cas客户端需要获取更多的用户信息,需要对cas server做下修改,以支持返回更多属性信息
1.修改WEB-INF/deployerConfigContext.xml配置文件
找到id="authenticationManager" 的bean,为属性credentialsToPrincipalResolvers增加自定义bean,该bean需实现org.jasig.cas.authentication.principal.CredentialsToPrincipalResolver接口:
<property name="credentialsToPrincipalResolvers">
<list>
[color=red]<!--add ,返回客户端更多认证信息, linym, 2014-06-10-->
<bean id="userAttributeRepository" class="com.*.*.UserAttributeRepository" />[/color]
...
</list>
</property>
接下来需要修改WEB-INF/view/jsp/protocol/2.0/casServiceValidationSuccess.jsp增加返回客户端的属性内容
<%@ page session="false" %><%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %><%@ taglib uri="http://java.sun.com/jsp/jstl/functions" prefix="fn" %><cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
<cas:authenticationSuccess>
<cas:user>${fn:escapeXml(assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.id)}</cas:user>
[color=red]<c:if test="${fn:length(assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.attributes) > 0}">
<cas:attributes>
<c:forEach var="attr" items="${assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.attributes}">
<cas:${fn:escapeXml(attr.key)}>${fn:escapeXml(attr.value)}</cas:${fn:escapeXml(attr.key)}>
</c:forEach>
</cas:attributes>
</c:if> [/color]
<c:if test="${not empty pgtIou}">
<cas:proxyGrantingTicket>${pgtIou}</cas:proxyGrantingTicket>
</c:if>
<c:if test="${fn:length(assertion.chainedAuthentications) > 1}">
<cas:proxies>
<c:forEach var="proxy" items="${assertion.chainedAuthentications}" varStatus="loopStatus" begin="0" end="${fn:length(assertion.chainedAuthentications)-2}" step="1">
<cas:proxy>${fn:escapeXml(proxy.principal.id)}</cas:proxy>
</c:forEach>
</cas:proxies>
</c:if>
</cas:authenticationSuccess>
</cas:serviceResponse>
以上红色字体为新增部分。
解下来客户端调用获取设置的属性信息:
1.修改WEB-INF/deployerConfigContext.xml配置文件
找到id="authenticationManager" 的bean,为属性credentialsToPrincipalResolvers增加自定义bean,该bean需实现org.jasig.cas.authentication.principal.CredentialsToPrincipalResolver接口:
<property name="credentialsToPrincipalResolvers">
<list>
[color=red]<!--add ,返回客户端更多认证信息, linym, 2014-06-10-->
<bean id="userAttributeRepository" class="com.*.*.UserAttributeRepository" />[/color]
...
</list>
</property>
public class UserAttributeRepository implements CredentialsToPrincipalResolver {
public Principal resolvePrincipal(Credentials credentials) {
String principalId = extractPrincipalId(credentials);
final Map attributes = new HashMap();
//这些属性通过 request 获取
HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
LoginLogBean logBean = new LoginLogBean(request);
attributes.put("mac", logBean.getMac());
attributes.put("ip", logBean.getIp());
attributes.put("source", logBean.getSource());
attributes.put("service", logBean.getService());
attributes.put("field1", request.getAttribute("field1"));
return new SimplePrincipal(principalId, attributes);
}
public boolean supports(Credentials credentials) {
return credentials != null;
}
protected String extractPrincipalId(final Credentials credentials) {
final UsernamePasswordCredentials usernamePasswordCredentials = (UsernamePasswordCredentials) credentials;
return usernamePasswordCredentials.getUsername();
}
}
接下来需要修改WEB-INF/view/jsp/protocol/2.0/casServiceValidationSuccess.jsp增加返回客户端的属性内容
<%@ page session="false" %><%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %><%@ taglib uri="http://java.sun.com/jsp/jstl/functions" prefix="fn" %><cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
<cas:authenticationSuccess>
<cas:user>${fn:escapeXml(assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.id)}</cas:user>
[color=red]<c:if test="${fn:length(assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.attributes) > 0}">
<cas:attributes>
<c:forEach var="attr" items="${assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.attributes}">
<cas:${fn:escapeXml(attr.key)}>${fn:escapeXml(attr.value)}</cas:${fn:escapeXml(attr.key)}>
</c:forEach>
</cas:attributes>
</c:if> [/color]
<c:if test="${not empty pgtIou}">
<cas:proxyGrantingTicket>${pgtIou}</cas:proxyGrantingTicket>
</c:if>
<c:if test="${fn:length(assertion.chainedAuthentications) > 1}">
<cas:proxies>
<c:forEach var="proxy" items="${assertion.chainedAuthentications}" varStatus="loopStatus" begin="0" end="${fn:length(assertion.chainedAuthentications)-2}" step="1">
<cas:proxy>${fn:escapeXml(proxy.principal.id)}</cas:proxy>
</c:forEach>
</cas:proxies>
</c:if>
</cas:authenticationSuccess>
</cas:serviceResponse>
以上红色字体为新增部分。
解下来客户端调用获取设置的属性信息:
Map attrMap = ((AttributePrincipal) request.getUserPrincipal()).getAttributes();