cas 注册后自动登录

我用的 cas server 4.0.1 cas client 3.3.3
算是版本比较新的了 网上的demo是cas 3.x的 比较老
参考博客 ：http://binghejinjun.iteye.com/blog/1701688

下面说说具体实现步骤：
在cas server端

建立

package io.github.howiefh.cas.web.flow;import java.io.IOException;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import org.jasig.cas.CentralAuthenticationService;//import org.jasig.cas.authentication.principal.UsernamePasswordCredentials;import org.jasig.cas.authentication.UsernamePasswordCredential;import org.jasig.cas.ticket.TicketException;import org.jasig.cas.web.support.CookieRetrievingCookieGenerator;import org.springframework.web.bind.ServletRequestUtils;import org.springframework.web.servlet.ModelAndView;import org.springframework.web.servlet.mvc.AbstractController;import sun.misc.BASE64Decoder;/** *  *  * 功能：注册后自动登录处理类 *  * @ClassName: RegisterAfterLoginController  * @version V1.0   * @date 2016年7月5日  * @author [url=mailto:6637152@qq.com]zqb[/url] */public class RegisterAfterLoginController extends AbstractController{    private CentralAuthenticationService centralAuthenticationService;    private CookieRetrievingCookieGenerator  ticketGrantingTicketCookieGenerator;        /**     *      *      * 功能：获取用户名密码,验证有效性,生成相关票据并绑定注册,添加cookie     *      * @author [url=mailto:engineer03@financegt.com]zqb[/url]     * @date 2016年7月5日      * @param request     * @param response     * @return     * @throws Exception      * @see org.springframework.web.servlet.mvc.AbstractController#handleRequestInternal(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)     */    protected ModelAndView handleRequestInternal(HttpServletRequest request,            HttpServletResponse response) throws Exception    {        ModelAndView signinView=new ModelAndView();        String username=request.getParameter("username");        String password=request.getParameter("password");                try {        username = new String(new BASE64Decoder().decodeBuffer(username));//解密后} catch (IOException e) {e.printStackTrace();}        try {        password = new String(new BASE64Decoder().decodeBuffer(password));} catch (IOException e) {e.printStackTrace();}                System.out.println("解密后的账号:"+username);        System.out.println("解密后的密码:"+password);//        username = EncryptUrlPara.decrypt("username",username);//        password = EncryptUrlPara.decrypt("password",password);        bindTicketGrantingTicket(username, password, request, response);        String viewName=getSignInView(request);        signinView.setViewName(viewName);        return signinView;    }            /**     * Invoke generate validate Tickets and add the TGT to cookie.     * @param loginName     the user login name.     * @param loginPassword the user login password.     * @param request       the HttpServletRequest object.     * @param response      the HttpServletResponse object.     */    /**     *      *      * 功能：具体生成相关票据并绑定注册,添加cookie实现方法     *      * @author [url=mailto:engineer03@financegt.com]zqb[/url]     * @date 2016年7月5日      * @param loginName     * @param loginPassword     * @param request     * @param response     */    protected void bindTicketGrantingTicket(String loginName, String loginPassword, HttpServletRequest request, HttpServletResponse response){        try {            //UsernamePasswordCredentials credentials = new UsernamePasswordCredentials();//4.0之前        UsernamePasswordCredential credentials = new UsernamePasswordCredential();            credentials.setUsername(loginName);            credentials.setPassword(loginPassword);            String ticketGrantingTicket = centralAuthenticationService.createTicketGrantingTicket(credentials);            ticketGrantingTicketCookieGenerator.addCookie(request, response, ticketGrantingTicket);        } catch (TicketException te) {            logger.error("Validate the login name " + loginName + " failure, can't bind the TGT!", te);        } catch (Exception e){            logger.error("bindTicketGrantingTicket has exception.", e);        }    }        /**     * Get the signIn view URL.获取service参数并跳转页面     * @param request the HttpServletRequest object.     * @return redirect URL     */    protected String getSignInView(HttpServletRequest request) {        String service = ServletRequestUtils.getStringParameter(request, "service", "");        return ("redirect:login" + (service.length() > 0 ? "?service=" + service : ""));    }    public CentralAuthenticationService getCentralAuthenticationService()    {        return centralAuthenticationService;    }    public void setCentralAuthenticationService(            CentralAuthenticationService centralAuthenticationService)    {        this.centralAuthenticationService = centralAuthenticationService;    }    public CookieRetrievingCookieGenerator getTicketGrantingTicketCookieGenerator()    {        return ticketGrantingTicketCookieGenerator;    }    public void setTicketGrantingTicketCookieGenerator(            CookieRetrievingCookieGenerator ticketGrantingTicketCookieGenerator)    {        this.ticketGrantingTicketCookieGenerator = ticketGrantingTicketCookieGenerator;    }            }

cas-servlet.xml

      <bean id="registerLoginController" class="io.github.howiefh.cas.web.flow.RegisterAfterLoginController"   p:centralAuthenticationService-ref="centralAuthenticationService"  p:ticketGrantingTicketCookieGenerator-ref="ticketGrantingTicketCookieGenerator"/>

web.xml

  <servlet-mapping>          <servlet-name>cas</servlet-name>          <url-pattern>/registerLogin</url-pattern>       </servlet-mapping>

-------------------------------------------------------------
cas 客户端项目 的配置实现：


在注册成功提示页面直接 访问
window.location.href="https://casserver.com:8443/cas-server/registerLogin?username=${param.usernamestr}&password=${param.passwordstr}&service=http://localhost:9080/casclient/";(这里貌似后面必须加个/不然会提示地址不一致)
记得在 casServerUrlPrefix配置下面加个

 <!-- 去掉ticket重复验证 -->   <init-param>            <param-name>redirectAfterValidation</param-name>            <param-value>true</param-value>         </init-param>    <init-param>

不然会无限次的 进cas server 的 验证
具体可以百度下这个配置的作用


客户端这个传输账号密码做了加密

String username = account.getEmail();String username_ret = null;username_ret = new BASE64Encoder().encode(username.getBytes()); // 加密后String password_ret = null;password_ret = new BASE64Encoder().encode(password_tocas.getBytes()); // 加密后attr.addAttribute("usernamestr", username_ret);attr.addAttribute("passwordstr", password_ret);

用了 sun.misc.BASE64Encoder

这样就搞定了 ！