开源的CAS已经很多牛人分析过了,最近在看源码,也总结一下
在login-webflow.xml中,初次访问应用的flow轨迹是:
1 <on-start>
<evaluate expression="initialFlowSetupAction" />
</on-start>
2 <decision-state id="ticketGrantingTicketExistsCheck">
<if test="flowScope.ticketGrantingTicketId != null" then="hasServiceCheck" else="gatewayRequestCheck" />
</decision-state>
3 <decision-state id="gatewayRequestCheck">
<if test="requestParameters.gateway != '' and requestParameters.gateway != null and flowScope.service != null" then="gatewayServicesManagementCheck" else="generateLoginTicket" />
</decision-state>
4 <action-state id="generateLoginTicket">
<evaluate expression="generateLoginTicketAction.generate(flowRequestContext)" />
<transition on="generated" to="viewLoginForm" />
</action-state>
所以代码会执行到generateLoginTicketAction中
GenerateLoginTicketAction.java
public final String generate(final RequestContext context) {
//通过DefaultUniqueTicketIdGenerator生成loginTicket,可以通过实现接口UniqueTicketIdGenerator.java,来自己定义生成loginTicket的格式
final String loginTicket = this.ticketIdGenerator.getNewTicketId(PREFIX);
this.logger.debug("Generated login ticket " + loginTicket);
//把ticket放入FlowScope
WebUtils.putLoginTicket(context,loginTicket);
return "generated";
}
返回后,跳转到“viewLoginForm”
<view-state id="viewLoginForm" view="casLoginView" model="credentials">
<binder>
<binding property="username" />
<binding property="password" />
</binder>
<on-entry>
<set name="viewScope.commandName" value="'credentials'" />
</on-entry>
<transition on="submit" bind="true" validate="true" to="realSubmit">
<evaluate expression="authenticationViaFormAction.dobind(flowRequestContext,flowScope.credentials)" />
</transition>
</view-state>
default_view.properties已经定义好了:casLoginView.url=/WEB-INF/view/jsp/default/ui/casLoginView.jsp
浏览器会跳转到casLoginView.jsp让用户登陆,用户在casLoginView.jsp执行submit动作时,evaluate 元素中 expression 属性所指明的表达式会被执行,即标红的部分。表达式内容执行完成后,转向id为realSubmit的state
<action-state id="realSubmit">
<evaluate expression="authenticationViaFormAction.submit(flowRequestContext,flowScope.credentials,messageContext)" />
<transition on="warn" to="warn" />
<transition on="success" to="sendTicketGrantingTicket" />
<transition on="error" to="generateLoginTicket" />
<transition on="accountdisabled" to="casAccountdisabledView" />
<transition on="mustChangePassword" to="casMustChangePassView" />
<transition on="accountLocked" to="casAccountLockedView" />
<transition on="badHours" to="casBadHoursView" />
<transition on="badWorkstation" to="casBadWorkstationView" />
<transition on="passwordExpired" to="casExpiredPassView" />
</action-state>
在realSubmit中,根据表达式“authenticationViaFormAction.submit(flowRequestContext,messageContext)”的不同返回值跳转到不同的界面
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。
