配置在客户端web.xml中:
<!-- 该过滤器使得开发者可以通过org.jasig.cas.client.util.AssertionHolder来获取用户的登录名。
比如AssertionHolder.getAssertion().getPrincipal().getName()
-->
<filter>
<filter-name>CAS Assertion Thread Local Filter</filter-name>
<filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CAS Assertion Thread Local Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
public void doFilter(final ServletRequest servletRequest, final ServletResponse servletResponse, final FilterChain filterChain) throws IOException, ServletException {
//转换参数
final HttpServletRequest request = (HttpServletRequest) servletRequest;
final HttpSession session = request.getSession(false);
//取得Assertion对象,如果session为null则从request中取得,否则从session中取得。
final Assertion assertion = (Assertion) (session == null ? request.getAttribute(AbstractCasFilter.CONST_CAS_ASSERTION) : session.getAttribute(AbstractCasFilter.CONST_CAS_ASSERTION));
try {
//绑定到ThreadLocal
AssertionHolder.setAssertion(assertion);
// 处理后面的过滤器,这样后面的Fileter和Servlet可以在线程中取得Assertion对象。
filterChain.doFilter(servletRequest, servletResponse);
} finally {
//处理完毕后清理线程
AssertionHolder.clear();
}
}
public class AssertionHolder {
/**
* ThreadLocal to hold the Assertion for Threads to access.
*/
private static final ThreadLocal<Assertion> threadLocal = new ThreadLocal<Assertion>();
/**
* Retrieve the assertion from the ThreadLocal.
*
* @return the Asssertion associated with this thread.
*/
public static Assertion getAssertion() {
return threadLocal.get();
}
/**
* Add the Assertion to the ThreadLocal.
*
* @param assertion the assertion to add.
*/
public static void setAssertion(final Assertion assertion) {
threadLocal.set(assertion);
}
/**
* Clear the ThreadLocal.
*/
public static void clear() {
threadLocal.set(null);
}
}