版本
cas-server-3.5.0
cas-client-3.2.1
研究cas的相关搜索关键字
cas ticket
cas login-webflow.xml
在退出地址列表中url后带上/
<bean class="org.springframework.beans.factory.config.MethodInvokingFactoryBean" lazy-init="false"> <property name="staticMethod" value="cn.ql.sso.auth.SignoutServers.setServers" /> <property name="arguments"> <list> <value>http://192.168.2.3:8080/Plat/</value> <value>http://192.168.2.3:8080/base/</value> <value>http://192.168.2.5:8080/Plat/</value> <value>http://192.168.2.5:8080/base/</value> </list> </property> </bean>
其他说明:
org.jasig.cas.web.LogoutController.java
扫描二维码关注公众号,回复:
695574 查看本文章
protected ModelAndView handleRequestInternal( final HttpServletRequest request, final HttpServletResponse response) throws Exception { final String ticketGrantingTicketId = this.ticketGrantingTicketCookieGenerator.retrieveCookieValue(request); final String service = request.getParameter("service"); if (ticketGrantingTicketId != null) { this.centralAuthenticationService .destroyTicketGrantingTicket(ticketGrantingTicketId); this.ticketGrantingTicketCookieGenerator.removeCookie(response); this.warnCookieGenerator.removeCookie(response); } if (this.followServiceRedirects && service != null) { return new ModelAndView(new RedirectView(service)); } return new ModelAndView(this.logoutView); }
sso发退出请求
org.jasig.cas.util.HttpClient.java
private Boolean call(String server) { HttpURLConnection connection = null; BufferedReader in = null; try { if (log.isDebugEnabled()) { log.debug("Attempting to access " + server); } final URL logoutUrl = new URL(server); final String output = "logoutRequest=" + URLEncoder.encode(message, "UTF-8"); connection = (HttpURLConnection) logoutUrl.openConnection(); connection.setDoInput(true); connection.setDoOutput(true); connection.setRequestMethod("POST"); connection.setReadTimeout(readTimeout); connection.setConnectTimeout(connectionTimeout); connection.setRequestProperty("Content-Length", Integer.toString(output.getBytes().length)); connection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded"); final DataOutputStream printout = new DataOutputStream(connection.getOutputStream()); printout.writeBytes(output); printout.flush(); printout.close(); in = new BufferedReader(new InputStreamReader(connection.getInputStream())); while (in.readLine() != null) { // nothing to do } if (log.isDebugEnabled()) { log.debug("Finished sending message to" + url); } return true; } catch (final SocketTimeoutException e) { log.warn("Socket Timeout Detected while attempting to send message to [" + url + "]."); return false; } catch (final Exception e) { log.warn("Error Sending message to url endpoint [" + url + "]. Error is [" + e.getMessage() + "]"); return false; } finally { if (in != null) { try { in.close(); } catch (final IOException e) { // can't do anything } } if (connection != null) { connection.disconnect(); } } }
客户端,接收退出请求
org.jasig.cas.client.session.SingleSignOutFilter
public void doFilter(final ServletRequest servletRequest, final ServletResponse servletResponse, final FilterChain filterChain) throws IOException, ServletException { final HttpServletRequest request = (HttpServletRequest) servletRequest; if (handler.isTokenRequest(request)) { handler.recordSession(request); } else if (handler.isLogoutRequest(request)) { handler.destroySession(request); // Do not continue up filter chain return; } else { log.trace("Ignoring URI " + request.getRequestURI()); } filterChain.doFilter(servletRequest, servletResponse); }
参考: