通过上篇的配置,登录是从数据库中进行验证了。http://blog.csdn.net/redstarofsleep/article/details/51144809
那么现在要解决的问题是,客户端怎么知道登录者是谁呢?如何获取登录者的信息。
首先还是打开deployerConfigContext.xml这个配置文件
找到id为attributeRepository的bean。默认这个bean配置的应该是org.jasig.services.persondir.support.StubPersonAttributeDao,要把它换成org.jasig.services.persondir.support.jdbc.SingleRowJdbcPersonAttributeDao
配置如下:
<!--
<bean id="attributeRepository"
class="org.jasig.services.persondir.support.StubPersonAttributeDao">
<property name="backingMap">
<map>
<entry key="uid" value="uid" />
<entry key="eduPersonAffiliation" value="eduPersonAffiliation" />
<entry key="groupMembership" value="groupMembership" />
</map>
</property>
</bean>
-->
<bean id="attributeRepository"
class="org.jasig.services.persondir.support.jdbc.SingleRowJdbcPersonAttributeDao">
<constructor-arg index="0" ref="dataSource"/>
<constructor-arg index="1" value="select * from sampleUser where {0}"/>
<property name="queryAttributeMapping">
<map>
<entry key="username" value="userName"/><!--key与登录页面一致,value对应数据库-->
</map>
</property>
<property name="resultAttributeMapping">
<map>
<entry key="id" value="id"/>
<entry key="userName" value="userName"/>
</map>
</property>
</bean>
这里面配置一个sql语句,根据用户名查询用户属性。然后resultAttributeMapping这个属性是配置的返回结果,key对应数据库字段,value对应客户端获取时的名字。
然后再找一下credentialsToPrincipalResolvers,里面默认应该有一个
<bean class="org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver" >
<property name="attributeRepository" ref="attributeRepository" />
</bean>
没有的话,把它加上。
再下一步就是再在这个配置文件中找org.jasig.cas.services.InMemoryServiceRegistryDaoImpl这个bean。在其中的org.jasig.cas.services.RegexRegisteredService的属性中加上需要返回的字段:
<bean
id="serviceRegistryDao"
class="org.jasig.cas.services.InMemoryServiceRegistryDaoImpl">
<property name="registeredServices">
<list>
<bean class="org.jasig.cas.services.RegexRegisteredService">
<property name="id" value="0" />
<property name="name" value="HTTP and IMAP" />
<property name="description" value="Allows HTTP(S) and IMAP(S) protocols" />
<property name="serviceId" value="^(https?|imaps?)://.*" />
<property name="evaluationOrder" value="10000001" />
<!-- ******* add start ******* -->
<property name="allowedAttributes">
<list>
<value>id</value>
<value>userName</value>
</list>
</property>
<!-- ******* add end ******* -->
</bean>
我这里只是加了id和userName。
好了,保存这个文件。
最后找到view/jsp/protocol/2.0/casServiceValidationSuccess.jsp
在里面加一段
<cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
<cas:authenticationSuccess>
<cas:user>${fn:escapeXml(assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.id)}</cas:user>
<!-- 新加 start-->
<c:if test="${fn:length(assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.attributes) > 0}">
<cas:attributes>
<c:forEach var="attr" items="${assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.attributes}">
<cas:${fn:escapeXml(attr.key)}>${fn:escapeXml(attr.value)}</cas:${fn:escapeXml(attr.key)}>
</c:forEach>
</cas:attributes>
</c:if>
<!-- 新加 end-->
<c:if test="${not empty pgtIou}">
<cas:proxyGrantingTicket>${pgtIou}</cas:proxyGrantingTicket>
</c:if>
<c:if test="${fn:length(assertion.chainedAuthentications) > 1}">
<cas:proxies>
<c:forEach var="proxy" items="${assertion.chainedAuthentications}" varStatus="loopStatus" begin="0" end="${fn:length(assertion.chainedAuthentications)-2}" step="1">
<cas:proxy>${fn:escapeXml(proxy.principal.id)}</cas:proxy>
</c:forEach>
</cas:proxies>
</c:if>
</cas:authenticationSuccess>
</cas:serviceResponse>
好了,server端配置完成,可以重启tomcat了。
然后是客户端,
首先在web.xml里加两个过滤器
<!-- 该过滤器负责实现HttpServletRequest请求的包裹, 比如允许开发者通过HttpServletRequest的getRemoteUser()方法获得SSO登录用户的登录名,可选配置。 -->
<filter>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<filter-class>
org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<url-pattern>/do/*</url-pattern>
</filter-mapping>
<!-- 该过滤器使得开发者可以通过org.jasig.cas.client.util.AssertionHolder来获取用户的登录名。 比如AssertionHolder.getAssertion().getPrincipal().getName()。 -->
<filter>
<filter-name>CAS Assertion Thread Local Filter</filter-name>
<filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CAS Assertion Thread Local Filter</filter-name>
<url-pattern>/do/*</url-pattern>
</filter-mapping>
然后,客户端要获取属性这些属性,我这里是把这些属性全部遍历出来了。
AttributePrincipal principal = (AttributePrincipal) request.getUserPrincipal();
Map<String, Object> attributes = principal.getAttributes();
for (String key : attributes.keySet()) {
System.out.println(key + "/" + attributes.get(key));
}
转载请注明出处:http://blog.csdn.net/redstarofsleep