cas-单点登录逻辑模拟学习

Cas-单点登录学习记录

 

实现逻辑：

进入首页index.jsp，通过过滤器filter进行拦截，补充操作。

进入filter，判断request中是否包含指定需要的值t。

 

如存在，使用httpclient发送get请求，请求地址返回一个八位随机数ticket，将t，ticket写入cookie中，结束过滤，执行页面请求。

如不存在，判断cookies中是否包含指定需要的值t。

 

如存在，使用httpclient发送get请求，请求地址返回一个八位随机数ticket，将t，ticket写入cookie中，结束过滤，执行页面请求。

如不存在，将index.jsp的URL作为参数，带值重定向到对象创建，创建对象，生成t值，取得传入的参数，加入生成的t值重定向到index.jsp页面，执行过滤。

 

进入上面逻辑中，直到过滤完成。

实现过程：

创建类LoginFilter继承HttpServlet同时实现Filter。

在doFilter方法中实现逻辑：

import java.io.IOException;import javax.servlet.Filter;import javax.servlet.FilterChain;import javax.servlet.FilterConfig;import javax.servlet.ServletException;import javax.servlet.ServletRequest;import javax.servlet.ServletResponse;import javax.servlet.http.Cookie;import javax.servlet.http.HttpServlet;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import org.apache.http.HttpResponse;import org.apache.http.client.HttpClient;import org.apache.http.client.methods.HttpGet;import org.apache.http.impl.client.HttpClients;/** *  * 模拟单点登录过滤 * @author Chenjunxu * @date 2016/11/14 * */public class LoginFilter extends HttpServlet implements Filter {/** *  */private static final long serialVersionUID = 3281360506578676969L;//validate方法路径，validate方法实现八位随机数的生成并返回private static final String VALIDATE_URL = "http://localhost:8080/platform/system/ticket/validate/";//login方法路径，login方法实现对象生成（生成t），重定向到传入的路径private static final String LOGIN_URL = "http://localhost:8080/platform/system/ticket/login";//首页路径private static final String INDEX_URL = "http://localhost:8080/client/index.jsp";@Overridepublic void destroy() {}@Overridepublic void doFilter(ServletRequest servletRequest, ServletResponse servletResponse,FilterChain filterChain) throws IOException, ServletException {HttpServletRequest request = (HttpServletRequest) servletRequest;HttpServletResponse response = (HttpServletResponse) servletResponse;//创建一个httpclientHttpClient httpClient = HttpClients.custom().build();String tRequest = request.getParameter("t");    //通过request取得t值String tCookies = GetReturn.getCookie(request, "t");    //通过cookies取得t值System.out.println("获取的tCookies  :  " + tCookies);//如果request中包含t值if(tRequest != null){System.out.println("tRequest:" + tRequest);//创建get请求，请求路径为validate方法路径，传入t值HttpGet httpGet = new HttpGet(VALIDATE_URL + tRequest);HttpResponse httpResponse = null;httpResponse = httpClient.execute(httpGet);   //发送get请求，同时将响应结果存入HttpResponse//通过HttpResponse取得ticket的值String ticket = GetReturn.getValue(httpResponse);System.out.println("通过response获取ticket值：" + ticket);        //将t，ticket写入cookie中        Cookie cookie1 = new Cookie("ticket", ticket);        Cookie cookie2 = new Cookie("t", tRequest);        response.addCookie(cookie1);        response.addCookie(cookie2);        //结束此过滤，执行下一个过滤或进入页面请求        filterChain.doFilter(request, response);        }else{//如果cookie中包含tif(tCookies != null){System.out.println("cookies有T");HttpGet httpGet = new HttpGet(VALIDATE_URL + tCookies);HttpResponse httpResponse = null;httpResponse = httpClient.execute(httpGet);String ticket = GetReturn.getValue(httpResponse);System.out.println(ticket);                Cookie cookie1 = new Cookie("ticket", ticket);        Cookie cookie2 = new Cookie("t", tRequest);        response.addCookie(cookie1);        response.addCookie(cookie2);        filterChain.doFilter(request, response);}else{//重定向到login方法，并传入指定参数response.sendRedirect(LOGIN_URL + "?service=" + INDEX_URL);}}}@Overridepublic void init(FilterConfig arg0) throws ServletException {System.out.println("=======   loginFilter Start   =======");}}

其中的login和validate方法为业务方法，所做业务已在路径注释中写明，不再贴代码

编写取值类GetReturn，实现完成两个方法，一个用于取得httpclient发送get请求后的返回值，一个用于获取cookie中t的值

import javax.servlet.http.HttpServletRequest;import org.apache.http.HttpEntity;import org.apache.http.HttpResponse;import org.apache.http.util.EntityUtils;public class GetReturn {public static String getValue(HttpResponse response) {String content = "";try {HttpEntity entity = response.getEntity();            content = EntityUtils.toString(entity);            System.out.println("content  :  " + content);} catch (Exception e) {e.printStackTrace();}return content;}public static String getCookie(HttpServletRequest request, String name){javax.servlet.http.Cookie[] cookies = request.getCookies();if(cookies != null){for(javax.servlet.http.Cookie cookie : cookies){if("t".equals(cookie.getName())){return cookie.getValue();}}}return null;    }}

最后在web.xml中配置过滤器

  <filter>  <display-name>LoginFilter</display-name>  <filter-name>LoginFilter</filter-name>  <filter-class>包名.LoginFilter</filter-class>  </filter>  <filter-mapping>  <filter-name>LoginFilter</filter-name>  <url-pattern>/*</url-pattern>  </filter-mapping>

这样就基本实现了cas-单点登录的逻辑。