cas常用于单点登录,将多个系统集成时,用户只需要登陆一次就能访问所有集成的系统。
<!-- 统一退出过滤器 -->
<filter>
<filter-name>SSO Single Sign Out Filter</filter-name>
<filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>
</filter>
<!-- 该过滤器负责用户的认证工作,必须启用它 -->
<filter>
<filter-name>SSOFilter</filter-name>
<filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>
<init-param>
<param-name>casServerLoginUrl</param-name>
<param-value>http://173.11.123.116/sso/login</param-value><!--填认证服务器的登录地址-->
</init-param>
<init-param>
<!-- 本系统的UIA -->
<param-name>serverName</param-name>
<param-value>http://172.131.25.61:8080</param-value><!--填应用程序的IP和端口-->
</init-param>
<init-param>
<param-name>renew</param-name>
<param-value>false</param-value>
</init-param>
<init-param>
<param-name>gateway</param-name>
<param-value>false</param-value>
</init-param>
</filter>
<!-- 该过滤器负责对Ticket的校验工作,必须启用它 -->
<filter>
<filter-name>CAS Validation Filter</filter-name>
<filter-class>org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</filter-class>
<init-param>
<param-name>casServerUrlPrefix</param-name>
<param-value>http://173.11.123.116/sso</param-value><!--填认证服务器的IP地址-->
</init-param>
<init-param>
<!-- 本系统的UIA -->
<param-name>serverName</param-name>
<param-value>http://172.131.25.61:8080</param-value><!--填应用程序的IP和端口-->
</init-param>
<init-param>
<param-name>acceptAnyProxy</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>proxyReceptorUrl</param-name>
<param-value>/proxyCallback</param-value>
</init-param>
<init-param>
<param-name>proxyCallbackUrl</param-name>
<param-value>http://173.11.123.116/proxyCallback</param-value><!--填认证服务器的IP地址-->
</init-param>
</filter>
<!--该过滤器负责实现HttpServletRequest请求的包裹,
比如允许开发者通过HttpServletRequest的getRemoteUser()方法获得SSO登录用户的登录名,可选配置。-->
<filter>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class>
</filter>
<filter>
<filter-name>CAS Assertion Thread Local Filter</filter-name>
<filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class>
</filter>
<!-- cas mapping s -->
<filter-mapping>
<filter-name>SSO Single Sign Out Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS Validation Filter </filter-name>
<url-pattern>/proxyCallback</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>SSOFilter</filter-name>
<url-pattern>*.action</url-pattern>
</filter-mapping>
<filter-mapping>
<!-- 要拦截的本系统登录界面 -->
<filter-name>SSOFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS Validation Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS Assertion Thread Local Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<listener>
<listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class>
</listener>
需要添加的jar包(可能其他版本的jar包不适用该配置):
casclient.jar
cas-client-core-3.2.1.jar
//下面是jar中封装的方法,通过assertion.getPrincipal().getName()可以获取到登录时输入的用户名
Assertion assertion = (Assertion)getSession().getAttribute("_const_cas_assertion_");
assertion.getPrincipal().getName();