Spring Boot中buji-pac4j集成CAS的单点登出问题
在项目中要求使用CAS 5.2+biji-pac4j 4.0.0实现系统的单点登录登出。开始时使用如下配置:
@Bean
@Order(Ordered.HIGHEST_PRECEDENCE)
public FilterRegistrationBean singleSignOutFilter() {
    FilterRegistrationBean bean = new FilterRegistrationBean();
    bean.setName("singleSignOutFilter");
    SingleSignOutFilter singleSignOutFilter = new SingleSignOutFilter();
    singleSignOutFilter.setCasServerUrlPrefix(prefixUrl);
    bean.setFilter(singleSignOutFilter);
    bean.addUrlPatterns("/*");
    bean.setEnabled(true);
    return bean;
}

但是在注入SingleSignOutFilter时会出现javalanglllegalArgumentException:casServerUrlPrefix cannot be null的报错。

断点跟踪发现在初始化SingleSignOutFilter时会调用init方法如下:

public void init(final FilterConfig filterConfig) throws ServletException {
    super.init(filterConfig);
    if (!isIgnoreInitConfiguration()) {
        setArtifactParameterName(getString(ConfigurationKeys.ARTIFACT_PARAMETER_NAME));
        setLogoutParameterName(getString(ConfigurationKeys.LOGOUT_PARAMETER_NAME));
        setFrontLogoutParameterName(getString(ConfigurationKeys.FRONT_LOGOUT_PARAMETER_NAME));
        setRelayStateParameterName(getString(ConfigurationKeys.RELAY_STATE_PARAMETER_NAME));
        setCasServerUrlPrefix(getString(ConfigurationKeys.CAS_SERVER_URL_PREFIX));
        HANDLER.setArtifactParameterOverPost(getBoolean(ConfigurationKeys.ARTIFACT_PARAMETER_OVER_POST));
        HANDLER.setEagerlyCreateSessions(getBoolean(ConfigurationKeys.EAGERLY_CREATE_SESSIONS));
    }
    HANDLER.init();
    handlerInitialized.set(true);
}

如果isIgnoreInitConfiguration()为false,则会对casServerUrlPrefix重新赋值为ConfigurationKeys.CAS_SERVER_URL_PREFIX的值,而其值如下:

ConfigurationKey<String> CAS_SERVER_URL_PREFIX = new ConfigurationKey<String>("casServerUrlPrefix", null);

可见会把casServerUrlPrefix重新赋值为null。在接着会调用HANDLER.init()方法,方法如下:

public synchronized void init() {
    if (this.safeParameters == null) {
        CommonUtils.assertNotNull(this.artifactParameterName, "artifactParameterName cannot be null.");
        CommonUtils.assertNotNull(this.logoutParameterName, "logoutParameterName cannot be null.");
        CommonUtils.assertNotNull(this.frontLogoutParameterName, "frontLogoutParameterName cannot be null.");
        CommonUtils.assertNotNull(this.sessionMappingStorage, "sessionMappingStorage cannot be null.");
        CommonUtils.assertNotNull(this.relayStateParameterName, "relayStateParameterName cannot be null.");
        CommonUtils.assertNotNull(this.casServerUrlPrefix, "casServerUrlPrefix cannot be null.");

        if (CommonUtils.isBlank(this.casServerUrlPrefix)) {
            logger.warn("Front Channel single sign out redirects are disabled when the 'casServerUrlPrefix' value is not set.");
        }

        if (this.artifactParameterOverPost) {
            this.safeParameters = Arrays.asList(this.logoutParameterName, this.artifactParameterName);
        } else {
            this.safeParameters = Arrays.asList(this.logoutParameterName);
        }
    }
}

方法中对casServerUrlPrefix进行了null和空的判断,为null或为空则报错。可知isIgnoreInitConfiguration()为false后必会报错。而isIgnoreInitConfiguration()取决于SingleSignOutFilter所继承的AbstractConfigurationFilter中如下值:

private boolean ignoreInitConfiguration = false;

并提供了get、set方法。所以可以直接配置。故最后的配置文件为:

@Bean
@Order(Ordered.HIGHEST_PRECEDENCE)
public FilterRegistrationBean singleSignOutFilter() {
    FilterRegistrationBean bean = new FilterRegistrationBean();
    bean.setName("singleSignOutFilter");
    SingleSignOutFilter singleSignOutFilter = new SingleSignOutFilter();
    singleSignOutFilter.setCasServerUrlPrefix(prefixUrl);
    singleSignOutFilter.setIgnoreInitConfiguration(true);
    bean.setFilter(singleSignOutFilter);
    bean.addUrlPatterns("/*");
    bean.setEnabled(true);
    return bean;
}
就可以了。
阅读更多
想对作者说点什么? 我来说一句

没有更多推荐了,返回首页

不良信息举报

Spring Boot中buji-pac4j集成CAS的单点登出问题

最多只允许输入30个字

加入CSDN,享受更精准的内容推荐,与500万程序员共同成长!
关闭
关闭