CAS配置（一）-集成RESTFul

CAS单点登录服务器很多时候都是被B/S的应用使用，那么对已有些系统是CS的那么怎么去调用呢，这个时候就需要使用webservice来给CS的系统调用了，我们先来说说先决条件吧：
1）集成需要的jar包，这个是必不可少的
com.noelios.restlet.ext.servlet-1.1.1.jar

com.noelios.restlet.ext.spring-1.1.1.jar

com.noelios.restlet-1.1.1.jar

org.restlet.ext.spring-1.1.1.jar

org.restlet-1.1.1.jar

cglib-2.2.jar
cas-server-integration-restlet-3.4.7.jar

2)配置，在web.xml中增加一个servlet配置
<servlet>
<servlet-name>restlet</servlet-name>
<servlet-class>com.noelios.restlet.ext.spring.RestletFrameworkServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>

<servlet-mapping>
<servlet-name>restlet</servlet-name>
<url-pattern>/v1/*</url-pattern>
</servlet-mapping>

那么我们的CS客户端怎么去处理呢，以及怎么去拿到用户数据呢？需要有三次交互才能取得用户数据
1)CS客户端提供用户名和密码，请求http://localhost:8080/TFP-S/v1/tickets，如果用户合法则得到TGT数据。
2）根据TGT和service取得ST票据，请求的路径是：http://localhost:8080/TFP-S/v1/tickets/TGT_编号
3)验证ST票据，得到用户信息的XML格式信息。
样例代码如下：

public class Client {

public static String getTicket(final String server, final String username, final String password,
final String service) {
notNull(server, "server must not be null");
notNull(username, "username must not be null");
notNull(password, "password must not be null");
notNull(service, "service must not be null");

return getServiceTicket(server, getTicketGrantingTicket(server, username, password), service);
}

/**
* 取得ST
* @param server
* @param ticketGrantingTicket
* @param service
*/
private static String getServiceTicket(final String server, final String ticketGrantingTicket, final String service) {
if (ticketGrantingTicket == null)
return null;

final HttpClient client = new HttpClient();

final PostMethod post = new PostMethod(server + "/" + ticketGrantingTicket);

post.setRequestBody(new NameValuePair[] { new NameValuePair("service", service) });

try {
client.executeMethod(post);

final String response = post.getResponseBodyAsString();

switch (post.getStatusCode()) {
case 200:
return response;

default:
warning("Invalid response code (" + post.getStatusCode() + ") from CAS server!");
info("Response (1k): " + response.substring(0, Math.min(1024, response.length())));
break;
}
}

catch (final IOException e) {
warning(e.getMessage());
}

finally {
post.releaseConnection();
}

return null;
}

/**
* @param server
* @param username
* @param password
*/
private static String getTicketGrantingTicket(final String server, final String username, final String password) {
final HttpClient client = new HttpClient();

final PostMethod post = new PostMethod(server);

post.setRequestBody(new NameValuePair[] { new NameValuePair("username", username),
new NameValuePair("password", password) });

try {
client.executeMethod(post);

final String response = post.getResponseBodyAsString();
info("TGT="+response);
switch (post.getStatusCode()) {
case 201: {
final Matcher matcher = Pattern.compile(".*action=\".*/(.*?)\".*").matcher(response);

if (matcher.matches())
return matcher.group(1);

warning("Successful ticket granting request, but no ticket found!");
info("Response (1k): " + response.substring(0, Math.min(1024, response.length())));
break;
}

default:
warning("Invalid response code (" + post.getStatusCode() + ") from CAS server!");
info("Response (1k): " + response.substring(0, Math.min(1024, response.length())));
break;
}
}

catch (final IOException e) {
warning(e.getMessage());
}

finally {
post.releaseConnection();
}

return null;
}

private static void ticketValidate(String serverValidate, String serviceTicket, String service) {
notNull(serviceTicket, "paramter 'serviceTicket' is not null");
notNull(service, "paramter 'service' is not null");

final HttpClient client = new HttpClient();
GetMethod post = null;

try {
post = new GetMethod(serverValidate+"?"+"ticket="+serviceTicket+"&service="+URLEncoder.encode(service, "UTF-8"));
client.executeMethod(post);

final String response = post.getResponseBodyAsString();
info(response);
switch (post.getStatusCode()) {
case 200: {
info("成功取得用户数据");
}
default: {

}
}

} catch (Exception e) {
warning(e.getMessage());
} finally {
//释放资源
post.releaseConnection();
}

}

private static void notNull(final Object object, final String message) {
if (object == null)
throw new IllegalArgumentException(message);
}

public static void main(final String[] args) throws Exception {
final String server = "http://localhost:8080/TFP-S/v1/tickets";
final String username = "username";
final String password = "username";
final String service = "http://localhost:8080/service";
final String proxyValidate = "http://localhost:8080/TFP-S/proxyValidate";

ticketValidate(proxyValidate, getTicket(server, username, password, service), service);

}

private static void warning(String msg) {
System.out.println(msg);
}

private static void info(String msg) {
System.out.println(msg);
}

}

如果对返回来的用户信息是什么格式不清楚，那么下面是一个xml格式。

<cas:serviceResponse >
<cas:authenticationSuccess>
<cas:user>xuf</cas:user>
<cas:attributes>
<cas:securityLevel>2</cas:securityLevel>
<cas:userType>个人用户</cas:userType>
<cas:age>32</cas:age>
</cas:attributes>
</cas:authenticationSuccess>
</cas:serviceResponse>

这个格式怎么修改？在透露一点吧，就是在CAS服务器那边是不是有casServiceValidationFailure.jsp文件，对了，就是它决定返回的xml格式的。如果使用Filter，其实也是传递回来这个xml，只是验证票据的过滤器，将这个xml转换成Assertion对象了。明白了吧。