CAS配置（一）-集成RESTFul

CAS单点登录服务器很多时候都是被B/S的应用使用，那么对已有些系统是CS的那么怎么去调用呢，这个时候就需要使用webservice来给CS的系统调用了，我们先来说说先决条件吧：

1）集成需要的jar包，这个是必不可少的

com.noelios.restlet.ext.servlet-1.1.1.jar

com.noelios.restlet.ext.spring-1.1.1.jar

com.noelios.restlet-1.1.1.jar

org.restlet.ext.spring-1.1.1.jar

org.restlet-1.1.1.jar

cglib-2.2.jar

cas-server-integration-restlet-3.4.7.jar

2)配置，在web.xml中增加一个servlet配置

<servlet>

<servlet-name>restlet</servlet-name>
<servlet-class>com.noelios.restlet.ext.spring.RestletFrameworkServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
?
<servlet-mapping>
<servlet-name>restlet</servlet-name>
<url-pattern>/v1/*</url-pattern>
</servlet-mapping>

那么我们的CS客户端怎么去处理呢，以及怎么去拿到用户数据呢？需要有三次交互才能取得用户数据

1)CS客户端提供用户名和密码，请求http://localhost:8080/TFP-S/v1/tickets，如果用户合法则得到TGT数据。

2）根据TGT和service取得ST票据，请求的路径是：http://localhost:8080/TFP-S/v1/tickets/TGT_编号

3)验证ST票据，得到用户信息的XML格式信息。

样例代码如下：

public class Client {

	public static String getTicket(final String server,final String username,final String password,final String service) {
		notNull(server,"server must not be null");
		notNull(username,"username must not be null");
		notNull(password,"password must not be null");
		notNull(service,"service must not be null");

		return getServiceTicket(server,getTicketGrantingTicket(server,username,password),service);
	}

	/**
	 * 取得ST
	 * @param server
	 * @param ticketGrantingTicket
	 * @param service
	 */
	private static String getServiceTicket(final String server,final String ticketGrantingTicket,final String service) {
		if (ticketGrantingTicket == null)
			return null;

		final HttpClient client = new HttpClient();

		final PostMethod post = new PostMethod(server + "/" + ticketGrantingTicket);

		post.setRequestBody(new NameValuePair[] { new NameValuePair("service",service) });

		try {
			client.executeMethod(post);

			final String response = post.getResponseBodyAsString();

			switch (post.getStatusCode()) {
			case 200:
				return response;

			default:
				warning("Invalid response code (" + post.getStatusCode() + ") from CAS server!");
				info("Response (1k): " + response.substring(0,Math.min(1024,response.length())));
				break;
			}
		}

		catch (final IOException e) {
			warning(e.getMessage());
		}

		finally {
			post.releaseConnection();
		}

		return null;
	}

	/**
	 * @param server
	 * @param username
	 * @param password
	 */
	private static String getTicketGrantingTicket(final String server,final String password) {
		final HttpClient client = new HttpClient();

		final PostMethod post = new PostMethod(server);

		post.setRequestBody(new NameValuePair[] { new NameValuePair("username",username),new NameValuePair("password",password) });

		try {
			client.executeMethod(post);

			final String response = post.getResponseBodyAsString();
			info("TGT="+response);
			switch (post.getStatusCode()) {
			case 201: {
				final Matcher matcher = Pattern.compile(".*action=".*/(.*?)".*").matcher(response);

				if (matcher.matches())
					return matcher.group(1);

				warning("Successful ticket granting request,but no ticket found!");
				info("Response (1k): " + response.substring(0,response.length())));
				break;
			}

			default:
				warning("Invalid response code (" + post.getStatusCode() + ") from CAS server!");
				info("Response (1k): " + response.substring(0,response.length())));
				break;
			}
		}

		catch (final IOException e) {
			warning(e.getMessage());
		}

		finally {
			post.releaseConnection();
		}

		return null;
	}

	private static void ticketValidate(String serverValidate,String serviceTicket,String service) {
		notNull(serviceTicket,"paramter 'serviceTicket' is not null");
		notNull(service,"paramter 'service' is not null");

		final HttpClient client = new HttpClient();
		GetMethod post = null;

		try {
			post = new GetMethod(serverValidate+"?"+"ticket="+serviceTicket+"&service="+URLEncoder.encode(service,"UTF-8"));
			client.executeMethod(post);

			final String response = post.getResponseBodyAsString();
			info(response);
			switch (post.getStatusCode()) {
			case 200: {
				info("成功取得用户数据");
			}
			default: {

			}
			}

		} catch (Exception e) {
			warning(e.getMessage());
		} finally {
			//释放资源
			post.releaseConnection();
		}

	}

	private static void notNull(final Object object,final String message) {
		if (object == null)
			throw new IllegalArgumentException(message);
	}

	public static void main(final String[] args) throws Exception {
		final String server = "http://localhost:8080/TFP-S/v1/tickets";
		final String username = "username";
		final String password = "username";
		final String service = "http://localhost:8080/service";
		final String proxyValidate = "http://localhost:8080/TFP-S/proxyValidate";

		
		ticketValidate(proxyValidate,getTicket(server,password,service),service);
		
	}

	private static void warning(String msg) {
		System.out.println(msg);
	}

	private static void info(String msg) {
		System.out.println(msg);
	}

}

如果对返回来的用户信息是什么格式不清楚，那么下面是一个xml格式。

<cas:serviceResponse >
	<cas:authenticationSuccess>
		<cas:user>xuf</cas:user>
		<cas:attributes>
			<cas:securityLevel>2</cas:securityLevel>
			<cas:userType>个人用户</cas:userType>
			<cas:age>32</cas:age>
		</cas:attributes>  
	</cas:authenticationSuccess>
</cas:serviceResponse>

这个格式怎么修改？在透露一点吧，就是在CAS服务器那边是不是有casServiceValidationFailure.jsp文件，对了，就是它决定返回的xml格式的。如果使用Filter，其实也是传递回来这个xml，只是验证票据的过滤器，将这个xml转换成Assertion对象了。明白了吧。