网上有很多springboot整合CAS的实例,都是基于springboot的自动配置的。现在我们需要实现自己的CAS配置,而不用springboot中的CAS自动配置。
springboot整合CAS实现自定义配置。
步骤一:
maven引入依赖:
<!-- CAS客户端 -->
<dependency>
<groupId>net.unicon.cas</groupId>
<artifactId>cas-client-autoconfig-support</artifactId>
<version>2.3.0-GA</version>
</dependency>
步骤二:
yml文件配置
cas:
# cas服务端的地址 【例子:http://127.0.0.1:8080/cas】
server-url-prefix:
# cas服务端的登录地址 【例子:http://127.0.0.1:8080/cas/login】
server-login-url:
# 当前服务器的地址(客户端) 【例子:http://127.0.0.1:8081】
client-host-url:
# Ticket校验器使用 Cas30ProxyReceivingTicketValidationFilter 【cas3 固定写法】
validation-type: cas3
# 要进行单点登录的拦截路径 【例子:(/app/*)|(/file/*)】
blocking-filter:
# 忽略拦截的路径 【例子:(/app/*)|(/file/*)】
ignore-pattern:
步骤三:主启动类去掉自动配置类
@SpringBootApplication(exclude = {CassandraAutoConfiguration.class})
public class AuthorizationApplication {
......
}
步骤四:自定义配置CAS
package framework.sys.config;
import org.jasig.cas.client.authentication.AuthenticationFilter;
import org.jasig.cas.client.session.SingleSignOutFilter;
import org.jasig.cas.client.session.SingleSignOutHttpSessionListener;
import org.jasig.cas.client.util.AssertionThreadLocalFilter;
import org.jasig.cas.client.util.HttpServletRequestWrapperFilter;
import org.jasig.cas.client.validation.Cas30ProxyReceivingTicketValidationFilter;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.boot.web.servlet.ServletListenerRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import java.util.EventListener;
import java.util.HashMap;
import java.util.Map;
@Configuration
public class CasUrlPatternConfig {
@Value("${cas.server-url-prefix}")
private String casServerUrlPrefix;
@Value("${cas.server-login-url}")
private String casServerLoginUrl;
@Value("${cas.client-host-url}")
private String casClientHostUrl;
@Value("${cas.validation-type}")
private String casValidationType;
@Value("${cas.blocking-filter}")
private String blockingFilter;
@Value("${cas.ignore-pattern}")
private String casIgnorePattern;
/**
* 以下单点登录代码,暂不开放,主要是 上面的路径还没有配置好。
* 如果要用上单点登录功能,则在配置中心配置单点登录路径,接下打开下面的代码注释就可以了。
*/
/**
* 登出过滤器
* @return
*/
@Bean
public FilterRegistrationBean filterSingleRegistration() {
final FilterRegistrationBean registration = new FilterRegistrationBean();
registration.setFilter(new SingleSignOutFilter());
registration.addUrlPatterns(blockingFilter);
Map<String,String> initParameters = new HashMap<String, String>();
initParameters.put("casServerUrlPrefix", casServerUrlPrefix);
registration.setInitParameters(initParameters);
registration.setOrder(1);
return registration;
}
/**
* 配置过滤验证器 这里用的是Cas30ProxyReceivingTicketValidationFilter
* 这个才是我们CAS单点登录的重点
* @return
*/
@Bean
public FilterRegistrationBean filterValidationRegistration() {
final FilterRegistrationBean registration = new FilterRegistrationBean();
registration.setFilter(new Cas30ProxyReceivingTicketValidationFilter());
registration.addUrlPatterns(blockingFilter);
Map<String,String> initParameters = new HashMap<String, String>();
initParameters.put("casServerUrlPrefix", casServerUrlPrefix);
initParameters.put("serverName", casClientHostUrl);
initParameters.put("useSession", "true");
registration.setInitParameters(initParameters);
registration.setOrder(2);
return registration;
}
/**
* description:授权过滤器 【确定哪些请求,是不拦截的】
* ignoreUrlPatternType 使用CAS现成的正则表达式过滤策略
*/
@Bean
public FilterRegistrationBean filterAuthenticationRegistration() {
FilterRegistrationBean registration = new FilterRegistrationBean();
registration.setFilter(new AuthenticationFilter());
// 设定匹配的路径
registration.addUrlPatterns(blockingFilter);
Map<String,String> initParameters = new HashMap<String, String>();
initParameters.put("casServerLoginUrl", casServerLoginUrl);
initParameters.put("serverName", casClientHostUrl);
// 忽略的url,"|"分隔多个url
initParameters.put("ignorePattern", casIgnorePattern);
// initParameters.put("ignoreUrlPatternType", "org.jasig.cas.client.authentication.RegexUrlPatternMatcherStrategy");
registration.setInitParameters(initParameters);
// 设定加载的顺序
registration.setOrder(3);
return registration;
}
@Bean
public FilterRegistrationBean filterWrapperRegistration() {
final FilterRegistrationBean registration = new FilterRegistrationBean();
registration.setFilter(new HttpServletRequestWrapperFilter());
registration.addUrlPatterns(blockingFilter);
registration.setOrder(4);
return registration;
}
/**
* 设置登出监听器
* @return
*/
@Bean
public ServletListenerRegistrationBean<EventListener> singleSignOutListenerRegistration(){
ServletListenerRegistrationBean<EventListener> registrationBean = new ServletListenerRegistrationBean<EventListener>();
registrationBean.setListener(new SingleSignOutHttpSessionListener());
registrationBean.setOrder(5);
return registrationBean;
}
@Bean
public FilterRegistrationBean filterAssertionRegistration() {
final FilterRegistrationBean registration = new FilterRegistrationBean();
registration.setFilter(new AssertionThreadLocalFilter());
registration.addUrlPatterns(blockingFilter);
registration.setOrder(6);
return registration;
}
}
如果能帮助到你,是我的荣幸!