扫二维码与项目经理沟通
我们在微信上24小时期待你的声音
解答本文疑问/技术咨询/运营咨询/技术建议/互联网交流
今天就跟大家聊聊有关使用spring boot如何实现对CAS进行整合,可能很多人都不太了解,为了让大家更加了解,小编给大家总结了以下内容,希望大家根据这篇文章可以有所收获。
创新互联公司是一家专注于做网站、成都网站制作与策划设计,鹤峰网站建设哪家好?创新互联公司做网站,专注于网站建设10余年,网设计领域的专业建站公司;建站业务涵盖:鹤峰等地区。鹤峰做网站价格咨询:13518219792
代码整合cas的重要过程
import org.jasig.cas.client.authentication.AuthenticationFilter; import org.jasig.cas.client.session.SingleSignOutFilter; import org.jasig.cas.client.session.SingleSignOutHttpSessionListener; import org.jasig.cas.client.util.AssertionThreadLocalFilter; import org.jasig.cas.client.util.HttpServletRequestWrapperFilter; import org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter; import org.jasig.cas.client.validation.Cas20ServiceTicketValidator; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.boot.web.servlet.FilterRegistrationBean; import org.springframework.boot.web.servlet.ServletListenerRegistrationBean; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.cas.ServiceProperties; import org.springframework.security.cas.authentication.CasAuthenticationProvider; import org.springframework.security.cas.userdetails.GrantedAuthorityFromAssertionAttributesUserDetailsService; import org.springframework.security.web.authentication.logout.LogoutFilter; import org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler; import java.util.List; @Configuration public class CasConfig { @Autowired SpringCasAutoconfig autoconfig; private static boolean casEnabled = true; public CasConfig() { } @Bean public SpringCasAutoconfig getSpringCasAutoconfig(){ return new SpringCasAutoconfig(); } /** * 用于实现单点登出功能 */ @Bean public ServletListenerRegistrationBeansingleSignOutHttpSessionListener() { ServletListenerRegistrationBean listener = new ServletListenerRegistrationBean<>(); listener.setEnabled(casEnabled); listener.setListener(new SingleSignOutHttpSessionListener()); listener.setOrder(1); return listener; } /** * 该过滤器用于实现单点登出功能,单点退出配置,一定要放在其他filter之前 */ @Bean public FilterRegistrationBean logOutFilter() { FilterRegistrationBean filterRegistration = new FilterRegistrationBean(); LogoutFilter logoutFilter = new LogoutFilter(autoconfig.getCasServerUrlPrefix() + "/logout?service=" + autoconfig.getServerName(),new SecurityContextLogoutHandler()); filterRegistration.setFilter(logoutFilter); filterRegistration.setEnabled(casEnabled); if(autoconfig.getSignOutFilters().size()>0) filterRegistration.setUrlPatterns(autoconfig.getSignOutFilters()); else filterRegistration.addUrlPatterns("/logout"); filterRegistration.addInitParameter("casServerUrlPrefix", autoconfig.getCasServerUrlPrefix()); filterRegistration.addInitParameter("serverName", autoconfig.getServerName()); filterRegistration.setOrder(2); return filterRegistration; } /** * 该过滤器用于实现单点登出功能,单点退出配置,一定要放在其他filter之前 */ @Bean public FilterRegistrationBean singleSignOutFilter() { FilterRegistrationBean filterRegistration = new FilterRegistrationBean(); filterRegistration.setFilter(new SingleSignOutFilter()); filterRegistration.setEnabled(casEnabled); if(autoconfig.getSignOutFilters().size()>0) filterRegistration.setUrlPatterns(autoconfig.getSignOutFilters()); else filterRegistration.addUrlPatterns("/*"); filterRegistration.addInitParameter("casServerUrlPrefix", autoconfig.getCasServerUrlPrefix()); filterRegistration.addInitParameter("serverName", autoconfig.getServerName()); filterRegistration.setOrder(3); return filterRegistration; } /** * 该过滤器负责用户的认证工作 */ @Bean public FilterRegistrationBean authenticationFilter() { FilterRegistrationBean filterRegistration = new FilterRegistrationBean(); filterRegistration.setFilter(new AuthenticationFilter()); filterRegistration.setEnabled(casEnabled); if(autoconfig.getAuthFilters().size()>0) filterRegistration.setUrlPatterns(autoconfig.getAuthFilters()); else filterRegistration.addUrlPatterns("/*"); //casServerLoginUrl:cas服务的登陆url filterRegistration.addInitParameter("casServerLoginUrl", autoconfig.getCasServerLoginUrl()); //本项目登录ip+port filterRegistration.addInitParameter("serverName", autoconfig.getServerName()); filterRegistration.addInitParameter("useSession", autoconfig.isUseSession()?"true":"false"); filterRegistration.addInitParameter("redirectAfterValidation", autoconfig.isRedirectAfterValidation()?"true":"false"); filterRegistration.setOrder(4); return filterRegistration; } /** * 该过滤器负责对Ticket的校验工作 */ @Bean public FilterRegistrationBean cas20ProxyReceivingTicketValidationFilter() { FilterRegistrationBean filterRegistration = new FilterRegistrationBean(); Cas20ProxyReceivingTicketValidationFilter cas20ProxyReceivingTicketValidationFilter = new Cas20ProxyReceivingTicketValidationFilter(); //cas20ProxyReceivingTicketValidationFilter.setTicketValidator(cas20ServiceTicketValidator()); cas20ProxyReceivingTicketValidationFilter.setServerName(autoconfig.getServerName()); filterRegistration.setFilter(cas20ProxyReceivingTicketValidationFilter); filterRegistration.setEnabled(casEnabled); if(autoconfig.getValidateFilters().size()>0) filterRegistration.setUrlPatterns(autoconfig.getValidateFilters()); else filterRegistration.addUrlPatterns("/*"); filterRegistration.addInitParameter("casServerUrlPrefix", autoconfig.getCasServerUrlPrefix()); filterRegistration.addInitParameter("serverName", autoconfig.getServerName()); filterRegistration.setOrder(5); return filterRegistration; } /** * 该过滤器对HttpServletRequest请求包装, 可通过HttpServletRequest的getRemoteUser()方法获得登录用户的登录名 * */ @Bean public FilterRegistrationBean httpServletRequestWrapperFilter() { FilterRegistrationBean filterRegistration = new FilterRegistrationBean(); filterRegistration.setFilter(new HttpServletRequestWrapperFilter()); filterRegistration.setEnabled(true); if(autoconfig.getRequestWrapperFilters().size()>0) filterRegistration.setUrlPatterns(autoconfig.getRequestWrapperFilters()); else filterRegistration.addUrlPatterns("/*"); filterRegistration.setOrder(6); return filterRegistration; } /** * 该过滤器使得可以通过org.jasig.cas.client.util.AssertionHolder来获取用户的登录名。 比如AssertionHolder.getAssertion().getPrincipal().getName()。 这个类把Assertion信息放在ThreadLocal变量中,这样应用程序不在web层也能够获取到当前登录信息 */ @Bean public FilterRegistrationBean assertionThreadLocalFilter() { FilterRegistrationBean filterRegistration = new FilterRegistrationBean(); filterRegistration.setFilter(new AssertionThreadLocalFilter()); filterRegistration.setEnabled(true); if(autoconfig.getAssertionFilters().size()>0) filterRegistration.setUrlPatterns(autoconfig.getAssertionFilters()); else filterRegistration.addUrlPatterns("/*"); filterRegistration.setOrder(7); return filterRegistration; } }
2.为了让你们更省力且直接的看到效果,我把相关配置也贴出来
import org.springframework.boot.context.properties.ConfigurationProperties; import org.springframework.context.annotation.Configuration; import java.util.Arrays; import java.util.List; @ConfigurationProperties(prefix = "spring.cas") public class SpringCasAutoconfig { static final String separator = ","; private String validateFilters; private String signOutFilters; private String authFilters; private String assertionFilters; private String requestWrapperFilters; private String casServerUrlPrefix; private String casServerLoginUrl; private String serverName; private boolean useSession = true; private boolean redirectAfterValidation = true; public ListgetValidateFilters() { return Arrays.asList(validateFilters.split(separator)); } public void setValidateFilters(String validateFilters) { this.validateFilters = validateFilters; } public List getSignOutFilters() { return Arrays.asList(signOutFilters.split(separator)); } public void setSignOutFilters(String signOutFilters) { this.signOutFilters = signOutFilters; } public List getAuthFilters() { return Arrays.asList(authFilters.split(separator)); } public void setAuthFilters(String authFilters) { this.authFilters = authFilters; } public List getAssertionFilters() { return Arrays.asList(assertionFilters.split(separator)); } public void setAssertionFilters(String assertionFilters) { this.assertionFilters = assertionFilters; } public List getRequestWrapperFilters() { return Arrays.asList(requestWrapperFilters.split(separator)); } public void setRequestWrapperFilters(String requestWrapperFilters) { this.requestWrapperFilters = requestWrapperFilters; } public String getCasServerUrlPrefix() { return casServerUrlPrefix; } public void setCasServerUrlPrefix(String casServerUrlPrefix) { this.casServerUrlPrefix = casServerUrlPrefix; } public String getCasServerLoginUrl() { return casServerLoginUrl; } public void setCasServerLoginUrl(String casServerLoginUrl) { this.casServerLoginUrl = casServerLoginUrl; } public String getServerName() { return serverName; } public void setServerName(String serverName) { this.serverName = serverName; } public boolean isRedirectAfterValidation() { return redirectAfterValidation; } public void setRedirectAfterValidation(boolean redirectAfterValidation) { this.redirectAfterValidation = redirectAfterValidation; } public boolean isUseSession() { return useSession; } public void setUseSession(boolean useSession) { this.useSession = useSession; } }
3.配置文件 dev.yml
#cas client config spring:cas: sign-out-filters: /logout auth-filters: /* validate-filters: /* request-wrapper-filters: /* assertion-filters: /* cas-server-login-url: cas登录url cas-server-url-prefix:cas登录域名 redirect-after-validation: true use-session: true server-name: http://localhost:8080
看完上述内容,你们对使用spring boot如何实现对CAS进行整合有进一步的了解吗?如果还想了解更多知识或者相关内容,请关注创新互联行业资讯频道,感谢大家的支持。
我们在微信上24小时期待你的声音
解答本文疑问/技术咨询/运营咨询/技术建议/互联网交流