- 执行组件
2、登出重定向关键定位
子涵先生顺便和大家扯一点源码阅读中的一些心得~
一般情况下我们有时候无法一下子找到相关业务的源码入口位置,我们可以
1、我们可以先定位到关键代码后使用倒序方式阅读。
2、然后通过正序配置的方式通读源码原理和并深入理解其执行流程。
这里分析源码的时候,我们是按照倒序阅读法来看的。
找到源码重定向到外部url的位置
找到上一步
gatewayServicesManagementCheck
是负责服务检测的一个bean,由Spring负责管理。
<bean id=“gatewayServicesManagementCheck” class=“org.jasig.cas.web.flow.GatewayServicesManagementCheck”
c:servicesManager-ref=“servicesManager”/>
查看源码:
org.jasig.cas.web.flow.GatewayServicesManagementCheck
public class GatewayServicesManagementCheck extends AbstractAction {
private final Logger logger = LoggerFactory.getLogger(this.getClass());
@NotNull
private final ServicesManager servicesManager;
/**
- Initialize the component with an instance of the services manager.
- @param servicesManager the service registry instance.
*/
public GatewayServicesManagementCheck(final ServicesManager servicesManager) {
this.servicesManager = servicesManager;
}
@Override
protected Event doExecute(final RequestContext context) throws Exception {
final Service service = WebUtils.getService(context);
final boolean match = this.servicesManager.matchesExistingService(service);
if (match) {
return success();
}
final String msg = String.format("ServiceManagement: Unauthorized Service Access. "
- “Service [%s] does not match entries in service registry.”, service.getId());
logger.warn(msg);
throw new UnauthorizedServiceException(UnauthorizedServiceException.CODE_UNAUTHZ_SERVICE, msg);
}
}
3、再看cas的退出流程
3-1 流程入口
logout-webflow.xml中定义了基于url的退出方式:
3-2 退出执行
cas将退出动作交给了
logoutAction
Bean,该Bean中的
followServiceRedirects
参数设置了重定向登出url地址范围:
<bean id=“logoutAction” class=“org.jasig.cas.web.flow.LogoutAction”
p:servicesManager-ref=“servicesManager”
p:followServiceRedirects=“${cas.logout.followServiceRedirects:false}”/>
上
logoutAction
的源码:
/**
- Action to delete the TGT and the appropriate cookies.
- It also performs the back-channel SLO on the services accessed by the user during its browsing.
- After this back-channel SLO, a front-channel SLO can be started if some services require it.
- The final logout page or a redirection url is also computed in this action.
- @author Scott Battaglia
- @author Jerome Leleu
- @since 3.0
*/
public final class LogoutAction extends AbstractLogoutAction {
/** The services manager. */
@NotNull
private ServicesManager servicesManager;
/**
- Boolean to determine if we will redirect to any url provided in the
- service request parameter.
*/
private boolean followServiceRedirects;
@Override
protected Event doInternalExecute(final HttpServletRequest request, final HttpServletResponse response,
final RequestContext context) throws Exception {
boolean needFrontSlo = false;
putLogoutIndex(context, 0);
final List logoutRequests = WebUtils.getLogoutRequests(context);
if (logoutRequests != null) {
for (LogoutRequest logoutRequest : logoutRequests) {
// if some logout request must still be attempted
if (logoutRequest.getStatus() == LogoutRequestStatus.NOT_ATTEMPTED) {
needFrontSlo = true;
break;
}
}
}
//小哥哥、小姐姐们,看这里~ start=====
final String service = request.getParameter(“service”);
if (this.followServiceRedirects && service != null) {
final RegisteredService rService = this.servicesManager.findServiceBy(new SimpleWebApplicationServiceImpl(service));
if (rService != null && rService.isEnabled()) {
context.getFlowScope().put(“logoutRedirectUrl”, service);
}
}
//小哥哥、小姐姐们,看这里~ end=====
// there are some front services to logout, perform front SLO
//匹配到cas管理的service范围,退出后跳转到对应的service地址。
if (needFrontSlo) {
return new Event(this, FRONT_EVENT);
} else {
// otherwise, finish the logout process
//否则,退出到cas默认的退出地址
return new Event(this, FINISH_EVENT);
}
}
public void setFollowServiceRedirects(final boolean followServiceRedirects) {
this.followServiceRedirects = followServiceRedirects;
}
public void setServicesManager(final ServicesManager servicesManager) {
this.servicesManager = servicesManager;
}
}
3-3 服务重定向
- 找到了匹配的服务返回:
context.getFlowScope().put("logoutRedirectUrl", service);
,交给
finishLogout
版权归原作者 2401_86400848 所有, 如有侵权,请联系我们删除。