Automatic login after cas registration

The cas server 4.0.1 I use and the cas client 3.3.3
are relatively new versions. The online demo is the older version of cas 3.x.
Reference blog: http://binghejinjun.iteye.com/blog/1701688

Let’s talk about the specifics Implementation steps: build
on the cas server side

package io.github.howiefh.cas.web.flow;

import java.io.IOException;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.jasig.cas.CentralAuthenticationService;
//import org.jasig.cas.authentication.principal.UsernamePasswordCredentials;
import org.jasig.cas.authentication.UsernamePasswordCredential;
import org.jasig.cas.ticket.TicketException;
import org.jasig.cas.web.support.CookieRetrievingCookieGenerator;
import org.springframework.web.bind.ServletRequestUtils;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.mvc.AbstractController;

import sun.misc.BASE64Decoder;

/**
 *
 *
 * Function: automatic login processing class after registration
 *
 * @ClassName: RegisterAfterLoginController
 * @version V1.0  
 * @date July 5, 2016
 * @author [url=mailto:[email protected]]zqb[/url]
 */
public class RegisterAfterLoginController extends AbstractController
{

    private CentralAuthenticationService centralAuthenticationService;
    private CookieRetrievingCookieGenerator  ticketGrantingTicketCookieGenerator;
    
    /**
     *
     *
     * Function: Obtain username and password, verify validity, generate relevant tickets and bind registration, add cookies
     *
     * @author [url=mailto:[email protected]]zqb[/url]
     * @date July 5, 2016
     * @param request
     * @param response
     * @return
     * @throws Exception
     * @see org.springframework.web.servlet.mvc.AbstractController#handleRequestInternal(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
     */
    protected ModelAndView handleRequestInternal(HttpServletRequest request,
            HttpServletResponse response) throws Exception
    {
        ModelAndView signinView=new ModelAndView();
        String username=request.getParameter("username");
        String password=request.getParameter("password");
        
        try {
        	username = new String(new BASE64Decoder().decodeBuffer(username));	//解密后
		} catch (IOException e) {
			e.printStackTrace ();
		}
        try {
        	password = new String(new BASE64Decoder().decodeBuffer(password));
		} catch (IOException e) {
			e.printStackTrace ();
		}
        
        System.out.println("Decrypted account: "+username);
        System.out.println("Decrypted password: "+password);
//        username = EncryptUrlPara.decrypt("username",username);
//        password = EncryptUrlPara.decrypt("password",password);

        bindTicketGrantingTicket(username, password, request, response);
        String viewName=getSignInView(request);
        signinView.setViewName(viewName);
        return signinView;
    }
    
    
    /**
     * Invoke generate validate Tickets and add the TGT to cookie.
     * @param loginName     the user login name.
     * @param loginPassword the user login password.
     * @param request       the HttpServletRequest object.
     * @param response      the HttpServletResponse object.
     */
    /**
     *
     *
     * Function: Generate relevant tickets and bind registration, add cookie implementation method
     *
     * @author [url=mailto:[email protected]]zqb[/url]
     * @date July 5, 2016
     * @param loginName
     * @param loginPassword
     * @param request
     * @param response
     */
    protected void bindTicketGrantingTicket(String loginName, String loginPassword, HttpServletRequest request, HttpServletResponse response){
        try {
            //UsernamePasswordCredentials credentials = new UsernamePasswordCredentials();	//4.0之前
        	UsernamePasswordCredential credentials = new UsernamePasswordCredential();
            credentials.setUsername(loginName);
            credentials.setPassword(loginPassword);
            String ticketGrantingTicket = centralAuthenticationService.createTicketGrantingTicket(credentials);
            ticketGrantingTicketCookieGenerator.addCookie(request, response, ticketGrantingTicket);
        } catch (TicketException te) {
            logger.error("Validate the login name " + loginName + " failure, can't bind the TGT!", te);
        } catch (Exception e){
            logger.error("bindTicketGrantingTicket has exception.", e);
        }
    }
    
    /**
     * Get the signIn view URL. Get the service parameter and jump to the page
     * @param request the HttpServletRequest object.
     * @return redirect URL
     */
    protected String getSignInView(HttpServletRequest request) {
        String service = ServletRequestUtils.getStringParameter(request, "service", "");
        return ("redirect:login" + (service.length() > 0 ? "?service=" + service : ""));
    }


    public CentralAuthenticationService getCentralAuthenticationService()
    {
        return centralAuthenticationService;
    }


    public void setCentralAuthenticationService(
            CentralAuthenticationService centralAuthenticationService)
    {
        this.centralAuthenticationService = centralAuthenticationService;
    }


    public CookieRetrievingCookieGenerator getTicketGrantingTicketCookieGenerator()
    {
        return ticketGrantingTicketCookieGenerator;
    }


    public void setTicketGrantingTicketCookieGenerator(
            CookieRetrievingCookieGenerator ticketGrantingTicketCookieGenerator)
    {
        this.ticketGrantingTicketCookieGenerator = ticketGrantingTicketCookieGenerator;
    }


    
    
    
}

cas-servlet.xml

      <bean id="registerLoginController" class="io.github.howiefh.cas.web.flow.RegisterAfterLoginController"
  p:centralAuthenticationService-ref="centralAuthenticationService"
  p:ticketGrantingTicketCookieGenerator-ref="ticketGrantingTicketCookieGenerator"/>

web.xml

  <servlet-mapping>
          <servlet-name>cas</servlet-name>
          <url-pattern>/registerLogin</url-pattern>
       </servlet-mapping>

-------------------------------------------------- -----------
Configuration implementation of cas client project : directly access window.location.href="https://casserver.com:8443/cas-server/registerLogin?username


on the successful registration prompt page
=${param.usernamestr}&password=${param.passwordstr}&service=http://localhost:9080/casclient/"; (It seems that you must add a / or it will prompt an inconsistent address)
Remember to add one below the casServerUrlPrefix configuration

<!-- Remove ticket duplicate verification-->
   <init-param>  
          <param-name>redirectAfterValidation</param-name>  
          <param-value>true</param-value>  
       </init-param>  
  <init-param>

Otherwise, it will enter the cas server for verification indefinitely.
Specifically , you can use this configuration under Baidu. The


client's transmission account password is encrypted.

String username = account.getEmail();
				
				String username_ret = null;
				username_ret = new BASE64Encoder().encode(username.getBytes()); // 加密后

				String password_ret = null;
				password_ret = new BASE64Encoder().encode(password_tocas.getBytes()); // after encryption

				attr.addAttribute("usernamestr", username_ret);
				attr.addAttribute("passwordstr", password_ret);

Use sun.misc.BASE64Encoder

and you're done!