sso単点脱退の問題は、自分で退出を適用するだけで、
バージョン#バージョン#
cas-server-3.5.0
cas-client-3.2.1
casに関する検索キーワードの検討
cas ticket
cas login-webflow.xml
終了アドレスリストのurl後に/
その他の説明:
org.jasig.cas.web.LogoutController.java
ssoは終了要求を発行する
org.jasig.cas.util.HttpClient.java
クライアントは、終了要求orgを受信.jasig.cas.client.session.SingleSignOutFilter
参照先:
http://www.iteye.com/topic/1129751
cas-server-3.5.0
cas-client-3.2.1
casに関する検索キーワードの検討
cas ticket
cas login-webflow.xml
終了アドレスリストのurl後に/
<bean class="org.springframework.beans.factory.config.MethodInvokingFactoryBean" lazy-init="false">
<property name="staticMethod" value="cn.ql.sso.auth.SignoutServers.setServers" />
<property name="arguments">
<list>
<value>http://192.168.2.3:8080/Plat/</value>
<value>http://192.168.2.3:8080/base/</value>
<value>http://192.168.2.5:8080/Plat/</value>
<value>http://192.168.2.5:8080/base/</value>
</list>
</property>
</bean>その他の説明:
org.jasig.cas.web.LogoutController.java
protected ModelAndView handleRequestInternal(
final HttpServletRequest request, final HttpServletResponse response)
throws Exception {
final String ticketGrantingTicketId = this.ticketGrantingTicketCookieGenerator.retrieveCookieValue(request);
final String service = request.getParameter("service");
if (ticketGrantingTicketId != null) {
this.centralAuthenticationService
.destroyTicketGrantingTicket(ticketGrantingTicketId);
this.ticketGrantingTicketCookieGenerator.removeCookie(response);
this.warnCookieGenerator.removeCookie(response);
}
if (this.followServiceRedirects && service != null) {
return new ModelAndView(new RedirectView(service));
}
return new ModelAndView(this.logoutView);
}ssoは終了要求を発行する
org.jasig.cas.util.HttpClient.java
private Boolean call(String server) {
HttpURLConnection connection = null;
BufferedReader in = null;
try {
if (log.isDebugEnabled()) {
log.debug("Attempting to access " + server);
}
final URL logoutUrl = new URL(server);
final String output = "logoutRequest=" + URLEncoder.encode(message, "UTF-8");
connection = (HttpURLConnection) logoutUrl.openConnection();
connection.setDoInput(true);
connection.setDoOutput(true);
connection.setRequestMethod("POST");
connection.setReadTimeout(readTimeout);
connection.setConnectTimeout(connectionTimeout);
connection.setRequestProperty("Content-Length", Integer.toString(output.getBytes().length));
connection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
final DataOutputStream printout = new DataOutputStream(connection.getOutputStream());
printout.writeBytes(output);
printout.flush();
printout.close();
in = new BufferedReader(new InputStreamReader(connection.getInputStream()));
while (in.readLine() != null) {
// nothing to do
}
if (log.isDebugEnabled()) {
log.debug("Finished sending message to" + url);
}
return true;
} catch (final SocketTimeoutException e) {
log.warn("Socket Timeout Detected while attempting to send message to [" + url + "].");
return false;
} catch (final Exception e) {
log.warn("Error Sending message to url endpoint [" + url + "]. Error is [" + e.getMessage() + "]");
return false;
} finally {
if (in != null) {
try {
in.close();
} catch (final IOException e) {
// can't do anything
}
}
if (connection != null) {
connection.disconnect();
}
}
}クライアントは、終了要求orgを受信.jasig.cas.client.session.SingleSignOutFilter
public void doFilter(final ServletRequest servletRequest, final ServletResponse servletResponse, final FilterChain filterChain) throws IOException, ServletException {
final HttpServletRequest request = (HttpServletRequest) servletRequest;
if (handler.isTokenRequest(request)) {
handler.recordSession(request);
} else if (handler.isLogoutRequest(request)) {
handler.destroySession(request);
// Do not continue up filter chain
return;
} else {
log.trace("Ignoring URI " + request.getRequestURI());
}
filterChain.doFilter(servletRequest, servletResponse);
}参照先:
http://www.iteye.com/topic/1129751