java模拟登录CAS统一认证中心
cas版本:5.3.X
总的思路是:
1.先获取cas登录表单name为execution的参数值.
2.用account,password,execution发起httpPost请求,获取名为tgc的cookie写入response.
3.用account,password 发起httpPost请求,获取tgt.
4.用第3步获取的tgt获取serviceTicket.
5.response 302到 cas验证serviceTicket的地址,验证通过后自动返回项目主页.
废话不多说直接上代码.
所用到的url:
private static final String GET_EXECUTION = "https://www.cas-server.com:8443/cas/login?service=http%3A%2F%2Fwww.client.com%2Flogin%2Fcas&renew=true";
private static final String TAGET_URL = "http://www.client.com/login/cas";
private static final String GET_TOKEN_URL = "https://www.cas-server.com:8443/cas/v1/tickets";
private static final String GET_TOKEN_URL_TGC = "https://www.cas-server.com:8443/cas/login";
其中 www.cas-server.com:8443 是发布在tomcat里面使用8443端口的cas服务,www.client.com 是请求发起的客户端。
总的调用方法
public void loginByAccount(final HttpServletRequest request,HttpServletResponse response) {
try {
String account = "casAdmin";
String password = "casAdmin";
String execution = getExecution(GET_EXECUTION);
putTGC(account, password, execution, response);
String tgt = getTGT(account, password);
if (StringUtils.isNotBlank(tgt)) {
String ticket = getST(tgt,TAGET_URL);
if(StringUtils.isNot