example:
Response form:
Main logic:
访问此地址:http:// { cas }/cas/login?service=http://localhost/Demo
认证通过后:http://localhost/Demo?ticket=ST-9-C6sjiJ4xqn0ydAsWSXBt-{ cas }
后端访问地址为:http://{ cas }/cas/serviceValidate?ticket={ ticket }&service={ service }
校验通过:重定向登录操作
achieve:
package com.company.xxx.servlet;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.net.HttpURLConnection;
import java.net.MalformedURLException;
import java.net.ProtocolException;
import java.net.URL;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import com.xxx.FUser;
import com.xxx.FUserFilterAdmin;
import com.xxx.Context;
import com.xxx.SystemContextUtil;
public class HEBOAServlet extends HttpServlet {
private static final long serialVersionUID = 1L;
public static String exitUrl = "";
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
req.setCharacterEncoding("utf-8");
resp.setContentType("text/json;charset=utf-8");
//
String requestURL = req.getRequestURL().toString();
String[] split = requestURL.split("\\?");
String service = split[0];
String requestURI = req.getRequestURI();
String exitAddress = requestURL.replace(requestURI, "");
// TODO 获取 TICKET
String ticket = req.getParameter("ticket");
if (null == ticket) {
resp.sendRedirect(exitAddress);
return;
}
String strURL = "http://cas.xxx.edu.cn/cas/serviceValidate?ticket=" + ticket + "&service=" + service;
// TODO 发送请求
HttpURLConnection httpConn = null;
BufferedReader reader = null;
String xmlStr = "";
try {
URL url = new URL(strURL);
httpConn = (HttpURLConnection) url.openConnection();
httpConn.setRequestMethod("GET");
httpConn.connect();
reader = new BufferedReader(new InputStreamReader(httpConn.getInputStream()));
String line;
StringBuffer buffer = new StringBuffer();
while ((line = reader.readLine()) != null) {
buffer.append(line);
}
xmlStr = new String(buffer.toString().getBytes("gbk"), "utf-8");
} catch (ProtocolException e) {
e.printStackTrace();
} catch (MalformedURLException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
} finally {
try {
if (null != reader) {
reader.close();
}
if (null != httpConn) {
httpConn.disconnect();
}
} catch (Exception e) {
}
}
// TODO 截取XML信息
if (!xmlStr.equals("")) {
Map<String, String> map = getUserFromXmlStr(xmlStr);
String responseStr = map.get("tip");
if (map.get("code").equals("false")) {
// resp.getWriter().print(responseStr);
resp.sendRedirect(exitAddress);
} else {
// TODO 用户是否存在
boolean isHave = isHaveUser(responseStr);
String address = requestURL.replace(requestURI, "//login,oa,dontCareThisValue," + responseStr);
String URL = "http://cas.xxx.edu.cn/cas/logout?service=" + address;
if (isHave) {
exitUrl = "http://cas.xxx.edu.cn/cas/logout?service=" + exitAddress;
resp.sendRedirect(address);
} else {
resp.sendRedirect(URL);
}
}
}
}
/**
* 是否存在当前用户且未停用
*
* @param responseStr
* @return
*/
private boolean isHaveUser(String responseStr) {
boolean isHave = false;
Context context = SystemContextUtil.getContext();
List<FUser> list = context.getList(FUser.class, new FUserFilterAdmin());
if (null != list && list.size() > 0) {
for (FUser fUser : list) {
if (fUser.getName().equals(responseStr) && !fUser.isLocked()) {
isHave = true;
break;
}
}
}
return isHave;
}
/**
* XML 解析
*
* @param xmlStr
* @return
*/
private Map<String, String> getUserFromXmlStr(String xmlStr) {
Map<String, String> map = new HashMap<String, String>();
int start = 0;
int end = 0;
String failTicket = "<cas:authenticationFailure code='INVALID_TICKET'>";
int failTicketLength = failTicket.length();
String failService = "<cas:authenticationFailure code='INVALID_SERVICE'>";
int failServiceLength = failService.length();
String failEnd = "</cas:authenticationFailure>";
//
String successStart = "<cas:user>";
int successLength = successStart.length();
String successEnd = "</cas:user>";
//
if (xmlStr.contains(failTicket)) {
start = xmlStr.indexOf(failTicket);
end = xmlStr.indexOf(failEnd);
xmlStr = xmlStr.substring(start + failTicketLength, end);
map.put("code", "false");
map.put("tip", xmlStr);
} else if (xmlStr.contains(failService)) {
start = xmlStr.indexOf(failService);
end = xmlStr.indexOf(failEnd);
xmlStr = xmlStr.substring(start + failServiceLength, end);
map.put("code", "false");
map.put("tip", xmlStr);
} else if (xmlStr.contains(successEnd)) {
start = xmlStr.indexOf(successStart);
end = xmlStr.indexOf(successEnd);
xmlStr = xmlStr.substring(start + successLength, end);
map.put("code", "true");
map.put("tip", xmlStr);
} else {
map.put("code", "false");
map.put("tip", "Service not allowed to validate tickets! 或者 解析XML失败!");
}
return map;
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doGet(req, resp);
}
}
Implementation problems:
java.net.UnknownHostException: cas.xxx.edu.cn
Error log:
java.net.UnknownHostException: cas.xxx.edu.cn
at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:178)
at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)
at java.net.Socket.connect(Socket.java:579)
at java.net.Socket.connect(Socket.java:528)
at sun.net.NetworkClient.doConnect(NetworkClient.java:180)
at sun.net.www.http.HttpClient.openServer(HttpClient.java:432)
at sun.net.www.http.HttpClient.openServer(HttpClient.java:527)
at sun.net.www.http.HttpClient.<init>(HttpClient.java:211)
at sun.net.www.http.HttpClient.New(HttpClient.java:308)
at sun.net.www.http.HttpClient.New(HttpClient.java:326)
at sun.net.www.protocol.http.HttpURLConnection.getNewHttpClient(HttpURLConnection.java:997)
at sun.net.www.protocol.http.HttpURLConnection.plainConnect(HttpURLConnection.java:933)
at sun.net.www.protocol.http.HttpURLConnection.connect(HttpURLConnection.java:851)
at com.jiuqi.pms.common.cashrbeu.servlet.HEBOAServlet.doGet(HEBOAServlet.java:53)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:735)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:848)
at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:684)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1496)
at com.jiuqi.dna.core.impl.ServletValidateFilter.doFilter(ServletValidateFilter.java:58)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1467)
at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:501)
at com.company.dna.core.jetty.JettyServer$2.doHandle(JettyServer.java:401)
at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:229)
at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1086)
at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:429)
at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193)
at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1020)
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135)
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116)
at org.eclipse.jetty.server.Server.handle(Server.java:366)
at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:494)
at org.eclipse.jetty.server.AbstractHttpConnection.headerComplete(AbstractHttpConnection.java:971)
at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.headerComplete(AbstractHttpConnection.java:1033)
at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:644)
at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:235)
at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82)
at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:696)
at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:53)
at com.company.dna.core.jetty.HttpWorkForJetty.doWork(HttpWorkForJetty.java:21)
at com.company.dna.core.spi.work.WorkingThread.run(WorkingThread.java:44)
Solution:
添加 cas.xxx.edu.cn 映射关系 xxx.xxx.xxx.xx cas.xxx.edu.cn
java.net.UnknownHostException exception handling
java.net.UnknownHostException exception handling