CAS單點登錄服務器很多時候都是被B/S的應用使用,那麼對已有些系統是CS的那麼怎麼去調用呢,這個時候就需要使用webservice來給CS的系統調用了,我們先來說說先決條件吧:
1)集成需要的jar包,這個是必不可少的
com.noelios.restlet.ext.servlet-1.1.1.jar
com.noelios.restlet.ext.spring-1.1.1.jar
com.noelios.restlet-1.1.1.jar
org.restlet.ext.spring-1.1.1.jar
org.restlet-1.1.1.jar
cglib-2.2.jar
cas-server-integration-restlet-3.4.7.jar
2)配置,在web.xml中增加一個servlet配置
<servlet>
<servlet-name>restlet</servlet-name>
<servlet-class>com.noelios.restlet.ext.spring.RestletFrameworkServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>restlet</servlet-name>
<url-pattern>/v1/*</url-pattern>
</servlet-mapping>
那麼我們的CS客戶端怎麼去處理呢,以及怎麼去拿到用戶數據呢?需要有三次交互才能取得用戶數據
1)CS客戶端提供用戶名和密碼,請求http://localhost:8080/TFP-S/v1/tickets,如果用戶合法則得到TGT數據。
2)根據TGT和service取得ST票據,請求的路徑是:http://localhost:8080/TFP-S/v1/tickets/TGT_編號
3)驗證ST票據,得到用戶信息的XML格式信息。
樣例代碼如下:
- public class Client {
- public static String getTicket(final String server, final String username, final String password,
- final String service) {
- notNull(server, "server must not be null");
- notNull(username, "username must not be null");
- notNull(password, "password must not be null");
- notNull(service, "service must not be null");
- return getServiceTicket(server, getTicketGrantingTicket(server, username, password), service);
- }
- /**
- * 取得ST
- * @param server
- * @param ticketGrantingTicket
- * @param service
- */
- private static String getServiceTicket(final String server, final String ticketGrantingTicket, final String service) {
- if (ticketGrantingTicket == null)
- return null;
- final HttpClient client = new HttpClient();
- final PostMethod post = new PostMethod(server + "/" + ticketGrantingTicket);
- post.setRequestBody(new NameValuePair[] { new NameValuePair("service", service) });
- try {
- client.executeMethod(post);
- final String response = post.getResponseBodyAsString();
- switch (post.getStatusCode()) {
- case 200:
- return response;
- default:
- warning("Invalid response code (" + post.getStatusCode() + ") from CAS server!");
- info("Response (1k): " + response.substring(0, Math.min(1024, response.length())));
- break;
- }
- }
- catch (final IOException e) {
- warning(e.getMessage());
- }
- finally {
- post.releaseConnection();
- }
- return null;
- }
- /**
- * @param server
- * @param username
- * @param password
- */
- private static String getTicketGrantingTicket(final String server, final String username, final String password) {
- final HttpClient client = new HttpClient();
- final PostMethod post = new PostMethod(server);
- post.setRequestBody(new NameValuePair[] { new NameValuePair("username", username),
- new NameValuePair("password", password) });
- try {
- client.executeMethod(post);
- final String response = post.getResponseBodyAsString();
- info("TGT="+response);
- switch (post.getStatusCode()) {
- case 201: {
- final Matcher matcher = Pattern.compile(".*action=\".*/(.*?)\".*").matcher(response);
- if (matcher.matches())
- return matcher.group(1);
- warning("Successful ticket granting request, but no ticket found!");
- info("Response (1k): " + response.substring(0, Math.min(1024, response.length())));
- break;
- }
- default:
- warning("Invalid response code (" + post.getStatusCode() + ") from CAS server!");
- info("Response (1k): " + response.substring(0, Math.min(1024, response.length())));
- break;
- }
- }
- catch (final IOException e) {
- warning(e.getMessage());
- }
- finally {
- post.releaseConnection();
- }
- return null;
- }
- private static void ticketValidate(String serverValidate, String serviceTicket, String service) {
- notNull(serviceTicket, "paramter 'serviceTicket' is not null");
- notNull(service, "paramter 'service' is not null");
- final HttpClient client = new HttpClient();
- GetMethod post = null;
- try {
- post = new GetMethod(serverValidate+"?"+"ticket="+serviceTicket+"&service="+URLEncoder.encode(service, "UTF-8"));
- client.executeMethod(post);
- final String response = post.getResponseBodyAsString();
- info(response);
- switch (post.getStatusCode()) {
- case 200: {
- info("成功取得用戶數據");
- }
- default: {
- }
- }
- } catch (Exception e) {
- warning(e.getMessage());
- } finally {
- //釋放資源
- post.releaseConnection();
- }
- }
- private static void notNull(final Object object, final String message) {
- if (object == null)
- throw new IllegalArgumentException(message);
- }
- public static void main(final String[] args) throws Exception {
- final String server = "http://localhost:8080/TFP-S/v1/tickets";
- final String username = "username";
- final String password = "username";
- final String service = "http://localhost:8080/service";
- final String proxyValidate = "http://localhost:8080/TFP-S/proxyValidate";
- ticketValidate(proxyValidate, getTicket(server, username, password, service), service);
- }
- private static void warning(String msg) {
- System.out.println(msg);
- }
- private static void info(String msg) {
- System.out.println(msg);
- }
- }
如果對返回來的用戶信息是什麼格式不清楚,那麼下面是一個xml格式。
- <cas:serviceResponse >
- <cas:authenticationSuccess>
- <cas:user>xuf</cas:user>
- <cas:attributes>
- <cas:securityLevel>2</cas:securityLevel>
- <cas:userType>個人用戶</cas:userType>
- <cas:age>32</cas:age>
- </cas:attributes>
- </cas:authenticationSuccess>
- </cas:serviceResponse>