib中以支持rest认证
2、配置web.xml,以提供rest接口。
<servlet>
<servlet-name>restlet</servlet-name>
<servlet-class>org.restlet.ext.spring.RestletFrameworkServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>restlet</servlet-name>
<url-pattern>/v1/*</url-pattern>
</servlet-mapping>
3、使用post方式进行验证,一定要使用post,在windows下可以访问http://curl.haxx.se/download/curl-7.33.0-win64-ssl-sspi.zip下载windows下的curl工具,然后执行如下命令进行进行验证
a、获取TGT: curl.exe -d "username=casuser&password=Mellon" -i "http://localhost:8080/cas/v1/tickets"
返回结果:
HTTP/1.1 201 Created
Server: Apache-Coyote/1.1
Location: http://localhost:8080/cas/v1/tickets/TGT-1-ajXZWdzcLFzWyHxmsDyJCpaEwMIzpRGh0DpGnWOueSi5HtvGwv-cas01.example.org
Content-Type: text/html;charset=UTF-8
Content-Length: 376
Date: Mon, 04 Apr 2016 08:15:52 GMT
<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\"><html><head><title>201 Created</title></head><body><h1>TGT Created</h1><form action="http://localhost:8080/cas/v1/tickets/TGT-1-ajXZWdzcLFzWyHxmsDyJCpaEwMIzpRGh0DpGnWOueSi5HtvGwv-cas01.example.org" method="POST">Service:<input type="text" name="service" value=""><br><input type="submit" value="Submit"></form></body></html>
b、获取ST:curl.exe -d "service=http://localhost:8080/simple" -i "http://localhost:8080/cas/v1/tickets/TGT-1-ajXZWdzcLFzWyHxmsDyJCpaEwMIzpRGh0DpGnWOueSi5HtvGwv-cas01.example.org"
返回结果:
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Disposition: attachment;filename=f.txt
Content-Type: application/vnd.lotus-organizer;charset=UTF-8
Content-Length: 43
Date: Mon, 04 Apr 2016 08:20:33 GMT
ST-1-cQwwDeN2SQsl7X1tWWsa-cas01.example.org
c、登出:curl -I -X DELETE "http://localhost:8080/cas/v1/tickets/TGT-1-ajXZWdzcLFzWyHxmsDyJCpaEwMIzpRGh0DpGnWOueSi5HtvGwv-cas01.example.org"
返回结果:
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Disposition: attachment;filename=f.txt
Content-Type: application/vnd.lotus-organizer;charset=UTF-8
Content-Length: 74
Date: Mon, 04 Apr 2016 08:46:11 GMT