项目集成单点登录
1、web.xml集成单点
<?xml version="1.0" encoding="UTF-8"?><web-appversion="2.5"xmlns="http://java.sun.com/xml/ns/javaee"xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"><display-name>smartcity base Application</display-name><description>smartcity base web</description><context-param><param-name>casServerLogoutUrl</param-name><param-value>http://192.168.21.46:8080/cas/logout</param-value></context-param><listener><listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class></listener><filter><filter-name>CAS Single Sign Out Filter</filter-name><filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class></filter><filter-mapping><filter-name>CAS Single Sign Out Filter</filter-name><url-pattern>/*</url-pattern></filter-mapping><!-- CAS 客户端配置 这个filter负责对请求进行登录验证拦截,--><filter><filter-name>CAS Authentication Filter</filter-name><filter-class>cn.com.bmsoft.smartcity.survey.filter.AuthenticationFilterWithExcludeUrl</filter-class><!-- CAS验证服务器地址,有域名填写域名 --><init-param><param-name>casServerLoginUrl</param-name><param-value>http://192.168.21.46:8080/cas</param-value></init-param><init-param><param-name>renew</param-name><param-value>false</param-value></init-param><init-param><param-name>gateway</param-name><param-value>false</param-value></init-param><init-param><param-name>serverName</param-name><param-value>http://localhost:8080</param-value></init-param><init-param><description>排除路径</description><param-name>excludePaths</param-name><param-value>/management/questionnaire/*,/management/stat/*,/account/*,/resources/*</param-value></init-param></filter><filter-mapping><filter-name>CAS Authentication Filter</filter-name><url-pattern>/*</url-pattern></filter-mapping><!--负责Ticket校验 这个filter负责对请求参数ticket进行验证(ticket参数是负责子系统与CAS进行验证交互的凭证)--><filter><filter-name>CAS Validation Filter</filter-name><filter-class>org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</filter-class><init-param><param-name>casServerUrlPrefix</param-name><param-value>http://192.168.21.46:8080/cas/</param-value></init-param><init-param><param-name>serverName</param-name><param-value>http://localhost:8080</param-value></init-param><init-param><param-name>useSession</param-name><param-value>true</param-value></init-param><init-param><param-name>redirectAfterValidation</param-name><param-value>true</param-value></init-param><init-param><param-name>encoding</param-name><param-value>UTF-8</param-value></init-param></filter><filter-mapping><filter-name>CAS Validation Filter</filter-name><url-pattern>/*</url-pattern></filter-mapping><filter><filter-name>CAS HttpServletRequest Wrapper Filter</filter-name><filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class></filter><filter-mapping><filter-name>CAS HttpServletRequest Wrapper Filter</filter-name><url-pattern>/*</url-pattern></filter-mapping><filter><filter-name>CAS Assertion Thread Local Filter</filter-name><filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class></filter><filter-mapping><filter-name>CAS Assertion Thread Local Filter</filter-name><url-pattern>/*</url-pattern></filter-mapping><!--<filter-mapping>--><!--<filter-name>login</filter-name>--><!--<url-pattern>/*</url-pattern>--><!--</filter-mapping>--><listener><listener-class>org.springframework.web.context.request.RequestContextListener</listener-class></listener><!--<filter>--><!--<filter-name>login</filter-name>--><!--<filter-class>cn.com.bmsoft.smartcity.common.LoginFilter</filter-class>--><!--<init-param>--><!--<param-name>loginUrl</param-name>--><!--<!–下面是未登录跳转和超时跳转代理页面–>--><!--<param-value>/account/login</param-value>--><!--</init-param>--><!--</filter>--><!--<filter-mapping>--><!--<filter-name>login</filter-name>--><!--<url-pattern>/*</url-pattern>--><!--</filter-mapping>--><servlet><servlet-name>smartcity springMvc </servlet-name><servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class><init-param><param-name>contextConfigLocation</param-name><param-value>classpath*:servlet-context.xml,classpath*:spring-mybatis.xml,classpath*:spring-rbac.xml</param-value></init-param><load-on-startup>1</load-on-startup></servlet><servlet-mapping><servlet-name>smartcity springMvc</servlet-name><url-pattern>/</url-pattern></servlet-mapping><session-config><session-timeout>60</session-timeout></session-config><welcome-file-list><welcome-file>/</welcome-file></welcome-file-list></web-app>
2、权限和单点配置信息
sso.enable=truerbac.enable=truerbac.url=http://192.168.21.46:8080/weixin.url=http://192.168.28.111:8181/sso.casServerUrlPrefix = http://192.168.21.46:8080/cas/sso.logoutUrl = ${sso.casServerUrlPrefix}logoutsso.client.serverName=http://localhost:8080
3、登录拦截filter,将单点系统存放在session中的用户信息拿到后做处理再添加系统所需用户信息在session中
publicfinalvoid doFilter(ServletRequest servletRequest,ServletResponse servletResponse,FilterChain filterChain)throwsIOException,ServletException{HttpServletRequest request =(HttpServletRequest)servletRequest;HttpServletResponse response =(HttpServletResponse)servletResponse;HttpSession session = request.getSession(false);Assertion assertion = session !=null?(Assertion)session.getAttribute("_const_cas_assertion_"):null;if(assertion !=null){String username = assertion.getPrincipal().getName();IUserService userService =(IUserService)ServiceLocator.getService("userService");Map<String,Object> queryParams =newHashMap<String,Object>();queryParams.put("username",username);List<User> users = userService.find(queryParams);SessionUtil.set(request,SessionUtil.USER_SESSION_NAME,users.get(0));filterChain.doFilter(request, response);}else{String serviceUrl =this.constructServiceUrl(request, response);boolean isInWhiteList =false;if(excludePaths!=null&& excludePaths.size()>0&& serviceUrl !=null){for(String path : excludePaths){if(CommonUtils.isNotBlank(path)){isInWhiteList =StringUtil.isIn(path,serviceUrl);if(isInWhiteList){break;}}}}String ticket =CommonUtils.safeGetParameter(request,this.getArtifactParameterName());boolean wasGatewayed =this.gatewayStorage.hasGatewayedAlready(request, serviceUrl);if(isInWhiteList){filterChain.doFilter(request, response);}elseif(!CommonUtils.isNotBlank(ticket)&&!wasGatewayed){this.log.debug("no ticket and no assertion found");String modifiedServiceUrl;if(this.gateway){this.log.debug("setting gateway attribute in session");modifiedServiceUrl =this.gatewayStorage.storeGatewayInformation(request, serviceUrl);}else{modifiedServiceUrl = serviceUrl;}if(this.log.isDebugEnabled()){this.log.debug("Constructed service url: "+ modifiedServiceUrl);}String urlToRedirectTo =CommonUtils.constructRedirectUrl(this.casServerLoginUrl,this.getServiceParameterName(), modifiedServiceUrl,this.renew,this.gateway);if(this.log.isDebugEnabled()){this.log.debug("redirecting to ""+ urlToRedirectTo +""");}response.sendRedirect(urlToRedirectTo);}else{filterChain.doFilter(request, response);}}}
4、修改我们的首页控制器,获取session中的用户信息,处理存放到变量集合
package cn.com.bmsoft.smartcity.common.controller;import cn.com.bmsoft.smartcity.common.IContextService;import cn.com.bmsoft.smartcity.common.TreeModel;import cn.com.bmsoft.smartcity.common.domain.User;import cn.com.bmsoft.smartcity.common.util.SessionUtil;import com.bmsoft.jasig.cas.client.util.CASClientUtils;import org.springframework.beans.factory.annotation.Autowired;import org.springframework.stereotype.Controller;import org.springframework.web.bind.annotation.RequestMapping;import org.springframework.web.bind.annotation.RequestMethod;import org.springframework.web.bind.annotation.ResponseBody;import org.springframework.web.servlet.ModelAndView;import javax.servlet.http.HttpServletRequest;import java.util.HashMap;import java.util.Map;@Controller("home")publicclassHomeController{@AutowiredprivateIContextService contextService;@RequestMapping(value={"","/home/index","/home"})publicModelAndView home(HttpServletRequest request){Map<String,String> map=newHashMap<String,String>();User user =(User)SessionUtil.get(request,SessionUtil.USER_SESSION_NAME);map.put("userName", user.getName());returnnewModelAndView("home/index",map);}@ResponseBody@RequestMapping(value ={"/home/menu"}, method =RequestMethod.GET)publicTreeModel getMenu(HttpServletRequest request){User user =(User)SessionUtil.get(request,SessionUtil.USER_SESSION_NAME);returnthis.contextService.getMenu(user.getUsername());}}
5、退出控制器,退出按钮方法修改
package cn.com.bmsoft.smartcity.common.controller;import cn.com.bmsoft.smartcity.common.util.SessionUtil;import org.springframework.beans.factory.annotation.Value;import org.springframework.stereotype.Controller;import org.springframework.web.bind.annotation.RequestMapping;import org.springframework.web.servlet.ModelAndView;import org.springframework.web.servlet.view.RedirectView;import javax.servlet.http.HttpServletRequest;/*** Created by Administrator on 2016/4/18.*/@Controller@RequestMapping(value ="/accounts")publicclassLogoutController{@Value("${sso.logoutUrl}")privateString logoutUrl;@Value("${sso.client.serverName}")privateString serverName;// @RequestMapping("/logout")// public ModelAndView logout(ModelAndView view, HttpServletRequest request) {// SessionUtil.destroy(request,SessionUtil.USER_SESSION_NAME);//// request.getSession().invalidate();// request.setAttribute("message","");// String logout = logoutUrl+"?service="+serverName+request.getContextPath()+"/";// view.setView(new RedirectView(logout, false));// return view;// }@RequestMapping("/logout")publicString logout(HttpServletRequest request){SessionUtil.destroy(request,SessionUtil.USER_SESSION_NAME);// request.getSession().invalidate();request.setAttribute("message","");return"account/login";}}