CAS学习之RESTFUL API使用(1)
2013-09-27 22:51
85 查看
CAS环境搭建完成之后,由于项目中需要模拟CAS登陆并获取相应的TICKET,专门学习了一下RESTFUL API的使用。
以下例子代码实现的功能是模拟登陆CAS,生成ST为各个集成了CAS的应用使用。
将RESTFUL API的调用封装到了一个类中:
注意要模拟该场景至少需要2个web应用和一个cas服务端。这2个web应用中模拟生成ticket的应用不需要被CAS保护。另外,这个2个web应用需要在同一域中。
本文出自 “图图学习吧” 博客,请务必保留此出处http://feiquan16.blog.51cto.com/336861/1302938
以下例子代码实现的功能是模拟登陆CAS,生成ST为各个集成了CAS的应用使用。
将RESTFUL API的调用封装到了一个类中:
package com.feiquan16.cas.util; import java.io.IOException; import java.util.StringTokenizer; import java.util.logging.Logger; import java.util.regex.Matcher; import java.util.regex.Pattern; import javax.servlet.http.Cookie; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.apache.commons.httpclient.HttpClient; import org.apache.commons.httpclient.NameValuePair; import org.apache.commons.httpclient.methods.PostMethod; /** * An example Java client to authenticate against CAS using REST services. * Please ensure you have followed the necessary setup found on the <a * href="http://www.ja-sig.org/wiki/display/CASUM/RESTful+API">wiki</a>. * * @author <a href="mailto:jieryn@gmail.com">jesse lauren farinacci</a> * @since 3.4.2 */ public final class CASUtility { private static final Logger LOG = Logger.getLogger(CASUtility.class.getName()); public static PropertiesReader pr = null; private CASUtility() { // static-only access } public static String getTicket(final HttpServletRequest request, final HttpServletResponse response, final String server, final String username, final String password, final String service) { notNull(server, "server must not be null"); notNull(username, "username must not be null"); notNull(password, "password must not be null"); notNull(service, "service must not be null"); return getServiceTicket(request, response, server, getTicketGrantingTicket(response, server, username, password), service); } private static String getServiceTicket(final HttpServletRequest request, final HttpServletResponse res, final String server, final String ticketGrantingTicket, final String service) { if (ticketGrantingTicket == null) return null; res.setHeader("P3P","CP=CAO PSA OUR"); String broswer = ""; try { String agent = request.getHeader("User-Agent"); StringTokenizer st = new StringTokenizer(agent,";"); st.nextToken(); broswer = st.nextToken(); LOG.info("User's Browser is "+broswer); }catch(Exception e) { LOG.info("Fail to get User's Browser Type."); } LOG.info("ticketGrantingTicket : " + ticketGrantingTicket); Cookie c1 = new Cookie("CASTGC", ticketGrantingTicket); pr = PropertiesReader.getInstance(""); String domain = pr.getPropertiy("cas.server.domain"); if (broswer != null && broswer.trim().startsWith("MSIE")){ c1.setDomain(domain); c1.setPath("/"); } else { c1.setDomain(domain); c1.setPath("/cas/"); } res.addCookie(c1); final HttpClient client = new HttpClient(); final PostMethod post = new PostMethod(server + "/" + ticketGrantingTicket); post.setRequestBody(new NameValuePair[] { new NameValuePair("service", service) }); try { client.executeMethod(post); final String response = post.getResponseBodyAsString(); switch (post.getStatusCode()) { case 200: return response; default: LOG.warning("Invalid response code (" + post.getStatusCode() + ") from CAS server!"); LOG.info("Response (1k): " + response.substring(0, Math.min(1024, response.length()))); break; } } catch (final IOException e) { LOG.warning(e.getMessage()); } finally { post.releaseConnection(); } return null; } public static String getTicketGrantingTicket(final HttpServletResponse res, final String server, final String username, final String password) { final HttpClient client = new HttpClient(); final PostMethod post = new PostMethod(server); post.setRequestBody(new NameValuePair[] { new NameValuePair("username", username), new NameValuePair("password", password) }); try { client.executeMethod(post); final String response = post.getResponseBodyAsString(); switch (post.getStatusCode()) { case 201: { final Matcher matcher = Pattern.compile(".*action=\".*/(.*?)\".*").matcher(response); if (matcher.matches()) return matcher.group(1); LOG.warning("Successful ticket granting request, but no ticket found!"); LOG.info("Response (1k): " + response.substring(0, Math.min(1024, response.length()))); break; } default: LOG.warning("Invalid response code (" + post.getStatusCode() + ") from CAS server!"); LOG.info("Response (1k): " + response.substring(0, Math.min(1024, response.length()))); break; } } catch (final IOException e) { LOG.warning(e.getMessage()); } finally { post.releaseConnection(); } return null; } private static void notNull(final Object object, final String message) { if (object == null) throw new IllegalArgumentException(message); } }然后新建了一个servlet去调用上门这个类生成TICKET。
package com.feiquan16.cas.servlet; import java.io.IOException; import java.io.PrintWriter; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import com.feiquan16.cas.util.CASUtility; import com.feiquan16.cas.util.PropertiesReader; public class CASTicketServlet extends HttpServlet { /** * */ private static final long serialVersionUID = 1L; public static PropertiesReader pr = null; public void doGet(HttpServletRequest request,HttpServletResponse response)throws ServletException, IOException{ PrintWriter writer = response.getWriter(); response.setContentType("text/html"); pr = PropertiesReader.getInstance(""); System.out.println("----------"); String server = pr.getPropertiy("cas.service.url"); String username = "b";request.getParameter("username"); String password = "b";request.getParameter("ObSSOCookie"); String service = "http://andrew.biz.com:9080/HRDemo";request.getParameter("service"); response.setHeader("P3P","CP=CAO PSA OUR"); System.out.println("----------"); String ticket = CASUtility.getTicket(request,response, server, username, password, service); System.out.println(ticket); response.sendRedirect(service); writer.print(ticket); } public void doPost(HttpServletRequest request,HttpServletResponse response)throws ServletException, IOException{ this.doGet(request, response); } }上面代码39行,将会跳转到应用HRDemo,这个HRDemo是被CAS保护的。
注意要模拟该场景至少需要2个web应用和一个cas服务端。这2个web应用中模拟生成ticket的应用不需要被CAS保护。另外,这个2个web应用需要在同一域中。
本文出自 “图图学习吧” 博客,请务必保留此出处http://feiquan16.blog.51cto.com/336861/1302938
相关文章推荐
- 学习使用MEAN开发RESTful WEB api,实现数据的CRUD
- 学习使用MEAN开发RESTful WEB api,实现数据的CRUD
- Docker学习笔记八 使用Docker API
- Activiti工作流框架学习(二)——使用Activiti提供的API完成流程操作
- ZooKeeper学习笔记:zookeeperAPI的使用
- 学习api的使用方式
- Python RESTful API 学习(一)
- vue.js学习07之使用$.ajax和vue-resource实现OAuth的注册、登录、注销和API调用
- 使用C#开发HTTP服务器系列之构建RESTful API
- 使用python的Flask实现一个RESTful API服务器端[翻译]
- 大数据架构中使用JSON-RPC好,还是RESTful API好?
- SpringBoot中使用Swagger生成RESTful规范API文档
- Web编程学习四: 使用Jersey来创建RESTful WebService
- iOS开发中使用Bmob RESTful API
- guava 学习笔记(二) 瓜娃(guava)的API快速熟悉使用
- Web编程学习六:使用Apache olingo将JPA数据库操作转化为RESTful Web Service
- salesforce 零基础学习(五十一)使用 Salesforce.com SOAP API 实现用户登录以及简单的增删改查(JAVA访问salesforce)
- hadoop学习笔记:创建maven项目与使用hdfs的读写API
- Symbian学习笔记(18) - 初探Web Services API 的使用(中)
- Hadoop学习之路(二十八)MapReduce的API使用(五)