CAS 单点登录 移动端获取TGT、ST 已经移动端登录页面不进行跳转的设置

最新推荐文章于 2023-03-28 10:45:03 发布
最新推荐文章于 2023-03-28 10:45:03 发布
阅读量1.4k 收藏 1
点赞数
文章标签: java json web.xml
原文链接:http://www.cnblogs.com/lvgg/p/7150352.html
版权

一。设置移动客户端验证ST通过后,页面不进行302重定向跳转

修改web.xml

<!--***************************************************************** -->
<!-- 校验ticket的过滤器 -->
<filter>
<filter-name>ticketValidationFilter</filter-name>
<filter-class>org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter
</filter-class>
<init-param>
<param-name>casServerUrlPrefix</param-name>
<!-- SSO统一登录URL-->
<param-value>http://passport.hivescm.com/cas</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<!--本客户端URL-->
<param-value>http://192.168.106.49:8080/order</param-value>
</init-param>
<init-param>
<param-name>useSession</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>redirectAfterValidation</param-name>
<param-value>false</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>ticketValidationFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>

二。处理移动端通过ST访问另一个系统比较service通过

1.移动端获取TGT的类,查看源码TicketsResource ,进行修改返回json数据

package org.jasig.cas.support.rest;


import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.google.code.kaptcha.Constants;
import com.hivecas.model.ConstantUtils;
import com.hivecas.model.ResponseBean;
import com.hivecas.model.UsernamePasswordStrongCredential;

import org.apache.commons.lang3.StringUtils;
import org.jasig.cas.CasProtocolConstants;
import org.jasig.cas.CentralAuthenticationService;
import org.jasig.cas.authentication.AuthenticationContext;
import org.jasig.cas.authentication.AuthenticationContextBuilder;
import org.jasig.cas.authentication.AuthenticationSystemSupport;
import org.jasig.cas.authentication.AuthenticationException;
import org.jasig.cas.authentication.AuthenticationTransaction;
import org.jasig.cas.authentication.Credential;
import org.jasig.cas.authentication.DefaultAuthenticationContextBuilder;
import org.jasig.cas.authentication.DefaultAuthenticationSystemSupport;
import org.jasig.cas.authentication.principal.Service;
import org.jasig.cas.authentication.principal.ServiceFactory;
import org.jasig.cas.ticket.InvalidTicketException;
import org.jasig.cas.ticket.ServiceTicket;
import org.jasig.cas.ticket.TicketGrantingTicket;
import org.jasig.cas.ticket.registry.DefaultTicketRegistrySupport;
import org.jasig.cas.ticket.registry.TicketRegistrySupport;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.http.ResponseEntity;
import org.springframework.util.MultiValueMap;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.RestController;

import javax.servlet.http.HttpServletRequest;
import javax.validation.constraints.NotNull;
import java.net.URI;
import java.util.Formatter;
import java.util.HashMap;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;

/**
 * {@link RestController} implementation of CAS' REST API.
 *
 * This class implements main CAS RESTful resource for vending/deleting TGTs and vending STs:
 *
 * <ul>
 *     <li>{@code POST /v1/tickets}</li>
 *     <li>{@code POST /v1/tickets/{TGT-id}}</li>
 *     <li>{@code DELETE /v1/tickets/{TGT-id}}</li>
 * </ul>
 *
 * @author Dmitriy Kopylenko
 * @since 4.1.0
 */
@RestController("ticketResourceRestController")
public class TicketsResource {

    private static final Logger LOGGER = LoggerFactory.getLogger(TicketsResource.class);

    @Autowired
    @Qualifier("centralAuthenticationService")
    private CentralAuthenticationService centralAuthenticationService;

    @NotNull
    @Autowired(required=false)
    @Qualifier("defaultAuthenticationSystemSupport")
    private AuthenticationSystemSupport authenticationSystemSupport = new DefaultAuthenticationSystemSupport();

    @Autowired(required = false)
    private final CredentialFactory credentialFactory = new DefaultCredentialFactory();

    @Autowired
    @Qualifier("webApplicationServiceFactory")
    private ServiceFactory webApplicationServiceFactory;

    @Autowired
    @Qualifier("defaultTicketRegistrySupport")
    private TicketRegistrySupport ticketRegistrySupport = new DefaultTicketRegistrySupport();

    private final ObjectMapper jacksonObjectMapper = new ObjectMapper();


    /**
     * Create new ticket granting ticket.
     *
     * @param requestBody username and password application/x-www-form-urlencoded values
     * @param request raw HttpServletRequest used to call this method
     * @return ResponseEntity representing RESTful response
     * @throws JsonProcessingException in case of JSON parsing failure
     */
    @RequestMapping(value = "/tickets", method = RequestMethod.POST, consumes = MediaType.APPLICATION_FORM_URLENCODED_VALUE)
    @ResponseBody 
    public final ResponseBean createTicketGrantingTicket(@RequestBody final MultiValueMap<String, String> requestBody,
                                                                   final HttpServletRequest request) throws JsonProcessingException {
    	  ResponseBean responseBean=new ResponseBean();
    	  try{
    		  
        	final String loginType = requestBody.getFirst("loginType");
            final Credential credential = this.credentialFactory.fromRequestBody(requestBody);
            final AuthenticationContextBuilder builder = new DefaultAuthenticationContextBuilder(
                    this.authenticationSystemSupport.getPrincipalElectionStrategy());
            final AuthenticationTransaction transaction =
                    AuthenticationTransaction.wrap(credential);
            this.authenticationSystemSupport.getAuthenticationTransactionManager().handle(transaction,  builder);
            final AuthenticationContext authenticationContext = builder.build();
            final TicketGrantingTicket tgtId = this.centralAuthenticationService.createMobileTicketGrantingTicket(authenticationContext,loginType);
            final URI ticketReference = new URI(request.getRequestURL().toString() + '/' + tgtId.getId());
            final Map<String, String> dataMap = new HashMap<>();
            dataMap.put("action", ticketReference.toString());
            responseBean.setData(dataMap);
            responseBean.setStatus(ConstantUtils.response_Status.SUCCESS);
            return responseBean;
        }
        catch(final AuthenticationException e) {
            responseBean.setMsg("无权限");
            responseBean.setStatus(ConstantUtils.response_Status.NO_AUTH);
            return responseBean;
        } catch (final BadRequestException e) {
            responseBean.setStatus(ConstantUtils.response_Status.FAIL);
            LOGGER.error(e.getMessage(), e);
            return responseBean;
        } catch (final Throwable e) {
        	 responseBean.setStatus(ConstantUtils.response_Status.FAIL);
             LOGGER.error(e.getMessage(), e);
             return responseBean;
        }
    }

    /**
     * Create new service ticket.
     *
     * @param requestBody service application/x-www-form-urlencoded value
     * @param tgtId ticket granting ticket id URI path param
     * @return {@link ResponseEntity} representing RESTful response
     */
    @RequestMapping(value = "/tickets/{tgtId:.+}", method = RequestMethod.POST, consumes = MediaType.APPLICATION_FORM_URLENCODED_VALUE)
    @ResponseBody 
    public final ResponseBean createServiceTicket(@RequestBody final MultiValueMap<String, String> requestBody,
                                                            @PathVariable("tgtId") final String tgtId) {
    	 ResponseBean responseBean=new ResponseBean();
        try {
            final String serviceId = requestBody.getFirst(CasProtocolConstants.PARAMETER_SERVICE);
            final AuthenticationContextBuilder builder = new DefaultAuthenticationContextBuilder(
                    this.authenticationSystemSupport.getPrincipalElectionStrategy());

            final Service service = this.webApplicationServiceFactory.createService(serviceId);
            final AuthenticationContext authenticationContext =
                    builder.collect(this.ticketRegistrySupport.getAuthenticationFrom(tgtId)).build(service);

            final ServiceTicket serviceTicketId = this.centralAuthenticationService.grantServiceTicket(tgtId,
                    service, authenticationContext);
            responseBean.setStatus(ConstantUtils.response_Status.SUCCESS);
            final Map<String, String> dataMap = new HashMap<>();
            dataMap.put("serviceTicketId", serviceTicketId.getId());
            responseBean.setData(dataMap);
            return responseBean;

        } catch (final InvalidTicketException e) {
        	 responseBean.setStatus(ConstantUtils.response_Status.NO_AUTH);
        	 responseBean.setMsg("TGT不存在");
        	 return responseBean;
        } catch (final Exception e) {
        	LOGGER.error(e.getMessage(), e);
        	 responseBean.setStatus(ConstantUtils.response_Status.FAIL);
        	 return responseBean;
        }
    }

    /**
     * Destroy ticket granting ticket.
     *
     * @param tgtId ticket granting ticket id URI path param
     * @return {@link ResponseEntity} representing RESTful response. Signals
     * {@link HttpStatus#OK} when successful.
     */
    @RequestMapping(value = "/tickets/{tgtId:.+}", method = RequestMethod.DELETE)
    @ResponseBody
    public final ResponseBean deleteTicketGrantingTicket(@PathVariable("tgtId") final String tgtId) {
        this.centralAuthenticationService.destroyTicketGrantingTicket(tgtId);
        ResponseBean responseBean=new ResponseBean();
        responseBean.setStatus(ConstantUtils.response_Status.SUCCESS);
        responseBean.setMsg("删除成功");
        return responseBean;
    }

    public void setAuthenticationSystemSupport(final AuthenticationSystemSupport authenticationSystemSupport) {
        this.authenticationSystemSupport = authenticationSystemSupport;
    }

    public void setWebApplicationServiceFactory(final ServiceFactory webApplicationServiceFactory) {
        this.webApplicationServiceFactory = webApplicationServiceFactory;
    }

    public void setTicketRegistrySupport(final TicketRegistrySupport ticketRegistrySupport) {
        this.ticketRegistrySupport = ticketRegistrySupport;
    }

    public void setCentralAuthenticationService(final CentralAuthenticationService centralAuthenticationService) {
        this.centralAuthenticationService = centralAuthenticationService;
    }

    public CentralAuthenticationService getCentralAuthenticationService() {
        return centralAuthenticationService;
    }

    public AuthenticationSystemSupport getAuthenticationSystemSupport() {
        return authenticationSystemSupport;
    }

    public CredentialFactory getCredentialFactory() {
        return credentialFactory;
    }

    public ServiceFactory getWebApplicationServiceFactory() {
        return webApplicationServiceFactory;
    }

    public TicketRegistrySupport getTicketRegistrySupport() {
        return ticketRegistrySupport;
    }

    /**
     * Default implementation of CredentialFactory.
     */
    private static class DefaultCredentialFactory implements CredentialFactory {
    	
        @Override
        public Credential fromRequestBody(@NotNull final MultiValueMap<String, String> requestBody) {
            final String username = requestBody.getFirst("username");
            final String password = requestBody.getFirst("password");
            final String loginType = requestBody.getFirst("loginType");
            if(username == null || password == null||loginType==null) {
                throw new BadRequestException("Invalid payload. 'username' and 'password' form fields are required.");
            }
            if(!StringUtils.equals(loginType, ConstantUtils.loginType.MOBILE)){
            	  throw new BadRequestException("Invalid payload. 'loginType' is wrong.");
            }
            return new UsernamePasswordStrongCredential(username, password,loginType);
        }
    }

    /**
     * Exception to indicate bad payload.
     */
    private static class BadRequestException extends IllegalArgumentException {
        private static final long serialVersionUID = 6852720596988243487L;

        /**
         * Ctor.
         * @param msg error message
         */
        BadRequestException(final String msg) {
            super(msg);
        }
    }
}

  2.返回responsebean

package com.hivecas.model;

import java.util.Map;

public class ResponseBean {
	//返回状态 1 成功 2 失败
	public String status;
	//返回数据 
	public Map data; 
	//返回信息
	public String msg;
	
	public String getStatus() {
		return status;
	}
	public void setStatus(String status) {
		this.status = status;
	}
	public Map getData() {
		return data;
	}
	public void setData(Map data) {
		this.data = data;
	}
	public String getMsg() {
		return msg;
	}
	public void setMsg(String msg) {
		this.msg = msg;
	}
}

  3.在源码CentralAuthenticationServiceImpl添加createMobileTicketGrantingTicket方法,将移动登录的类型loginType 设置到TGT中

 
    @Audit(
        action="TICKET_GRANTING_TICKET",
        actionResolverName="CREATE_TICKET_GRANTING_TICKET_RESOLVER",
        resourceResolverName="CREATE_TICKET_GRANTING_TICKET_RESOURCE_RESOLVER")
    @Timed(name = "CREATE_TICKET_GRANTING_TICKET_TIMER")
    @Metered(name = "CREATE_TICKET_GRANTING_TICKET_METER")
    @Counted(name="CREATE_TICKET_GRANTING_TICKET_COUNTER", monotonic=true)
    public TicketGrantingTicket createMobileTicketGrantingTicket(final AuthenticationContext context,final String loginType)
            throws AuthenticationException, AbstractTicketException {
        final Authentication authentication = context.getAuthentication();
        final TicketGrantingTicketFactory factory = this.ticketFactory.get(TicketGrantingTicket.class);
        
        final TicketGrantingTicket ticketGrantingTicket = factory.create(authentication,loginType);

        this.ticketRegistry.addTicket(ticketGrantingTicket);

        doPublishEvent(new CasTicketGrantingTicketCreatedEvent(this, ticketGrantingTicket));

        return ticketGrantingTicket;
    }

  4.源码TicketGrantingTicket添加获取getLoginType方法

public interface TicketGrantingTicket extends Ticket {

    /** The prefix to use when generating an id for a Ticket Granting Ticket. */
    String PREFIX = "TGT";
    
     String getLoginType();

  5.这就可以在客户端请求ST票据验证时,不进行service的url比较验证,直接通过。位置在源码CentralAuthenticationServiceImpl类中

 

 @Audit(
        action="SERVICE_TICKET_VALIDATE",
        actionResolverName="VALIDATE_SERVICE_TICKET_RESOLVER",
        resourceResolverName="VALIDATE_SERVICE_TICKET_RESOURCE_RESOLVER")
    @Timed(name="VALIDATE_SERVICE_TICKET_TIMER")
    @Metered(name="VALIDATE_SERVICE_TICKET_METER")
    @Counted(name="VALIDATE_SERVICE_TICKET_COUNTER", monotonic=true)
    @Override
    public Assertion validateServiceTicket(final String serviceTicketId, final Service service) throws AbstractTicketException {
        final RegisteredService registeredService = this.servicesManager.findServiceBy(service);
        verifyRegisteredServiceProperties(registeredService, service);

        final ServiceTicket serviceTicket =  this.ticketRegistry.getTicket(serviceTicketId, ServiceTicket.class);
        if (serviceTicket == null) {
            logger.info("Service ticket [{}] does not exist.", serviceTicketId);
            throw new InvalidTicketException(serviceTicketId);
        }
        final TicketGrantingTicket root ;
        try {
            synchronized (serviceTicket) {
                if (serviceTicket.isExpired()) {
                    logger.info("ServiceTicket [{}] has expired.", serviceTicketId);
                    throw new InvalidTicketException(serviceTicketId);
                }
                
                 root = serviceTicket.getGrantingTicket().getRoot();
                if(root!=null){
                	String loginType=root.getLoginType();
                	if(StringUtils.isNotBlank(loginType)||StringUtils.equalsIgnoreCase(loginType, ConstantUtils.loginType.PC)){
                		 if (!serviceTicket.isValidFor(service)) {
                             logger.error("Service ticket [{}] with service [{}] does not match supplied service [{}]",
                                     serviceTicketId, serviceTicket.getService().getId(), service);
                             throw new UnrecognizableServiceForServiceTicketValidationException(serviceTicket.getService());
                         }
                	}
                }
            }

           // final TicketGrantingTicket root = serviceTicket.getGrantingTicket().getRoot();
            final Authentication authentication = getAuthenticationSatisfiedByPolicy(
                    root, new ServiceContext(serviceTicket.getService(), registeredService));
            final Principal principal = authentication.getPrincipal();

            final RegisteredServiceAttributeReleasePolicy attributePolicy = registeredService.getAttributeReleasePolicy();
            logger.debug("Attribute policy [{}] is associated with service [{}]", attributePolicy, registeredService);
            
            @SuppressWarnings("unchecked")
            final Map<String, Object> attributesToRelease = attributePolicy != null
                    ? attributePolicy.getAttributes(principal) : Collections.EMPTY_MAP;
            
            final String principalId = registeredService.getUsernameAttributeProvider().resolveUsername(principal, service);
            final Principal modifiedPrincipal = this.principalFactory.createPrincipal(principalId, attributesToRelease);
            final AuthenticationBuilder builder = DefaultAuthenticationBuilder.newInstance(authentication);
            builder.setPrincipal(modifiedPrincipal);

            final Assertion assertion = new ImmutableAssertion(
                    builder.build(),
                    serviceTicket.getGrantingTicket().getChainedAuthentications(),
                    serviceTicket.getService(),
                    serviceTicket.isFromNewLogin());

            doPublishEvent(new CasServiceTicketValidatedEvent(this, serviceTicket, assertion));

            return assertion;

        } finally {
            if (serviceTicket.isExpired()) {
                this.ticketRegistry.deleteTicket(serviceTicketId);
            }
        }
    }
    
    @Audit(
        action="TICKET_GRANTING_TICKET",
        actionResolverName="CREATE_TICKET_GRANTING_TICKET_RESOLVER",
        resourceResolverName="CREATE_TICKET_GRANTING_TICKET_RESOURCE_RESOLVER")
    @Timed(name = "CREATE_TICKET_GRANTING_TICKET_TIMER")
    @Metered(name = "CREATE_TICKET_GRANTING_TICKET_METER")
    @Counted(name="CREATE_TICKET_GRANTING_TICKET_COUNTER", monotonic=true)
    @Override
    public TicketGrantingTicket createTicketGrantingTicket(final AuthenticationContext context)
            throws AuthenticationException, AbstractTicketException {

        final Authentication authentication = context.getAuthentication();
        final TicketGrantingTicketFactory factory = this.ticketFactory.get(TicketGrantingTicket.class);
        final TicketGrantingTicket ticketGrantingTicket = factory.create(authentication);

        this.ticketRegistry.addTicket(ticketGrantingTicket);

        doPublishEvent(new CasTicketGrantingTicketCreatedEvent(this, ticketGrantingTicket));

        return ticketGrantingTicket;

    }





转载于:https://www.cnblogs.com/lvgg/p/7150352.html

weixin_30374009
关注
  • 0
    点赞
  • 1
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
cas后端返回html直接跳转,CAS验证成功后不能跳转到登陆成功的主页面解决办法...
weixin_29615645的博客
06-04 1645
CAS验证成功后不能跳转到登陆成功的主页面现在部署了CAS,有一个应用,下载输入应用的URL可以正确跳转CAS服务的登陆界面,登陆验证通过后页面却跳转到了应用的登陆界面,不能直接进入登陆成功的主页面!应用的web.xml如下CASFilterorg.jasig.cas.client.authentication.AuthenticationFiltercasServerLoginUrlhttps...
Django集成CAS单点登录的方法示例
12-31
CAS 全称集中式认证服务(Central Authentication Service),是实现单点登录(SSO)的一中手段。 CAS 的通讯流程图如下(图片来自Google图库): 对于本文用户可感知的层面,认证过程如下: 前端访问后端登录接口 后端返回重定向到 CAS 服务器的登录页面,并携带当前用户访问的网页链接 用户登录,浏览器发送请求到 CAS 服务器进行认证 CAS 认证通过,将本次登录保存到会话,返回回调地址给后端 后端返回重定向请求给前端 前端重定向到跳转登录前的页面 中间涉及到的 TGT 处理逻辑已经由开源 CAS Client(python-c
cas单点登录服务器资源下载
04-01
CAS服务器是基于Spring框架构建的Java servlet,其主要职责是验证用户并通过发布和验证票证来授予对启用CAS的服务(通常称为CAS客户端)的访问权限。 当服务器在成功登录时向用户发出票证授予票证(TGT)时,将创建SSO会话。 根据用户的请求,通过使用TGT作为标记的浏览器重定向向服务发出服务票据(ST)。 ST随后通过反向信道通信在CAS服务器上进行验证。 CAS Protocol文档中详细描述了这些交互。
cas 反向代理 出现的问题
凌晨四点的书签
08-06 717
票根' xxxxx'不符合目标服务 异常 ERROR: ServiceTicket [ST-19-UC2fEHg4VqyWEgbmq2U3 ] with service [http://www.urlabc.cn/wms/j_spring_cas_security_check does not match supplied service [http://192.168.2.178/wms/...
cas登录 状态码302不跳转问题
weixin_43767695的博客
03-28 1654
1.前端ajax请求需要cas验证的接口,cas判断未登录,返回302,并在location中返回登录页面地址。5.拦截到这一步之后,js里面直接通过location.href的方式再请求一个需要cas验证的接口。6.这个时候服务器又会返回302跳转登录页面,由于这一次是直接通过改变浏览器url的方式,4.这个时候,因为js会通过ajax的方式把页面html全拉起来,前端就有了一次处理机会,3.前端js会通过ajax的get请求把location中的页面string全拉下来。
CAS票据之STTGT过期策略详细说明
Java精选
11-16 2万+
CAS的核心就是Ticket中文称之为票据,以及在Ticket之上的一系列逻辑处理操作。CAS的主要包含票据有TGTST、PGT、PGTIOU、PT,其中TGTSTCAS1.0协议中就有的票据,PGT、PGTIOU、PT是CAS2.0协议中新增的的票据,目前CAS最新版本已经到了CAS4.0。cas分为服务端和客户端两部分组成,下简单说一说CAS认证过程: 1)用户访问cas-client
cas单点登录
翻滚啊牛宝宝
11-22 245
开门见山,如下图为cas登录的序列图   cas实现单点登录的主要票据有两个,一个是TGT,一个是ST。 因为是做单点登录的,所以客户端应该是有多个的,当其中一个登录之后,在同一浏览器中在登陆其他客户端用户是感知不到再次登录的,原因是第一次登录成功后cookie记录一个TGT,这个cookie在浏览器中是共享的,客户端可以携带TGT的cookie请求服务端,然后服务端校验TGT以及请求的...
axios 处理 302 状态码的解决方法
xmy_wh的博客
05-19 2万+
问题描述:浏览器打开了一个单页面(SPA)应用,过了一段时间token(或者session)过期了,这个时候页面上发起 Ajax请求之后,后端返回302状态码前端控制跳转到login页面。 我这是使用的是 Vue + axios ,发现 axios 无法拦截到 302请求,下面是处理的过程。(因为是单页面的原因,路由切换的时候并不能刷新页面,然而session失效后,切换路由并不能重定向,必须要刷...
Java进阶SSO单点登录技术CAS-快速上手与原理探究视频教程
06-09
本课程主要通过CAS来实现SSO,本教程会从最基本的基础知识讲起,由浅入深再到实战,完成多应用的单点登录功能。 本课程内容如下: 1、 什么是SSO和CAS 2、 CAS Server服务端和客户端的搭建和配置 3、 单点登录和单...
QQ图片20211026135337.png
10-26
流程: 用户访问网站,第一次来,重定向到 CAS Server,发现没有cookie,所以再重定向到CAS Server端的登录页面,并且URL带有网站地址,便于认证成功后跳转例如:... 然后再第三次重定向并返回ST和cookie(TGC)到...
springOauth-sso-CAS:SSO单点登录只是一个方案,而当前市面最流行的单端登录系统是由耶鲁大学开发的CAS系统,而由其实现的CAS协议,也成为目前的SSO协议中的既定协议,而其中的中单点登录协议及结构,重置CAS中的体现结构CAS协议中有以下几个概念:1.CAS客户:需要集成单点登录的应用,称为单点登录客户端2.CAS服务器:单点登录服务器,用户登录鉴权,凭证下发及副本等操作3.TGT:ticker授予票证,用户凭证票据,可以标记用户凭证,用户在单点登录系统中登录一次后,再其有效生效,TG
03-15
春天-Oauth-sso 1.SSO介绍 什么是SSO SSO英文全称单点登录单点登录。...单点登录协议及结构,允许CAS中的体现结构CAS协议中有以下几个概念:1.CAS客户端:需要集成单点登录的应用,称为单点登录客户
单点登录的三种方式
热门推荐
m0_51505198的博客
11-10 4万+
单点登录的三种常见方式 1.session广播机制实现 2.使用cookie+redis实现 2.1在项目中任何一个模块登录,登录之后,把数据放到这两个地方 2.2访问项目中其他模块,发送请求带着cookie进行发送,获取cookie值,拿着cookie做事情 3使用token实现(推荐使用) 3.1token是什么 3.2实现方式
参考CAS流程并利用JWT的key共享实现单点登陆
沉默的夏虫
05-09 3502
背景 在企业发展初期,企业使用的系统很少,通常一个或者两个,每个系统都有自己的登录模块,运营人员每天用自己的账号登录,很方便。 但随着企业的发展,用到的系统随之增多,运营人员在操作不同的系统时,需要多次登录,而且每个系统的账号都不一样,这对于运营人员 来说,很不方便。于是,就想到是不是可以在一个系统登录,其他系统就不用登录了呢?这就是单点登录要解决的问题。 单点登录英文全称Single Sig...
cas 登录之后不跳转_单点登录原理解析
weixin_39834084的博客
11-28 1995
题外话:欢迎将公众号设置为星标,技术文章第一时间看到。我们将一如既往精选技术好文,提供有价值的阅读。如有读者想要投稿,可以在公众号任意文章下留言,技术博主奖励丰厚。推荐阅读1.SpringBoot 整合篇2.手写一套迷你版HTTP服务器3.记住:永远不要在MySQL中使用UTF-84.Springboot启动原理解析SSO英文全称Single Sign On,单点登录。SSO是在...
cas 登录之后不跳转_连环画解析“单点登录”原理,保证你能看懂
weixin_39884100的博客
11-28 228
单点登录( Single Sign On ,简称 SSO),是目前比较流行的企业业务整合的解决方案之一,用于多个应用系统间,用户只需要登录一次就可以访问所有相互信任的应用系统。图片来自 Pexels前置介绍:同源策略,限制了从同一个源加载的文档或脚本如何与来自另一个源的资源进行交互,要求协议,端口和主机都相同。HTTP 用于分布式、协作式和超媒体信息系统的应用层协议。HTTP 是无状态协议,所以服...
java中httpclent以post方式提交请求时,http返回码是302重定向时,不自动跳转的处理...
weixin_30522183的博客
02-07 1448
场景: 接口A:请求地址为http://www.test.com/test 接口A的功能,会把接收到的参数url写入到header的Location属性中 在java中,使用httpclient发送请求, 在以get方式发送请求时,http的返回码是200,自动处理了重定向 在以post方式发送请求时,http的返回码是302,不自动重定向,而且处于占用连接等待状态 此...
ajax 302 错误无法跳转
彻底拆分,一切可控!
09-27 6954
1.问题当cas登录失败之后如果继续执行ajax请求会报 302 重定向错误,但是因为是ajax请求,所以浏览器不会自动跳转,需要做处理。 1.自己重写ajax方法:不推荐 var Ajax = function() { var that = this; // 创建异步请求对象方法 that.createXHR = function() { if (wind...
cas restful接口文档
最新发布
09-24
CAS(Central Authentication Service)是一种单点登录(SSO)协议,用于管理用户身份认证和会话管理。CAS提供了一套RESTful风格的接口,可以用于与CAS服务器进行交互。以下是CAS RESTful接口的文档: 1. 获取TGT...

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值