CAS RESTful API 开发文档

CAS RESTful API 开发文档

2010-06-08 11:34 1051人阅读 评论(0) 收藏 举报

CAS RESTful API 开发文档

 

版本	日期	修改人	描述
1.0.0	2010-06-05	yinchong	创建文档
	2010-06-07	yinchong	增加客户端开发配置

 

目录

1.下载 .... 2

2.      安装 server 2

3.      配置 server 2

3.1.                 添加 cas server依赖的 jar 2

3.2.                 添加数据源 3

3.3.                 配置 MD5加密 bean 3

3.4.                 添加 cas服务的验证 3

3.5.                 取消 https验证 4

3.6.                 中文登录 5

3.7.                 配置 restlet 5

3.8.                 配置 session有效时间 6

4.      客户端开发 /配置 6

4.1.                 下载客户端依赖 jar 6

4.2.                 RESTful示例 6

 

 

1.          下载

server 地址： http://www./cas/download

client 地址： http://www./downloads/cas-clients/

当前最新版本 cas-server-3.4.2 ， cas-client-3.1.10

 

2.       安装 server

l   解压 cas-server-3.4.2 ，将 cas-server-3.4.2/modules/cas-server-webapp-3.4.2.war 拷贝到 tomcat 的 webapps 下。

 

3.       配置 server

3.1.      添加 cas server 依赖的 jar

n   cas-server-3.4.2/modules/cas-server-support-jdbc-3.4.2.jar 、 cas-server-integration-restlet-3.4.2.jar 拷贝到 D:/server/apache-tomcat-6.0.18/webapps/cas/WEB-INF/lib 目录下。

n   数据库驱动 jar 拷贝到 D:/server/apache-tomcat-6.0.18/webapps/cas/WEB-INF/lib 目录下。

n   到 apache 网站下载下面三个 cas server 依赖 jar 包拷贝到

D:/server/apache-tomcat-6.0.18/webapps/cas/WEB-INF/lib 目录下

  http://apache./commons/collections/binaries/commons-collections-3.2.1-bin.zip

  http://apache./commons/dbcp/binaries/commons-dbcp-1.4-bin.zip

  http://apache./commons/pool/binaries/commons-pool-1.5.4-bin.zip

n   下载 restlet 相关 http://www./downloads/ , 解压后将下面 jar 拷贝到 D:/server/apache-tomcat-6.0.18/webapps/cas/WEB-INF/lib: ( 它奶奶地这一步骤很折腾 )

com.noelios.restlet.ext.servlet_2.5.jar com.noelios.restlet.ext.spring_2.5.jar com.noelios.restlet.jar org.restlet.ext.spring_2.5.jar org.restlet.jar

n   下载 CGlib http:///projects/cglib/files/ 拷贝到 D:/server/apache-tomcat-6.0.18/webapps/cas/WEB-INF/lib 。

n   下载 ASM/OW2 http://forge./projects/asm/ 拷贝到 D:/server/apache-tomcat-6.0.18/webapps/cas/WEB-INF/lib 。

 

3.2.      添加数据源

将下面代码复制到 D:/server/apache-tomcat-6.0.18/webapps/cas/WEB-INF/deployerConfigContext.xml 配置文件的 beans 节点里面：

<bean id="casDataSource" class="org.apache.commons.dbcp.BasicDataSource">          <property name="driverClassName">                 <value>com.mysql.jdbc.Driver</value>          </property>          <property name="url">                 <value>jdbc:mysql://192.168.1.22:3306/databaseName?useUnicode=true&useServerPrepStmts=false&characterEncoding=UTF-8&autoReconnect=true</value>          </property>          <property name="username">                 <value>root</value>          </property>          <property name="password">                 <value>root</value>          </property>         </bean>

 

3.3.      配置 MD5 加密 bean

将下面代码复制到 D:/server/apache-tomcat-6.0.18/webapps/cas/WEB-INF/deployerConfigContext.xml 配置文件的 beans 节点里面：

<bean id="passwordEncoder" class="org.jasig.cas.authentication.handler.DefaultPasswordEncoder" autowire="byName">                 <constructor-arg value="MD5"/>            </bean> <!--- 如果不需要密码加密，可以不用添加 --->

 

3.4.      添加 cas 服务的验证

D:/server/apache-tomcat-6.0.18/webapps/cas/WEB-INF/deployerConfigContext.xml 配置文件找到下面代码：

<bean 、 class="org.jasig.cas.authentication.handler.support.SimpleTestUsernamePasswordAuthenticationHandler" />

替换为下面代码：

<bean class="org.jasig.cas.adaptors.jdbc.QueryDatabaseAuthenticationHandler">  <property name="dataSource" ref="casDataSource" />  <property name="sql" value="select password from tblUser where lower(tblUser.userName) = lower(?) " />   <property  name="passwordEncoder"  ref="passwordEncoder"/>    <!--- 如果不需要密码加密，可以将上面一句去掉 ---> </bean>

 

3.5.      取消 https 验证

打开 D:/server/apache-tomcat-6.0.18/webapps/cas/WEB-INF/spring-configuration/ticketGrantingTicketCookieGenerator.xml 配置文件，将 p:cookieSecure="true" 改为 p:cookieSecure="false" ，改完后如下：

<bean id="ticketGrantingTicketCookieGenerator" class="org.jasig.cas.web.support.CookieRetrievingCookieGenerator"         p:cookieSecure="false"         p:cookieMaxAge="-1"         p:cookieName="CASTGC"               p:cookiePath="/cas" />

 

打开 D:/server/apache-tomcat-6.0.18/webapps/cas/WEB-INF/spring-configuration/warnCookieGenerator.xml 配置文件，将 p:cookieSecure="true" 改为 p:cookieSecure="false" ，改完后如下：

<bean id="ticketGrantingTicketCookieGenerator" class="org.jasig.cas.web.support.CookieRetrievingCookieGenerator"         p:cookieSecure="false"         p:cookieMaxAge="-1"         p:cookieName="CASTGC"               p:cookiePath="/cas" />

 

打开 D:/server/apache-tomcat-6.0.18/webapps/cas/WEB-INF/deployerConfigContext.xml 配置文件，找到 HttpBasedServiceCredentialsAuthenticationHandler 增加 p:requireSecure="false" ，改完后如下：

<bean class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler"                                    p:httpClient-ref="httpClient" p:requireSecure="false"/>

 

3.6.      中文登录

打开 D:/server/apache-tomcat-6.0.18/webapps/cas/WEB-INF/web.xml ，增加下面蓝色部分代码：

<context-param>         <param-name>contextConfigLocation</param-name>         <param-value>                /WEB-INF/spring-configuration/*.xml                /WEB-INF/deployerConfigContext.xml         </param-value> </context-param>       <filter>         <filter-name>encoding-filter</filter-name>         <filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>         <init-param>             <param-name>encoding</param-name>             <param-value>UTF-8</param-value>         </init-param>     </filter>       <filter-mapping>         <filter-name>encoding-filter</filter-name>         <url-pattern>/*</url-pattern>     </filter-mapping>

 

这个时候启动 tomcat ， cas 可以和你配置的数据库进行交互。

http://localhost:8080/cas 输入配置数据库中的 tblUser 表中的用户名密码即可以登录。

3.7.      配置 restlet

      打开 D:/server/apache-tomcat-6.0.18/webapps/cas/WEB-INF/web.xml 文件，添加下面 servlet ：

<servlet> <servlet-name>restlet</servlet-name> <servlet-class>com.noelios.restlet.ext.spring.RestletFrameworkServlet</servlet-class> <load-on-startup>1</load-on-startup> </servlet>   <servlet-mapping> <servlet-name>restlet</servlet-name> <url-pattern>/v1/*</url-pattern> </servlet-mapping>

           参考： http://jasig.275507.n4./Setting-up-the-RESTlet-servlet-on-CAS-3-3-5-td2068602.html

3.8.      配置 session 有效时间

      打开配置文件 D:/server/apache-tomcat-6.0.18/webapps/cas/WEB-INF/spring-configuration/ticketExpirationPolicies.xml ，配置文件很简单，分别是修改 serviceTicket 和 grantingTicket ，打开一看就知道怎么改了。

4.       客户端开发 / 配置

RESTful  API 作用应该是 service to service 的验证，我的理解。

使用 RESTful API 开发非常简单，也不需要配置什么 xml 文件，只需要写 code 就可以了。

4.1.      下载客户端依赖 jar

http://commons./codec/download_codec.cgi

http://hc./downloads.cgi

4.2.      RESTful 示例

参考最下面 java 示例： https://wiki./display/CASUM/RESTful+API

根据官方例子修改后如下 :

/**   * Created by IntelliJ IDEA.   * User: yinchong   * Date: 2010-6-7   * Time: 14:16:14   * To change this template use File | Settings | File Templates.   * <BR>SSO 验证实现类   */ public final class SSO {     private static final Logger LOG = Logger.getLogger(SSODaoImpl.class.getName());     /**      * http 请求状态码 201      */     private static final int HTTP_STATUS_CODE_201 = 201;     /**      * http 请求状态码 200      */     private static final int HTTP_STATUS_CODE_200 = 200;       /**      * 获取 Service ticket      *      * @param server               cas 服务 url      * @param ticketGrantingTicket ticket granting ticket      * @param service              被验证的服务 url      * @return service ticket      */     public String getServiceTicket(final String server, final String ticketGrantingTicket, final String service) {           notNull(server, "server must not be null");         notNull(ticketGrantingTicket, "ticketGrantingTicket must not be null");         notNull(service, "service must not be null");           final HttpClient client = new HttpClient();         final PostMethod post = new PostMethod(server + "/" + ticketGrantingTicket);           post.setRequestBody(new NameValuePair[]{new NameValuePair("service", service)});           try {             client.executeMethod(post);               final String response = post.getResponseBodyAsString();               switch (post.getStatusCode()) {                 case HTTP_STATUS_CODE_200:                      return response;                   default:                     LOG.warning("Invalid response code (" + post.getStatusCode() + ") from CAS server!");                     LOG.info("Response (1k): " + response.substring(0, Math.min(1024, response.length())));                     break;             }         } catch (final IOException e) {             LOG.warning("getServiceTicket" + e);         } finally {             post.releaseConnection();         }           return null;     }       /**      * 获取 ticket granting ticket      *      * @param server   cas 服务 url      * @param username 验证的用户名      * @param password 验证的用户密码      * @return ticket granting ticket      */     public String getTicketGrantingTicket(final String server, final String username, final String password) {         notNull(server, "server must not be null");         notNull(username, "username must not be null");         notNull(password, "password must not be null");           final HttpClient client = new HttpClient();           final PostMethod post = new PostMethod(server);           post.setRequestBody(new NameValuePair[]{                 new NameValuePair("username", username),                 new NameValuePair("password", password)});           try {             client.executeMethod(post);               final String response = post.getResponseBodyAsString();               switch (post.getStatusCode()) {                 case HTTP_STATUS_CODE_201: {                     final Matcher matcher = Pattern.compile(".*action=/".*/(.*?)/".*").matcher(response);                       if (matcher.matches()) {                         return matcher.group(1);                     }                     LOG.warning("Successful ticket granting request, but no ticket found!");                     LOG.info("Response (1k): " + response.substring(0, Math.min(1024, response.length())));                     break;                 }                   default:                     LOG.warning("Invalid response code (" + post.getStatusCode() + ") from CAS server!");                      LOG.info("Response (1k): " + response.substring(0, Math.min(1024, response.length())));                     break;             }         } catch (final IOException e) {             LOG.warning("getTicketGrantingTicket:" + e);         } finally {             post.releaseConnection();         }         return null;     }       /**      * 删除 cas 服务中制定 ticket granting ticket, 也就是 logout.      *      * @param server cas 服务 url      * @param ticket ticket granting ticket      */     public void deleteTicket(String server, String ticket) {         notNull(server, "server must not be null");         notNull(ticket, "username must not be null");           final HttpClient client = new HttpClient();         final DeleteMethod delete = new DeleteMethod(server + "/" + ticket);           try {             client.executeMethod(delete);               final String response = delete.getResponseBodyAsString();               switch (delete.getStatusCode()) {                 case HTTP_STATUS_CODE_200:                     LOG.info("Successful delete ticket granting  ticket.");                     break;                 default:                     LOG.warning("Invalid response code (" + delete.getStatusCode() + ") from CAS server!");                     LOG.info("Response (1k): " + response.substring(0, Math.min(1024, response.length())));                     break;             }         } catch (final IOException e) {             LOG.info("deleteTicket:" + e);         } finally {             delete.releaseConnection();          }     }       /**      * 参数验证方法，保证参数不为 null      *      * @param object  需要验证的参数      * @param message 验证的异常信息      */     private static void notNull(final Object object, final String message) {         if (object == null) {             throw new IllegalArgumentException(message);         }     } }