CAS 客户端配置
1配置方法
1.1 添加jar包
采用maven
<dependency>
<groupId>org.jasig.cas.client</groupId>
<artifactId>cas-client-core</artifactId>
<version>3.3.3</version>
</dependency>
直接添加:
1.2 web.xml配置
<!-- ======================== 单点登录开始 ======================== -->
<!-- 用于单点退出,该过滤器用于实现单点登出功能,可选配置 -->
<listener>
<listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class>
</listener>
<!-- 该过滤器用于实现单点登出功能,可选配置。 -->
<filter>
<filter-name>CAS Single Sign Out Filter</filter-name>
<filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CAS Single Sign Out Filter</filter-name>
<url-pattern>/order/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS Single Sign Out Filter</filter-name>
<url-pattern>/member/*</url-pattern>
</filter-mapping>
<!-- 该过滤器负责用户的认证工作,必须启用它 -->
<filter>
<filter-name>CASFilter</filter-name>
<filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>
<init-param>
<param-name>casServerLoginUrl</param-name>
<param-value>https://walker-pc:21443/cas/login</param-value>
<!--这里的server是服务端的IP -->
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>http://localhost:9081</param-value>
</init-param>
<!--<init-param>-->
<!--<param-name>ignorePattern</param-name>member-->
<!--<param-value>(\.css|\.jpg|\.png|\.css)</param-value>-->
<!--</init-param>-->
</filter>
<filter-mapping>
<filter-name>CASFilter</filter-name>
<url-pattern>/order/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CASFilter</filter-name>
<url-pattern>/member/*</url-pattern>
</filter-mapping>
<!-- 该过滤器负责对Ticket的校验工作,必须启用它 -->
<filter>
<filter-name>CAS Validation Filter</filter-name>
<filter-class>org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</filter-class>
<init-param>
<param-name>casServerUrlPrefix</param-name>
<param-value>https://walker-pc:21443/cas</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>http://localhost:9081</param-value>
</init-param>
<init-param>
<param-name>encoding</param-name>
<param-value>UTF-8</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CAS Validation Filter</filter-name>
<url-pattern>/order/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS Validation Filter</filter-name>
<url-pattern>/member/*</url-pattern>
</filter-mapping>
<!-- 该过滤器负责实现HttpServletRequest请求的包裹, 比如允许开发者通过HttpServletRequest的getRemoteUser()方法获得SSO登录用户的登录名,可选配置。 -->
<filter>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<url-pattern>/order/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<url-pattern>/member/*</url-pattern>
</filter-mapping>
<!-- 该过滤器使得开发者可以通过org.jasig.cas.client.util.AssertionHolder来获取用户的登录名。 比如AssertionHolder.getAssertion().getPrincipal().getName()。 -->
<filter>
<filter-name>CAS Assertion Thread Local Filter</filter-name>
<filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CAS Assertion Thread Local Filter</filter-name>
<url-pattern>/order/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS Assertion Thread Local Filter</filter-name>
<url-pattern>/member/*</url-pattern>
</filter-mapping>
<!-- ======================== 单点登录结束 ======================== -->
注:请根据实际情况修改,本配置请放到其他过滤器前面
1.3 修改原有登录过滤器(或者拦截器)
AttributePrincipal casPrincipal = (AttributePrincipal)request.getUserPrincipal();
if(casPrincipal != null && StringUtils.isNotBlank(casPrincipal.getName())){
//用户通过CAS验证
//若本系统已经注册,直接return
Principal principal = (Principal) session.getAttribute(Member.PRINCIPAL_ATTRIBUTE_NAME);
if (principal != null) {
return true;
}
//若未注册,重新注册
reRegister(request, response, session, casPrincipal);
return true;
}
1.4 修改退出逻辑
//原有业务逻辑
session.removeAttribute(Member.PRINCIPAL_ATTRIBUTE_NAME);
WebUtils.removeCookie(request, response, Member.USERNAME_COOKIE_NAME);
//新增部分:退出后跳转到cas页面,service为cas退出后的回调页面
Setting setting = SettingUtils.get();
String casUrl = cas+"?service="+setting.getSiteUrl();
return "redirect:"+casUrl;