David.Turing's blog

 

CAS协议的抓包分析

近日有朋友想了解一下CAS的协议的HTTP流程,我之前抓过包,现在贴出来,希望对那位朋友有所帮助。
CAS Server:caserver:7002
Tomcat APP应用:appserver01:8080
访问
appserver01:8080 SessionExample

GET /servlets-examples/servlet/SessionExample HTTP/1.1

Accept: */*

Accept-Language: zh-cn,en;q=0.8,zh;q=0.5,zh-tw;q=0.3

Accept-Encoding: gzip, deflate

User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; Maxthon; .NET CLR 2.0.50215)

Host: appserver01:8080

Connection: Keep-Alive

 

appserver01:8080 引导我到 casserver:7002 进行认证 , 注意 ,Service=SessionExmaple URL

HTTP/1.1 302 Moved Temporarily

Set-Cookie: JSESSIONID=22311DC79C684A911EEEBC3F0FBDB136; Path=/servlets-examples

Location