owisho_java
owisho_java
2017-03-10 08:47
采纳率: 100%
浏览 2.6k
已采纳

CAS5.0 login-webflow.xml state配置

在cas-overlay-template中的login-webflow.xml中有如下的配置

<action-state id="ticketGrantingTicketCheck">
     <evaluate expression="ticketGrantingTicketCheckAction"/>
     <transition on="notExists" to="gatewayRequestCheck"/>
     <transition on="invalid" to="terminateSession"/>
     <transition on="valid" to="hasServiceCheck"/>
</action-state>

但是无法再login-webflow.xml中搜索到id="hasServiceCheck"的state,请问这个
hasServiceCheck是在哪配置的?

  • 点赞
  • 写回答
  • 关注问题
  • 收藏
  • 邀请回答

4条回答 默认 最新

  • Caoy36624826
    Caoy36624826 2018-01-24 03:33
    已采纳

    给你一个完整版

    <?xml version="1.0" encoding="UTF-8"?>
    <!--
    
        Licensed to Jasig under one or more contributor license
        agreements. See the NOTICE file distributed with this work
        for additional information regarding copyright ownership.
        Jasig licenses this file to you under the Apache License,
        Version 2.0 (the "License"); you may not use this file
        except in compliance with the License.  You may obtain a
        copy of the License at the following location:
    
          http://www.apache.org/licenses/LICENSE-2.0
    
        Unless required by applicable law or agreed to in writing,
        software distributed under the License is distributed on an
        "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
        KIND, either express or implied.  See the License for the
        specific language governing permissions and limitations
        under the License.
    
    -->
    <flow xmlns="http://www.springframework.org/schema/webflow"
          xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
          xsi:schemaLocation="http://www.springframework.org/schema/webflow
                              http://www.springframework.org/schema/webflow/spring-webflow-2.0.xsd">
    
        <var name="credentials" class="org.jasig.cas.authentication.principal.UsernamePasswordCredentials" />
        <on-start>
            <evaluate expression="initialFlowSetupAction" />
        </on-start>
    
        <decision-state id="ticketGrantingTicketExistsCheck">
            <if test="flowScope.ticketGrantingTicketId != null" then="hasServiceCheck" else="gatewayRequestCheck" />
        </decision-state>
    
        <decision-state id="gatewayRequestCheck">
            <if test="requestParameters.gateway != '' and requestParameters.gateway != null and flowScope.service != null" then="gatewayServicesManagementCheck" else="serviceAuthorizationCheck" />
        </decision-state>
    
        <decision-state id="hasServiceCheck">
            <if test="flowScope.service != null" then="renewRequestCheck" else="viewGenericLoginSuccess" />
        </decision-state>
    
        <decision-state id="renewRequestCheck">
            <if test="requestParameters.renew != '' and requestParameters.renew != null" then="serviceAuthorizationCheck" else="generateServiceTicket" />
        </decision-state>
    
        <!-- Do a service authorization check early without the need to login first -->
        <action-state id="serviceAuthorizationCheck">
            <evaluate expression="serviceAuthorizationCheck"/>
            <transition to="generateLoginTicket"/>
        </action-state>
    
        <!-- 
            The "warn" action makes the determination of whether to redirect directly to the requested
            service or display the "confirmation" page to go back to the server.
        -->
        <decision-state id="warn">
            <if test="flowScope.warnCookieValue" then="showWarningView" else="redirect" />
        </decision-state>
    
        <!-- 
        <action-state id="startAuthenticate">
            <action bean="x509Check" />
            <transition on="success" to="sendTicketGrantingTicket" />
            <transition on="warn" to="warn" />
            <transition on="error" to="generateLoginTicket" />
        </action-state>
         -->
        <action-state id="startAuthenticate">
          <evaluate expression="negociateSpnego" />
          <transition on="success" to="spnego" />
        </action-state>
    
        <action-state id="spnego">
          <evaluate expression="spnego" />
          <transition on="success" to="sendTicketGrantingTicket" />
          <transition on="error" to="viewLoginForm" />
        </action-state>
        <!--
            LPPE transitions begin here: You will also need to
            move over the 'lppe-configuration.xml' file from the
            'unused-spring-configuration' folder to the 'spring-configuration' folder
            so CAS can pick up the definition for the bean 'passwordPolicyAction'.
        -->
        <action-state id="passwordPolicyCheck">
            <evaluate expression="passwordPolicyAction" />
            <transition on="showWarning" to="passwordServiceCheck" />
            <transition on="success" to="sendTicketGrantingTicket" />
            <transition on="error" to="startAuthenticate" />
        </action-state>
    
        <action-state id="passwordServiceCheck">
            <evaluate expression="sendTicketGrantingTicketAction" />
            <transition to="passwordPostCheck" />
        </action-state>
    
        <decision-state id="passwordPostCheck">
            <if test="flowScope.service != null" then="warnPassRedirect" else="pwdWarningPostView" />
        </decision-state>
    
        <action-state id="warnPassRedirect">
            <evaluate expression="generateServiceTicketAction" />
            <transition on="success" to="pwdWarningPostView" />
            <transition on="error" to="generateLoginTicket" />
            <transition on="gateway" to="gatewayServicesManagementCheck" />
        </action-state>
    
        <end-state id="pwdWarningAbstractView">
            <on-entry>
                <set name="flowScope.passwordPolicyUrl" value="passwordPolicyAction.getPasswordPolicyUrl()" />
            </on-entry>
        </end-state>
        <end-state id="pwdWarningPostView" view="casWarnPassView" parent="#pwdWarningAbstractView" />
        <end-state id="casExpiredPassView" view="casExpiredPassView" parent="#pwdWarningAbstractView" />
        <end-state id="casMustChangePassView" view="casMustChangePassView" parent="#pwdWarningAbstractView" />
        <end-state id="casAccountDisabledView" view="casAccountDisabledView" />
        <end-state id="casAccountLockedView" view="casAccountLockedView" />
        <end-state id="casBadHoursView" view="casBadHoursView" />
        <end-state id="casBadWorkstationView" view="casBadWorkstationView" />
        <!-- LPPE transitions end here... -->
    
        <action-state id="generateLoginTicket">
            <evaluate expression="generateLoginTicketAction.generate(flowRequestContext)" />
            <transition on="generated" to="startAuthenticate" />
        </action-state>
    
        <view-state id="viewLoginForm" view="casLoginView" model="credentials">
            <binder>
                <binding property="username" />
                <binding property="password" />
            </binder>
            <on-entry>
                <set name="viewScope.commandName" value="'credentials'" />
            </on-entry>
            <transition on="submit" bind="true" validate="true" to="realSubmit">
                <evaluate expression="authenticationViaFormAction.doBind(flowRequestContext, flowScope.credentials)" />
            </transition>
        </view-state>
    
        <action-state id="realSubmit">
            <evaluate expression="authenticationViaFormAction.submit(flowRequestContext, flowScope.credentials, messageContext)" />
            <!--
              To enable LPPE on the 'warn' replace the below transition with:
              <transition on="warn" to="passwordPolicyCheck" />
    
              CAS will attempt to transition to the 'warn' when there's a 'renew' parameter
              and there exists a ticketGrantingId and a service for the incoming request.
            -->
            <transition on="warn" to="warn" />
            <!--
              To enable LPPE on the 'success' replace the below transition with:
              <transition on="success" to="passwordPolicyCheck" />
            -->
            <transition on="success" to="sendTicketGrantingTicket" />
            <transition on="error" to="generateLoginTicket" />
            <transition on="accountDisabled" to="casAccountDisabledView" />
            <transition on="mustChangePassword" to="casMustChangePassView" />
            <transition on="accountLocked" to="casAccountLockedView" />
            <transition on="badHours" to="casBadHoursView" />
            <transition on="badWorkstation" to="casBadWorkstationView" />
            <transition on="passwordExpired" to="casExpiredPassView" />
        </action-state>
    
        <action-state id="sendTicketGrantingTicket">
            <evaluate expression="sendTicketGrantingTicketAction" />
            <transition to="serviceCheck" />
        </action-state>
    
        <decision-state id="serviceCheck">
            <if test="flowScope.service != null" then="generateServiceTicket" else="viewGenericLoginSuccess" />
        </decision-state>
    
        <action-state id="generateServiceTicket">
            <evaluate expression="generateServiceTicketAction" />
            <transition on="success" to ="warn" />
            <transition on="error" to="generateLoginTicket" />
            <transition on="gateway" to="gatewayServicesManagementCheck" />
        </action-state>
    
        <action-state id="gatewayServicesManagementCheck">
            <evaluate expression="gatewayServicesManagementCheck" />
            <transition on="success" to="redirect" />
        </action-state>
    
        <action-state id="redirect">
            <evaluate expression="flowScope.service.getResponse(requestScope.serviceTicketId)" result-type="org.jasig.cas.authentication.principal.Response" result="requestScope.response" />
            <transition to="postRedirectDecision" />
        </action-state>
    
        <decision-state id="postRedirectDecision">
            <if test="requestScope.response.responseType.name() == 'POST'" then="postView" else="redirectView" />
        </decision-state>
    
        <!-- 
            the "viewGenericLogin" is the end state for when a user attempts to login without coming directly from a service.
            They have only initialized their single-sign on session.
        -->
        <end-state id="viewGenericLoginSuccess" view="casLoginGenericSuccessView" />
    
        <!-- 
            The "showWarningView" end state is the end state for when the user has requested privacy settings (to be "warned") to be turned on.  It delegates to a 
            view defines in default_views.properties that display the "Please click here to go to the service." message.
        -->
        <end-state id="showWarningView" view="casLoginConfirmView" />
    
        <end-state id="postView" view="postResponseView">
            <on-entry>
                <set name="requestScope.parameters" value="requestScope.response.attributes" />
                <set name="requestScope.originalUrl" value="flowScope.service.id" />
            </on-entry>
        </end-state>
    
        <!-- 
            The "redirect" end state allows CAS to properly end the workflow while still redirecting
            the user back to the service required.
        -->
        <end-state id="redirectView" view="externalRedirect:${requestScope.response.url}" />
    
        <end-state id="viewServiceErrorView" view="viewServiceErrorView" />
    
        <end-state id="viewServiceSsoErrorView" view="viewServiceSsoErrorView" />
    
        <global-transitions>
            <!-- CAS-1023 This one is simple - redirects to a login page (same as renew) when 'ssoEnabled' flag is unchecked
                 instead of showing an intermediate unauthorized view with a link to login page -->
            <transition to="startAuthenticate" on-exception="org.jasig.cas.services.UnauthorizedSsoServiceException"/>
            <transition to="viewServiceErrorView" on-exception="org.springframework.webflow.execution.repository.NoSuchFlowExecutionException" />
            <transition to="viewServiceErrorView" on-exception="org.jasig.cas.services.UnauthorizedServiceException" />
        </global-transitions>
    </flow> 
    
    点赞 评论
  • dashicaineng
    点赞 评论
  • Caoy36624826
    Caoy36624826 2018-01-24 03:33

    有这个id呀 我的就有,可能是你服务端版本的问题吧 我的是server3.4.2

     <decision-state id="hasServiceCheck">
            <if test="flowScope.service != null" then="renewRequestCheck" else="viewGenericLoginSuccess" />
        </decision-state>
    
    点赞 评论
  • zxs0001
    Micro_Sheng 2019-05-07 22:07

    是在源码中实现状态转换处理的

    点赞 评论

相关推荐