上篇文章讲了cas服务端的配置,发现所有图片都没有了,但是
感觉影响不大就不修改了,以后注意。
现在主要讲在asp.net MVC程序中如何配置使用cas服务
1.下载DotNetCasClient.dll
可以直接下载编译好的dll,下载地址自己网上搜,我是在csdn中
下载的,版本为1.0.2。下载后考到客户端程序的bin目录下并添加引用。
如果需要修改源码(使用https时需要修改),源码下载地址为
https://github.com/apereo/dotnet-cas-client,此版本需要
vs2017才能打开,修改完成后编译,并按照上面的步骤添加到客户端程序。
2.修改web.config,一共6处,都用<!--cas开始--><!--cas结束-->标出
<?xml version="1.0" encoding="utf-8"?>
<!--
有关如何配置 ASP.NET 应用程序的详细信息,请访问
http://go.microsoft.com/fwlink/?LinkId=152368
-->
<configuration>
<configSections>
<!-- For more information on Entity Framework configuration, visit http://go.microsoft.com/fwlink/?LinkID=237468 -->
<section name="entityFramework" type="System.Data.Entity.Internal.ConfigFile.EntityFrameworkSection, EntityFramework, Version=5.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" requirePermission="false" />
<!--cas开始 定义casClientConfig-->
<section name="casClientConfig" type="DotNetCasClient.Configuration.CasClientConfiguration,DotNetCasClient"/>
<!--cas结束-->
</configSections>
<connectionStrings>
<add name="DefaultConnection" providerName="System.Data.SqlClient" connectionString="Data Source=(LocalDb)\v11.0;Initial Catalog=aspnet-NXZWINVEST20160804-20160804170001;Integrated Security=SSPI;AttachDBFilename=|DataDirectory|\aspnet-NXZWINVEST20160804-20160804170001.mdf" />
<add name="NXZWNATPPMDBEntities" connectionString="metadata=res://*/Models.Model.Model.csdl|res://*/Models.Model.Model.ssdl|res://*/Models.Model.Model.msl;provider=System.Data.SqlClient;provider connection string="data source=114.55.105.68;initial catalog=NXZWNATPPMDB;user id=sa;password=zkyg321;MultipleActiveResultSets=True;App=EntityFramework"" providerName="System.Data.EntityClient" />
</connectionStrings>
<!--cas开始 配置casClientConfig-->
<!--
casserverloginurl URL CAS登录表单。
casserverurlprefix CAS服务器应用程序根。
ServerName 客户端应用程序的地址
ticketvalidatorname 票验证器验证CAS票使用特定的协议名称。有效值是cas10 cas20 saml11,,。
singlesignout 单点登出。
-->
<casClientConfig
casServerLoginUrl="http://sso.demo.com:8070/cas/login"
casServerUrlPrefix="http://sso.demo.com:8070/cas/"
serverName="http://localhost:31117"
redirectAfterValidation="true"
renew="false"
singleSignOut="true"
ticketValidatorName="Cas20"
serviceTicketManager="CacheServiceTicketManager"/>
<!--cas结束-->
<appSettings>
<add key="webpages:Version" value="2.0.0.0" />
<add key="webpages:Enabled" value="false" />
<add key="PreserveLoginUrl" value="true" />
<add key="ClientValidationEnabled" value="true" />
<add key="UnobtrusiveJavaScriptEnabled" value="true" />
</appSettings>
<system.web>
<httpRuntime maxRequestLength="1048576" executionTimeout="3600" />
<compilation debug="true" targetFramework="4.5">
<assemblies>
<add assembly="System.Data.Entity, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
</assemblies>
</compilation>
<!--cas开始-->
<authentication mode="Forms">
<forms loginUrl="http://sso.demo.com:8070/cas/login"
timeout="30"
defaultUrl="~/User/Index"
cookieless="UseCookies"
slidingExpiration="true"/>
</authentication>
<authorization>
<deny users="?"/>
</authorization>
<!--cas结束-->
<pages>
<namespaces>
<add namespace="System.Web.Helpers" />
<add namespace="System.Web.Mvc" />
<add namespace="System.Web.Mvc.Ajax" />
<add namespace="System.Web.Mvc.Html" />
<add namespace="System.Web.Optimization" />
<add namespace="System.Web.Routing" />
<add namespace="System.Web.WebPages" />
</namespaces>
</pages>
<!--cas 开始-->
<httpModules>
<add name="DotNetCasClient" type="DotNetCasClient.CasAuthenticationModule,DotNetCasClient"/>
</httpModules>
<!--cas结束-->
<profile defaultProvider="DefaultProfileProvider">
<providers>
<add name="DefaultProfileProvider" type="System.Web.Providers.DefaultProfileProvider, System.Web.Providers, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" connectionStringName="DefaultConnection" applicationName="/" />
</providers>
</profile>
<membership defaultProvider="DefaultMembershipProvider">
<providers>
<add name="DefaultMembershipProvider" type="System.Web.Providers.DefaultMembershipProvider, System.Web.Providers, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" connectionStringName="DefaultConnection" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" applicationName="/" />
</providers>
</membership>
<roleManager defaultProvider="DefaultRoleProvider">
<providers>
<add name="DefaultRoleProvider" type="System.Web.Providers.DefaultRoleProvider, System.Web.Providers, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" connectionStringName="DefaultConnection" applicationName="/" />
</providers>
</roleManager>
<!--
If you are deploying to a cloud environment that has multiple web server instances,
you should change session state mode from "InProc" to "Custom". In addition,
change the connection string named "DefaultConnection" to connect to an instance
of SQL Server (including SQL Azure and SQL Compact) instead of to SQL Server Express.
-->
<sessionState mode="InProc" customProvider="DefaultSessionProvider">
<providers>
<add name="DefaultSessionProvider" type="System.Web.Providers.DefaultSessionStateProvider, System.Web.Providers, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" connectionStringName="DefaultConnection" />
</providers>
</sessionState>
</system.web>
<system.webServer>
<!--cas开始
加入到
<系统注册与ASP.NET管道casauthenticationmodule网络部分表现在以下配置块。-->
<modules>
<remove name="DotNetCasClient"/>
<add name="DotNetCasClient" type="DotNetCasClient.CasAuthenticationModule,DotNetCasClient"/>
</modules>
<!--cas结束-->
<validation validateIntegratedModeConfiguration="false" />
<handlers>
<remove name="ExtensionlessUrlHandler-ISAPI-4.0_32bit" />
<remove name="ExtensionlessUrlHandler-ISAPI-4.0_64bit" />
<remove name="ExtensionlessUrlHandler-Integrated-4.0" />
<add name="ExtensionlessUrlHandler-ISAPI-4.0_32bit" path="*." verb="GET,HEAD,POST,DEBUG,PUT,DELETE,PATCH,OPTIONS" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness32" responseBufferLimit="0" />
<add name="ExtensionlessUrlHandler-ISAPI-4.0_64bit" path="*." verb="GET,HEAD,POST,DEBUG,PUT,DELETE,PATCH,OPTIONS" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework64\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness64" responseBufferLimit="0" />
<add name="ExtensionlessUrlHandler-Integrated-4.0" path="*." verb="GET,HEAD,POST,DEBUG,PUT,DELETE,PATCH,OPTIONS" type="System.Web.Handlers.TransferRequestHandler" preCondition="integratedMode,runtimeVersionv4.0" />
</handlers>
</system.webServer>
<!--cas开始-->
<system.diagnostics>
<trace autoflush="true" useGlobalLock="false"/>
<sharedListeners>
<add name="TraceFile" type="System.Diagnostics.TextWriterTraceListener" initializeData="F:\RunLog\DotNetCasClient.Log" traceOutputOptions="DateTime"/>
</sharedListeners>
<sources>
<source name="DotNetCasClient.Config" switchName="Config" switchType="System.Diagnostics.SourceSwitch">
<listeners>
<add name="TraceFile"/>
</listeners>
</source>
<source name="DotNetCasClient.HttpModule" switchName="HttpModule" switchType="System.Diagnostics.SourceSwitch">
<listeners>
<add name="TraceFile"/>
</listeners>
</source>
<source name="DotNetCasClient.Protocol" switchName="Protocol" switchType="System.Diagnostics.SourceSwitch">
<listeners>
<add name="TraceFile"/>
</listeners>
</source>
<source name="DotNetCasClient.Security" switchName="Security" switchType="System.Diagnostics.SourceSwitch">
<listeners>
<add name="TraceFile"/>
</listeners>
</source>
</sources>
<switches>
<add name="Config" value="Verbose"/>
<add name="HttpModule" value="Verbose"/>
<add name="Protocol" value="Verbose"/>
<add name="Security" value="Verbose"/>
</switches>
</system.diagnostics>
<!--cas 结束-->
<runtime>
<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
<dependentAssembly>
<assemblyIdentity name="System.Web.Helpers" publicKeyToken="31bf3856ad364e35" />
<bindingRedirect oldVersion="1.0.0.0-2.0.0.0" newVersion="2.0.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="System.Web.Mvc" publicKeyToken="31bf3856ad364e35" />
<bindingRedirect oldVersion="1.0.0.0-4.0.0.0" newVersion="4.0.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="System.Web.WebPages" publicKeyToken="31bf3856ad364e35" />
<bindingRedirect oldVersion="1.0.0.0-2.0.0.0" newVersion="2.0.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="EntityFramework" publicKeyToken="b77a5c561934e089" />
<bindingRedirect oldVersion="1.0.0.0-5.0.0.0" newVersion="5.0.0.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="WebGrease" publicKeyToken="31bf3856ad364e35" />
<bindingRedirect oldVersion="1.0.0.0-1.3.0.0" newVersion="1.3.0.0" />
</dependentAssembly>
</assemblyBinding>
</runtime>
<entityFramework>
<defaultConnectionFactory type="System.Data.Entity.Infrastructure.SqlConnectionFactory, EntityFramework" />
</entityFramework>
</configuration>3.测试
启动cas服务程序,启动成功后在vs中通过crtl+f5来预
览效果,直接跳转到cas的登录页表明成功,如下图。
输入用户名和密码,登录成功后直接跳转到首页,如下图
其他客户端通过相同的配置(仅serverName="http://localhost:31117"有区别)
后即可实现单点登录。需要讲的是这里cas只负责登录,
角色和权限的管理没有修改,还由各个客户端来维护。
4.单点登出
修改原来的退出登录方法
[Authorize]
public ActionResult LoginOff()
{
FormsAuthentication.SignOut();
return Redirect("http://sso.demo.com:8070/cas/logout?service=http://sso.demo.com:8070/cas/login?service=http://localhost:31117");
}
至此asp.net MVC客户端配置已经完成。
4629
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
