本文详细解析了在CAS认证系统中,如何通过修改SendTicketGrantingTicketAction类中的doExecute方法来处理登录状态的重复问题及Ticket的管理。特别关注了在用户登录时,如何检查并销毁先前存在的TicketGrantingTicket,以及如何正确设置和更新TicketGrantingTicket的Cookie。
在类SendTicketGrantingTicketAction.java中修改的
protected Event doExecute(final RequestContext context) {
final String ticketGrantingTicketId = WebUtils.getTicketGrantingTicketId(context);
final String ticketGrantingTicketValueFromCookie = (String) context.getFlowScope().get("ticketGrantingTicketId");
if (ticketGrantingTicketId == null) {
return success();
}
try {
/*
* 根据用户和密码存放ticket 后者登录踢掉前者
*/
String ticketIdkey = context.getRequestParameters().get("username")+"$"+context.getRequestParameters().get("password");
// String contextKey = ticketIdkey + "#";
if(LoginRememberMap.LoginCookieRemberTicket.get(ticketIdkey) != null){
// HttpSession httpSession = WebUtils.getHttpServletRequest(LoginRememberMap.LoginCookieRemberContent.get(contextKey)).getSession();
// httpSession.setAttribute("loginRepeat", "您的账号已在别处登录!");
this.centralAuthenticationService
.destroyTicketGrantingTicket(LoginRememberMap.LoginCookieRemberTicket.get(ticketIdkey));
}
// LoginRememberMap.LoginCookieRemberContent.put(contextKey, context);
LoginRememberMap.LoginCookieRemberTicket.put(ticketIdkey, ticketGrantingTicketId);
} catch (Exception e) {
e.printStackTrace();
}
this.ticketGrantingTicketCookieGenerator.addCookie(WebUtils.getHttpServletRequest(context), WebUtils
.getHttpServletResponse(context), ticketGrantingTicketId);
if (ticketGrantingTicketValueFromCookie != null && !ticketGrantingTicketId.equals(ticketGrantingTicketValueFromCookie)) {
this.centralAuthenticationService
.destroyTicketGrantingTicket(ticketGrantingTicketValueFromCookie);
}
return success();
}记得注销的时候还要移除相应的
源码看的不明不白的,提示信息一直传不到页面,
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
