CAS自定义登录页面

CAS服务端：
1.需要在cas-servlet.xml添加一个controller：remoteLoginController

<bean id="handlerMappingC"
		class="org.springframework.web.servlet.handler.SimpleUrlHandlerMapping">
		<property name="mappings">
<prop key="remoteLogin">remoteLoginController</prop>
</bean>

2.在添加一个对应的controller bean

<bean id="remoteLoginController" class="org.jasig.cas.expand.web.flow.RemoteLoginAction"
		p:argumentExtractors-ref="argumentExtractors"
		p:warnCookieGenerator-ref="warnCookieGenerator"
		p:centralAuthenticationService-ref="centralAuthenticationService"
		p:ticketGrantingTicketCookieGenerator-ref="ticketGrantingTicketCookieGenerator"></bean>

3.添加对应的Action

import java.util.List;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.validation.constraints.NotNull;

import org.hibernate.validator.constraints.NotEmpty;
import org.jasig.cas.CentralAuthenticationService;
import org.jasig.cas.authentication.principal.Service;
import org.jasig.cas.authentication.principal.UsernamePasswordCredentials;
import org.jasig.cas.client.util.CommonUtils;
import org.jasig.cas.ticket.TicketException;
import org.jasig.cas.web.support.ArgumentExtractor;
import org.jasig.cas.web.support.CookieRetrievingCookieGenerator;
import org.jasig.cas.web.support.WebUtils;
import org.springframework.util.StringUtils;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.mvc.AbstractController;
import org.springframework.web.servlet.view.RedirectView;

public class RemoteLoginAction extends AbstractController {

	@NotNull
	private CentralAuthenticationService centralAuthenticationService;

	@NotNull
	private CookieRetrievingCookieGenerator warnCookieGenerator;
	@NotNull
	private CookieRetrievingCookieGenerator ticketGrantingTicketCookieGenerator;

	private boolean pathPopulated = false;

	/** Extractors for finding the service. */
	@NotEmpty
	private List<ArgumentExtractor> argumentExtractors;

	protected ModelAndView handleRequestInternal(HttpServletRequest request,
			HttpServletResponse response) throws Exception {
		String clientLoginUrl = request.getParameter("clientLoginUrl");
		request.setAttribute("clientLoginUrl", clientLoginUrl);
		request.getSession().setAttribute("clientLoginUrl", clientLoginUrl);
		logger.info("clientLoginUrl : " + clientLoginUrl);
		String uName = request.getParameter("username");
		String password = request.getParameter("password");
		UsernamePasswordCredentials credentials = null;
		if (CommonUtils.isNotBlank(uName) && CommonUtils.isNotBlank(password)) {
			credentials = new UsernamePasswordCredentials();
			credentials.setPassword(password);
			credentials.setUsername(uName);
		} else {
			return new ModelAndView(new RedirectView(clientLoginUrl));
		}
		if (!this.pathPopulated) {
			final String contextPath = request.getContextPath();
			final String cookiePath = StringUtils.hasText(contextPath) ? contextPath
					+ "/"
					: "/";
			logger.info("Setting path for cookies to: " + cookiePath);
			this.warnCookieGenerator.setCookiePath(cookiePath);
			this.ticketGrantingTicketCookieGenerator.setCookiePath(cookiePath);
			this.pathPopulated = true;
		}
		final Service service = WebUtils.getService(this.argumentExtractors,
				request);
		String ticketGrantingTicketId = "";
		String serviceTicket = "";
		try {
			ticketGrantingTicketId = this.centralAuthenticationService
					.createTicketGrantingTicket(credentials);

			/***
			 * 产生新的票据，并将票据及服务记录在缓存中
			 */
			serviceTicket = this.centralAuthenticationService
					.grantServiceTicket(ticketGrantingTicketId, service);

			this.ticketGrantingTicketCookieGenerator.removeCookie(response);

			this.ticketGrantingTicketCookieGenerator.addCookie(request,
					response, ticketGrantingTicketId);

			this.warnCookieGenerator.addCookie(request, response, "true");

		} catch (TicketException e) {
			return new ModelAndView(new RedirectView(clientLoginUrl));
		}
		return new ModelAndView(new RedirectView(
				request.getParameter("service") + "?ticket=" + serviceTicket));
	}

	public void setWarnCookieGenerator(
			final CookieRetrievingCookieGenerator warnCookieGenerator) {
		this.warnCookieGenerator = warnCookieGenerator;
	}

	public void setArgumentExtractors(
			final List<ArgumentExtractor> argumentExtractors) {
		this.argumentExtractors = argumentExtractors;
	}

	public final void setCentralAuthenticationService(
			final CentralAuthenticationService centralAuthenticationService) {
		this.centralAuthenticationService = centralAuthenticationService;
	}

	public void setTicketGrantingTicketCookieGenerator(
			final CookieRetrievingCookieGenerator ticketGrantingTicketCookieGenerator) {
		this.ticketGrantingTicketCookieGenerator = ticketGrantingTicketCookieGenerator;
	}

}

4.修改一下登录成功会自动重定向到你提供的service地址，现在要做的是登录不成功的时候返回自定义的登录页面，需要修改casLoginView.jsp，直接重定向到clientLoginUrl

<% response.sendRedirect(request.getAttribute("clientLoginUrl").toString()); %>

CAC客户端：
1.web.xml的配置
网上都有，就不贴了
2.修改认证filter，添加clientLoginUrl给服务端认证失败时重定向使用
3.自定义登录页面

<form action="https://casip:casport/cas/remoteLogin"
		method="post">
		<input type="hidden" id="targetService" name="service"
			value="认证成功以后返回的URL" /> <input type="hidden"
			name="clientLoginUrl" value="自定义登录页面的URL" />
		<table>
			<tr>
				<td>用户名:</td>
				<td><input type="text" name="username"></td>
			</tr>
			<tr>
				<td>密  码:</td>
				<td><input type="password" name="password"></td>
			</tr>
			<tr>
				<td colspan="2"><input type="submit" value="登陆" /></td>
			</tr>
		</table>
	</form>

自己试试吧