openjweb平台配置cas server单点登录

最新推荐文章于 2020-04-19 14:55:15 发布
最新推荐文章于 2020-04-19 14:55:15 发布
阅读量2.5k 收藏 1
点赞数
分类专栏: Java 文章标签: server 平台 class filter bean authentication
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/baozhengw/article/details/4411553
版权

web.xml:

 

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://java.sun.com/xml/ns/j2ee"
 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" version="2.4"
 xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee   http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
 <display-name>openjweb</display-name>
 <context-param>
  <param-name>contextConfigLocation</param-name>
  <param-value>
    /WEB-INF/classes/applicationContext-security-cas.xml
   /WEB-INF/classes/core-service-demo.xml
   /WEB-INF/classes/system-config.xml
   /WEB-INF/classes/CasContext.xml
  </param-value>
 </context-param>

 <context-param>
  <param-name>log4jConfigLocation</param-name>
  <param-value>/WEB-INF/classes/log4j.properties</param-value>
 </context-param>
 
   <filter>
         <filter-name>Character Encoding</filter-name>
         <filter-class>org.openjweb.core.filter.CharacterEncodingFilter</filter-class>
         <init-param>
             <param-name>encoding</param-name>
             <param-value>UTF-8</param-value>
         </init-param>
         <init-param>
             <param-name>ignore</param-name>
             <param-value>false</param-value>
             <!-- <param-value>true</param-value> -->
         </init-param>
    </filter>
 
 <filter>
  <filter-name>struts2</filter-name>
  <filter-class>
   org.apache.struts2.dispatcher.FilterDispatcher
  </filter-class>
 </filter>
 
  <!-- 
    <filter> 
        <filter-name>CAS Authentication Filter</filter-name> 
        <filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class> 
       
        <init-param> 
            <param-name>casServerLoginUrl</param-name> 
            <param-value>https://casserver.haoyisheng.com:8443/cas/login</param-value> 
        </init-param> 
        <init-param> 
            <param-name>renew</param-name> 
            <param-value>false</param-value> 
        </init-param> 
        <init-param> 
            <param-name>gateway</param-name> 
            <param-value>false</param-value> 
        </init-param> 
        
        <init-param> 
            <param-name>serverName</param-name> 
            <param-value>http://bzwang.haoyisheng.com:8088</param-value> 
        </init-param> 
    </filter> 
      
   
    <filter> 
        <filter-name>CAS Validation Filter</filter-name> 
        <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> 
        <init-param> 
            <param-name>targetBeanName</param-name> 
            <param-value>cas.validationfilter</param-value> 
        </init-param> 
    </filter> 
 
 <filter-mapping> 
        <filter-name>CAS Authentication Filter</filter-name> 
        <url-pattern>/comm/*</url-pattern> 
    </filter-mapping> 
      
    <filter-mapping> 
        <filter-name>CAS Validation Filter</filter-name> 
        <url-pattern>/comm/*</url-pattern> 
    </filter-mapping> 
 
 -->
 

      <filter-mapping>
         <filter-name>Character Encoding</filter-name>
         <url-pattern>*.jsp</url-pattern>
    </filter-mapping> 
   
   
      <filter-mapping>
         <filter-name>Character Encoding</filter-name>
         <url-pattern>*.action</url-pattern>
    </filter-mapping> 
  
  
   <filter>
    <filter-name>CAS Single Sign Out Filter</filter-name>
    <filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>
 </filter>
  
    <filter>
        <filter-name>springSecurityFilterChain</filter-name>
        <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
    </filter>

 
 <filter-mapping>
    <filter-name>CAS Single Sign Out Filter</filter-name>
    <url-pattern>/*</url-pattern>
 </filter-mapping>
   
    <filter-mapping>
      <filter-name>springSecurityFilterChain</filter-name>
      <url-pattern>/*</url-pattern>
    </filter-mapping>
   
 
   
 
 

 <filter-mapping>
  <filter-name>struts2</filter-name>
  <url-pattern>/*</url-pattern>
 </filter-mapping>
 
 <listener>
  <listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class>
 </listener>
 

 <listener>
  <listener-class>
   org.springframework.web.context.ContextLoaderListener
  </listener-class>
 </listener>
 
 <listener>
  <listener-class>
   org.springframework.security.ui.session.HttpSessionEventPublisher
  </listener-class>
 </listener>

 <listener>
  <listener-class>
   org.springframework.web.util.Log4jConfigListener
  </listener-class>
 </listener>
 
 <servlet>
  <servlet-name>action</servlet-name>
  <servlet-class>
   org.apache.struts.action.ActionServlet
  </servlet-class>
  <init-param>
   <param-name>config</param-name>
   <param-value>/WEB-INF/struts-config.xml</param-value>
  </init-param>
  <init-param>
   <param-name>debug</param-name>
   <param-value>3</param-value>
  </init-param>
  <init-param>
   <param-name>detail</param-name>
   <param-value>3</param-value>
  </init-param>
  <load-on-startup>0</load-on-startup>
 </servlet> <!--DWR -->     
 
 <servlet>
  <servlet-name>dwr-invoker</servlet-name>
   <servlet-class> org.directwebremoting.servlet.DwrServlet </servlet-class>
  <init-param>
   <param-name>debug</param-name>
   <param-value>true</param-value>
  </init-param>
  <init-param>     
            <param-name>crossDomainSessionSecurity</param-name>     
            <param-value>false</param-value>     
  </init-param>
         <load-on-startup>3</load-on-startup>
 </servlet>

 <!--fckeditor servlet-->
    <servlet>
        <servlet-name>Connector</servlet-name>
        <servlet-class>com.fredck.FCKeditor.connector.ConnectorServlet</servlet-class>
        <init-param>
            <param-name>baseDir</param-name>
            <param-value>/resupload/</param-value>
        </init-param>
        <init-param>
            <param-name>debug</param-name>
            <param-value>false</param-value>
        </init-param>
        <load-on-startup>1</load-on-startup>
    </servlet>
 
    <servlet>
        <servlet-name>SimpleUploader</servlet-name>
        <servlet-class>com.fredck.FCKeditor.uploader.SimpleUploaderServlet</servlet-class>
        <init-param>
            <param-name>baseDir</param-name>
            <param-value>/resupload/</param-value>
        </init-param>
        <init-param>
            <param-name>debug</param-name>
            <param-value>false</param-value>
        </init-param>
        <init-param>
            <param-name>enabled</param-name>
            <param-value>true</param-value>
        </init-param>
        <init-param>
            <param-name>AllowedExtensionsFile</param-name>
            <param-value></param-value>
        </init-param>
        <init-param>
            <param-name>DeniedExtensionsFile</param-name>
            <param-value>php|php3|php5|phtml|asp|aspx|ascx|jsp|cfm|cfc|pl|bat|exe|dll|reg|cgi</param-value>
        </init-param>
        <init-param>
            <param-name>AllowedExtensionsImage</param-name>
            <param-value>jpg|gif|jpeg|png|bmp</param-value>
        </init-param>
        <init-param>
            <param-name>DeniedExtensionsImage</param-name>
            <param-value></param-value>
        </init-param>
        <init-param>
            <param-name>AllowedExtensionsFlash</param-name>
            <param-value>swf|fla</param-value>
        </init-param>
        <init-param>
            <param-name>DeniedExtensionsFlash</param-name>
            <param-value></param-value>
        </init-param>
        <load-on-startup>2</load-on-startup>
    </servlet>

 <!--
<servlet>
    <servlet-name>easyjf</servlet-name>
    <servlet-class>com.easyjf.web.ActionServlet</servlet-class>   
</servlet>

<servlet>
   <servlet-name>test</servlet-name>
    <servlet-class>com.easyjf.action.CommAction</servlet-class>
</servlet>

  <servlet-mapping>
    <servlet-name>easyjf</servlet-name>
    <url-pattern>*.ejf</url-pattern>  
  </servlet-mapping> 
 
  <servlet-mapping>
   <servlet-name>test</servlet-name>
    <url-pattern>/testServlet</url-pattern>
  </servlet-mapping>

-->

 <!--
 <servlet>
    <servlet-name>DisplayChart </servlet-name>
        <servlet-class>
            org.jfree.chart.servlet.DisplayChart
        </servlet-class>
    </servlet>
    <servlet-mapping>
        <servlet-name>DisplayChart </servlet-name>
        <url-pattern>/temp </url-pattern>
    </servlet-mapping>
 -->
    <servlet-mapping>
  <servlet-name>dwr-invoker</servlet-name>
  <url-pattern>/dwr/*</url-pattern>
 </servlet-mapping>
 
  <servlet-mapping>
  <servlet-name>action</servlet-name>
  <url-pattern>*.do</url-pattern>
 </servlet-mapping>

<session-config>
  <session-timeout>30</session-timeout>
 </session-config>

 <welcome-file-list>
  <welcome-file>/secure/redirect.jsp</welcome-file>
 </welcome-file-list>
  <jsp-config>
 <taglib>
  <taglib-uri>
   http://www.springframework.org/security/tags
  </taglib-uri>
  <taglib-location>/WEB-INF/security.tld</taglib-location>
 </taglib>

 <taglib>
  <taglib-uri>/WEB-INF/struts-bean.tld</taglib-uri>
  <taglib-location>/WEB-INF/tld/struts-bean.tld</taglib-location>
 </taglib>

 <taglib>
  <taglib-uri>/WEB-INF/struts-html.tld</taglib-uri>
  <taglib-location>/WEB-INF/tld/struts-html.tld</taglib-location>
 </taglib>

 <taglib>
  <taglib-uri>/WEB-INF/struts-logic.tld</taglib-uri>
  <taglib-location>/WEB-INF/tld/struts-logic.tld</taglib-location>
 </taglib>

 <taglib>
  <taglib-uri>/WEB-INF/struts-nested.tld</taglib-uri>
  <taglib-location>
   /WEB-INF/tld/struts-nested.tld
  </taglib-location>
 </taglib>

 <taglib>
  <taglib-uri>/WEB-INF/struts-tiles.tld</taglib-uri>
  <taglib-location>/WEB-INF/tld/struts-tiles.tld</taglib-location>
 </taglib>


  </jsp-config>
 


</web-app>

 

applicationContext-security-cas.xml:

<?xml version="1.0" encoding="UTF-8"?>

<beans xmlns="http://www.springframework.org/schema/beans"
    xmlns:sec="http://www.springframework.org/schema/security"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
                        http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd">
  
    <sec:http entry-point-ref="casProcessingFilterEntryPoint">
        <sec:intercept-url pattern="/secure/extreme/**" access="ROLE_SUPERVISOR" requires-channel="https"/>
  <sec:intercept-url pattern="/secure/**" access="ROLE_USER" />  
        <sec:logout logout-success-url="/apps/index.jsp"/>
    </sec:http>
 
    <sec:authentication-manager alias="authenticationManager"/>

    <bean id="casProcessingFilter" class="org.springframework.security.ui.cas.CasProcessingFilter">
        <sec:custom-filter after="CAS_PROCESSING_FILTER"/>
        <property name="authenticationManager" ref="authenticationManager"/>
        <property name="authenticationFailureUrl" value="/casfailed.jsp"/>
        <property name="defaultTargetUrl" value="/apps/index.jsp" />
        <property name="proxyGrantingTicketStorage" ref="proxyGrantingTicketStorage" />
        <property name="proxyReceptorUrl" value="/secure/receptor" />
       
    </bean>

    <bean id="casProcessingFilterEntryPoint" class="org.springframework.security.ui.cas.CasProcessingFilterEntryPoint">
        <property name="loginUrl" value="https://crm.lucene.cn:8443/cas/login"/>
        <property name="serviceProperties" ref="serviceProperties"/>
    </bean>

    <bean id="casAuthenticationProvider" class="org.springframework.security.providers.cas.CasAuthenticationProvider">
        <sec:custom-authentication-provider />
        <property name="userDetailsService" ref="userDetailsService"/>
        <property name="serviceProperties" ref="serviceProperties" />
        <property name="ticketValidator">
         <bean class="org.jasig.cas.client.validation.Cas20ServiceTicketValidator">
          <constructor-arg index="0" value="https://crm.lucene.cn:8443/cas" />
          <property name="proxyGrantingTicketStorage" ref="proxyGrantingTicketStorage" />
             <property name="proxyCallbackUrl" value="https://crm.lucene.cn:8443/crm/secure/receptor" /> 
           
            </bean>
        </property>
        <property name="key" value="an_id_for_this_auth_provider_only"/>
    </bean>
   
    <bean id="proxyGrantingTicketStorage" class="org.jasig.cas.client.proxy.ProxyGrantingTicketStorageImpl" />

    <bean id="serviceProperties" class="org.springframework.security.ui.cas.ServiceProperties">
        <property name="service" value="https://crm.lucene.cn:8443/crm/j_spring_cas_security_check"/>
        <property name="sendRenew" value="false"/>
    </bean>
 
   <bean id="daoAuthenticationProvider"
  class="org.springframework.security.providers.dao.DaoAuthenticationProvider">
  <property name="userDetailsService" ref="userDetailsService" />
  <property name="userCache" ref="userCache" />
  <property name="passwordEncoder" ref="passwordEncoder" />
 </bean>
 <bean id="passwordEncoder"
  class="org.springframework.security.providers.encoding.Md5PasswordEncoder" />
 <bean id="userDetailsService"
  class="org.openjweb.core.springsecurity.UserDetailsServiceImpl">
  <constructor-arg>
   <ref bean="IBaseDao3" />
  </constructor-arg>
 </bean>

 <bean id="userCache"
  class="org.springframework.security.providers.dao.cache.EhCacheBasedUserCache">
  <property name="cache" ref="userCacheBacked" />
 </bean>

 <bean id="userCacheBacked"
  class="org.springframework.cache.ehcache.EhCacheFactoryBean">
  <property name="cacheManager" ref="cacheManager" />
  <property name="cacheName" value="userCache" />
 </bean>

 <bean id="cacheManager"
  class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean">
  <property name="configLocation"
   value="classpath:ehcache-security.xml" />
 </bean>
 <bean id="filterSecurityInterceptor"
  class="org.springframework.security.intercept.web.FilterSecurityInterceptor">
  <sec:custom-filter before="FILTER_SECURITY_INTERCEPTOR" />
  <property name="authenticationManager"
   ref="authenticationManager" />
  <property name="accessDecisionManager"
   ref="accessDecisionManager" />
  <property name="alwaysReauthenticate" value="true" />
  <property name="objectDefinitionSource"
   ref="databaseFilterInvocationDefinitionSource" />
 </bean>
 <bean id="accessDecisionManager"
  class="org.springframework.security.vote.AffirmativeBased">
  <property name="decisionVoters">
   <list>
    <bean
     class="org.springframework.security.vote.RoleVoter">
     <property name="rolePrefix" value="" />
    </bean>
   </list>
  </property>
 </bean>
 <bean id="databaseFilterInvocationDefinitionSource"
  class="org.springframework.security.intercept.web.DefaultFilterInvocationDefinitionSource">
  <constructor-arg
   type="org.springframework.security.util.UrlMatcher"
   ref="antUrlPathMatcher" />
  <constructor-arg type="java.util.LinkedHashMap" ref="requestMap" />
 </bean>

 <bean id="antUrlPathMatcher"
  class="org.springframework.security.util.AntUrlPathMatcher" />

 <bean id="requestMap"
  class="org.openjweb.core.springsecurity.RequestMapFactoryBean"
  init-method="init">
  
 </bean>

</beans>

 

 

baozhengw
关注
专栏目录
Spring Security(七)-- AuthenticationProvider
学习不止境的博客
10-19 6203
Spring Security中的AuthenticationProvider负责身份验证逻辑。AuthenticationProvider接口的默认实现会将查找系统用户的职责委托给UserDetailsService。它还使用PasswordEncoder在身份验证过程中进行密码管理。}AuthenticationProvider的职责是与Authentication接口紧密耦合一起的。authenticate()方法会。
(翻译)Spring Security-2.0.x参考文档“预认证场景”
xyz20003的专栏
08-04 230
预认证场景 有的情况下,你需要使用Spring Security进行认证,但是用户已经在访问系统之前,在一些外部系统中认证过了。 我们把这种情况叫做“预认证”场景。 例子包括X.509,Siteminder和应用所在的J2EE容器进行认证。 在使用预认证的使用,Spring Security必须 1. 定义使用请求的用户 2. 从用户里...
Web MVC框架-视图模板查找及组织
蔡世友-重出江湖
12-07 5675
       我们知道,一个基于请求转发模型的Web MVC框架需要解决如何告知框架使用哪一个视图来进行程序执行结果呈现?对于Struts1.x来说,需要在struts-config.xml中配置一大堆的page或者在程序中硬编码使用new Forward来告知框架使用哪一个视图界面来呈现输出结果;而对于Struts2或webwork来说,需要使用return SUCCESS或””,并在配置文件中
Spring Security学习笔记之整体配置
热门推荐
py_xin的博客
09-22 2万+
第一部分: web.xml的配置 使用过SpringSecurity的朋友都知道,首先需要在web.xml进行以下配置:  springSecurityFilterChain org.springframework.web.filter.DelegatingFilterProxy springSecurityFilterChain /* 从这个配置中, 可能会给我
单点登录服务端项目cas-server
07-05
单点登录服务端项目cas-server单点登录服务端项目cas-server 单点登录服务端项目cas-server 单点登录服务端项目cas-server 单点登录服务端项目cas-server 单点登录服务端项目cas-server 单点登录服务端项目cas-...
springboot集成CAS实现单点登录的示例代码
08-19
总的来说,SpringBoot集成CAS实现单点登录是一项涉及安全配置、网络通信以及服务器管理的复杂任务。通过理解上述步骤和配置,开发者可以为自己的应用提供安全、便捷的单点登录功能,提高用户体验。同时,熟悉这一...
Jeecg配置单点登录 登录验证完整代码
11-02
配置Jeecg与CAS进行单点登录涉及以下几个步骤: 1. **安装和配置CAS服务器**:首先,你需要下载并安装Jasig CAS服务器,配置服务器的主配置文件`cas.properties`,包括数据库连接、服务端口、票证(Ticket)过期...
基于Java集成CAS单点登录【接部署即可启用】
12-11
基于Java中CAS单点登录,有服务端的所有源码,将tomcat目录下的所有资源直接拷到Tomcat服务中间件的webapp目录下,阅读tomcat-webapp中的read.txt文档,查看使用说明,适用于第一次开发CAS单点登录的同学们,简单...
Apache cas-server 单点登录
09-16
在本文中,我们将深入探讨如何使用Apache CAS作为单点登录解决方案,并特别关注如何通过Druid数据源进行外部配置。 首先,Apache CAS的核心功能在于其能够处理来自多个应用系统的身份验证请求,实现一次登录,多处...
CAS4.0集成OpenLdap返回用户属性
luosijin123的专栏
07-29 8221
我们知道,CAS SSO可以把username(uid)带入到客户端登录成功后的页面中去,可是一个uid在LDAP中还关联着许多其它有用的信息如:email,address。我们也想把这些信息同时带到客户端登录成功的画面中去.网上大多数是CAS3的一些方法,CAS4与CAS3相比在配置上有着很大的不同。我就把我  的整合在此分享下。 其实CAS验证成功到跳转客户端这个过程中,CAS SERVER
自定义AuthenticationProvider的简单例子
lianghyan的专栏
04-02 1万+
xml 配置
OpenJWeb平台Spring Security+CAS SSO的配置
anjichan4261的博客
05-15 139
CAS Server的搭建就不用介绍了,这里介绍一下OpenJWeb平台中Spring Security如何与CAS集成.Spring security集成CAS的官方例子可从https://src.springframework.org/svn/spring-security/trunk/samples/cas/client/src/main/webapp下载,但是这个例子过于简单,权...
Spring Security Authentication Provider
qq_31230529的博客
09-22 889
1. OverviewThis tutorial will show how to set up an Authentication Provider in Spring Security to allow for additional flexibility compared to the standard scenario using a simple UserDetailsService.2.
实现Web应用的单一登录、单一退出
nlslzf的专栏
08-05 194
http://forum.springside.org.cn/viewthread.php?tid=3281 平台: Windows JDK 1.5 Tomcat 5.5.20 ApacheDS 1.0.2 Spring Framework 2.5.5 Spring Security 2.0.3 CAS Server 3.3 Java CAS Client 3.1.3 ...
Spring Security Oauth2 认证(获取token/刷新token)流程(password模式)
03-23 1万+
https://blog.csdn.net/bluuusea/article/details/80284458 ...
HZERO-CAS单点登录
潘顾昌的博客
04-19 1616
源码地址: https://gitee.com/DiDiaoXiaoMoLong/sso_server 0.文档介绍 文档以CAS作为单点登录服务器主要介绍了以下方面 1.配置HTTPS搭建单点登录服务器 2.使用数据库构建用户授权中心 3.基于SpringBoot+SpringSecurity+CAS搭建客户端单点登录连接已配置的服务器 4.如何支持HTTP客户端连接HTTPS单点服务器 5.整...
小程序毕业设计-基于微信小程序的影院选座系统+ssm(包括源码,数据库,教程).zip
09-21
Java 毕业设计,小程序毕业设计,小程序课程设计,含有代码注释,新手也可看懂。毕业设计、期末大作业、课程设计、高分必看,下载下来,简单部署,就可以使用。 包含:项目源码、数据库脚本、软件工具等,该项目可以作为毕设、课程设计使用,前后端代码都在里面。 该系统功能完善、界面美观、操作简单、功能齐全、管理便捷,具有很高的实际应用价值。 项目都经过严格调试,确保可以运行!可以放心下载 1. 技术组成 前端: 小程序 后台框架:SSM/SpringBoot(如果有的话) 开发环境:idea,微信开发者工具 数据库:MySql(建议用 5.7 版本,8.0 有时候会有坑) 数据库可视化工具:使用 Navicat 部署环境:Tomcat(建议用 7.x 或者 8.x 版本),maven
大二下算法作业,迷宫生成算法以及基于递归的求解,可以在blender中生成3D模型.zip
最新发布
09-21
大二下算法作业,迷宫生成算法以及基于递归的求解,可以在blender中生成3D模型.zip
CAS单点登录配置全攻略
"本文将指导你如何配置CAS(Central Authentication Service)单点登录系统,包括自定义数据库认证、获取登录用户名、单点退出、站点间信任关系建立、默认页面修改以及超时设置。此外,还提供了CAS实用网址供参考。" ...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值