CAS Ticket
2016-04-13 17:14
309 查看
1. Ticket==null
//验证账号/密码
1. final Authentication authentication = this.authenticationManager.authenticate(credentials)
//生成Ticket
2. final TicketGrantingTicket ticketGrantingTicket = new TicketGrantingTicketImpl(
this.ticketGrantingTicketUniqueTicketIdGenerator.getNewTicketId(TicketGrantingTicket.PREFIX),
authentication, this.ticketGrantingTicketExpirationPolicy)
String PREFIX = "TGT";
//首先获取Ticket ID
public String getNewTicketId(final String prefix) {
final String number = this.numericGenerator.getNextNumberAsString();
final StringBuilder buffer = new StringBuilder(prefix.length() + 2
+ (this.suffix != null ? this.suffix.length() : 0) + this.randomStringGenerator.getMaxLength()
+ number.length());
buffer.append(prefix);
buffer.append("-");
buffer.append(number);
buffer.append("-");
buffer.append(this.randomStringGenerator.getNewString());
if (this.suffix != null) {
buffer.append(this.suffix);
}
return buffer.toString();
} //授权Ticket
public TicketGrantingTicket grantTicketGrantingTicket(
final String id, final Authentication authentication,
final ExpirationPolicy expirationPolicy) {
synchronized (this) {
if(this.grantedTicketAlready) {
throw new IllegalStateException(
"TicketGrantingTicket already generated for this ServiceTicket. Cannot grant more than one TGT for ServiceTicket");
}
this.grantedTicketAlready = true;
}
return new TicketGrantingTicketImpl(id, (TicketGrantingTicketImpl) this.getGrantingTicket(),
authentication, expirationPolicy);
} //添加this.ticketRegistry.addTicket(ticketGrantingTicket);
public void addTicket(final Ticket ticket) {
Assert.notNull(ticket, "ticket cannot be null");
if (log.isDebugEnabled()) {
log.debug("Added ticket [" + ticket.getId() + "] to registry.");
}
this.cache.put(ticket.getId(), ticket);
}2. Ticket!=null
public String grantServiceTicket(final String ticketGrantingTicketId,final Service service, final Credentials credentials) throws TicketException
final TicketGrantingTicket ticketGrantingTicket;
ticketGrantingTicket = (TicketGrantingTicket) this.ticketRegistry.getTicket(ticketGrantingTicketId, TicketGrantingTicket.class);
3. ServiceTicket
if (StringUtils.hasText(context.getRequestParameters().get("renew")) && ticketGrantingTicketId != null && service != null) {
try {
final String serviceTicketId = this.centralAuthenticationService.grantServiceTicket(ticketGrantingTicketId, service, credentials);
WebUtils.putServiceTicketInRequestScope(context, serviceTicketId);
putWarnCookieIfRequestParameterPresent(context);
return "warn";
} catch (final TicketException e) {
if (e.getCause() != null && AuthenticationException.class.isAssignableFrom(e.getCause().getClass())) {
populateErrorsInstance(e, messageContext);
return "error";
}
this.centralAuthenticationService.destroyTicketGrantingTicket(ticketGrantingTicketId);
if (logger.isDebugEnabled()) {
logger.debug("Attempted to generate a ServiceTicket using renew=true with different credentials", e);
}
}
}
//验证账号/密码
1. final Authentication authentication = this.authenticationManager.authenticate(credentials)
//生成Ticket
2. final TicketGrantingTicket ticketGrantingTicket = new TicketGrantingTicketImpl(
this.ticketGrantingTicketUniqueTicketIdGenerator.getNewTicketId(TicketGrantingTicket.PREFIX),
authentication, this.ticketGrantingTicketExpirationPolicy)
String PREFIX = "TGT";
//首先获取Ticket ID
public String getNewTicketId(final String prefix) {
final String number = this.numericGenerator.getNextNumberAsString();
final StringBuilder buffer = new StringBuilder(prefix.length() + 2
+ (this.suffix != null ? this.suffix.length() : 0) + this.randomStringGenerator.getMaxLength()
+ number.length());
buffer.append(prefix);
buffer.append("-");
buffer.append(number);
buffer.append("-");
buffer.append(this.randomStringGenerator.getNewString());
if (this.suffix != null) {
buffer.append(this.suffix);
}
return buffer.toString();
} //授权Ticket
public TicketGrantingTicket grantTicketGrantingTicket(
final String id, final Authentication authentication,
final ExpirationPolicy expirationPolicy) {
synchronized (this) {
if(this.grantedTicketAlready) {
throw new IllegalStateException(
"TicketGrantingTicket already generated for this ServiceTicket. Cannot grant more than one TGT for ServiceTicket");
}
this.grantedTicketAlready = true;
}
return new TicketGrantingTicketImpl(id, (TicketGrantingTicketImpl) this.getGrantingTicket(),
authentication, expirationPolicy);
} //添加this.ticketRegistry.addTicket(ticketGrantingTicket);
public void addTicket(final Ticket ticket) {
Assert.notNull(ticket, "ticket cannot be null");
if (log.isDebugEnabled()) {
log.debug("Added ticket [" + ticket.getId() + "] to registry.");
}
this.cache.put(ticket.getId(), ticket);
}2. Ticket!=null
public String grantServiceTicket(final String ticketGrantingTicketId,final Service service, final Credentials credentials) throws TicketException
final TicketGrantingTicket ticketGrantingTicket;
ticketGrantingTicket = (TicketGrantingTicket) this.ticketRegistry.getTicket(ticketGrantingTicketId, TicketGrantingTicket.class);
3. ServiceTicket
if (StringUtils.hasText(context.getRequestParameters().get("renew")) && ticketGrantingTicketId != null && service != null) {
try {
final String serviceTicketId = this.centralAuthenticationService.grantServiceTicket(ticketGrantingTicketId, service, credentials);
WebUtils.putServiceTicketInRequestScope(context, serviceTicketId);
putWarnCookieIfRequestParameterPresent(context);
return "warn";
} catch (final TicketException e) {
if (e.getCause() != null && AuthenticationException.class.isAssignableFrom(e.getCause().getClass())) {
populateErrorsInstance(e, messageContext);
return "error";
}
this.centralAuthenticationService.destroyTicketGrantingTicket(ticketGrantingTicketId);
if (logger.isDebugEnabled()) {
logger.debug("Attempted to generate a ServiceTicket using renew=true with different credentials", e);
}
}
}
相关文章推荐
- FAQ系列 | 如何避免ibdata1文件大小暴涨
- hive+python数据分析入门
- 向后引用
- 其实你不知道MultiDex到底有多坑
- iOS 视频播放
- 网格布局的RecyclerView高度随Item自适应
- 【linux】Ubuntu下自己编译安装和卸载软件
- hdu 1166
- CDOJ 1134 男神的约会 状压dp
- 基于spark mllib的LDA模型训练源码解析
- Storm 1.0.0 发布
- MATLAB的基础-虽然基础,但全是细节,掌握了这些细节,才是MATLAB高手
- 找到一个数的质因子
- 程序猿之禅
- Java提取两个文件夹中的有差异的文件并生成相应的shell脚本
- android xml之Drawable 篇 --------shape和selector和layer-list的
- 使用Git提交项目到gitHub上
- mysql in
- java CyclicBarrier
- HTML 元素和有效的 DTD