login-webflow.xml初步分析

开源的CAS已经很多牛人分析过了,最近在看源码,也总结一下


在login-webflow.xml中,初次访问应用的flow轨迹是:

  1 <on-start>

        <evaluate expression="initialFlowSetupAction" />

    </on-start>


  2 <decision-state id="ticketGrantingTicketExistsCheck">

        <if test="flowScope.ticketGrantingTicketId != null" then="hasServiceCheck" else="gatewayRequestCheck" />

    </decision-state>


  3 <decision-state id="gatewayRequestCheck">

        <if test="requestParameters.gateway != '' and requestParameters.gateway != null and flowScope.service != null" then="gatewayServicesManagementCheck" else="generateLoginTicket" />

    </decision-state>

  4 <action-state id="generateLoginTicket">

        <evaluate expression="generateLoginTicketAction.generate(flowRequestContext)" />

        <transition on="generated" to="viewLoginForm" />

    </action-state>


所以代码会执行到generateLoginTicketAction中

GenerateLoginTicketAction.java

    public final String generate(final RequestContext context) {

       //通过DefaultUniqueTicketIdGenerator生成loginTicket,可以通过实现接口UniqueTicketIdGenerator.java,来自己定义生成loginTicket的格式

        final String loginTicket = this.ticketIdGenerator.getNewTicketId(PREFIX);

        this.logger.debug("Generated login ticket " + loginTicket);

        //把ticket放入FlowScope

        WebUtils.putLoginTicket(context, loginTicket);

        return "generated";

    }

返回后,跳转到“viewLoginForm”

<view-state id="viewLoginForm" view="casLoginView" model="credentials">

        <binder>

            <binding property="username" />

            <binding property="password" />

        </binder>

        <on-entry>

            <set name="viewScope.commandName" value="'credentials'" />

        </on-entry>

        <transition on="submit" bind="true" validate="true" to="realSubmit">

            <evaluate expression="authenticationViaFormAction.doBind(flowRequestContext, flowScope.credentials)" />

        </transition>

</view-state>

default_view.properties已经定义好了:casLoginView.url=/WEB-INF/view/jsp/default/ui/casLoginView.jsp

浏览器会跳转到casLoginView.jsp让用户登陆,用户在casLoginView.jsp执行submit动作时,evaluate 元素中 expression 属性所指明的表达式会被执行,即标红的部分。表达式内容执行完成后,转向id为realSubmit的state

<action-state id="realSubmit">

    <evaluate expression="authenticationViaFormAction.submit(flowRequestContext, flowScope.credentials, messageContext)" />

    <transition on="warn" to="warn" />

    <transition on="success" to="sendTicketGrantingTicket" />

    <transition on="error" to="generateLoginTicket" />

    <transition on="accountDisabled" to="casAccountDisabledView" />

    <transition on="mustChangePassword" to="casMustChangePassView" />

    <transition on="accountLocked" to="casAccountLockedView" />

    <transition on="badHours" to="casBadHoursView" />

    <transition on="badWorkstation" to="casBadWorkstationView" />

    <transition on="passwordExpired" to="casExpiredPassView" />

</action-state>

在realSubmit中,根据表达式“authenticationViaFormAction.submit(flowRequestContext, flowScope.credentials, messageContext)”的不同返回值跳转到不同的界面



本文出自 “ping blog” 博客,转载请与作者联系!

你可能感兴趣的:(SSO,cas,login)