CAS配置(一)-集成RESTFul
CAS单点登录服务器很多时候都是被B/S的应用使用,那么对已有些系统是CS的那么怎么去调用呢,这个时候就需要使用webservice来给CS的系统调用了,我们先来说说先决条件吧:
1)集成需要的jar包,这个是必不可少的
com.noelios.restlet.ext.servlet-1.1.1.jar
com.noelios.restlet.ext.spring-1.1.1.jar
com.noelios.restlet-1.1.1.jar
org.restlet.ext.spring-1.1.1.jar
org.restlet-1.1.1.jar
cglib-2.2.jar
cas-server-integration-restlet-3.4.7.jar
2)配置,在web.xml中增加一个servlet配置
<servlet>
<servlet-name>restlet</servlet-name>
<servlet-class>com.noelios.restlet.ext.spring.RestletFrameworkServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>restlet</servlet-name>
<url-pattern>/v1/*</url-pattern>
</servlet-mapping>
那么我们的CS客户端怎么去处理呢,以及怎么去拿到用户数据呢?需要有三次交互才能取得用户数据
1)CS客户端提供用户名和密码,请求http://localhost:8080/TFP-S/v1/tickets,如果用户合法则得到TGT数据。
2)根据TGT和service取得ST票据,请求的路径是:http://localhost:8080/TFP-S/v1/tickets/TGT_编号
3)验证ST票据,得到用户信息的XML格式信息。
样例代码如下:
public class Client {
public static String getTicket(final String server, final String username, final String password,
final String service) {
notNull(server, "server must not be null");
notNull(username, "username must not be null");
notNull(password, "password must not be null");
notNull(service, "service must not be null");
return getServiceTicket(server, getTicketGrantingTicket(server, username, password), service);
}
/**
* 取得ST
* @param server
* @param ticketGrantingTicket
* @param service
*/
private static String getServiceTicket(final String server, final String ticketGrantingTicket, final String service) {
if (ticketGrantingTicket == null)
return null;
final HttpClient client = new HttpClient();
final PostMethod post = new PostMethod(server + "/" + ticketGrantingTicket);
post.setRequestBody(new NameValuePair[] { new NameValuePair("service", service) });
try {
client.executeMethod(post);
final String response = post.getResponseBodyAsString();
switch (post.getStatusCode()) {
case 200:
return response;
default:
warning("Invalid response code (" + post.getStatusCode() + ") from CAS server!");
info("Response (1k): " + response.substring(0, Math.min(1024, response.length())));
break;
}
}
catch (final IOException e) {
warning(e.getMessage());
}
finally {
post.releaseConnection();
}
return null;
}
/**
* @param server
* @param username
* @param password
*/
private static String getTicketGrantingTicket(final String server, final String username, final String password) {
final HttpClient client = new HttpClient();
final PostMethod post = new PostMethod(server);
post.setRequestBody(new NameValuePair[] { new NameValuePair("username", username),
new NameValuePair("password", password) });
try {
client.executeMethod(post);
final String response = post.getResponseBodyAsString();
info("TGT="+response);
switch (post.getStatusCode()) {
case 201: {
final Matcher matcher = Pattern.compile(".*action=\".*/(.*?)\".*").matcher(response);
if (matcher.matches())
return matcher.group(1);
warning("Successful ticket granting request, but no ticket found!");
info("Response (1k): " + response.substring(0, Math.min(1024, response.length())));
break;
}
default:
warning("Invalid response code (" + post.getStatusCode() + ") from CAS server!");
info("Response (1k): " + response.substring(0, Math.min(1024, response.length())));
break;
}
}
catch (final IOException e) {
warning(e.getMessage());
}
finally {
post.releaseConnection();
}
return null;
}
private static void ticketValidate(String serverValidate, String serviceTicket, String service) {
notNull(serviceTicket, "paramter 'serviceTicket' is not null");
notNull(service, "paramter 'service' is not null");
final HttpClient client = new HttpClient();
GetMethod post = null;
try {
post = new GetMethod(serverValidate+"?"+"ticket="+serviceTicket+"&service="+URLEncoder.encode(service, "UTF-8"));
client.executeMethod(post);
final String response = post.getResponseBodyAsString();
info(response);
switch (post.getStatusCode()) {
case 200: {
info("成功取得用户数据");
}
default: {
}
}
} catch (Exception e) {
warning(e.getMessage());
} finally {
//释放资源
post.releaseConnection();
}
}
private static void notNull(final Object object, final String message) {
if (object == null)
throw new IllegalArgumentException(message);
}
public static void main(final String[] args) throws Exception {
final String server = "http://localhost:8080/TFP-S/v1/tickets";
final String username = "username";
final String password = "username";
final String service = "http://localhost:8080/service";
final String proxyValidate = "http://localhost:8080/TFP-S/proxyValidate";
ticketValidate(proxyValidate, getTicket(server, username, password, service), service);
}
private static void warning(String msg) {
System.out.println(msg);
}
private static void info(String msg) {
System.out.println(msg);
}
}
如果对返回来的用户信息是什么格式不清楚,那么下面是一个xml格式。
<cas:serviceResponse > <cas:authenticationSuccess> <cas:user>xuf</cas:user> <cas:attributes> <cas:securityLevel>2</cas:securityLevel> <cas:userType>个人用户</cas:userType> <cas:age>32</cas:age> </cas:attributes> </cas:authenticationSuccess> </cas:serviceResponse>这个格式怎么修改?在透露一点吧,就是在CAS服务器那边是不是有casServiceValidationFailure.jsp文件,对了,就是它决定返回的xml格式的。如果使用Filter,其实也是传递回来这个xml,只是验证票据的过滤器,将这个xml转换成Assertion对象了。明白了吧。