• Java Web应用CAS Client端的配置详解


    CAS是SSO常用的开源解决方案,可以适用多种语言实现的Web应用。前面介绍了CAS Server端的配置。下面结合本人的实际操作,详细说明下Java应用CAS Client配置。首先,说明下配置环境:

    1. CAS Server 3.4.5,跑在tomcat 7上。 部署在http://www.cas.com/cas上(本地hosts文件配置域名)。
    2. CAS Client Java SSH应用(Struts 2.3.4.1、Spring 3.0.5、Hibernate 3.3.2,如应用使用了特定安全框架如Spring Security,且集成了CAS Client,可直接使用其提供的配置方法), web应用也跑在tomcat 7上,部署在
    http://www.my.com/app(本地hosts文件配置域名)。

    配置步骤:

    1.添加cas-client-core-3.1.10-sources.jar,如使用mvn,pom.xml中添加

       		<dependency>
      			<groupId>org.jasig.cas</groupId>
      			<artifactId>cas-client-core</artifactId>
      			<version>3.1.10</version>
      			<exclusions>
      		    	<exclusion>
      				<artifactId>servlet-api</artifactId>
      				<groupId>javax.servlet</groupId>
      			</exclusion>
      			</exclusions>
      		</dependency> 


     

    2. web.xml中添加:

    	<!-- 与CAS Single Sign Out Filter配合,注销登录信息  -->
    	
    	<listener>
      	 	<listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class>
    	</listener>
    
    	
    
    	
        
    	<!-- CAS Server 通知 CAS Client,删除session,注销登录信息  -->
        	<filter> 
       		<filter-name>CAS Single Sign Out Filter</filter-name>
        		<filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>
    	</filter> 
        	<filter-mapping>
        		<filter-name>CAS Single Sign Out Filter</filter-name>
        		<url-pattern>/*</url-pattern>
    	</filter-mapping>
        
        	<!-- 登录认证,未登录用户导向CAS Server进行认证 -->
       	 <filter> 
    		<filter-name>CAS Filter</filter-name>
    		<filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>
        		<init-param>
       			<param-name>casServerLoginUrl</param-name>
         			<param-value>http://www.cas.com/cas/login</param-value>
      		</init-param>
        		<init-param>
           			<param-name>serverName</param-name>
          			<param-value>http://api.zfwx.com:8080</param-value>
        		</init-param>
    	</filter> 
    	<filter-mapping>
        		<filter-name>CAS Filter</filter-name>
        		<url-pattern>/*</url-pattern>
    	</filter-mapping> 
    	
    	<!-- CAS Client向CAS Server进行ticket验证 -->
        	<filter>  
             	<filter-name>CAS Validation Filter</filter-name>
            	<filter-class>org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</filter-class>
             	<init-param>
                     	<param-name>casServerUrlPrefix</param-name>
                     	<param-value>http://www.cas.com/cas</param-value>
            	</init-param>
             	<init-param>
                     	<param-name>serverName</param-name>
                    	<param-value>http://api.zfwx.com:8080</param-value>
            	</init-param>
     	</filter>
       	<filter-mapping>
             	<filter-name>CAS Validation Filter</filter-name>
            	 <url-pattern>/*</url-pattern>
     	</filter-mapping>
     	
       	<!-- 封装request, 支持getUserPrincipal等方法-->
        	<filter> 
             	<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
             	<filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class>
     	</filter>
     	<filter-mapping>
             	<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
            	<url-pattern>/*</url-pattern>
     	</filter-mapping>
     	
     	<!-- 存放Assertion到ThreadLocal中   -->
        	<filter> 
            	<filter-name>CAS Assertion Thread Local Filter</filter-name>
            	<filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class>
    	</filter> 
        	<filter-mapping>
            	<filter-name>CAS Assertion Thread Local Filter</filter-name>
            	<url-pattern>/*</url-pattern>
    	</filter-mapping>


    3. 编写个简单的测试页面test.jsp进行测试。

    <%@ page import="org.jasig.cas.client.authentication.AttributePrincipal" %>
    <html>
    	<head><title>cas test</title></head>
    	<body>
    
    <%
    AttributePrincipal principal = (AttributePrincipal)request.getUserPrincipal();   
    String username = principal.getName();
    %>
    <% if(null!=username){ %>
    	<h2>Hello <%=username %> !</h2>
    	<a href="http://www.cas.com/cas/logout">logout</a>
    <% }%>
    	
    	</body>
    </html>
    


  • 相关阅读:
    SpringBoot中关于Shiro权限管理的整合使用
    Mybatis批处理(批量查询,更新,插入)
    Windows运行常用命令(win+R)
    IntelliJ IDEA中如何设置同时打开多个文件且分行显示?
    springboot的mybatis的xml相关的配置
    springbootl用thymeleaf整合htm
    resultMap的使用
    重识linux-linux主机上的用户信息传递
    重识linux-linux的新增与删除用户组和切换命令
    重识linux-linux的账号与用户组
  • 原文地址:https://www.cnblogs.com/xinyuyuanm/p/2993581.html
Copyright © 2020-2023  润新知