CAS-go to the logon page after logging out. cas logs out.

Source: Internet
Author: User

CAS-go to the logon page after logging out. cas logs out.

After CAS is single-point logout, it will jump to its own logout interface by default (this is based on the deployed CAS-Server. For details, see the previous article), such:


  


The corresponding jsp directory is as follows:


  


1. Modify cas-servlet.xml Configuration

Open the WEB-INF under the apache-tomcat-6.0.33 \ webapps \ cas \ cas-servlet.xml directory


  


Modify the bean id of the cas-servlet.xml file to "true" for the p: followServiceRedirects attribute under logoutController, such:


  


2. Modify the Logout link

Add "? Service = return address after exit ", for example, the configuration of the two clients used for CAS testing. Example: <ahref = "http: // localhost: 8080/cas/logout? Service = http://www.baidu.com "> quit </a>


  


For example:


  


3. Principles
The following from the configuration file, to the source code for analysis: 3.1 first look at the cas \ WEB-INF Directory web. xml
  

It can be seen that all/logout requests are sent to SafeDispatcherServlet for distribution. You can see from the code that this Servlet is only for org. springframework. web. servlet. dispatcherServlet is packaged once, And all requests are sent to org. springframework. web. servlet. the DispatcherServlet has gone through the process.

3.2 then look at the WEB-INF under the cas \ cas-servlet.xml directory
  

From the bean of handlerMappingC, there is a configuration section:/logout-logoutController. We can see that all/logout requests are sent to a Bean with the beanid logoutController for processing.

Let's take a look at what org. jasig. cas. web. LogoutController has done. The configuration we modified in the first step is the Controller Configuration:


  


You can see the core source code below:

<Pre name = "code" class = "java"> protected ModelAndView handleRequestInternal (final HttpServletRequest request, final HttpServletResponse response) throws Exception {// get TGT_ID final String response = this. ticketGrantingTicketCookieGenerator. retrieveCookieValue (request); // gets the service parameter data. This parameter is optional. final String service = request. getParameter ("service"); // if TGT is not empty if (ticketGrantingTick EtId! = Null) {// destroy this in centralAuthenticationService. centralAuthenticationService. destroyTicketGrantingTicket (ticketGrantingTicketId); // destroy cookie in ticketGrantingTicketCookieGenerator this. ticketGrantingTicketCookieGenerator. removeCookie (response); // destroy this in warnCookieGenerator. warnCookieGenerator. removeCookie (response);} // if the parameter followServiceRedirects is true and the service is not empty, jump to the URL specified by the service if (thi S. followServiceRedirects & service! = Null) {return new ModelAndView (new RedirectView (service);} // otherwise, jump to the page specified by logoutView return new ModelAndView (this. logoutView );}
 

Believe that, when you see the following sentence, you will understand why the configuration is Step 1 and step 2.


  

4. Summary

/Logout: (corresponding to the implementation class org. jasig. cas. web. LogoutController). The cancellation processing logic is as follows:

(1) removeCookie

(2) Delete the TicketGrantingTicket object on the server (this object encapsulates the cookie value)

(3) redirect to the exit page. There are two options:

L if the followServiceRedirects attribute of LogoutController is set to true and the service parameter in the url is not empty, redirect to the url marked by the sevice parameter;

L otherwise, redirect to the built-in casLogoutView. If there is a url parameter in the url, the link identified by this url parameter will be displayed on the casLogoutView page.

With patience, you can easily understand the source code of these open-source frameworks. If you are familiar with the source code, you can modify all parts of the framework as you wish.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.