zoukankan      html  css  js  c++  java
  • spring boot 和 cas 整合

    1. 修改依赖

     <!--  spring-boot-configuration 配置信息 ,加入此项可以提示 配置信息 -->
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-configuration-processor</artifactId>
        <optional>true</optional>
    </dependency>
    
    
    
    <java.cas.client.version>3.5.0</java.cas.client.version>
    
    
    
    <!--   cas 单点登录 客户端 拦截器    -->
    <dependency>
       <groupId>org.jasig.cas.client</groupId>
       <artifactId>cas-client-core</artifactId>
       <version>${java.cas.client.version}</version>
    </dependency>

    2. 建立 配置类 

    package com.cjy.core.config.cas;
    
    import org.springframework.boot.context.properties.ConfigurationProperties;
    import org.springframework.context.annotation.Configuration;
    import org.springframework.lang.Nullable;
    
    /**
     * <p><b>
     *
     * </b></p>
     * <br/>创建时间: 2019/7/8 13:39
     *
     * @author Zero
     */
    @ConfigurationProperties(prefix = "cas")
    @Configuration
    public class CasClientProperties {
        /**
         * 是否开启单点登录
         */
        private boolean enable = true;
        /**
         * 单点登录需要访问的CAS SERVER URL入口
         */
        private String casServerLoginUrl;
        /**
         * 托管此应用的服务器名称,例如本机:http://localhost:8080
         */
        private String serverName;
    
        /**
         * 指定是否应将renew = true发送到CAS服务器
         */
        private boolean renew = false;
        /**
         * 指定是否应将gateway = true发送到CAS服务器
         */
        private boolean gateway = false;
    
        /**
         * cas服务器的开头  例如 http://localhost:8443/cas
         */
        private String casServerUrlPrefix;
        /**
         * 是否将Assertion 存入到session中
         * 如果不使用session(会话),tickets(票据)将每次请求时都需要tickets
         */
        private boolean useSession = true;
        /**
         * 是否在票证验证后重定向到相同的URL,但在参数中没有票证
         */
        private boolean redirectAfterValidation = true;
        /**
         * 是否在tickets验证失败时抛出异常
         */
        private boolean exceptionOnValidationFailure = false;
    
        /**
         * 验证白名单,当请求路径匹配此表达式时,自动通过验证
         */
        @Nullable
        private String ignorePattern;
    
        /**
         * 白名单表达式的类型
         * REGEX 正则表达式 默认的
         * CONTAINS  包含匹配
         * EXACT 精确匹配
         */
        @Nullable
        private String ignoreUrlPatternType;
    
        public boolean isEnable() {
            return enable;
        }
    
        public void setEnable(boolean enable) {
            this.enable = enable;
        }
    
        public String getCasServerLoginUrl() {
            return casServerLoginUrl;
        }
    
        public void setCasServerLoginUrl(String casServerLoginUrl) {
            this.casServerLoginUrl = casServerLoginUrl;
        }
    
        public String getServerName() {
            return serverName;
        }
    
        public void setServerName(String serverName) {
            this.serverName = serverName;
        }
    
        public boolean isRenew() {
            return renew;
        }
    
        public void setRenew(boolean renew) {
            this.renew = renew;
        }
    
        public boolean isGateway() {
            return gateway;
        }
    
        public void setGateway(boolean gateway) {
            this.gateway = gateway;
        }
    
        public String getCasServerUrlPrefix() {
            return casServerUrlPrefix;
        }
    
        public void setCasServerUrlPrefix(String casServerUrlPrefix) {
            this.casServerUrlPrefix = casServerUrlPrefix;
        }
    
        public boolean isUseSession() {
            return useSession;
        }
    
        public void setUseSession(boolean useSession) {
            this.useSession = useSession;
        }
    
        public boolean isRedirectAfterValidation() {
            return redirectAfterValidation;
        }
    
        public void setRedirectAfterValidation(boolean redirectAfterValidation) {
            this.redirectAfterValidation = redirectAfterValidation;
        }
    
        public boolean isExceptionOnValidationFailure() {
            return exceptionOnValidationFailure;
        }
    
        public void setExceptionOnValidationFailure(boolean exceptionOnValidationFailure) {
            this.exceptionOnValidationFailure = exceptionOnValidationFailure;
        }
    
        @Nullable
        public String getIgnorePattern() {
            return ignorePattern;
        }
    
        public void setIgnorePattern(@Nullable String ignorePattern) {
            this.ignorePattern = ignorePattern;
        }
    
        @Nullable
        public String getIgnoreUrlPatternType() {
            return ignoreUrlPatternType;
        }
    
        public void setIgnoreUrlPatternType(@Nullable String ignoreUrlPatternType) {
            this.ignoreUrlPatternType = ignoreUrlPatternType;
        }
    }

    3. 建立 拦截器 bean

    package com.cjy.core.config.cas;
    
    import org.jasig.cas.client.authentication.AuthenticationFilter;
    import org.jasig.cas.client.session.SingleSignOutFilter;
    import org.jasig.cas.client.session.SingleSignOutHttpSessionListener;
    import org.jasig.cas.client.util.AssertionThreadLocalFilter;
    import org.jasig.cas.client.util.HttpServletRequestWrapperFilter;
    import org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter;
    import org.springframework.beans.factory.annotation.Autowired;
    import org.springframework.boot.web.servlet.FilterRegistrationBean;
    import org.springframework.boot.web.servlet.ServletListenerRegistrationBean;
    import org.springframework.context.annotation.Bean;
    import org.springframework.context.annotation.Configuration;
    
    /**
     * <p><b>
     *
     * </b></p>
     * <br/>创建时间: 2019/7/8 13:37
     *
     * @author Zero
     */
    @Configuration
    public class CasFilterConfig {
    
        @Autowired
        private CasClientProperties casClientProperties;
    
    
        /**
         * 单点登出
         *
         * @return
         */
        @Bean
        public ServletListenerRegistrationBean<SingleSignOutHttpSessionListener> singleSignOutHttpSessionListener() {
            ServletListenerRegistrationBean<SingleSignOutHttpSessionListener> listener =
                    new ServletListenerRegistrationBean<>();
            listener.setEnabled(casClientProperties.isEnable());
            listener.setListener(new SingleSignOutHttpSessionListener());
            listener.setOrder(1);
            return listener;
        }
    
        @Bean
        public FilterRegistrationBean singleSignOutFilter() {
            FilterRegistrationBean registrationBean = new FilterRegistrationBean();
            registrationBean.setFilter(new SingleSignOutFilter());
            registrationBean.addUrlPatterns("/*");
            registrationBean.addInitParameter("casServerUrlPrefix", casClientProperties.getCasServerUrlPrefix());
            registrationBean.setEnabled(casClientProperties.isEnable());
            registrationBean.setOrder(2);
    
            return registrationBean;
        }
    
        /**
         * 认证过滤器
         * 如果用户需要进行身份验证,则会将用户重定向到CAS服务器。
         *
         * @return
         */
        @Bean
        public FilterRegistrationBean authenticationFilter() {
            FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean();
            filterRegistrationBean.setFilter(new AuthenticationFilter());
            filterRegistrationBean.setEnabled(casClientProperties.isEnable());
            filterRegistrationBean.addUrlPatterns("/*");
            filterRegistrationBean.addInitParameter("casServerLoginUrl", casClientProperties.getCasServerLoginUrl());
            filterRegistrationBean.addInitParameter("serverName", casClientProperties.getServerName());
            filterRegistrationBean.addInitParameter("gateway", String.valueOf(casClientProperties.isGateway()));
            filterRegistrationBean.addInitParameter("ignorePattern", String.valueOf(casClientProperties.getIgnorePattern()));
            //   filterRegistrationBean.addInitParameter("renew", String.valueOf(casClientProperties.isRenew()));
            filterRegistrationBean.setOrder(3);
    
            return filterRegistrationBean;
        }
    
    
        /**
         * 使用 CAS 2.0 protocol. ticket校验工作
         * Cas30ProxyReceivingTicketValidationFilter 使用cas3.0 protocol
         * Cas30JsonProxyReceivingTicketValidationFilter 过滤器能够接受CAS的验证响应,根据CAS协议规定的格式为JSON
         *
         * @return
         */
        @Bean
        public FilterRegistrationBean cas20ProxyReceivingTicketValidationFilter() {
            FilterRegistrationBean registrationBean = new FilterRegistrationBean();
    
            registrationBean.setFilter(new Cas20ProxyReceivingTicketValidationFilter());
            registrationBean.addUrlPatterns("/*");
            registrationBean.addInitParameter("casServerUrlPrefix", casClientProperties.getCasServerUrlPrefix());
            registrationBean.addInitParameter("serverName", casClientProperties.getServerName());
            registrationBean.addInitParameter("useSession", String.valueOf(casClientProperties.isUseSession()));
            registrationBean.addInitParameter("exceptionOnValidationFailure", String.valueOf(casClientProperties.isExceptionOnValidationFailure()));
            registrationBean.addInitParameter("redirectAfterValidation", String.valueOf(casClientProperties.isRedirectAfterValidation()));
            registrationBean.setEnabled(casClientProperties.isEnable());
            registrationBean.setOrder(4);
            return registrationBean;
        }
    
    
        /**
         * 将断言信息存放在ThreadLocal中,可以通过此类获取登录的用户信息
         * 可以在任意地方获取到用户信息 AssertionHolder类是专门处理此信息类
         * 但是此类无法访问 HttpServletRequest,因此无法调用 getRemoteUser()
         *
         * @return
         */
        @Bean
        public FilterRegistrationBean assertionThreadLocalFilter() {
            FilterRegistrationBean registrationBean = new FilterRegistrationBean();
            registrationBean.setEnabled(casClientProperties.isEnable());
            registrationBean.setOrder(5);
            registrationBean.setFilter(new AssertionThreadLocalFilter());
            return registrationBean;
        }
    
        /**
         * HttpServletRequest包装类
         * 可以通过getRemoteUser()与getPrincipal()获取相应CAS的信息
         *
         * @return
         */
        @Bean
        public FilterRegistrationBean requestWrapperFilter() {
            FilterRegistrationBean registrationBean = new FilterRegistrationBean();
            registrationBean.setEnabled(casClientProperties.isEnable());
            registrationBean.setFilter(new HttpServletRequestWrapperFilter());
            registrationBean.addUrlPatterns("/*");
            registrationBean.setOrder(6);
            return registrationBean;
        }
    }
  • 相关阅读:
    VS2008 环境中完美搭建 Qt 4.7.4 静态编译的调试与发布 Inchroy's Blog 博客频道 CSDN.NET
    编写可丢弃的代码
    c++ using namespace std; 海明威 博客园
    解决MySQL server has gone away
    nginx upstream 调度策略
    (2006, 'MySQL server has gone away') 错误解决 dba007的空间 51CTO技术博客
    Linux IO模型漫谈(2) 轩脉刃 博客园
    redis源码笔记 initServer 刘浩de技术博客 博客园
    MySQLdb批量插入数据
    词库的扩充百度百科的抓取你知道这些热词吗? rabbit9898 ITeye技术网站
  • 原文地址:https://www.cnblogs.com/whm-blog/p/11248304.html
Copyright © 2011-2022 走看看