zoukankan      html  css  js  c++  java
  • 认证拦截器

    <filter>
            <filter-name>CAS Filter</filter-name>
            <filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>
            <init-param>
                <param-name>casServerLoginUrl</param-name>
                <param-value>https://cas.server.name:8443/cas/login</param-value>
                <!-- 使用的CAS-Server的登录地址,一定是到登录的action -->
            </init-param>
            <init-param>
                <param-name>serverName</param-name>
                <param-value>http://app1.cas.com:8081</param-value>
                <!-- 当前Client系统的地址 -->
            </init-param>
        </filter>
    org.jasig.cas.client.authentication.AuthenticationFilter流程分析
    public class AuthenticationFilter extends AbstractCasFilter {
        private String casServerLoginUrl;//登陆的路径
        private boolean renew;
        private boolean gateway;//网关
        private GatewayResolver gatewayStorage;//网管解析器
        private AuthenticationRedirectStrategy authenticationRedirectStrategy;//身份验证重定向策略 
    private UrlPatternMatcherStrategy ignoreUrlPatternMatcherStrategyClass;//网管模式匹配策略
        private static final Map<String, Class<? extends UrlPatternMatcherStrategy>> PATTERN_MATCHER_TYPES = new HashMap();
    
        public AuthenticationFilter() {
            this(Protocol.CAS2);
        }
    
        protected AuthenticationFilter(Protocol protocol) {
            super(protocol);
            this.renew = false;
            this.gateway = false;
            this.gatewayStorage = new DefaultGatewayResolverImpl();
            this.authenticationRedirectStrategy = new DefaultAuthenticationRedirectStrategy();
            this.ignoreUrlPatternMatcherStrategyClass = null;
        }
    
        protected void initInternal(FilterConfig filterConfig) throws ServletException {
            if (!this.isIgnoreInitConfiguration()) {
                super.initInternal(filterConfig);
                this.setCasServerLoginUrl(this.getString(ConfigurationKeys.CAS_SERVER_LOGIN_URL));
                this.setRenew(this.getBoolean(ConfigurationKeys.RENEW));
                this.setGateway(this.getBoolean(ConfigurationKeys.GATEWAY));
                String ignorePattern = this.getString(ConfigurationKeys.IGNORE_PATTERN);
                String ignoreUrlPatternType = this.getString(ConfigurationKeys.IGNORE_URL_PATTERN_TYPE);
                Class gatewayStorageClass;
                if (ignorePattern != null) {
                    gatewayStorageClass = (Class)PATTERN_MATCHER_TYPES.get(ignoreUrlPatternType);
                    if (gatewayStorageClass != null) {
                        this.ignoreUrlPatternMatcherStrategyClass = (UrlPatternMatcherStrategy)ReflectUtils.newInstance(gatewayStorageClass.getName(), new Object[0]);
                    } else {
                        try {
                            this.logger.trace("Assuming {} is a qualified class name...", ignoreUrlPatternType);
                            this.ignoreUrlPatternMatcherStrategyClass = (UrlPatternMatcherStrategy)ReflectUtils.newInstance(ignoreUrlPatternType, new Object[0]);
                        } catch (IllegalArgumentException var6) {
                            this.logger.error("Could not instantiate class [{}]", ignoreUrlPatternType, var6);
                        }
                    }
    
                    if (this.ignoreUrlPatternMatcherStrategyClass != null) {
                        this.ignoreUrlPatternMatcherStrategyClass.setPattern(ignorePattern);
                    }
                }
    
                gatewayStorageClass = this.getClass(ConfigurationKeys.GATEWAY_STORAGE_CLASS);
                if (gatewayStorageClass != null) {
                    this.setGatewayStorage((GatewayResolver)ReflectUtils.newInstance(gatewayStorageClass, new Object[0]));
                }
    
                Class<? extends AuthenticationRedirectStrategy> authenticationRedirectStrategyClass = this.getClass(ConfigurationKeys.AUTHENTICATION_REDIRECT_STRATEGY_CLASS);
                if (authenticationRedirectStrategyClass != null) {
                    this.authenticationRedirectStrategy = (AuthenticationRedirectStrategy)ReflectUtils.newInstance(authenticationRedirectStrategyClass, new Object[0]);
                }
            }
    
        }
    
        public void init() {
            super.init();
            CommonUtils.assertNotNull(this.casServerLoginUrl, "casServerLoginUrl cannot be null.");
        }
    
        public final void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
            HttpServletRequest request = (HttpServletRequest)servletRequest;
            HttpServletResponse response = (HttpServletResponse)servletResponse;
            if (this.isRequestUrlExcluded(request)) {
                this.logger.debug("Request is ignored.");
                filterChain.doFilter(request, response);
            } else {
                HttpSession session = request.getSession(false);
                Assertion assertion = session != null ? (Assertion)session.getAttribute("_const_cas_assertion_") : null;
                if (assertion != null) {
                    filterChain.doFilter(request, response);
                } else {
                    String serviceUrl = this.constructServiceUrl(request, response);
                    String ticket = this.retrieveTicketFromRequest(request);
                    boolean wasGatewayed = this.gateway && this.gatewayStorage.hasGatewayedAlready(request, serviceUrl);
                    if (!CommonUtils.isNotBlank(ticket) && !wasGatewayed) {
                        this.logger.debug("no ticket and no assertion found");
                        String modifiedServiceUrl;
                        if (this.gateway) {
                            this.logger.debug("setting gateway attribute in session");
                            modifiedServiceUrl = this.gatewayStorage.storeGatewayInformation(request, serviceUrl);
                        } else {
                            modifiedServiceUrl = serviceUrl;
                        }
    
                        this.logger.debug("Constructed service url: {}", modifiedServiceUrl);
                        String urlToRedirectTo = CommonUtils.constructRedirectUrl(this.casServerLoginUrl, this.getProtocol().getServiceParameterName(), modifiedServiceUrl, this.renew, this.gateway);
                        this.logger.debug("redirecting to "{}"", urlToRedirectTo);
                        this.authenticationRedirectStrategy.redirect(request, response, urlToRedirectTo);
                    } else {
                        filterChain.doFilter(request, response);
                    }
                }
            }
        }
    
        public final void setRenew(boolean renew) {
            this.renew = renew;
        }
    
        public final void setGateway(boolean gateway) {
            this.gateway = gateway;
        }
    
        public final void setCasServerLoginUrl(String casServerLoginUrl) {
            this.casServerLoginUrl = casServerLoginUrl;
        }
    
        public final void setGatewayStorage(GatewayResolver gatewayStorage) {
            this.gatewayStorage = gatewayStorage;
        }
    
        private boolean isRequestUrlExcluded(HttpServletRequest request) {
            if (this.ignoreUrlPatternMatcherStrategyClass == null) {
                return false;
            } else {
                StringBuffer urlBuffer = request.getRequestURL();
                if (request.getQueryString() != null) {
                    urlBuffer.append("?").append(request.getQueryString());
                }
    
                String requestUri = urlBuffer.toString();
                return this.ignoreUrlPatternMatcherStrategyClass.matches(requestUri);
            }
        }
    
        static {
            PATTERN_MATCHER_TYPES.put("CONTAINS", ContainsPatternUrlPatternMatcherStrategy.class);
            PATTERN_MATCHER_TYPES.put("REGEX", RegexUrlPatternMatcherStrategy.class);
            PATTERN_MATCHER_TYPES.put("EXACT", ExactUrlPatternMatcherStrategy.class);
        }
    }
  • 相关阅读:
    LeetCode 264. Ugly Number II
    LeetCode 231. Power of Two
    LeetCode 263. Ugly Number
    LeetCode 136. Single Number
    LeetCode 69. Sqrt(x)
    LeetCode 66. Plus One
    LeetCode 70. Climbing Stairs
    LeetCode 628. Maximum Product of Three Numbers
    Leetcode 13. Roman to Integer
    大二暑假周进度报告03
  • 原文地址:https://www.cnblogs.com/ljangle/p/10154088.html
Copyright © 2011-2022 走看看