前后端分离后台基于springboot,shiro,auth2,前端vue集成cas

增加三个拦截

package kwc.app.filter;



import kwc.app.common.enums.NoLoginEnum;
import kwc.app.common.utils.RedisUtils;
import org.jasig.cas.client.Protocol;
import org.jasig.cas.client.configuration.ConfigurationKeys;
import org.jasig.cas.client.util.AbstractCasFilter;
import org.jasig.cas.client.util.CommonUtils;
import org.jasig.cas.client.util.ReflectUtils;
import org.jasig.cas.client.validation.Assertion;
import org.jasig.cas.client.validation.TicketValidationException;
import org.jasig.cas.client.validation.TicketValidator;

import javax.net.ssl.HostnameVerifier;
import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.Properties;

/**
 * Created by fengjian on 2018/7/31.
 */
public abstract class AbstractTicketValidationFilterImpl extends AbstractCasFilter {
    private TicketValidator ticketValidator;
    private boolean redirectAfterValidation = true;
    private boolean exceptionOnValidationFailure = false;
    private boolean useSession = true;
    private RedisUtils redisUtils;

    protected AbstractTicketValidationFilterImpl(Protocol protocol, RedisUtils redisUtils) {
        super(protocol);
        this.redisUtils=redisUtils;
    }

    protected TicketValidator getTicketValidator(FilterConfig filterConfig) {
        return this.ticketValidator;
    }

    protected Properties getSSLConfig() {
        Properties properties = new Properties();
        String fileName = this.getString(ConfigurationKeys.SSL_CONFIG_FILE);
        if (fileName != null) {
            FileInputStream fis = null;

            try {
                fis = new FileInputStream(fileName);
                properties.load(fis);
                this.logger.trace("Loaded {} entries from {}", Integer.valueOf(properties.size()), fileName);
            } catch (IOException var8) {
                this.logger.error(var8.getMessage(), var8);
            } finally {
                CommonUtils.closeQuietly(fis);
            }
        }

        return properties;
    }

    protected HostnameVerifier getHostnameVerifier() {
        Class className = this.getClass(ConfigurationKeys.HOSTNAME_VERIFIER);
        String config = this.getString(ConfigurationKeys.HOSTNAME_VERIFIER_CONFIG);
        return className != null ? (config != null ? (HostnameVerifier) ReflectUtils.newInstance(className, new Object[]{config}) : (HostnameVerifier) ReflectUtils.newInstance(className, new Object[0])) : null;
    }

    protected void initInternal(FilterConfig filterConfig) throws ServletException {
        this.setExceptionOnValidationFailure(this.getBoolean(ConfigurationKeys.EXCEPTION_ON_VALIDATION_FAILURE));
        this.setRedirectAfterValidation(this.getBoolean(ConfigurationKeys.REDIRECT_AFTER_VALIDATION));
        this.setUseSession(this.getBoolean(ConfigurationKeys.USE_SESSION));
        if (!this.useSession && this.redirectAfterValidation) {
            this.logger.warn("redirectAfterValidation parameter may not be true when useSession parameter is false. Resetting it to false in order to prevent infinite redirects.");
            this.setRedirectAfterValidation(false);
        }

        this.setTicketValidator(this.getTicketValidator(filterConfig));
        super.initInternal(filterConfig);
    }

    public void init() {
        super.init();
        CommonUtils.assertNotNull(this.ticketValidator, "ticketValidator cannot be null.");
    }

    protected boolean preFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        return true;
    }

    protected void onFailedValidation(HttpServletRequest request, HttpServletResponse response) {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        if (this.preFilter(servletRequest, servletResponse, filterChain)) {
            HttpServletRequest request = (HttpServletRequest) servletRequest;
            HttpServletResponse response = (HttpServletResponse) servletResponse;
            String ticket = this.retrieveTicketFromRequest(request);
            if (CommonUtils.isNotBlank(ticket)) {
                this.logger.debug("Attempting to validate ticket: {}", ticket);

                try {
                    Assertion e = this.ticketValidator.validate(ticket, this.constructServiceUrl(request, response));
                    this.logger.debug("Successfully authenticated user: {}", e.getPrincipal().getName());
                    request.setAttribute("_const_cas_assertion_", e);
                    if (this.useSession) {
                        request.getSession().setAttribute("_const_cas_assertion_", e);
                    }

                    this.onSuccessfulValidation(request, response, e);
                    if (this.redirectAfterValidation) {
                        this.logger.debug("Redirecting after successful ticket validation.");
                        response.sendRedirect(this.constructServiceUrl(request, response));
                        return;
                    }
                } catch (TicketValidationException var8) {
                    this.logger.debug(var8.getMessage(), var8);
                    this.onFailedValidation(request, response);
                    PrintWriter printWriter = servletResponse.getWriter();
                    printWriter.write("{\"status\":40199,\"data\":" + NoLoginEnum.NO_LOGIN.getMsg() + ",\"message\":\"no login\",\"cas_cookie\":\"\"}");
                    return;
                }
            }
            filterChain.doFilter(request, response);
        }
    }


    protected void onSuccessfulValidation(HttpServletRequest request, HttpServletResponse response, Assertion assertion) {
        try {
            logger.info("通过ticket验证跳转到首页");
            String sessionId=request.getSession().getId();
            logger.info("========sessionId========="+sessionId);
            Object refer = redisUtils.hashGet("sessionIds", sessionId);
            if(refer!=null){
                redisUtils.hashRemove("sessionIds", sessionId);
                response.sendRedirect(String.valueOf(refer));
                logger.info("========threadLocal.set(referer)========" + String.valueOf(refer) + "=========================");
            }else{
                response.sendRedirect(NoLoginEnum.INDEX.getMsg());
            }
            setRedirectAfterValidation(false);
        } catch (IOException e) {
            e.printStackTrace();
        }
    }

    public final void setTicketValidator(TicketValidator ticketValidator) {
        this.ticketValidator = ticketValidator;
    }

    public final void setRedirectAfterValidation(boolean redirectAfterValidation) {
        this.redirectAfterValidation = redirectAfterValidation;
    }

    public final void setExceptionOnValidationFailure(boolean exceptionOnValidationFailure) {
        this.exceptionOnValidationFailure = exceptionOnValidationFailure;
    }

    public final void setUseSession(boolean useSession) {
        this.useSession = useSession;
    }
}
package kwc.app.filter;

import kwc.app.common.enums.NoLoginEnum;
import kwc.app.common.utils.RedisUtils;
import org.apache.commons.lang.StringUtils;
import org.jasig.cas.client.Protocol;
import org.jasig.cas.client.authentication.*;
import org.jasig.cas.client.configuration.ConfigurationKeys;
import org.jasig.cas.client.util.AbstractCasFilter;
import org.jasig.cas.client.util.AssertionHolder;
import org.jasig.cas.client.util.CommonUtils;
import org.jasig.cas.client.util.ReflectUtils;
import org.jasig.cas.client.validation.Assertion;

import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.HashMap;
import 
  • 0
    点赞
  • 6
    收藏
    觉得还不错? 一键收藏
  • 4
    评论
评论 4
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值