话不多说,上代码:
package org.jasig.cas.util;
import java.io.BufferedReader;
import java.io.BufferedWriter;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.OutputStreamWriter;
import java.net.HttpURLConnection;
import java.net.MalformedURLException;
import java.net.URL;
import java.net.URLConnection;
import java.net.URLEncoder;
public class CasTest {
public static void main(String... args) throws Exception {
String username = "10089";
String password = "123456";
validateFromCAS(username, password);
}
public static boolean validateFromCAS(String username, String password) throws Exception {
//开发环境配置
//String ticketUrl = "http://localhost:8006/cas/v1/tickets";
//String validateUrl = "http://localhost:8006/cas/serviceValidate";
//第三方服务
//String serviceURL = "http://localhost:8006/cas/CasClient";
String serviceURL = "http://www.baidu.com";
try {
//Step 1 首先生成TGT ticket ,返回201代表用户已经成功登录。
System.out.println("1.首先生成TGT ticket,请求地址为:"+ticketUrl);
HttpURLConnection hsu = (HttpURLConnection) openConn(ticketUrl);
String s = URLEncoder.encode("username", "UTF-8") + "=" + URLEncoder.encode(username, "UTF-8");
s += "&" + URLEncoder.encode("password", "UTF-8") + "=" + URLEncoder.encode(password, "UTF-8");
System.out.println("2.请求报文为:"+s);
OutputStreamWriter out = new OutputStreamWriter(hsu.getOutputStream());
BufferedWriter bwr = new BufferedWriter(out);
bwr.write(s);
bwr.flush();
bwr.close();
out.close();
String tgt = hsu.getHeaderField("location");
System.out.println("3.响应码为201表示用户已经成功登陆:"+hsu.getResponseCode());
if (tgt != null && hsu.getResponseCode() == 201) {
System.out.println("4.未加工的TGT串为:"+tgt);
//System.out.println("Tgt is : " + tgt.substring(tgt.lastIndexOf("/") + 1));
tgt = tgt.substring(tgt.lastIndexOf("/") + 1);
System.out.println("5.TGT为:"+tgt);
bwr.close();
closeConn(hsu);
//Step 2 验证当前用户是否在线/合法性 ,返回200代表用户验证成功,根据TGT成生ST
String encodedServiceURL = URLEncoder.encode("service", "utf-8") + "="
+ URLEncoder.encode(serviceURL, "utf-8");
String myURL = ticketUrl + "/" + tgt;
System.out.println("6.验证当前用户是否在线/合法性,请求地址为:"+myURL);
System.out.println("7.请求报文为:" + encodedServiceURL);
hsu = (HttpURLConnection) openConn(myURL);
out = new OutputStreamWriter(hsu.getOutputStream());
bwr = new BufferedWriter(out);
bwr.write(encodedServiceURL);
bwr.flush();
bwr.close();
out.close();
System.out.println("8.返回码为200代表用户验证成功:" + hsu.getResponseCode());
BufferedReader isr = new BufferedReader(new InputStreamReader(hsu.getInputStream()));
String line;
String st = "";
//System.out.println(hsu.getResponseCode());
while ((line = isr.readLine()) != null) {
st = line;
}
isr.close();
hsu.disconnect();
System.out.println("9.根据TGT生成的ST为:" + st);
//Step 3 返回ST的用户信息
closeConn(hsu);
encodedServiceURL = "";
encodedServiceURL = URLEncoder.encode("service", "UTF-8") + "=" + URLEncoder.encode(serviceURL, "UTF-8");
encodedServiceURL += "&" + URLEncoder.encode("ticket", "UTF-8") + "=" + URLEncoder.encode(st, "UTF-8");
System.out.println("10.返回ST的用户信息,请求地址为:" + validateUrl);
System.out.println("11.请求报文为:"+encodedServiceURL);
hsu = (HttpURLConnection) openConn(validateUrl);
out = new OutputStreamWriter(hsu.getOutputStream());
bwr = new BufferedWriter(out);
bwr.write(encodedServiceURL);
bwr.flush();
bwr.close();
out.close();
System.out.println("12.返回码为:" + hsu.getResponseCode());
isr = new BufferedReader(new InputStreamReader(hsu.getInputStream()));
//System.out.println(hsu.getResponseCode());
System.out.println("13.用户信息报文为:");
while ((line = isr.readLine()) != null) {
if(line!=null && !line.equals("")&&!line.trim().equals("")){
System.out.println(line);
}
}
isr.close();
hsu.disconnect();
return true;
} else {
return false;
}
} catch (MalformedURLException mue) {
mue.printStackTrace();
throw mue;
} catch (IOException ioe) {
ioe.printStackTrace();
throw ioe;
}
}
static URLConnection openConn(String urlk) throws MalformedURLException, IOException {
URL url = new URL(urlk);
HttpURLConnection hsu = (HttpURLConnection) url.openConnection();
hsu.setDoInput(true);
hsu.setDoOutput(true);
hsu.setRequestMethod("POST");
return hsu;
}
static void closeConn(HttpURLConnection c) {
c.disconnect();
}
}
当然这种方式最好第三方也是个casclient, 拿到ST之后可以做更多的事,但如果不是也可以,能校验账号密码登录了也行。
接入cas的话还有一种跳过cas思想的做法,那就是直接弄个restful接口,跳过票据这一块,但是这样又会违背cas的设计思想,孰轻孰重需要根据万恶的需求了。