注意:(1). 项目使用了lombok工具包
(2). 在CasConfig中配置了原web.xml中cas的过滤器和监听器
1、(1). 定义一个类CasAutoconfig用于放置cas的一些属性配置
import org.springframework.boot.context.properties.ConfigurationProperties;
import lombok.Getter;
import lombok.Setter;
@Setter
@Getter
@ConfigurationProperties (prefix = "cas")
public class CasAutoconfig {
private String casServerLoginUrl;
private String serverName;
/**
* 不用登录即可直接访问的URL,多个URL用,隔开
*/
private String casPassUrl;
private boolean renew = false;
private boolean gateway = false;
/**
* ticket校验filter参数
*/
private String casServerUrlPrefix;
private boolean useSession = true;
private boolean redirectAfterValidation = true;
private boolean exceptionOnValidationFailure = false;
/**
* 默认登录时,跳回的URL统一为该URL
*/
private String serviceUrl;
/**
* 静态资源过滤
*/
private String resource;
}
(2). properties文件中配置的cas属性值,这些key对应CasAutoconfig中属性
cas.casServerLoginUrl =https://cas-server.dev.uboxol.com:8443/casservice
cas.serverName=http://127.0.0.1:14080/login
##不用登录即可直接访问的URL,多个URL用,隔开
cas.casPassUrl=/func/receiveFile,/menu/deleteRebootTime
cas.renew=false
cas.gateway=false
#ticket校验filter参数
cas.casServerUrlPrefix =https://cas-server.dev.uboxol.com:8443/casservice
cas.useSession=true
cas.redirectAfterValidation =true
cas.exceptionOnValidationFailure =false
#默认登录时,跳回的URL统一为该URL
cas.serviceUrl=http://127.0.0.1:14080
#静态资源过滤
cas.resource=/images/,/css/,/js/,/framemark/,/favicon.ico
cas.exitUrl=https://cas-server.dev.uboxol.com:8443/casservice/logout?service=http://127.0.0.1:14080/login?renew=true
2、单点登录配置类(用于配置单点登录的过滤器、监听器等,即web.xml中配置的cas过滤器和监听器)
方法解析:(1). setOrder(Integer arg) 用于设置过滤器或监听器的执行顺序
(2). addUrlPatterns("/page/*" ) 设置URL过滤规则
(3). addInitParameter("casPassUrl" , '/user/userList'); 给对象属性赋值
(4). setFilter(new SingleSignOutFilter()) 设置你的过滤器或监听器对象
import org.jasig.cas.client.session.SingleSignOutFilter;
import org.jasig.cas.client.session.SingleSignOutHttpSessionListener;
import org.jasig.cas.client.util.AssertionThreadLocalFilter;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.boot.web.servlet.ServletListenerRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
/**
* 单点登录配置类
*/
@Configuration
public class CasConfig {
@Autowired
private CasAutoconfig casAutoconfig;
private static boolean casEnabled = true;
public CasConfig() {}
@Bean
public CasAutoconfig getCasAutoconfig(){
return new CasAutoconfig();
}
/**
* 用于实现单点登出功能
*/
@Bean
public ServletListenerRegistrationBean<SingleSignOutHttpSessionListener> singleSignOutHttpSessionListener() {
ServletListenerRegistrationBean<SingleSignOutHttpSessionListener> listener = new ServletListenerRegistrationBean<>();
listener.setEnabled(casEnabled);
listener.setListener(new SingleSignOutHttpSessionListener());
listener.setOrder(1);
return listener ;
}
/**
* 该过滤器用于实现单点登出功能,单点退出配置,一定要放在其他filter之前
*/
@Bean
public FilterRegistrationBean singleSignOutFilter() {
FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
filterRegistration.setFilter(new SingleSignOutFilter());
filterRegistration.setEnabled(casEnabled);
filterRegistration.addUrlPatterns("/*" );
filterRegistration.addInitParameter("casServerUrlPrefix" , casAutoconfig .getCasServerUrlPrefix());
filterRegistration.setOrder(2);
return filterRegistration ;
}
/**
* 该过滤器负责用户的认证工作
*/
@Bean
public FilterRegistrationBean authenticationFilter() {
FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
filterRegistration.setFilter(new AuthenticationFilter());
filterRegistration.setEnabled(casEnabled);
filterRegistration.addUrlPatterns("/*" );
filterRegistration.addInitParameter("casServerLoginUrl" , casAutoconfig .getCasServerLoginUrl());
filterRegistration.addInitParameter("casPassUrl" , casAutoconfig.getCasPassUrl());
filterRegistration.addInitParameter("serverName" , casAutoconfig.getServerName());
filterRegistration.addInitParameter("renew" , casAutoconfig.isRenew() ? "true" :"false" );
filterRegistration.addInitParameter("gateway" , casAutoconfig.isGateway() ? "true" :"false" );
filterRegistration.addInitParameter("casResource" , casAutoconfig.getResource());
filterRegistration.setOrder(3);
return filterRegistration ;
}
/**
* 该过滤器负责对Ticket的校验工作
*/
@Bean
public FilterRegistrationBean cas20ProxyReceivingTicketValidationFilter() {
FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
UboxCasProxyReceivingTicketValidationFilter uboxCasProxyReceivingTicketValidationFilter = new UboxCasProxyReceivingTicketValidationFilter();
filterRegistration.setFilter(uboxCasProxyReceivingTicketValidationFilter );
filterRegistration.setEnabled(casEnabled);
filterRegistration.addUrlPatterns("/*" );
filterRegistration.addInitParameter("casServerUrlPrefix" , casAutoconfig .getCasServerUrlPrefix());
filterRegistration.addInitParameter("serverName" , casAutoconfig.getServerName());
filterRegistration.addInitParameter("useSession" , casAutoconfig.isUseSession() ? "true" :"false" );
filterRegistration.addInitParameter("exceptionOnValidationFailure" , casAutoconfig.isExceptionOnValidationFailure() ? "true":"false" );
filterRegistration.addInitParameter("redirectAfterValidation" , casAutoconfig .isRedirectAfterValidation() ? "true":"false" );
filterRegistration.setOrder(4);
return filterRegistration ;
}
/**
* 该过滤器使得可以通过org.jasig.cas.client.util.AssertionHolder来获取用户的登录名。
* 比如AssertionHolder.getAssertion().getPrincipal().getName()。
* 这个类把Assertion信息放在ThreadLocal变量中,这样应用程序不在web层也能够获取到当前登录信息
*/
@Bean
public FilterRegistrationBean assertionThreadLocalFilter() {
FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
filterRegistration.setFilter(new AssertionThreadLocalFilter());
filterRegistration.setEnabled(true);
filterRegistration.addUrlPatterns("/*" );
filterRegistration.setOrder(5);
return filterRegistration ;
}
/**
* 登录后的Filter(不是必须的)
*/
//LoginValidationFilter是自定义登录后业务处理过滤器,将loginValidationFilter对象放到括号里可以让Spring自动注入
@Bean
public FilterRegistrationBean loginValidationFilter (LoginValidationFilter loginValidationFilter ) {
FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
filterRegistration.setFilter(loginValidationFilter );
filterRegistration.setEnabled(true);
filterRegistration.addUrlPatterns("/page/*" );
filterRegistration.addInitParameter("casPassUrl" , casAutoconfig.getCasPassUrl());
filterRegistration.addInitParameter("casResource" , casAutoconfig.getResource());
filterRegistration.setOrder(6);
return filterRegistration ;
}
}