近日有朋友想了解一下CAS的協(xié)議的HTTP流程�����,我之前抓過包�����,現(xiàn)在貼出來,希望對那位朋友有所幫助。
CAS Server:caserver:7002
Tomcat APP應(yīng)用:appserver01:8080
訪問
appserver01:8080
的
SessionExample
GET /servlets-examples/servlet/SessionExample HTTP/1.1
Accept: */*
Accept-Language: zh-cn,en;q=0.8,zh;q=0.5,zh-tw;q=0.3
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; Maxthon; .NET CLR 2.0.50215)
Host: appserver01:8080
Connection: Keep-Alive
?
appserver01:8080
引導(dǎo)我到
casserver:7002
進(jìn)行認(rèn)證
,
注意
,Service=SessionExmaple
的
URL
HTTP/1.1 302 Moved Temporarily
Set-Cookie: JSESSIONID=22311DC79C684A911EEEBC3F0FBDB136; Path=/servlets-examples
Location: https://casserver:7002/cas/login?service=http%3A%2F%2Fappserver01%3A8080%2Fservlets-examples%2Fservlet%2FSessionExample
Content-Length: 0
Date: Fri, 28 Oct 2005 06:33:54 GMT
Server: Apache-Coyote/1.1
?
緊接著�,我的
IE
訪問
casserver:7002
����,走
SSL
協(xié)議
__Q_M_Ca?R??d‰.!#U?-é?11úhx_??{?e???ò?_h|íA?6
?|__“w?o___
db____c_
?
casserver:7002
出示證書給我看,并且給予我
ServiecTicket,
下面的是亂碼,
SSL
協(xié)議是這樣,將就一下
J
__:_6_Ca??bê| !ì_?^? ?AB__ü5;_s+_?2òG_a????“?dJEám:_ìo____y__u_r_á0?_?0?_??_______0
_*?H?÷
____0~1_0___U____BEA1_0__U____CN1_0__U____GZ1_0__U____GD1_0___U_
__BEA.CO.LTD1_0___U____BEA1_0__*?H?÷
____CA@BEA.COM.CN0__
051017081352Z_
061017073844Z0[1_0___U____CASSERVER1_0___U____BEA1_0
__U_
__DIANLI1_0__U____GZ1_0__U____GD1_0__U____CN0??0
_*?H?÷
_____??0?‰_??‰?c????y-_?qCú6`μue??!′?·[/`sd?__?i?—n?+]??¨¨??_oa·__?C!í??)réé_?_c?€shì?>O??…^S_L!E’?_^uüó?z??SQ&·
¥
Zˉ?[???_Ya_Vo???@q
£
~?1_è?____
£
0_0__U____00
_*?H?÷
_____?__1\ aú]_é_bn??? 3?
¢
?L?R_/?ùí_1?%B?yêH?€ükáeò%??qd 40_c??_r?ìO?9z?q"M bxj?y_aO
??ü|??i_0N?.?Z?adóú???P?)?–ê3@m?U_???3Q_
¥
iH_*D`?B?^?_?_?A??€3€#)y?_ì?)-?
¢
áQ%èHh?_úeá??1“á×?^C. _S8?p?Xèt%-?%a·òX
¢
_B;)??
£
”μío€oY???QG_L–k3??Z^?s??i??ì!????_?!2?}“W???._?Yo?}Rw_?0?_?0?_o?_______0
_*?H?÷
____0~1_0___U____BEA1_0__U____CN1_0__U____GZ1_0__U____GD1_0___U_
__BEA.CO.LTD1_0___U____BEA1_0__*?H?÷
____CA@BEA.COM.CN0__
051017073844Z_
061017073844Z0~1_0___U____BEA1_0__U____CN1_0__U____GZ1_0__U____GD1_0___U_
__BEA.CO.LTD1_0___U____BEA1_0__*?H?÷
____CA@BEA.COM.CN0?_"0
_*?H?÷
_____?__0?_
_?__?]??·‘f??_€c’6q??)?1
???_)?__?μ?_?ˉ_???u??|Q)??x??M?_>
¥
|_·à_—z? ?J_à\!_La2?Eé&7…_
?
____)__?_€qG?9ê?_r!?E?<?9W?(JfSè?·?-M??í_E
¢
??ùM?~éy_|?′?/_ˉj?Y.|??¤#oRˉ?atàó4_????è
?_,> \í(?íà?“@u_I_?ê1c?K?8?°*?7üU*áQ?l??h?à9¨í€j]?,n______8_xR_a?4V<`×?#?d?_ù_??‰?_/aD$qqù[OW???1÷f?é_??_·×06Y?ì%ó
?
______8k?°?`¤E?_Qc
¥
?“à??c7r_/?
MS?|?E
¢
??]??_!°#??¨_?ò<??_\èe?[
?
____ê53M_???íV?c1?ú?4?|a?_??ò?`?w??o“?à;J3?fF°"?XL||u?|~ˉa;_?&_è`_Ca‰90‰L$2#ú
_I_?è?q?rò` ?uEHg3e%j_JC????vo.N??úa?_á?f
aad?hò_oò
£
?-?Ník?H1?à??i_so\?1dvQC?4??–?‰a€?Xú6?1???pDè??í^nW????_‰_à_ó…|JEG?[asv?Wt(??μ
o
¢
_h?_2_í7e???2__I _H?
¥
óêμ_L??ü÷?’1°__???o—_H !7?é-à:?G??*?a
¥
|?à???7O¨gVc???2à/?–÷
¥
”?????óD_§o?*Nμ’à??ù)@/2a1?|{??-??";h??_?:¤?μ_}??MC?x_R?_)×6??_?ê_¨_
_
¥
z??u?_
£
_è?¨?+,.:?_1?__]??E
¢£
?_?9?.3uX
¥
Az??¤_??—Zù?×e?#?????__LY?_4??7"Wií?|_fOí·_?_e?_p0?_?‘?ì?L":,7?$)b__9?v?pí;±?R?l?4??Z_}V_o,_.5y@?1\_e?kk??|x??%?U-–‰?¤
?
__éYì?T?_’w?ù?yxóˉL’ì??5_???}ìì?????_Cce<]8?JoB??1?_.—?$_?P2??pê_0?$è?òú—?–8[?‰i???_??O7Cb???××R/??o_?S_?G$}??_)*U$ó!$5ê__(ê?¨?yò_2_RìzGGLó??1N:”"7?¨2__?7?_$?“
¥
_a_
/xD‰
'Qò?“—?tv?BM
£
·_sùò__?ú_§_\??iòk?
¢
___#oE?$
£
[sIêv?fU…r
¢
_?x.k_^_?plü’????^?9!_7Ja_}·#
¥
?U&>?'§v_KX_–@4
üWí
§?f-,_?_±??_?9l?_r¨è?D_ppíK?=D&?/0u3\?]?h’?&X?_·?g_)?…;è_7d·?
téa?”??_q?úal??_1waE€é_?$p?_—[?p°__`ù·…_p??R??zW_*‘ ü_?P]7Z_?
J‘9?¤??ˉ?\qפ_?c
¥
__?Q_?_??\_?_%?5_??FL??8μH
¢
?N_ò??a"_5/'?…__Cl:1?rqs_ú?-#??_–_?_?′
¥
?;C
¥
í6?_x_y_?RPhì??b??_{F_?¨êùi€W+9??__·?L
£
?&_ú?k__é?>ú]ˉ?g?=?????>è?~Q?×s}??_3,?5_?ˉ_?—?D?ù?_1rtF_?.—_>ú}
¥
?K?_??k_???ó?A?!???__S&?e_/??_??B_V??è_5Q8%??3?ú-??_Vao?a×???_
£
?-U?__u_;??4H=d1é§'?ˉ?|ò_|_??R dRè5?g9Y…±6?è??m?\_Nˉ|á3y3_’y`4?1êa-?ú?V?_f¨3_?d_?_?*_????bü^?o§r?_
?
?
認(rèn)證完畢,我得到ServiceTicket�����,我便用
casserver:7002
提供的
ServiceTicket
訪問
appserver01:8080
的
SessionExample應(yīng)用
GET /servlets-examples/servlet/SessionExample?ticket=ST-1-9xVu1SfonRNKcjdyKbG9 HTTP/1.1
Accept: */*
Accept-Language: zh-cn,en;q=0.8,zh;q=0.5,zh-tw;q=0.3
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; Maxthon; .NET CLR 2.0.50215)
Host: appserver01:8080
Connection: Keep-Alive
Cookie: JSESSIONID=22311DC79C684A911EEEBC3F0FBDB136
?
?
appserver01:8080
認(rèn)為我的
Ticket
是正確的�,因此正確返回網(wǎng)頁給我。
HTTP/1.1 200 OK
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 1188
Date: Fri, 28 Oct 2005 06:33:54 GMT
Server: Apache-Coyote/1.1
?
?
Sessions Example
Session ID: 22311DC79C684A911EEEBC3F0FBDB136
Created: Fri Oct 28 14:33:54 CST 2005
Last Accessed: Fri Oct 28 14:33:54 CST 2005
?
The following data is in your session:
edu.yale.its.tp.cas.client.filter.user = cas
?
Name of Session Attribute:
Value of Session Attribute:
?
GET based form:
Name of Session Attribute:
Value of Session Attribute:
?
URL encoded
?
?
IE會(huì)接著
獲取網(wǎng)頁上的圖片����,見
GET
后面那一串字符����,什么
code.gif,return.gif.....
����,獲取的根據(jù)都是
靠那個(gè)
ticket=ST-1-9xVu1SfonRNKcjdyKbG9
,如果這個(gè)
ST
不對,圖片是獲取不了的��!
?
?
GET /servlets-examples/images/code.gif HTTP/1.1
Accept: */*
Referer: http://appserver01:8080/servlets-examples/servlet/SessionExample?ticket=ST-1-9xVu1SfonRNKcjdyKbG9
Accept-Language: zh-cn,en;q=0.8,zh;q=0.5,zh-tw;q=0.3
Accept-Encoding: gzip, deflate
If-Modified-Since: Sun, 29 Aug 2004 00:02:34 GMT
If-None-Match: W/"292-1093737754000"
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; Maxthon; .NET CLR 2.0.50215)
Host: appserver01:8080
Connection: Keep-Alive
Cookie: JSESSIONID=22311DC79C684A911EEEBC3F0FBDB136
?
HTTP/1.1 304 Not Modified
Date: Fri, 28 Oct 2005 06:33:54 GMT
Server: Apache-Coyote/1.1
?
?
GET /servlets-examples/images/return.gif HTTP/1.1
Accept: */*
Referer: http://appserver01:8080/servlets-examples/servlet/SessionExample?ticket=ST-1-9xVu1SfonRNKcjdyKbG9
Accept-Language: zh-cn,en;q=0.8,zh;q=0.5,zh-tw;q=0.3
Accept-Encoding: gzip, deflate
If-Modified-Since: Sun, 29 Aug 2004 00:02:26 GMT
If-None-Match: W/"1231-1093737746000"
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; Maxthon; .NET CLR 2.0.50215)
Host: appserver01:8080
Connection: Keep-Alive
Cookie: JSESSIONID=22311DC79C684A911EEEBC3F0FBDB136
?
HTTP/1.1 304 Not Modified
Date: Fri, 28 Oct 2005 06:33:54 GMT
Server: Apache-Coyote/1.1