1.需要在cas-servlet.xml添加一个controller:remoteLoginController
<bean id="handlerMappingC" class="org.springframework.web.servlet.handler.SimpleUrlHandlerMapping"> <property name="mappings"> <prop key="remoteLogin">remoteLoginController</prop> </bean>
2.在添加一个对应的controller bean
<bean id="remoteLoginController" class="org.jasig.cas.expand.web.flow.RemoteLoginAction" p:argumentExtractors-ref="argumentExtractors" p:warnCookieGenerator-ref="warnCookieGenerator" p:centralAuthenticationService-ref="centralAuthenticationService" p:ticketGrantingTicketCookieGenerator-ref="ticketGrantingTicketCookieGenerator"></bean>
3.添加对应的Action
import java.util.List; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.validation.constraints.NotNull; import org.hibernate.validator.constraints.NotEmpty; import org.jasig.cas.CentralAuthenticationService; import org.jasig.cas.authentication.principal.Service; import org.jasig.cas.authentication.principal.UsernamePasswordCredentials; import org.jasig.cas.client.util.CommonUtils; import org.jasig.cas.ticket.TicketException; import org.jasig.cas.web.support.ArgumentExtractor; import org.jasig.cas.web.support.CookieRetrievingCookieGenerator; import org.jasig.cas.web.support.WebUtils; import org.springframework.util.StringUtils; import org.springframework.web.servlet.ModelAndView; import org.springframework.web.servlet.mvc.AbstractController; import org.springframework.web.servlet.view.RedirectView; public class RemoteLoginAction extends AbstractController { @NotNull private CentralAuthenticationService centralAuthenticationService; @NotNull private CookieRetrievingCookieGenerator warnCookieGenerator; @NotNull private CookieRetrievingCookieGenerator ticketGrantingTicketCookieGenerator; private boolean pathPopulated = false; /** Extractors for finding the service. */ @NotEmpty private List<ArgumentExtractor> argumentExtractors; protected ModelAndView handleRequestInternal(HttpServletRequest request, HttpServletResponse response) throws Exception { String clientLoginUrl = request.getParameter("clientLoginUrl"); request.setAttribute("clientLoginUrl", clientLoginUrl); request.getSession().setAttribute("clientLoginUrl", clientLoginUrl); logger.info("clientLoginUrl : " + clientLoginUrl); String uName = request.getParameter("username"); String password = request.getParameter("password"); UsernamePasswordCredentials credentials = null; if (CommonUtils.isNotBlank(uName) && CommonUtils.isNotBlank(password)) { credentials = new UsernamePasswordCredentials(); credentials.setPassword(password); credentials.setUsername(uName); } else { return new ModelAndView(new RedirectView(clientLoginUrl)); } if (!this.pathPopulated) { final String contextPath = request.getContextPath(); final String cookiePath = StringUtils.hasText(contextPath) ? contextPath + "/" : "/"; logger.info("Setting path for cookies to: " + cookiePath); this.warnCookieGenerator.setCookiePath(cookiePath); this.ticketGrantingTicketCookieGenerator.setCookiePath(cookiePath); this.pathPopulated = true; } final Service service = WebUtils.getService(this.argumentExtractors, request); String ticketGrantingTicketId = ""; String serviceTicket = ""; try { ticketGrantingTicketId = this.centralAuthenticationService .createTicketGrantingTicket(credentials); /*** * 产生新的票据,并将票据及服务记录在缓存中 */ serviceTicket = this.centralAuthenticationService .grantServiceTicket(ticketGrantingTicketId, service); this.ticketGrantingTicketCookieGenerator.removeCookie(response); this.ticketGrantingTicketCookieGenerator.addCookie(request, response, ticketGrantingTicketId); this.warnCookieGenerator.addCookie(request, response, "true"); } catch (TicketException e) { return new ModelAndView(new RedirectView(clientLoginUrl)); } return new ModelAndView(new RedirectView( request.getParameter("service") + "?ticket=" + serviceTicket)); } public void setWarnCookieGenerator( final CookieRetrievingCookieGenerator warnCookieGenerator) { this.warnCookieGenerator = warnCookieGenerator; } public void setArgumentExtractors( final List<ArgumentExtractor> argumentExtractors) { this.argumentExtractors = argumentExtractors; } public final void setCentralAuthenticationService( final CentralAuthenticationService centralAuthenticationService) { this.centralAuthenticationService = centralAuthenticationService; } public void setTicketGrantingTicketCookieGenerator( final CookieRetrievingCookieGenerator ticketGrantingTicketCookieGenerator) { this.ticketGrantingTicketCookieGenerator = ticketGrantingTicketCookieGenerator; } }
4.修改一下登录成功会自动重定向到你提供的service地址,现在要做的是登录不成功的时候返回自定义的登录页面,需要修改casLoginView.jsp,直接重定向到clientLoginUrl
<% response.sendRedirect(request.getAttribute("clientLoginUrl").toString()); %>
CAC客户端:
1.web.xml的配置
网上都有,就不贴了
2.修改认证filter,添加clientLoginUrl给服务端认证失败时重定向使用
3.自定义登录页面
<form action="https://casip:casport/cas/remoteLogin" method="post"> <input type="hidden" id="targetService" name="service" value="认证成功以后返回的URL" /> <input type="hidden" name="clientLoginUrl" value="自定义登录页面的URL" /> <table> <tr> <td>用户名:</td> <td><input type="text" name="username"></td> </tr> <tr> <td>密 码:</td> <td><input type="password" name="password"></td> </tr> <tr> <td colspan="2"><input type="submit" value="登陆" /></td> </tr> </table> </form>
自己试试吧