cas 注册后自动登录

最新推荐文章于 2023-11-21 10:36:40 发布

zqbokk

最新推荐文章于 2023-11-21 10:36:40 发布

阅读量204

点赞数

分类专栏： cas 文章标签： cas注册后自动登录

cas 专栏收录该内容

2 篇文章 0 订阅

订阅专栏

我用的 cas server 4.0.1 cas client 3.3.3
算是版本比较新的了网上的demo是cas 3.x的比较老
参考博客：http://binghejinjun.iteye.com/blog/1701688

下面说说具体实现步骤：
[b]在cas server端 [/b]

建立

package io.github.howiefh.cas.web.flow;

import java.io.IOException;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.jasig.cas.CentralAuthenticationService;
//import org.jasig.cas.authentication.principal.UsernamePasswordCredentials;
import org.jasig.cas.authentication.UsernamePasswordCredential;
import org.jasig.cas.ticket.TicketException;
import org.jasig.cas.web.support.CookieRetrievingCookieGenerator;
import org.springframework.web.bind.ServletRequestUtils;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.mvc.AbstractController;

import sun.misc.BASE64Decoder;

/**
 * 
 * 
 * 功能：注册后自动登录处理类
 * 
 * @ClassName: RegisterAfterLoginController 
 * @version V1.0  
 * @date 2016年7月5日 
 * @author [url=mailto:6637152@qq.com]zqb[/url]
 */
public class RegisterAfterLoginController extends AbstractController
{

    private CentralAuthenticationService centralAuthenticationService;
    private CookieRetrievingCookieGenerator  ticketGrantingTicketCookieGenerator;

    /**
     * 
     * 
     * 功能：获取用户名密码,验证有效性,生成相关票据并绑定注册,添加cookie
     * 
     * @author [url=mailto:engineer03@financegt.com]zqb[/url]
     * @date 2016年7月5日 
     * @param request
     * @param response
     * @return
     * @throws Exception 
     * @see org.springframework.web.servlet.mvc.AbstractController#handleRequestInternal(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
     */
    protected ModelAndView handleRequestInternal(HttpServletRequest request,
            HttpServletResponse response) throws Exception
    {
        ModelAndView signinView=new ModelAndView();
        String username=request.getParameter("username");
        String password=request.getParameter("password");

        try {
        	username = new String(new BASE64Decoder().decodeBuffer(username));	//解密后
		} catch (IOException e) {
			e.printStackTrace();
		}
        try {
        	password = new String(new BASE64Decoder().decodeBuffer(password));
		} catch (IOException e) {
			e.printStackTrace();
		}

        System.out.println("解密后的账号:"+username);
        System.out.println("解密后的密码:"+password);
//        username = EncryptUrlPara.decrypt("username",username);
//        password = EncryptUrlPara.decrypt("password",password);

        bindTicketGrantingTicket(username, password, request, response);
        String viewName=getSignInView(request);
        signinView.setViewName(viewName);
        return signinView;
    }


    /**
     * Invoke generate validate Tickets and add the TGT to cookie.
     * @param loginName     the user login name.
     * @param loginPassword the user login password.
     * @param request       the HttpServletRequest object.
     * @param response      the HttpServletResponse object.
     */
    /**
     * 
     * 
     * 功能：具体生成相关票据并绑定注册,添加cookie实现方法
     * 
     * @author [url=mailto:engineer03@financegt.com]zqb[/url]
     * @date 2016年7月5日 
     * @param loginName
     * @param loginPassword
     * @param request
     * @param response
     */
    protected void bindTicketGrantingTicket(String loginName, String loginPassword, HttpServletRequest request, HttpServletResponse response){
        try {
            //UsernamePasswordCredentials credentials = new UsernamePasswordCredentials();	//4.0之前
        	UsernamePasswordCredential credentials = new UsernamePasswordCredential();
            credentials.setUsername(loginName);
            credentials.setPassword(loginPassword);
            String ticketGrantingTicket = centralAuthenticationService.createTicketGrantingTicket(credentials);
            ticketGrantingTicketCookieGenerator.addCookie(request, response, ticketGrantingTicket);
        } catch (TicketException te) {
            logger.error("Validate the login name " + loginName + " failure, can't bind the TGT!", te);
        } catch (Exception e){
            logger.error("bindTicketGrantingTicket has exception.", e);
        }
    }

    /**
     * Get the signIn view URL.获取service参数并跳转页面
     * @param request the HttpServletRequest object.
     * @return redirect URL
     */
    protected String getSignInView(HttpServletRequest request) {
        String service = ServletRequestUtils.getStringParameter(request, "service", "");
        return ("redirect:login" + (service.length() > 0 ? "?service=" + service : ""));
    }


    public CentralAuthenticationService getCentralAuthenticationService()
    {
        return centralAuthenticationService;
    }


    public void setCentralAuthenticationService(
            CentralAuthenticationService centralAuthenticationService)
    {
        this.centralAuthenticationService = centralAuthenticationService;
    }


    public CookieRetrievingCookieGenerator getTicketGrantingTicketCookieGenerator()
    {
        return ticketGrantingTicketCookieGenerator;
    }


    public void setTicketGrantingTicketCookieGenerator(
            CookieRetrievingCookieGenerator ticketGrantingTicketCookieGenerator)
    {
        this.ticketGrantingTicketCookieGenerator = ticketGrantingTicketCookieGenerator;
    }





}

cas-servlet.xml

      <bean id="registerLoginController" class="io.github.howiefh.cas.web.flow.RegisterAfterLoginController" 
  p:centralAuthenticationService-ref="centralAuthenticationService"
  p:ticketGrantingTicketCookieGenerator-ref="ticketGrantingTicketCookieGenerator"/>

web.xml

  <servlet-mapping>
          <servlet-name>cas</servlet-name>
          <url-pattern>/registerLogin</url-pattern>
       </servlet-mapping>

-------------------------------------------------------------
[b]cas 客户端项目的配置实现[/b]：

在注册成功提示页面直接访问
window.location.href="https://casserver.com:8443/cas-server/registerLogin?username=${param.usernamestr}&password=${param.passwordstr}&service=http://localhost:9080/casclient/";(这里貌似后面必须加个/不然会提示地址不一致)
记得在 casServerUrlPrefix配置下面加个

 <!-- 去掉ticket重复验证 -->
   <init-param>  
          <param-name>redirectAfterValidation</param-name>  
          <param-value>true</param-value>  
       </init-param>  
  <init-param>

不然会无限次的进cas server 的验证
具体可以百度下这个配置的作用

客户端这个传输账号密码做了加密

String username = account.getEmail();

				String username_ret = null;
				username_ret = new BASE64Encoder().encode(username.getBytes()); // 加密后

				String password_ret = null;
				password_ret = new BASE64Encoder().encode(password_tocas.getBytes()); // 加密后

				attr.addAttribute("usernamestr", username_ret);
				attr.addAttribute("passwordstr", password_ret);

用了 sun.misc.BASE64Encoder

这样就搞定了！

zqbokk

关注

0
点赞
踩
0

收藏

觉得还不错? 一键收藏
0
评论
cas 注册后自动登录

我用的 cas server 4.0.1 cas client 3.3.3算是版本比较新的了网上的demo是cas 3.x的比较老参考博客：http://binghejinjun.iteye.com/blog/1701688下面说说具体实现步骤：[b]在cas server端 [/b]建立[code="java"]package io.github.howie...
复制链接

扫一扫