前期准备:
1.cas-server-3.5.2-release.zip
2.应用系统webapp1(http://127.0.0.1:8090/webapp1/main.do)
3.应用系统webapp2(http://127.0.0.1:8091/webapp2/main.do)
4.CAS单点登录服务器端(http://127.0.0.1:8081/cas-server/)
本次讨论包括CAS单点登录服务器端的部分源码,以及在此基础上进行二次开发,因此需要修改部分CAS服务器端的源码,源码部分的修改在下面进行讨论。关于CAS客户端的源码分析,请参考另一篇文章http://blog.csdn.net/dovejing/article/details/44426547
其中cas-server-3.5.2-release.zip为CAS服务器端的源码zip包。
web.xml部分代码
<servlet>
<servlet-name>cas</servlet-name>
<servlet-class>org.jasig.cas.web.init.SafeDispatcherServlet</servlet-class>
<init-param>
<param-name>publishContext</param-name>
<param-value>false</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/login</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/logout</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/validate</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/serviceValidate</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/samlValidate</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/proxy</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/proxyValidate</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/CentralAuthenticationService</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/services/add.html</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/services/viewStatistics.html</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/services/logout.html</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/services/loggedOut.html</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/services/manage.html</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/services/edit.html</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/openid/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/services/deleteRegisteredService.html</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/services/updateRegisteredServiceEvaluationOrder.html</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/status</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/authorizationFailure.html</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/403.html</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/error</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/authcode</url-pattern>
</servlet-mapping>
访问集成了CAS单点登录的应用系统webapp1
下面讲一下CAS单点登录服务器端的登录流程,流程的配置在/WEB-INF/login-webflow.xml文件中。
/WEB-INF/login-webflow.xml部分代码
<var name="credentials" class="org.jasig.cas.authentication.principal.UsernamePasswordCredentials" />
首先,设置一个变量,用来存储用户名和密码信息。
<on-start>
<evaluate expression="initialFlowSetupAction" />
</on-start>
整个登录流程从此处开始,流程初始化initialFlowSetupAction的配置信息在/WEB-INF/cas-servlet.xml中。
/WEB-INF/cas-servlet.xml部分代码
<bean id="initialFlowSetupAction" class="org.jasig.cas.web.flow.InitialFlowSetupAction&