springboot 接入cas-client-core单点登录

• 1.maven引入相关包

  <dependency>
      <groupId>net.unicon.cas</groupId>
  	<artifactId>cas-client-autoconfig-support</artifactId>
  	<version>1.4.0-GA</version>
  </dependency>
  <dependency>
  	<groupId>org.jasig.cas.client</groupId>
  	<artifactId>cas-client-core</artifactId>
  	<version>3.2.1</version>
  </dependency>

   

• 2.application.properties 文件配置

  #pro
  #cas.server-url-prefix=http://host/authserver
  #cas.server-login-url=http://host/authserver/login
  #cas.client-host-url=http://127.0.0.1
  #cas.use-session=true
  #cas.validation-type=cas
  #casClientLogoutUrl=http://host/logout?service=http://127.0.0.1/bigdata/user/logout/success
  
  #dev
  cas.server-url-prefix=http://192.168.102.198:9999/cas-server
  cas.server-login-url=http://192.168.102.198:9999/cas-server/login
  cas.client-host-url=http://192.168.102.198:8888
  cas.use-session=true
  cas.validation-type=cas
  casClientLogoutUrl=http://192.168.102.198:9999/cas-server/logout?service=http://192.168.102.198:8888/bigdata/user/logout/success

   

• 3.过滤器授权访问cas跳转

  package com.sunmnet.bigdata.web.config;
  
  import java.util.HashMap;
  import java.util.Map;
  
  import org.jasig.cas.client.authentication.AuthenticationFilter;
  import org.springframework.boot.context.properties.ConfigurationProperties;
  import org.springframework.boot.web.servlet.FilterRegistrationBean;
  import org.springframework.context.annotation.Bean;
  import org.springframework.stereotype.Component;
  
  @Component
  @ConfigurationProperties(prefix = "cas")
  public class CASAutoConfig {
      private String serverUrlPrefix;
      
      private String serverLoginUrl;
      
      private String clientHostUrl;
      
      private String clientLogoutUrl;
  
      public String getServerUrlPrefix() {
  		return serverUrlPrefix;
  	}
  
  	public void setServerUrlPrefix(String serverUrlPrefix) {
  		this.serverUrlPrefix = serverUrlPrefix;
  	}
  
  	public String getServerLoginUrl() {
  		return serverLoginUrl;
  	}
  
  	public void setServerLoginUrl(String serverLoginUrl) {
  		this.serverLoginUrl = serverLoginUrl;
  	}
  
  	public String getClientHostUrl() {
  		return clientHostUrl;
  	}
  
  	public void setClientHostUrl(String clientHostUrl) {
  		this.clientHostUrl = clientHostUrl;
  	}
  	
  	
  
  	public String getClientLogoutUrl() {
  		return clientLogoutUrl;
  	}
  
  	public void setClientLogoutUrl(String clientLogoutUrl) {
  		this.clientLogoutUrl = clientLogoutUrl;
  	}
  
  	/**
       * 授权过滤器
       * @return
       */
      @Bean
      public FilterRegistrationBean filterAuthenticationRegistration() {
          FilterRegistrationBean registration = new FilterRegistrationBean();
          registration.setFilter(new AuthenticationFilter());
          // 设定匹配的路径
          registration.addUrlPatterns("/bigdata/user/login");
          Map<String,String> initParameters = new HashMap<String, String>();
          initParameters.put("casServerLoginUrl", serverUrlPrefix);
          initParameters.put("serverName", clientHostUrl);
          //忽略的url，"|"分隔多个url
          initParameters.put("ignorePattern", "/bigdata/user/logout/success");
          registration.setInitParameters(initParameters);
          // 设定加载的顺序
          registration.setOrder(1);
          return registration;
      }
      
  }
  

   

• 4.启动器加入@EnableCasClient 配置

  import net.unicon.cas.client.configuration.EnableCasClient;
  @SpringBootConfiguration
  @EnableAspectJAutoProxy
  @EnableTransactionManagement
  @EnableScheduling
  @EnableCasClient
  public class BigDataApplication {
      public static void main(String[] args) {
          SpringApplication.run(BigDataApplication.class, args);
      }
  
  }

• 5.controller参考
   

  package com.sunmnet.bigdata.web.controller;
  
  import java.io.IOException;
  import java.net.URLEncoder;
  import java.util.List;
  
  import javax.servlet.http.HttpServletRequest;
  import javax.servlet.http.HttpServletResponse;
  import javax.ws.rs.QueryParam;
  
  import org.jasig.cas.client.authentication.AttributePrincipal;
  import org.jasig.cas.client.util.AbstractCasFilter;
  import org.jasig.cas.client.validation.Assertion;
  import org.springframework.beans.factory.annotation.Autowired;
  import org.springframework.beans.factory.annotation.Value;
  import org.springframework.http.MediaType;
  import org.springframework.web.bind.annotation.RequestBody;
  import org.springframework.web.bind.annotation.RequestMapping;
  import org.springframework.web.bind.annotation.RequestMethod;
  import org.springframework.web.bind.annotation.RestController;
  
  import com.sunmnet.bigdata.web.model.dto.user.Menu;
  import com.sunmnet.bigdata.web.model.dto.user.User;
  import com.sunmnet.bigdata.web.model.po.user.SecRole;
  import com.sunmnet.bigdata.web.model.po.user.SecUser;
  import com.sunmnet.bigdata.web.model.po.user.UserParam;
  import com.sunmnet.bigdata.web.service.impl.MenuService;
  import com.sunmnet.bigdata.web.service.impl.SecRoleService;
  import com.sunmnet.bigdata.web.service.impl.SecUserService;
  @RestController
  @RequestMapping(value = "/user",produces = MediaType.APPLICATION_JSON_UTF8_VALUE,name= "UserController")
  public class UserController extends BaseController{
  	@Value("${casClientLogoutUrl}")
      private String clientLogoutUrl;
  	
  	@Value("${cas.client-host-url}")
  	private String host;
  	
  	@Value("${security.default-user-password}")
  	private String defaultPassword;
  	
  	@Autowired
  	private MenuService menuService;
  	@Autowired
  	private SecUserService secUserService;
  	@Autowired
  	private SecRoleService secRoleService;
  	
  	@RequestMapping(value = "/login", method = RequestMethod.POST)
  	public Object login(@RequestBody UserParam param) throws IOException {
  		SecUser result = secUserService.getByUsername(param.getUsername());
  		if(result!=null) {
  			User user = result.coverUser();
  			SecRole role = secRoleService.getByUserId(user.getId());
  			user.setRoleId(role.getId());
  			user.setRoles(role.getRoleName());
  			List<Menu> menuList = menuService.getAllAuthorizedMenuTreeOfUser(result.getId());
  			user.setMenus(menuList);
  			request.getSession().setAttribute("user", user);
  			return buildSuccJson(user);
  		}else {
  			return buildErrJson("用户不存在");
  		}
  		
  	}
  	
  	@RequestMapping(value = "/logout", method = RequestMethod.GET)
  	public Object logout(HttpServletRequest request,HttpServletResponse response) throws IOException {
  		request.getSession().invalidate();
  		return buildSuccJson();
  	}
  	
  	@RequestMapping(value = "/cas_logout", method = RequestMethod.GET)
  	public void cas_logout(HttpServletRequest request,HttpServletResponse response) throws IOException {
  		request.getSession().invalidate();
  		response.sendRedirect(host+"/#/LoginPage");
  	}
  	
  	@RequestMapping(value = "/cas_login", method = RequestMethod.GET)
  	public void casLogin(@QueryParam("")UserParam param) throws IOException {
  		Assertion assertion = (Assertion) request.getSession().getAttribute(AbstractCasFilter.CONST_CAS_ASSERTION);
  		if(assertion!=null) {
  			AttributePrincipal principal = assertion.getPrincipal();
              //获取用户名
              String userName = principal.getName();
              SecUser result = secUserService.getByUsername(userName);
      		if(result!=null) {
              	response.sendRedirect(host+"/#/LoginPage?signIn=true&userName="+userName+"&password="+defaultPassword);
      		}else {
              	response.sendRedirect(host+"/#/LoginPage?signIn=false&errorCode=500&msg="+ URLEncoder.encode("该用户不存在本系统", "UTF-8"));
              }
  		}else {
  			response.sendRedirect(host+"/#/LoginPage?signIn=false&errorCode=500&msg="+ URLEncoder.encode("统一登录服务异常", "UTF-8"));
  		}
  	}
  }
  

  注意：退出登录时cas需要前端用href指向，才能指向跳转返回到service指向的方法