一、cas服务器
1、下载cas.war 。百度云盘
2、放在tomcat目录下,启动tomcat。
cas启动成功的地址为 http://localhost:8080/cas/login
默认用户名:casuser
密码:Mellon
3、去除https验证
cas默认使用https。此处修改为了http。
修改deployerConfigContext.xml
<bean class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler"
p:httpClient-ref="httpClient"/>
增加参数p:requireSecure="false",requireSecure属性为是否需要安全验证,即HTTPS,false为不采用
(2)修改cas的/WEB-INF/spring-configuration/ticketGrantingTicketCookieGenerator.xml
<bean id="ticketGrantingTicketCookieGenerator" class="org.jasig.cas.web.support.CookieRetrievingCookieGenerator"
p:cookieSecure="true"
p:cookieMaxAge="-1"
p:cookieName="CASTGC"
p:cookiePath="/cas" />
参数p:cookieSecure="true",是否需要安全验证,即HTTPS,false为不采用。
参数p:cookieMaxAge="-1",是COOKIE的最大生命周期,-1为无生命周期,即只在当前打开的窗口有效,关闭或重新打开其它窗口,仍会要求验证。可以根据需要修改为大于0的数字,比如3600等,意思是在3600秒内,打开任意窗口,都不需要验证。
这里将cookieSecure改为false , cookieMaxAge 改为3600
(3)修改cas的WEB-INF/spring-configuration/warnCookieGenerator.xml
<bean id="warnCookieGenerator" class="org.jasig.cas.web.support.CookieRetrievingCookieGenerator"
p:cookieSecure="true"
p:cookieMaxAge="-1"
p:cookieName="CASPRIVACY"
p:cookiePath="/cas" />
将cookieSecure改为false , cookieMaxAge改为3600
二、client端
建两个项目,分别配置下面信息
1、加入jar包【cas-client-core-3.2.1.jar】 提取码: ges2
2、web.xml中增加如下的配置.
<!--单点登录-->
<filter>
<filter-name>CAS Single Sign Out Filter</filter-name>
<filter-class>
org.jasig.cas.client.session.SingleSignOutFilter
</filter-class>
</filter>
<filter>
<filter-name>CAS Authentication Filter</filter-name>
<filter-class>
org.jasig.cas.client.authentication.AuthenticationFilter
</filter-class>
<init-param>
<param-name>casServerLoginUrl</param-name>
<param-value>http://localhost:8080/cas/login</param-value>
<!--cas服务器的地址,只改端口号-->
</init-param>
<init-param>
<param-name>renew</param-name>
<param-value>false</param-value>
</init-param>
<init-param>
<param-name>gateway</param-name>
<param-value>false</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>http://localhost:8081</param-value>
<!--此应用的地址-->
</init-param>
</filter>
<filter>
<filter-name>CAS Validation Filter</filter-name>
<filter-class>
org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter
</filter-class>
<init-param>
<param-name>casServerUrlPrefix</param-name>
<param-value>http://localhost:8080/cas</param-value>
<!--cas服务器的地址,只改端口号-->
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>http://localhost:8081</param-value>
<!--此应用的地址-->
</init-param>
<init-param>
<param-name>useSession</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>redirectAfterValidation</param-name>
<param-value>true</param-value>
</init-param>
</filter>
<filter>
<filter-name>CAS HttpServletRequestWrapperFilter</filter-name>
<filter-class>
org.jasig.cas.client.util.HttpServletRequestWrapperFilter
</filter-class>
</filter>
<filter>
<filter-name>GeneralCasFilter</filter-name>
<filter-class>
cn.com.xxx.CasFilter
</filter-class>
<!-- 自定义过滤器的全类名-->
</filter>
<filter-mapping>
<filter-name>CAS Single Sign Out Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS Authentication Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS Validation Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS HttpServletRequestWrapperFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>GeneralCasFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
3、定义自己的过滤器 cn.com.xxx.CasFilter
建立cn.com.xxx.CasFilter类
import org.jasig.cas.client.authentication.AttributePrincipal;
import org.springframework.context.ApplicationContext;
import org.springframework.context.event.ContextRefreshedEvent;
import org.springframework.context.event.EventListener;
import javax.servlet.*;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import java.io.IOException;
public class CasFilter extends HttpServlet implements Filter {
private static Manager manager;
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
HttpServletRequest httpRequest = (HttpServletRequest) request;
AttributePrincipal attributePrincipal = (AttributePrincipal) httpRequest.getUserPrincipal();
if (attributePrincipal != null) {
//获取到的用户名为在cas页面登录过的用户名:如“casuser”
String loginName = attributePrincipal.getName();
String fromIpAddress = request.getLocalAddr();
HttpSession session = httpRequest.getSession();
//根据实际情况调整
Human human = manager.getSsoHuman(loginName);
if (human != null) {
//设置自动登录系统
}
}
chain.doFilter(request, response);
}
//因为filter加载在service类的前面,所以此处获取service层的类需要自己获取初始化
public static void initBeans(ApplicationContext context) {
if (manager == null) {
manager = context.getBean(Manager.class);
}
}
@Override
public void destroy() {
}
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
}
建立另一个类(用于初始化service层的bean)
改类主要是为了监听application的事件,然后获取manager对象。
import org.springframework.context.ApplicationContext;
import org.springframework.context.ApplicationListener;
import org.springframework.context.event.ContextRefreshedEvent;
import org.springframework.stereotype.Component;
@Component
public class xxxApplicationListener implements ApplicationListener<ContextRefreshedEvent> {
private static ApplicationContext context;
@Override
public void onApplicationEvent(ContextRefreshedEvent event) {
context = event.getApplicationContext();
//调用上一个类的方法初始化bean
CasFilter.initBeans(context);
}
}
4、如果不需要自定义过滤器,去掉web.xml中的自定义过滤器即可。
另:还有其他方法可以在filter中获取到service层bean,但是我自己测试多次,均获取失败了,报错NoSuchBeanDefinitionException。所以后来采用的applicationListener的方法。
其他方法:
@Override
public void init(FilterConfig filterConfig) throws ServletException {
ServletContext servletContext = filterConfig.getServletContext();
WebApplicationContext context = WebApplicationContextUtils.getWebApplicationContext(servletContext);
if (context != null && context.getBean(Manager.class) != null && manager == null) {
manager = context.getBean(AdminManager.class);
}
}
参考
https://blog.csdn.net/weixin_41465541/article/details/80647246