码迷,mamicode.com
首页 > 系统相关 > 详细

AuthenticationViaFormAction源码分析

时间:2015-04-21 01:54:39      阅读:229      评论:0      收藏:0      [点我收藏+]

标签:cas sso

开源的CAS已经很多牛人分析过了,最近在看源码,也总结一下    

AuthenticationViaFormAction.java主要代码


//credentialsBinder这个属性在配置文件中没有注入,所以this.credentialsBinder会一直为null,无效代码

    public final void doBind(final RequestContext context, final Credentials credentials) throws Exception {

        final HttpServletRequest request = WebUtils.getHttpServletRequest(context);


        if (this.credentialsBinder != null && this.credentialsBinder.supports(credentials.getClass())) {

            this.credentialsBinder.bind(request, credentials);

        }

    }


    public final String submit(final RequestContext context, final Credentials credentials, final MessageContext messageContext) throws Exception {

    //从request的flowScope中获取loginTicket

        final String authoritativeLoginTicket = WebUtils.getLoginTicketFromFlowScope(context);

        //从request的参数中获取loginTicket

        final String providedLoginTicket = WebUtils.getLoginTicketFromRequest(context);

        //如果两者不一样,返回错误

        if (!authoritativeLoginTicket.equals(providedLoginTicket)) {

            this.logger.warn("Invalid login ticket " + providedLoginTicket);

            final String code = "INVALID_TICKET";

            messageContext.addMessage(

                new MessageBuilder().error().code(code).arg(providedLoginTicket).defaultText(code).build());

            return "error";

        }

        

        //从request参数中或者flowScope中获取TGTID

        final String ticketGrantingTicketId = WebUtils.getTicketGrantingTicketId(context);

        //从request的flowScope中获取service

        final Service service = WebUtils.getService(context);

        //从request参数中获取renew的值,如果renew不为null,且ticketGrantingTicketId为null,且service为null

        if (StringUtils.hasText(context.getRequestParameters().get("renew")) && ticketGrantingTicketId != null && service != null) {


            try {

                final String serviceTicketId = this.centralAuthenticationService.grantServiceTicket(ticketGrantingTicketId, service, credentials);

                WebUtils.putServiceTicketInRequestScope(context, serviceTicketId);

                putWarnCookieIfRequestParameterPresent(context);

                return "warn";

            } catch (final TicketException e) {

                if (isCauseAuthenticationException(e)) {

                    populateErrorsInstance(e, messageContext);

                    return getAuthenticationExceptionEventId(e);

                }

                

                this.centralAuthenticationService.destroyTicketGrantingTicket(ticketGrantingTicketId);

                if (logger.isDebugEnabled()) {

                    logger.debug("Attempted to generate a ServiceTicket using renew=true with different credentials", e);

                }

            }

        }


        try {

        //this.centralAuthenticationService.createTicketGrantingTicket(credentials)返回TGTID,把TGTID放入RequestScope中

            WebUtils.putTicketGrantingTicketInRequestScope(context, this.centralAuthenticationService.createTicketGrantingTicket(credentials));

            putWarnCookieIfRequestParameterPresent(context);

            return "success";

        } catch (final TicketException e) {

            populateErrorsInstance(e, messageContext);

            if (isCauseAuthenticationException(e))

                return getAuthenticationExceptionEventId(e);

            return "error";

        }

    }


本文出自 “ping blog” 博客,转载请与作者联系!

AuthenticationViaFormAction源码分析

标签:cas sso

原文地址:http://liyanping.blog.51cto.com/6241230/1636298

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!