CAS配置(一)-集成RESTFul

最新推荐文章于 2023-11-21 10:36:40 发布
最新推荐文章于 2023-11-21 10:36:40 发布
阅读量4.6k 收藏 3
点赞数 1
分类专栏: 单点登录(SSO)

CAS单点登录服务器很多时候都是被B/S的应用使用,那么对已有些系统是CS的那么怎么去调用呢,这个时候就需要使用webservice来给CS的系统调用了,我们先来说说先决条件吧:

1)集成需要的jar包,这个是必不可少的

com.noelios.restlet.ext.servlet-1.1.1.jar

com.noelios.restlet.ext.spring-1.1.1.jar

com.noelios.restlet-1.1.1.jar

org.restlet.ext.spring-1.1.1.jar

org.restlet-1.1.1.jar

cglib-2.2.jar

cas-server-integration-restlet-3.4.7.jar

2)配置,在web.xml中增加一个servlet配置

<servlet>

<servlet-name>restlet</servlet-name>
<servlet-class>com.noelios.restlet.ext.spring.RestletFrameworkServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>

<servlet-mapping>
<servlet-name>restlet</servlet-name>
<url-pattern>/v1/*</url-pattern>
</servlet-mapping>

那么我们的CS客户端怎么去处理呢,以及怎么去拿到用户数据呢?需要有三次交互才能取得用户数据

1)CS客户端提供用户名和密码,请求http://localhost:8080/TFP-S/v1/tickets,如果用户合法则得到TGT数据。

2)根据TGT和service取得ST票据,请求的路径是:http://localhost:8080/TFP-S/v1/tickets/TGT_编号

3)验证ST票据,得到用户信息的XML格式信息。

样例代码如下:

[java] view plain copy print ?
  1. public class Client { 
  2.  
  3.     public static String getTicket(final String server, final String username, final String password, 
  4.             final String service) { 
  5.         notNull(server, "server must not be null"); 
  6.         notNull(username, "username must not be null"); 
  7.         notNull(password, "password must not be null"); 
  8.         notNull(service, "service must not be null"); 
  9.  
  10.         return getServiceTicket(server, getTicketGrantingTicket(server, username, password), service);
  11.     } 
  12.  
  13.     /**
  14.      * 取得ST
  15.      * @param server
  16.      * @param ticketGrantingTicket
  17.      * @param service
  18.      */ 
  19.     private static String getServiceTicket(final String server, final String ticketGrantingTicket, final String service) { 
  20.         if (ticketGrantingTicket == null
  21.             return null
  22.  
  23.         final HttpClient client = new HttpClient(); 
  24.  
  25.         final PostMethod post = new PostMethod(server + "/" + ticketGrantingTicket); 
  26.  
  27.         post.setRequestBody(new NameValuePair[] { new NameValuePair("service", service) }); 
  28.  
  29.         try
  30.             client.executeMethod(post); 
  31.  
  32.             final String response = post.getResponseBodyAsString(); 
  33.  
  34.             switch (post.getStatusCode()) { 
  35.             case 200
  36.                 return response; 
  37.  
  38.             default
  39.                 warning("Invalid response code (" + post.getStatusCode() + ") from CAS server!"); 
  40.                 info("Response (1k): " + response.substring(0, Math.min(1024, response.length()))); 
  41.                 break
  42.             } 
  43.         } 
  44.  
  45.         catch (final IOException e) { 
  46.             warning(e.getMessage()); 
  47.         } 
  48.  
  49.         finally
  50.             post.releaseConnection(); 
  51.         } 
  52.  
  53.         return null
  54.     } 
  55.  
  56.     /**
  57.      * @param server
  58.      * @param username
  59.      * @param password
  60.      */ 
  61.     private static String getTicketGrantingTicket(final String server, final String username, final String password) { 
  62.         final HttpClient client = new HttpClient(); 
  63.  
  64.         final PostMethod post = new PostMethod(server); 
  65.  
  66.         post.setRequestBody(new NameValuePair[] { new NameValuePair("username", username), 
  67.                 new NameValuePair("password", password) }); 
  68.  
  69.         try
  70.             client.executeMethod(post); 
  71.  
  72.             final String response = post.getResponseBodyAsString(); 
  73.             info("TGT="+response); 
  74.             switch (post.getStatusCode()) { 
  75.             case 201: { 
  76.                 final Matcher matcher = Pattern.compile(".*action=\".*/(.*?)\".*").matcher(response); 
  77.  
  78.                 if (matcher.matches()) 
  79.                     return matcher.group(1); 
  80.  
  81.                 warning("Successful ticket granting request, but no ticket found!"); 
  82.                 info("Response (1k): " + response.substring(0, Math.min(1024, response.length()))); 
  83.                 break
  84.             } 
  85.  
  86.             default
  87.                 warning("Invalid response code (" + post.getStatusCode() + ") from CAS server!"); 
  88.                 info("Response (1k): " + response.substring(0, Math.min(1024, response.length()))); 
  89.                 break
  90.             } 
  91.         } 
  92.  
  93.         catch (final IOException e) { 
  94.             warning(e.getMessage()); 
  95.         } 
  96.  
  97.         finally
  98.             post.releaseConnection(); 
  99.         } 
  100.  
  101.         return null
  102.     } 
  103.  
  104.     private static void ticketValidate(String serverValidate, String serviceTicket, String service) { 
  105.         notNull(serviceTicket, "paramter 'serviceTicket' is not null"); 
  106.         notNull(service, "paramter 'service' is not null"); 
  107.  
  108.         final HttpClient client = new HttpClient(); 
  109.         GetMethod post = null
  110.  
  111.         try
  112.             post = new GetMethod(serverValidate+"?"+"ticket="+serviceTicket+"&service="+URLEncoder.encode(service, "UTF-8")); 
  113.             client.executeMethod(post); 
  114.  
  115.             final String response = post.getResponseBodyAsString(); 
  116.             info(response); 
  117.             switch (post.getStatusCode()) { 
  118.             case 200: { 
  119.                 info("成功取得用户数据"); 
  120.             } 
  121.             default: { 
  122.  
  123.             } 
  124.             } 
  125.  
  126.         } catch (Exception e) { 
  127.             warning(e.getMessage()); 
  128.         } finally
  129.             //释放资源 
  130.             post.releaseConnection(); 
  131.         } 
  132.  
  133.     } 
  134.  
  135.     private static void notNull(final Object object, final String message) { 
  136.         if (object == null
  137.             throw new IllegalArgumentException(message); 
  138.     } 
  139.  
  140.     public static void main(final String[] args) throws Exception { 
  141.         final String server = "http://localhost:8080/TFP-S/v1/tickets"
  142.         final String username = "username"
  143.         final String password = "username"
  144.         final String service = "http://localhost:8080/service"
  145.         final String proxyValidate = "http://localhost:8080/TFP-S/proxyValidate"
  146.  
  147.          
  148.         ticketValidate(proxyValidate, getTicket(server, username, password, service), service); 
  149.          
  150.     } 
  151.  
  152.     private static void warning(String msg) { 
  153.         System.out.println(msg); 
  154.     } 
  155.  
  156.     private static void info(String msg) { 
  157.         System.out.println(msg); 
  158.     } 
  159.   
public class Client {

	public static String getTicket(final String server, final String username, final String password,
			final String service) {
		notNull(server, "server must not be null");
		notNull(username, "username must not be null");
		notNull(password, "password must not be null");
		notNull(service, "service must not be null");

		return getServiceTicket(server, getTicketGrantingTicket(server, username, password), service);
	}

	/**
	 * 取得ST
	 * @param server
	 * @param ticketGrantingTicket
	 * @param service
	 */
	private static String getServiceTicket(final String server, final String ticketGrantingTicket, final String service) {
		if (ticketGrantingTicket == null)
			return null;

		final HttpClient client = new HttpClient();

		final PostMethod post = new PostMethod(server + "/" + ticketGrantingTicket);

		post.setRequestBody(new NameValuePair[] { new NameValuePair("service", service) });

		try {
			client.executeMethod(post);

			final String response = post.getResponseBodyAsString();

			switch (post.getStatusCode()) {
			case 200:
				return response;

			default:
				warning("Invalid response code (" + post.getStatusCode() + ") from CAS server!");
				info("Response (1k): " + response.substring(0, Math.min(1024, response.length())));
				break;
			}
		}

		catch (final IOException e) {
			warning(e.getMessage());
		}

		finally {
			post.releaseConnection();
		}

		return null;
	}

	/**
	 * @param server
	 * @param username
	 * @param password
	 */
	private static String getTicketGrantingTicket(final String server, final String username, final String password) {
		final HttpClient client = new HttpClient();

		final PostMethod post = new PostMethod(server);

		post.setRequestBody(new NameValuePair[] { new NameValuePair("username", username),
				new NameValuePair("password", password) });

		try {
			client.executeMethod(post);

			final String response = post.getResponseBodyAsString();
			info("TGT="+response);
			switch (post.getStatusCode()) {
			case 201: {
				final Matcher matcher = Pattern.compile(".*action=\".*/(.*?)\".*").matcher(response);

				if (matcher.matches())
					return matcher.group(1);

				warning("Successful ticket granting request, but no ticket found!");
				info("Response (1k): " + response.substring(0, Math.min(1024, response.length())));
				break;
			}

			default:
				warning("Invalid response code (" + post.getStatusCode() + ") from CAS server!");
				info("Response (1k): " + response.substring(0, Math.min(1024, response.length())));
				break;
			}
		}

		catch (final IOException e) {
			warning(e.getMessage());
		}

		finally {
			post.releaseConnection();
		}

		return null;
	}

	private static void ticketValidate(String serverValidate, String serviceTicket, String service) {
		notNull(serviceTicket, "paramter 'serviceTicket' is not null");
		notNull(service, "paramter 'service' is not null");

		final HttpClient client = new HttpClient();
		GetMethod post = null;

		try {
			post = new GetMethod(serverValidate+"?"+"ticket="+serviceTicket+"&service="+URLEncoder.encode(service, "UTF-8"));
			client.executeMethod(post);

			final String response = post.getResponseBodyAsString();
			info(response);
			switch (post.getStatusCode()) {
			case 200: {
				info("成功取得用户数据");
			}
			default: {

			}
			}

		} catch (Exception e) {
			warning(e.getMessage());
		} finally {
			//释放资源
			post.releaseConnection();
		}

	}

	private static void notNull(final Object object, final String message) {
		if (object == null)
			throw new IllegalArgumentException(message);
	}

	public static void main(final String[] args) throws Exception {
		final String server = "http://localhost:8080/TFP-S/v1/tickets";
		final String username = "username";
		final String password = "username";
		final String service = "http://localhost:8080/service";
		final String proxyValidate = "http://localhost:8080/TFP-S/proxyValidate";

		
		ticketValidate(proxyValidate, getTicket(server, username, password, service), service);
		
	}

	private static void warning(String msg) {
		System.out.println(msg);
	}

	private static void info(String msg) {
		System.out.println(msg);
	}

}

 

如果对返回来的用户信息是什么格式不清楚,那么下面是一个xml格式。

[html] view plain copy print ?
  1. <cas:serviceResponse > 
  2.     <cas:authenticationSuccess> 
  3.         <cas:user>xuf</cas:user> 
  4.         <cas:attributes> 
  5.             <cas:securityLevel>2</cas:securityLevel> 
  6.             <cas:userType>个人用户</cas:userType> 
  7.             <cas:age>32</cas:age> 
  8.         </cas:attributes>   
  9.     </cas:authenticationSuccess> 
  10. </cas:serviceResponse>  
<cas:serviceResponse >
	<cas:authenticationSuccess>
		<cas:user>xuf</cas:user>
		<cas:attributes>
			<cas:securityLevel>2</cas:securityLevel>
			<cas:userType>个人用户</cas:userType>
			<cas:age>32</cas:age>
		</cas:attributes>  
	</cas:authenticationSuccess>
</cas:serviceResponse>

这个格式怎么修改?在透露一点吧,就是在CAS服务器那边是不是有casServiceValidationFailure.jsp文件,对了,就是它决定返回的xml格式的。如果使用Filter,其实也是传递回来这个xml,只是验证票据的过滤器,将这个xml转换成Assertion对象了。明白了吧。

 

restful restful所需要的jar包
03-05
restful restful所需要的jar包 ========================================= Restlet, a RESTful Web framework for Java ========================================= http://www.restlet.org ----------------------------------------- Native REST support * Core REST concepts have equivalent Java classes (UniformInterface, Resource, Representation, Connector for example). * Suitable for both client-side and server-side web applications. The innovation is that that it uses the same API, reducing the learning curve and the software footprint. * Restlet-GWT module available, letting you leverage the Restlet API from within any Web browser, without plugins. * Concept of "URIs as UI" supported based on the URI Templates standard. This results in a very flexible yet simple routing with automatic extraction of URI variables into request attributes. * Tunneling service lets browsers issue any HTTP method (PUT, DELETE, MOVE, etc.) through a simple HTTP POST. This service is transparent for Restlet applications. Complete Web Server * Static file serving similar to Apache HTTP Server, with metadata association based on file extensions. * Transparent content negotiation based on client preferences. * Conditional requests automatically supported for resources. * Remote edition of files based on PUT and DELETE methods (aka mini-WebDAV mode). * Decoder service transparently decodes compressed or encoded input representations. This service is transparent for Restlet applications. * Log service writes all accesses to your applications in a standard Web log file. The log format follows the W3C Extended Log File Format and is fully customizable. * Powerful URI based redirection support similar to Apache Rewrite module. Available Connectors * Multiple server HTTP connectors available, based on either Mortbay's Jetty or the Simple framework or Grizzly NIO framework. * AJP server connector available to let you plug behind an Apache HTT
cas单点登录-rest认证(十二)
weixin_42073629的博客
07-29 1863
我们之前在cas服务端整合了shiro,在shirorealm中通过查询数据库获取用户信息和角色等信息,如果都是内部服务,将从数据库中获取信息改为通过调用接口获取信息就可以了,这也是一种方式,这里是演示一下官网的配置。 什么是Rest认证? cas服务端通过调用其他服务接口,将用户名和密码传过去进行认证。这就是rest认证。 什么情况下需要用到Rest认证? 在不允许cas服务直接访问账号数据库的时候,这个时候就需要用到Rest认证。 具体参考官网 https://apereo.github.i
CAS单点登录(十)——通过Restful协议请求认证和退出
热门推荐
Anumbrella
03-30 2万+
前面我们讲解了一些列的CAS文章,对CAS有了很多了解。今天我们讲解一个现在服务常用的REST协议来完成CAS的登录、认证,不需要我们手动登录跳转到CAS的登录页面就可以完成CAS的一些列操作。 我们知道CAS认证支持包括多种协议去认证,包括CAS、OAuth、SAML1、SAML2、REST Protocol等协议,这里我们采用REST协议去获取TGT,然后获取到TGT后获取到ST,最后拿到ST...
CAS4.0 SERVER登录后用户信息的返回
zhangjunli的博客
07-09 911
 相关接口在开始时,我们先了解下有关相关的几个接口CredentialsPrincipalIPersonAttributeDaoPrincipalResolver Credentials   Credentials (org.jasig.cas.authentication.Credentials)接口,我们在上一篇其实有使用过,我们当时有用过一个叫 UsernamePasswordCredent...
cas-overlay-template-5.3
09-18
6. **RESTful API**:随着微服务架构的流行,CAS 5.3可能会提供RESTful API接口,方便与其他服务进行交互和集成。 7. **安全性增强**:版本5.3可能会包含安全更新,例如加强HTTPS支持,防止中间人攻击,并且提供更...
前后端分离集成cas
04-30
本项目是关于前后端分离集成CAS(Central Authentication Service)的一个实例,主要使用了Spring Boot、Shiro、Oracle数据库以及Vue.js等技术。 首先,Spring Boot是基于Spring框架的轻量级开发工具,它简化了新...
cas-server-4.0.0-release+cas-client-3.2.1-release
05-25
综上所述,`cas-server-4.0.0-release` 和 `cas-client-3.2.1-release` 文件包含了构建和维护一个基于CAS的单点登录系统所需的关键组件和源码,对于理解SSO机制、开发和优化CAS集成具有很高的价值。通过深入研究这些...
cas4.1.x集成.zip
06-10
5. **客户端集成**:在每个服务提供商项目中添加CAS客户端依赖,配置相应的CAS服务器地址和服务ID。 6. **编写配置文件**:创建服务提供者的`services.xml`文件,定义服务的属性和权限。 7. **测试SSO功能**:启动...
cas-6.1.5-source.tar.gz
08-06
CAS(Central Authentication Service)是一个开放源码的单点登录(Single Sign-On,SSO)框架,主要用于实现网络应用之间的统一身份验证。CAS-6.1.5是该框架的一个稳定版本,提供了许多改进和新特性,以提升安全性...
Cas之5.2.x版本单点登录自定义REST认证-yellowcong
12-19 1万+
通过接口的方式进行单点登录的操作。REST这种方式是解决验证数据不在CAS服务端,而是在本地端项目源码地址:https://gitee.com/yellowcong/cas_demo/tree/master/cas_rest_demo ,这个破玩意折腾了我3天,才写出来,新累啊,官方文档太坑。
CAS5.3单点登录REST协议登录操作说明
fanxb的博客
05-27 7389
一、前言 CAS是一个旨在为应用系统提供单点登录方案的企业级的开源项目,它为第三方应用提供了基于REST的操作接口。 为后续表达准确,对相关术语作简单说明: Web应用系统:准备集成CAS单点登录功能的各类Web应用; CAS Server:本文中特指cas-server-webapp的war文件,需要独立部署,有时也称为认证系统、认证中心; CAS Client:本文中特指cas-cl...
CAS+RESTful WebService 使用文档
竹子.GE的专栏
04-01 4970
CAS+RESTful WebService 使用文档
cas单点登录服务端部署以及客户端配置详解
XZQ1969的博客
01-04 4625
本文内容目录 cas介绍 tomcat配置https支持(包括证书生成步骤) cas服务端搭建 cas客户端搭建 1. cas介绍 简介: CAS是Central Authentication Service的缩写,中央认证服务,一种独立开放指令协议。CAS 是 耶鲁大学(Yale University)发起的一个开源项目,旨在为 Web 应用系统提供一种可靠的单点登录方法,CAS 在 2004 年 12 月正式成为 JA-SIG 的一个项目。 特点: 1、开
单点登录解决方案——CAS基本认识
武汉小喽啰
02-13 331
1. 简介 单点登录(Single Sign On),简称为 SSO,是目前比较流行的企业业务整合的解决方案之一。SSO的定义是在多个应用系统中,用户只需要登录一次就可以访问所有相互信任的应用系统。 我们目前的系统存在诸多子系统,而这些子系统是分别部署在不同的服务器中,那么使用传统方式的session是无法解决的,我们需要使用相关的单点登录技术来解决 2. ...
CAS单点登录(九)——客户端接入
Anumbrella
03-01 1万+
在前面的CAS系列文章中,我们讲解了CAS从搭建到具体的自定义配置,但针对的都是CAS服务端的知识,今天我们讲解一下CAS的客户端知识点。
cas rest 认证配置
tonysh_zds的博客
08-29 473
支持http请求,修改文件,增加http请求服务。
cas5.3.9单点登录-总结遇到的坑
神奇de旋风的博客
06-28 1万+
cas5.3.9单点登录-总结遇到的坑前言cas简介术语解释Ticket Grangting Ticket(TGT)Ticket Granting Cookie(TGC)Service Ticket(ST)图解TGC与TGTServer与Client交互过程项目搭建项目文档项目二次开发项目二次开发遇到的问题SSL证书申请cas ticket过期策略cas client单机-单点退出cas clie......
SpringBoot 实现CAS Server统一登录认证
最新发布
LiuCJ_20000的博客
11-21 6808
CAS(Central Authentication Service)中心授权服务,是一个开源项目,目的在于为Web应用系统提供一种可靠的单点登录。​ 在整个认证的流程中的整个流程大概是:首先由CAS Client(我们的客户端应用)发起请求,CAS Client 会重定向到CAS Server进行登录,CAS Server进行账户校验且多个CAS Client 之间可以共享登录的 session ,。​ 从结构上看,CAS 包含两个部分:和。
CAS4.0集成RESTLE的Jar包清单
集成RESTLE到CAS 4.0需要进行一系列的配置和添加必要的支持库。这通常包括以下几个方面: - **下载RESTLE源码或已编译的包**:获取RESTLE的jar文件,这些文件将被添加到CAS的类路径中。 - **配置cas.properties**:...
评论 2
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值