zoukankan      html  css  js  c++  java
  • springboot09

    cas4.0 单点登录 之 cas-client

    cas4.0 单点登录 之 https证书 已经做好了证书的准备工作,现在结合cas-server来配置单点登录;

    一、安装cas服务端(cas-server)

    cas服务端是一个war包,这里只做体验单点登录,cas-server下载点这里cas-server-webapp-4.0.0.war,将war包放tomcat下运行即可,运行cas-server的tomcat的要开启SSL支持,上面文章也有说明,server.xml需要如下配置:

    <Connector port="8443" protocol="HTTP/1.1"
          maxThreads="150"  SSLEnabled="true"  scheme="https"  secure="true"
          clientAuth="false" sslProtocol="TLS" keystoreFile="d:/cas/keystore"  keystorePass="caspass"/>
    • 1
    • 2
    • 3

    cas-server的定制开发后面文章再讲。

    二、cas客户端配置(cas-client)

    1、web.xml方式配置

    写了个简单客户端配置,源码cas_client_test_demo.zip

    a) pom.xml

    <dependencies>
        <dependency>
            <groupId>junit</groupId>
            <artifactId>junit</artifactId>
            <version>3.8.1</version>
            <scope>test</scope>
        </dependency>
        <dependency>
            <groupId>javax.servlet</groupId>
            <artifactId>servlet-api</artifactId>
            <version>2.5</version>
            <scope>provided</scope>
        </dependency>
        <dependency>
            <groupId>org.springframework</groupId>
            <artifactId>spring-webmvc</artifactId>
            <version>4.0.3.RELEASE</version>
        </dependency>
        <dependency>
            <groupId>org.jasig.cas.client</groupId>
            <artifactId>cas-client-core</artifactId>
            <version>3.4.1</version>
        </dependency>
    </dependencies>
    

    b) web.xml

    <?xml version="1.0" encoding="UTF-8"?>
    <web-app id="WebApp_ID" version="3.0"
        xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
        xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
    
    
        <servlet>
            <servlet-name>mvc-dispatcher</servlet-name>
            <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
            <init-param>
                <param-name>contextConfigLocation</param-name>
                <param-value>classpath:/spring-mvc.xml</param-value>
            </init-param>
            <load-on-startup>1</load-on-startup>
        </servlet>
        <servlet-mapping>
            <servlet-name>mvc-dispatcher</servlet-name>
            <url-pattern>/</url-pattern>
        </servlet-mapping>
    
        <!-- ****************** 单点登录开始 ********************-->
        <!-- 用于实现单点登出功能  可选 -->
        <listener>
            <listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class>
        </listener>
    
        <!-- 该过滤器用于实现单点登出功能,单点退出配置,一定要放在其他filter之前 可选 -->
        <filter>
            <filter-name>CAS Single Sign Out Filter</filter-name>
            <filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>
            <init-param>
                <param-name>casServerUrlPrefix</param-name>
                <param-value>https://cas.castest.com:8443/cas/</param-value>
            </init-param>
        </filter>
        <filter-mapping>
            <filter-name>CAS Single Sign Out Filter</filter-name>
            <url-pattern>/*</url-pattern>
        </filter-mapping>
    
        <!-- 该过滤器负责用户的认证工作,必须 -->
        <filter>
            <filter-name>CASFilter</filter-name>
            <filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>
            <init-param>
                <!--casServerLoginUrl:cas服务的登陆url -->
                <param-name>casServerLoginUrl</param-name>
                <param-value>https://cas.castest.com:8443/cas/login</param-value>
            </init-param>
            <init-param>
                <!--serverName:本项目的ip+port -->
                <param-name>serverName</param-name>
                <param-value>http://www.zrk1000.com:8081</param-value>
            </init-param>
            <init-param>
                <param-name>useSession</param-name>
                <param-value>true</param-value>
            </init-param>
            <init-param>
                <param-name>redirectAfterValidation</param-name>
                <param-value>true</param-value>
            </init-param>
        </filter>
        <filter-mapping>
            <filter-name>CASFilter</filter-name>
            <url-pattern>/test</url-pattern>
        </filter-mapping>
    
        <!-- 该过滤器负责对Ticket的校验工作,必须-->
        <filter>
            <filter-name>CAS Validation Filter</filter-name>
            <filter-class>
                org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter
            </filter-class>
            <init-param>
                <param-name>casServerUrlPrefix</param-name>
                <param-value>https://cas.castest.com:8443/cas/</param-value>
            </init-param>
            <init-param>
                <param-name>serverName</param-name>
                <param-value>http://www.zrk1000.com:8081</param-value>
            </init-param>
        </filter>
        <filter-mapping>
            <filter-name>CAS Validation Filter</filter-name>
            <!-- 对test做登录拦截-->
            <url-pattern>/test</url-pattern>
        </filter-mapping>
    
        <!-- 该过滤器对HttpServletRequest请求包装, 可通过HttpServletRequest的getRemoteUser()方法获得登录用户的登录名,可选 -->
    
        <filter>
            <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
            <filter-class>
                org.jasig.cas.client.util.HttpServletRequestWrapperFilter
            </filter-class>
        </filter>
        <filter-mapping>
            <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
            <url-pattern>/*</url-pattern>
        </filter-mapping>
    
        <!-- 该过滤器使得可以通过org.jasig.cas.client.util.AssertionHolder来获取用户的登录名。
             比如AssertionHolder.getAssertion().getPrincipal().getName()。 
             这个类把Assertion信息放在ThreadLocal变量中,这样应用程序不在web层也能够获取到当前登录信息 -->
        <filter>
            <filter-name>CAS Assertion Thread Local Filter</filter-name>
            <filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class>
        </filter>
        <filter-mapping>
            <filter-name>CAS Assertion Thread Local Filter</filter-name>
            <url-pattern>/*</url-pattern>
        </filter-mapping>
        <!-- ****************** 单点登录结束 ********************-->
    
    
    </web-app>
  • 相关阅读:
    感动于细节,记我的一个同学(君君)
    求职时,我问过的问题
    毕业留言,写给我的一个同学
    偶是一个如此善良的人
    温柔地对待仇人,就像对待情人一样!
    小改机箱,支持硬盘调头,让磁盘对拷更方便
    心中的女朋友:(标准)
    准备开始看以下书籍
    成都文化公园游后感
    ”中国的教育与计算机“读后感
  • 原文地址:https://www.cnblogs.com/huaobin/p/14909228.html
Copyright © 2011-2022 走看看