CAS实战の获取多用户信息

　　先列出版本号：

　　服务端版本：cas server 4.0.0

　　客户端版本：cas client 3.3.3

　　 cas server

　　 step1:先将primaryPrincipalResolver bean属性attributeRepository注释，因为cas 默认是通过配置xml来获取多用户信息的。

 <bean id="primaryPrincipalResolver"
          class="org.jasig.cas.authentication.principal.PersonDirectoryPrincipalResolver" >
        <!--<property name="attributeRepository" ref="attributeRepository" />-->
    </bean>

　　 step2：自定义获取多用户信息类，此类继承PrincipalResolver，重写resolve和supports，另附代码如下：

    @Autowired
    private J1DBService dbService;
    
    @Override
    public Principal resolve(Credential credential) {
        // TODO Auto-generated method stub
        final UsernamePasswordCredential usernamePasswordCredentials = (UsernamePasswordCredential) credential;
        String userStr = "";
        try {
            String username = usernamePasswordCredentials.getUsername();
            String password = usernamePasswordCredentials.getPassword();
            password = MD5.getMD5(password);
            User r = new User();
            r.setUserName(username);
            r.setPassword(password);
            Map<String,Object> m = dbService.getUser(r);
            if (null!=m) {
                r.setUserId(Integer.parseInt(m.get("userId").toString()));
                r.setUserRealName(m.get("userRealName")==null?null:m.get("userRealName").toString());
            }
            userStr = JSON.toJSONString(r);
            userStr = Base64.getBase64(userStr);
        } catch (Exception e) {
            e.printStackTrace();
        } 
        return new SimplePrincipal(userStr, null);
    }
    /**
     * @Description(功能描述)        : 确定一个凭证类型支持这个解析器
     * @author(作者)                : hhl
     * @date (开发日期)            : 2015年3月16日 下午15:17:25
     * @param credentials        : 确定一个凭证类型支持这个解析器
     * @return  boolean         : 返回true,支持这些凭证,否则假。
     */
    @Override
    public boolean supports(Credential credential) {
        // TODO Auto-generated method stub
        return credential != null && UsernamePasswordCredential.class.isAssignableFrom(credential.getClass());
    }

　　由于返回给客户端用户信息中存在中文，所以进行了Base64加密。

　　step3:将primaryPrincipalResolver bean映射的类路径变更为你自定义的类。

 <bean id="primaryPrincipalResolver"
          class="xx.xx.xx" >
        <!--<property name="attributeRepository" ref="attributeRepository" />-->
    </bean>

　　cas client

　　如在class中:

/**
     * 从中央授权服务器获取得到用户信息
     * @param request
     */
    @RequestMapping(value="/sysuser/saveUserIntoSession")
    @ResponseBody
    public String saveUserInfoIntoSession(HttpServletRequest request){
        Assertion assertion = (Assertion)request.getSession().getAttribute(AbstractCasFilter.CONST_CAS_ASSERTION);
        String json=null;
        if (null!=assertion) {
            AttributePrincipal principal = assertion.getPrincipal();
            String userStr=principal.getName();
            userStr = Base64.getFromBase64(userStr);
            User u  = JSON.parseObject(userStr, User.class);
            String tokenId = UUID.randomUUID().toString(); 
            request.getSession().setAttribute("password",u.getPassword());
            request.getSession().setAttribute("userName",u.getUserName());
            request.getSession().setAttribute("realName",u.getUserRealName());
            SysUser e = systemService.getUser(u.getUserName());
            //取得用户的角色id
            String roleId = getUserRoleById(e.getUserId());
            request.getSession().setAttribute("userId",e.getUserId());
            request.getSession().setAttribute("tokenId",tokenId);
            request.getSession().setAttribute("roleId",roleId);
            
            LoginBto b = new LoginBto();
            b.setPassword(u.getPassword());
            b.setRealName(u.getUserRealName());
            b.setRoleId(roleId);
            b.setTokenId(tokenId);
            b.setUserId(e.getUserId());
            b.setUserName(u.getUserName());
            json = JSON.toJSONString(b);
        }
        return json;
    }

　　如在jsp中：

<%@ page import="org.jasig.cas.client.validation.Assertion" %>
<%@ page import="org.jasig.cas.client.authentication.AttributePrincipal" %>
<%@ page import="org.jasig.cas.client.util.AbstractCasFilter" %>
<%@ page import="com.founder.ec.sso.model.User" %>
<%@ page import="com.alibaba.fastjson.JSON" %>
<%@ page import="com.founder.ec.sso.util.Base64" %>
<%@ page import="java.util.UUID" %>
<span style="float: right; padding-right: 20px; margin-top: 10px;" class="head">
        <% Assertion assertion = (Assertion)request.getSession().getAttribute(AbstractCasFilter.CONST_CAS_ASSERTION);
             String userName = null;
            String realName = null;
            String flag = null;
            if(null!=assertion){
                AttributePrincipal principal = assertion.getPrincipal();
                 String userStr=principal.getName();
                 userStr = Base64.getFromBase64(userStr);
                 User u  = JSON.parseObject(userStr, User.class); 
                 userName = u.getUserName();
                 realName = u.getUserRealName();
                 flag = "cas";
            }
            %> 
            <% if(null!=flag){ %>  
                    欢迎&nbsp;&nbsp;<%=realName %>(<%=userName %>)&nbsp;&nbsp;  
            <% }%>  
            <% if(null==flag){ %>  
                    欢迎&nbsp;&nbsp;${sessionScope.realName}(${sessionScope.userName})&nbsp;&nbsp;
            <% }%>
            <a href="javascript:void(0)" id="editpass" style="color: #000"> 修改密码</a>&nbsp; 
            <a href="http://192.168.2.11:8080/cas/logout?service=http://101.test.com/" style="color: #000">注销登录</a>&nbsp;
            <!-- <a href="javascript:void(0)" id="loginOut" style="color:#000 ">注销登录</a>&nbsp; -->
            <a href="javascript:void(0)" id="colNorth"><img border="0" style="margin-bottom: 0px" src="${ctx }/images/system/icon/detail-collapse.png" /></a> 
            <a href="javascript:void(0)" id="newWindow"><img border="0" style="margin-bottom: 0px" src="${ctx }/images/common/fullscreen.gif" /></a>
        </span>