CAS 整合/v1/tickets/{TGT id} 与/serviceValidate ,生成ST时直接验证其合法性。
2016-04-06 15:51
501 查看
CAS 整合/v1/tickets/{TGT id} 与/serviceValidate ,生成ST时直接验证其合法性。
其目的是模拟客户端(C/S结构)调用服务器去验证TGT的合法性,省略调用/serviceValidate。
修改如下:
TicketGrantingTicketResource.java
成功后直接返回( true / false )
其目的是模拟客户端(C/S结构)调用服务器去验证TGT的合法性,省略调用/serviceValidate。
修改如下:
TicketGrantingTicketResource.java
成功后直接返回( true / false )
/* * Licensed to Jasig under one or more contributor license * agreements. See the NOTICE file distributed with this work * for additional information regarding copyright ownership. * Jasig licenses this file to you under the Apache License, * Version 2.0 (the "License"); you may not use this file * except in compliance with the License. You may obtain a * copy of the License at the following location: * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, * software distributed under the License is distributed on an * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY * KIND, either express or implied. See the License for the * specific language governing permissions and limitations * under the License. */ package org.jasig.cas.integration.restlet; import javax.validation.constraints.NotNull; import org.jasig.cas.CentralAuthenticationService; import org.jasig.cas.authentication.principal.SimpleWebApplicationServiceImpl; import org.jasig.cas.ticket.InvalidTicketException; import org.jasig.cas.validation.Assertion; import org.jasig.cas.validation.Cas20ProtocolValidationSpecification; import org.jasig.cas.validation.ValidationSpecification; import org.jasig.cas.web.support.ArgumentExtractor; import org.restlet.Context; import org.restlet.Request; import org.restlet.Response; import org.restlet.data.Form; import org.restlet.data.MediaType; import org.restlet.data.Status; import org.restlet.representation.Representation; import org.restlet.representation.Variant; import org.restlet.resource.Delete; import org.restlet.resource.Post; import org.restlet.resource.ServerResource; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; /** * Implementation of a Restlet resource for creating Service Tickets from a * TicketGrantingTicket, as well as deleting a TicketGrantingTicket. * * @author Scott Battaglia * @since 3.3 * */ public final class TicketGrantingTicketResource extends ServerResource { private static final Logger LOGGER = LoggerFactory.getLogger(TicketGrantingTicketResource.class); @Autowired private CentralAuthenticationService centralAuthenticationService; /** Extracts parameters from Request object. */ @NotNull private ArgumentExtractor argumentExtractor; @NotNull private Class<?> validationSpecificationClass = Cas20ProtocolValidationSpecification.class; private String ticketGrantingTicketId; public void init(final Context context, final Request request, final Response response) { super.init(context, request, response); this.ticketGrantingTicketId = (String) request.getAttributes().get("ticketGrantingTicketId"); this.setNegotiated(false); this.getVariants().add(new Variant(MediaType.APPLICATION_WWW_FORM)); } @Delete public void removeRepresentations() { this.centralAuthenticationService.destroyTicketGrantingTicket(this.ticketGrantingTicketId); getResponse().setStatus(Status.SUCCESS_OK); } @Post public void acceptRepresentation(final Representation entity) { final Form form = new Form(entity); final String serviceUrl = form.getFirstValue("service"); try { final String serviceTicketId = this.centralAuthenticationService.grantServiceTicket( this.ticketGrantingTicketId, new SimpleWebApplicationServiceImpl(serviceUrl)); //Modify by lumz for validate Service Tickets 2016年4月6日15:09:41 String resultReturn = "false"; if (new SimpleWebApplicationServiceImpl(serviceUrl) == null || serviceTicketId == null) { LOGGER.debug("Could not identify service and/or service ticket. Service: {}, Service ticket id: {}", new SimpleWebApplicationServiceImpl(serviceUrl), serviceTicketId); return; } final Assertion assertion = centralAuthenticationService.validateServiceTicket(serviceTicketId, new SimpleWebApplicationServiceImpl(serviceUrl)); final ValidationSpecification validationSpecification = this.getCommandClass(); if (validationSpecification.isSatisfiedBy(assertion)) { resultReturn = "ture"; }else{ resultReturn = "false"; } getResponse().setEntity(resultReturn, MediaType.TEXT_PLAIN); // getResponse().setEntity(serviceTicketId, MediaType.TEXT_PLAIN); } catch (final InvalidTicketException e) { getResponse().setStatus(Status.CLIENT_ERROR_NOT_FOUND, "TicketGrantingTicket could not be found."); } catch (final Exception e) { LOGGER.error(e.getMessage(), e); getResponse().setStatus(Status.CLIENT_ERROR_BAD_REQUEST, e.getMessage()); } } private ValidationSpecification getCommandClass() { try { return (ValidationSpecification) this.validationSpecificationClass.newInstance(); } catch (final Exception e) { throw new RuntimeException(e); } } }
相关文章推荐
- ionic布局模式
- 常用SQL语句集合
- Linux System Errors code
- Java&Android学习工具网址
- 【数据结构】Singly-Linked-List 单链表(更新时间:2016-04-07)
- [Asp.net]常见数据导入Excel,Excel数据导入数据库解决方案
- C# 创建、安装和卸载Windows服务程序
- BZOJ 2588: Spoj 10628. Count on a tree 主席树+lca
- nlpir分词器过期处理
- git 修改东西之后提交命令
- 学习进度(5)
- 开始写博客,然后坚持下去
- Log4J基础详解及示例大全
- [Leetcode] Single Number III
- Happy Number
- springMVC+freemarker中Could not resolve view with name... 问题解决
- vector中的元素删除
- 扣丁学堂笔记第23天Camera、音频录制与Vitamio框架
- 计算几何:线段相交(迷宫寻宝)
- epoll在ET和LT模式下读写