CASSSO AuthenticationFilter說明

開源的CAS已經很多牛人分析過了，最近在看源碼，也總結一下

AuthenticationFilter.java主要代碼

    /**

     * 這裏用到了責任鏈模式，filterChain裏面包含了web.xml裏面配置的所有Filter，每次執行filterChain的doFilter()時，會執行下一個Filter的doFilter方法

     * 可以查看ApplicationFilterChain的源碼http://javapolo.iteye.com/blog/1287747

     */

    public final void doFilter(final ServletRequest servletRequest, final ServletResponse servletResponse, final FilterChain filterChain) throws IOException, ServletException {

        final HttpServletRequest request = (HttpServletRequest) servletRequest;

        final HttpServletResponse response = (HttpServletResponse) servletResponse;

        final HttpSession session = request.getSession(false);

        

        //assertion的值會一直爲空，因爲一直都執行不到this.gatewayStorage.storeGatewayInformation(request, serviceUrl)

        //只有在web.xml裏面配置了gateway屬性爲ture，纔會執行到

        //什麼時候纔要配置gateway爲true?

        final Assertion assertion = session != null ? (Assertion) session.getAttribute(CONST_CAS_ASSERTION) : null;

        

        if (assertion != null) {

            filterChain.doFilter(request, response);

            return;

        }

        //從request中構造服務URL

        final String serviceUrl = constructServiceUrl(request, response);

        /**

         * getArtifactParameterName()的值是在AbstractCasFilter初始化時執行setArtifactParameterName()時賦的值，我們在web.xml中沒有配置，所以默認是“ticket”

         * safeGetParameter(request,getArtifactParameterName())會從request的請求鏈接中返回參數“ticket”的值

         */

        final String ticket = CommonUtils.safeGetParameter(request,getArtifactParameterName());

        

        //判斷request的session裏面是否有CONST_CAS_GATEWAY屬性，如果有，則從session裏面清除這個屬性，並return true;

        //這段代碼的作用？

        final boolean wasGatewayed = this.gatewayStorage.hasGatewayedAlready(request, serviceUrl);

        if (CommonUtils.isNotBlank(ticket) || wasGatewayed) {

            filterChain.doFilter(request, response);

            return;

        }

        final String modifiedServiceUrl;

        log.debug("no ticket and no assertion found");

        //這個值在web.xml中沒有配置，所以爲false

        if (this.gateway) {

            log.debug("setting gateway attribute in session");

            modifiedServiceUrl = this.gatewayStorage.storeGatewayInformation(request, serviceUrl);

        } else {

            modifiedServiceUrl = serviceUrl;

        }

        if (log.isDebugEnabled()) {

            log.debug("Constructed service url: " + modifiedServiceUrl);

        }

        //根據參數構造重定向URL，URL爲登陸界面，並把當前訪問的路徑作爲參數拼加到URL之後

        final String urlToRedirectTo = CommonUtils.constructRedirectUrl(this.casServerLoginUrl, getServiceParameterName(), modifiedServiceUrl, this.renew, this.gateway);

        if (log.isDebugEnabled()) {

            log.debug("redirecting to \"" + urlToRedirectTo + "\"");

        }

        //重定向到服務器端

        response.sendRedirect(urlToRedirectTo);

    }