网上找到的玩法都是用 josso 给的命令行工具加工 tomcat,这个办法有不少问题:
1. tomcat8.5 还不支持
2. 很难配置,这让我险些放弃 tomcat8.5,用 tomcat8,但最终都没成功
3. 往lib里塞很多东西,比如说 spring,如果 webapp 用的版本和它塞进 tomcat lib 里版本不一致就会发生灾难
通过一番摸索,现在找到另一种做法,这种做法支持任意版本tomcat,不需要动tomcat本身。
这个做法是在 webapp 级别实施的。
实施办法:
web.xml(可能也可以修改 tomcat/conf/web.xml 达到全局实施)
<?xml version="1.0" encoding="UTF-8"?> <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID" version="2.5"> <display-name>test</display-name> <welcome-file-list> <welcome-file>index.html</welcome-file> <welcome-file>index.htm</welcome-file> <welcome-file>index.jsp</welcome-file> <welcome-file>default.html</welcome-file> <welcome-file>default.htm</welcome-file> <welcome-file>default.jsp</welcome-file> </welcome-file-list> <!-- Setup JOSSO Servlet Filter --> <filter> <filter-name>JOSSOGenericServletFilter</filter-name> <filter-class>org.josso.servlet.agent.GenericServletSSOAgentFilter</filter-class> </filter> <filter> <filter-name>JOSSOWebAccessControlServletFilter</filter-name> <filter-class>org.josso.agent.http.WebAccessControlFilter</filter-class> </filter> <!-- Optional, you can export the security context information (roles, user) to HTTP headers Usefull for web applications that don't use JEE security <filter> <filter-name>JOSSOSecurityContextExporterServletFilter</filter-name> <description>JOSSO Security Context Exporter Servlet Filter</description> <filter-class>org.josso.agent.http.SecurityContextExporterFilter</filter-class> </filter> --> <filter-mapping> <filter-name>JOSSOGenericServletFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <filter-mapping> <filter-name>JOSSOWebAccessControlServletFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> </web-app>
josso-agent-config.xml, 放在 webapp classes 里。
<?xml version="1.0" encoding="UTF-8"?> <s:beans xmlns:s="http://www.springframework.org/schema/beans" xmlns:gen-svlt="urn:org:josso:agent:generic-servlet" xmlns:agent="urn:org:josso:agent:core" xmlns:protocol="urn:org:josso:protocol:client" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd"> <gen-svlt:agent-native name="josso-svlt-agent" sessionAccessMinInterval="1000" > <gatewayLoginUrl>http://localhost:8080/josso/signon/login.do</gatewayLoginUrl> <gatewayLogoutUrl>http://localhost:8080/josso/signon/logout.do</gatewayLogoutUrl> <gatewayServiceLocator> <protocol:ws-service-locator endpoint="localhost:8080" /> </gatewayServiceLocator> <configuration> <agent:agent-configuration> <agent:partner-apps> <agent:partner-app id="test" context="/test"/> </agent:partner-apps> </agent:agent-configuration> </configuration> <parametersBuilders> <agent:vhost-parameters-builder/> <agent:appctx-parameters-builder/> </parametersBuilders> <!-- <automaticoLoginStrategies> --> <!-- <agent:default-automaticlogin-strategy mode="SUFFICIENT"/> --> <!-- </automaticoLoginStrategies> --> </gen-svlt:agent-native> </s:beans>