SpringBoot整合Cas

已于 2022-08-31 17:55:38 修改
阅读量3.2k 收藏 4
点赞数
分类专栏: cas 文章标签: cas spring boot
于 2022-08-31 17:50:01 首次发布
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/qq_38410795/article/details/126625516
版权

1、启动类里注释启用cas客户端的注解 (如果启用会使用默认的AuthenticationFilter)

 2、引入依赖

<!--依赖cas 配置jar  -->
        <!-- 单点登录 -->
        <dependency>
            <groupId>org.jasig.cas.client</groupId>
            <artifactId>cas-client-core</artifactId>
            <version>3.4.1</version>
        </dependency>
        <dependency>
            <groupId>net.unicon.cas</groupId>
            <artifactId>cas-client-autoconfig-support</artifactId>
            <version>2.3.0-GA</version>
        </dependency>
<!-- Shiro 核心依赖 -->
        <dependency>
            <groupId>org.apache.shiro</groupId>
            <artifactId>shiro-spring</artifactId>
            <version>1.4.0</version>
        </dependency>
        <!--单元测试的依赖-->
        <dependency>
            <groupId>junit</groupId>
            <artifactId>junit</artifactId>
            <version>4.12</version>
        </dependency>
        <!-- https://mvnrepository.com/artifact/org.jasig.cas.client/cas-client-integration-tomcat-common -->
        <dependency>
            <groupId>org.jasig.cas.client</groupId>
            <artifactId>cas-client-integration-tomcat-common</artifactId>
            <version>3.4.1</version>
        </dependency>
        <dependency>
            <groupId>commons-httpclient</groupId>
            <artifactId>commons-httpclient</artifactId>
            <version>3.1</version>
        </dependency>
        <dependency>
            <groupId>org.apache.commons</groupId>
            <artifactId>commons-lang3</artifactId>
            <version>3.8.1</version>
        </dependency>

3、自定义过滤器MyAuthenticationFilter复制AuthenticationFilter只需修改doFilter方法即可

public final void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest request = (HttpServletRequest)servletRequest;
        HttpServletResponse response = (HttpServletResponse)servletResponse;
        if (this.isRequestUrlExcluded(request)) {
            this.logger.debug("Request is ignored.");
            filterChain.doFilter(request, response);
        } else {
            HttpSession session = request.getSession(false);
            Assertion assertion = session != null ? (Assertion)session.getAttribute("_const_cas_assertion_") : null;
            if (assertion != null) {
                filterChain.doFilter(request, response);
            } else {
                String serviceUrl = this.constructServiceUrl(request, response);
                String ticket = this.retrieveTicketFromRequest(request);
                boolean wasGatewayed = this.gateway && this.gatewayStorage.hasGatewayedAlready(request, serviceUrl);
                if (!CommonUtils.isNotBlank(ticket) && !wasGatewayed) {
                    this.logger.debug("no ticket and no assertion found");
                    String modifiedServiceUrl;
                    if (this.gateway) {
                        this.logger.debug("setting gateway attribute in session");
                        modifiedServiceUrl = this.gatewayStorage.storeGatewayInformation(request, serviceUrl);
                    } else {
                        modifiedServiceUrl = serviceUrl;
                    }

                    this.logger.debug("Constructed service url: {}", modifiedServiceUrl);
//                    String urlToRedirectTo = CommonUtils.constructRedirectUrl(this.casServerLoginUrl, this.getProtocol().getServiceParameterName(), modifiedServiceUrl, this.renew, this.gateway);
//                    this.logger.debug("redirecting to \"{}\"", urlToRedirectTo);
//                    this.authenticationRedirectStrategy.redirect(request, response, urlToRedirectTo);
                    response.setCharacterEncoding("UTF-8");
                    PrintWriter out = response.getWriter();
                    response.setContentType("application/json; charset=UTF-8");
                    out.println("{\"code\":\"403\",\"message\":\"请登陆!\"}");
                } else {
                    filterChain.doFilter(request, response);
                }
            }
        }
    }

4、application.properties

# cas server settings
cas.server-url-prefix=https://xxx.com:8443/cas/
cas.server-login-url=https://xxx.com:8443/cas/login
cas.client-host-url=http://localhost:9100
cas.validation-type=cas
cas.use-session=true
# springboot server settings
server.port=9100
#自定义项目后台单点登录接口路径
client-host-url=http://127.0.0.1:9100/login/index
#自定义项目前台单点登录接口路径-单点登录平台也是配置此路径
adminPath=http://127.0.0.1:9100/index
cas-ignore-pattern=/logout|/login
#spring.mvc.servlet.load-on-startup=1

5、cas配置类

@Configuration
@Component
public class CASAutoConfig {
    @Value("${cas.server-url-prefix}")
    private String serverUrlPrefix;
    @Value("${cas.server-login-url}")
    private String serverLoginUrl;
    @Value("${cas.client-host-url}")
    private String clientHostUrl;
    @Value("${cas-ignore-pattern}")
    private String casIgnorePattern;
    /**
     * @Author chenb2
     * @Description 设置监听器
     * @Date 14:24 2019/12/5
     * @Param []
     * @return org.springframework.boot.web.servlet.ServletListenerRegistrationBean
     **/
    @Bean
    public ServletListenerRegistrationBean servletListenerRegistrationBean(){
        ServletListenerRegistrationBean  listenerRegistrationBean = new ServletListenerRegistrationBean();
        listenerRegistrationBean.setListener(new SingleSignOutHttpSessionListener());
        listenerRegistrationBean.setOrder(1);
        return listenerRegistrationBean;
    }
    /**
     * 该过滤器用于实现单点登出功能,当一个系统登出时,cas服务端会通知,各个应
     * 用进行进行退出操作,该过滤器就是用来接收cas回调的请求,如果是前后端分离
     * 应用,需要重写SingleSignOutFilter过滤器,按自已的业务规则去处理
     */
    @Bean
    public FilterRegistrationBean singleSignOutFilter() {
        FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
        filterRegistration.setFilter(new SingleSignOutFilter());
        filterRegistration.setEnabled(true);
        filterRegistration.addUrlPatterns("/*");
        filterRegistration.addInitParameter("casServerUrlPrefix", serverUrlPrefix);
        filterRegistration.addInitParameter("serverName", clientHostUrl);
        filterRegistration.setOrder(2);
        return filterRegistration;
    }
    /**
     * 授权过滤器
     * @return
     */
    @Bean
    public FilterRegistrationBean filterAuthenticationRegistration() {
        FilterRegistrationBean registration = new FilterRegistrationBean();
        registration.setFilter(new MyAuthenticationFilter());
        Map<String,String> initParameters = new HashMap<String, String>();
        initParameters.put("casServerLoginUrl",serverLoginUrl);
        initParameters.put("serverName", clientHostUrl);
        //忽略的url,"|"分隔多个url
        initParameters.put("ignorePattern", casIgnorePattern);
        registration.setInitParameters(initParameters);
        // 设定加载的顺序
        registration.setOrder(1);
        return registration;
    }
    /**
     * 该过滤器用于单点登录功能,负责对Ticket的校验工作
     * @return
     */
    @Bean
    public FilterRegistrationBean ValidationFilterRegistrationBean(){
        FilterRegistrationBean authenticationFilter = new FilterRegistrationBean();
        authenticationFilter.setOrder(5);
        authenticationFilter.setFilter(new Cas30ProxyReceivingTicketValidationFilter());

        Map<String, String> initParameters = new HashMap<String, String>();
        initParameters.put("casServerUrlPrefix", serverUrlPrefix);
        initParameters.put("serverName", clientHostUrl);
        authenticationFilter.setInitParameters(initParameters);

        List<String> urlPatterns = new ArrayList<String>();
        urlPatterns.add("/*");
        authenticationFilter.setUrlPatterns(urlPatterns);
        return authenticationFilter;
    }


    /**
     * 该过滤器用于单点登录功能 ,对HttpServletRequest请求包装, 可通过HttpServletRequest的getRemoteUser()方法获得登录用户的登录名
     * @return
     */

    @Bean
    public FilterRegistrationBean casHttpServletRequestWrapperFilter(){
        FilterRegistrationBean authenticationFilter = new FilterRegistrationBean();
        authenticationFilter.setFilter(new HttpServletRequestWrapperFilter());
        authenticationFilter.setOrder(6);
        List<String> urlPatterns = new ArrayList<String>();
        urlPatterns.add("/*");
        authenticationFilter.setUrlPatterns(urlPatterns);
        return authenticationFilter;
    }

}

 6、Controller

import com.example.spring_boot_cas_demo.utils.CasServerUtil;
import com.example.spring_boot_cas_demo.utils.ResultUtil;
import com.example.spring_boot_cas_demo.utils.VerifyCode;
import org.apache.commons.lang3.StringUtils;
import org.jasig.cas.client.util.AssertionHolder;
import org.jasig.cas.client.validation.Assertion;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.web.bind.annotation.RequestMapping;
import com.example.spring_boot_cas_demo.utils.Result;
import org.springframework.web.bind.annotation.RestController;

import javax.imageio.ImageIO;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.awt.image.BufferedImage;
import java.io.IOException;
import java.io.OutputStream;
import java.util.HashMap;
import java.util.Map;

@RestController
@RequestMapping("/login")
public class LoginController {
    private static final Logger log = LoggerFactory.getLogger(LoginController.class);
    @Value("${cas.server-login-url}")
    private String serverLoginUrl;
    @Value("${client-host-url}")
    private String clientHostUrl;
    @Value("${adminPath}")
    private String adminPath;
    @RequestMapping("/log")
    public Result login(HttpServletRequest request, HttpServletResponse response, HttpSession httpSession){
        log.info("进入单点登录的方法 in sso method");
        //利用restful协议登录cas服务端
        String username = request.getParameter("username");
        String password = request.getParameter("password");
        System.out.println(httpSession);
        Map<String,String> map = new CasServerUtil().getUrl(username, password);
        String strCookie = map.get("Cookie");
        System.out.println(httpSession);
        if(StringUtils.isNotEmpty(strCookie)){
            String[] strArr = strCookie.split("; ");
            for (int i=0 ;i<strArr.length;i++) {
                if(strArr[i].contains("JSESSIONID")){
                    String sid = strArr[i].split("=")[1];
                    Cookie cookie=new Cookie("JSESSIONID", sid);
                    cookie.setPath("/");
                    cookie.setHttpOnly(true);
                    response.addCookie(cookie);
                    break;
                }
            }
        }

        return ResultUtil.success(map);

    }
    @RequestMapping("/index")
    public Result index(HttpServletRequest request, HttpServletResponse response, HttpSession httpSession){
        log.info("进入单点登录的方法 in sso method");
        // 如果是单点登录模式
        String ticket =request.getParameter("ticket");
        Map<String, Object> map = new HashMap<>();
        Cookie[] cookies = request.getCookies();
                   
        System.out.println("=======getCookies============"+request.getCookies());
        System.out.println("============getCookies================="+cookies.length);
        

        return ResultUtil.success(map);
    }

7、工具类CasServerUtil

import org.apache.commons.httpclient.Header;
import org.apache.commons.httpclient.HttpClient;
import org.apache.commons.httpclient.HttpStatus;
import org.apache.commons.httpclient.NameValuePair;
import org.apache.commons.httpclient.methods.DeleteMethod;
import org.apache.commons.httpclient.methods.GetMethod;
import org.apache.commons.httpclient.methods.PostMethod;
import org.apache.commons.lang3.StringUtils;
import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
import java.util.regex.Matcher;
import java.util.regex.Pattern;

public class CasServerUtil {
    //登录地址的token
    private String get_token_url = "";

    //目标返回的服务器的url, 同访问的地址必须完全一致,不然就会报错。
    private String taget_url = "";

    private String ticket = "";

    public String getTicket() {
        return ticket;
    }

    public void setTicket(String ticket) {
        this.ticket = ticket;
    }

    public CasServerUtil(){
        String serverUrl = "https://xxx.com:8443/cas/";
        String serverB = "http://localhost:9100/login/index";
        if (StringUtils.isNotBlank(serverUrl)) {
            get_token_url = serverUrl + "v1/tickets/";
            taget_url = serverB;
        }
    }

    public CasServerUtil(String tgt,String taget_url) {
        this.taget_url = taget_url;
        this.ticket = getST(tgt);
    }


    /**
     * 通过用户名密码获取tgt,并根据tgt获取ticket
     * @param username
     * @param password
     * @return String
     */
    public String getST(String username,String password){
        String tgt = getTGT(username, password);
        System.out.println("========tgt=========="+tgt);
        if(StringUtils.isEmpty(tgt)){
            return "";
        }
        return getST(tgt);
    }
    public Map<String,String> getUrl(String username,String password){
        Map<String,String> map = new HashMap<>();
        String tgt = getTGT(username, password);
        if(StringUtils.isEmpty(tgt)){
            return map;
        }
        String st = getST(tgt);
        if(StringUtils.isEmpty(st)){
            return map;
        }
        return response(st);
    }
    public Map<String,String> response(String st){
        Map<String,String> map = new HashMap<>();
        HttpClient client = new HttpClient();
        GetMethod method = new GetMethod(taget_url + "?ticket="+st);
        String response = null;
        try{
            client.executeMethod(method);
            response = method.getResponseBodyAsString();
            Header header = method.getResponseHeader("Cookie");
            if(header!=null){
                map.put("Location",header.getValue());
            }
            header = method.getRequestHeader("Cookie");
            System.out.println(method.getRequestHeaders());
            if(header!=null){
                map.put("Cookie",header.getValue());
            }
            System.out.println("=========response========"+response);
            int status = method.getStatusCode();
            switch (status){
                case HttpStatus.SC_CREATED: // Created
                    Matcher matcher = Pattern.compile(".*action=\".*/(.*?)\".*").matcher(response);
                    if (matcher.matches()){
                        System.out.println(matcher.group(1));
                    }
                    break;
                default:
                    break;
            }
        }catch (IOException e){
            e.printStackTrace();
        }finally{
            method.releaseConnection();
        }
        return map;
    }
    /**
     * 根据用户名、密码获取tgt
     * @return String
     */
    public String getTGT(String username,String password){
        String tgt = "";
        HttpClient client = new HttpClient();
        PostMethod method = new PostMethod(get_token_url);
        method.setRequestBody(new NameValuePair[]{new NameValuePair("username", username), new NameValuePair("password", password)});
        try{
            client.executeMethod(method);
            String response = method.getResponseBodyAsString();
            System.out.println("=========tgt========"+response);
            int status = method.getStatusCode();
            switch (status){
                case HttpStatus.SC_CREATED: // Created
                    Matcher matcher = Pattern.compile(".*action=\".*/(.*?)\".*").matcher(response);
                    if (matcher.matches()){
                        tgt = matcher.group(1);
                    }
                    break;
                default:
                    break;
            }
        }catch (IOException e){
            e.printStackTrace();
        }finally{
            method.releaseConnection();
        }
        return tgt;
    }

    /**
     * 通过tgt获取st
     * @param tgt
     * @return String
     */
    public String getST(String tgt){
        String serviceTicket = "";
        HttpClient client = new HttpClient();
        PostMethod method = new PostMethod(get_token_url + tgt + "/");
        method.setRequestBody(new NameValuePair[]{new NameValuePair("service", taget_url)});
        try {
            client.executeMethod(method);
            String response = method.getResponseBodyAsString();
            System.out.println("=========st========"+response);
            int status = method.getStatusCode();
            switch (status){
                case HttpStatus.SC_OK: // ok
                    serviceTicket = response.toString();
                    break;
                default:
                    break;
            }
        } catch (Exception e) {
            e.printStackTrace();
        }finally{
            method.releaseConnection();
        }
        return serviceTicket;
    }
}

冰淇淋@
关注
专栏目录
SpringBoot整合CAS文件资料
04-14
SpringBoot整合CAS(Central Authentication Service)是将CAS服务器与基于Spring Boot的应用程序相结合,实现单点登录(Single Sign-On, SSO)的功能。SSO允许用户在一次登录后,能够访问多个相互信任的应用系统,...
Spring Boot 整合 CAS (前后端分离整合部署和分开部署均适用)
weixin_45025472的博客
07-15 7389
Spring Boot 整合 CAS (前后端分离整合部署和分开部署均适用)
SpringBoot整合CAS服务
m0_60681411的博客
02-19 2234
本文描述了通过SpringBoot 项目连接CAS Server的完整实践过程。
4) Spring Boot + Spring Security集成CAS
最新发布
2401_85819458的博客
08-11 408
针对最近很多人都在面试,我这边也整理了相当多的面试专题资料,也有其他大厂的面经。希望可以帮助到大家。最新整理面试题上述的面试题答案都整理成文档笔记。也还整理了一些面试资料&最新2021收集的一些大厂的面试真题最新整理电子书最新整理大厂面试文档以上就是本文的全部内容,希望对大家的学习有所帮助,也希望大家多多支持。针对最近很多人都在面试,我这边也整理了相当多的面试专题资料,也有其他大厂的面经。希望可以帮助到大家。最新整理面试题。
springboot集成cas
m0_64774908的博客
08-08 801
相信许多小伙伴在开发过程中都需要使用单点登录,今天我就讲一讲我在公司的项目中集成cas服务那么首先 ,我们需要知道sso 及 cas
Java实战:SpringBoot集成单点登录CAS
oandy0的博客
03-06 3805
本文将详细介绍如何使用SpringBoot集成单点登录CAS,包括CAS的基本概念、集成步骤、具体代码示例等。通过阅读本文,我们将了解到单点登录的实现原理,并能够将这些知识应用到实际项目中。
SpringBoot 集成CAS简单学习
Kylin
08-10 2701
springboot 集成 CAS 简单学习。包含示例代码。
cas登录流程解析及springboot集成cas
qq_65642052的博客
08-08 4377
cas详细登录流程及springboot集成cas(前后端一体)
springboot集成CAS实现单点登录的示例代码
08-19
SpringBoot集成CAS实现单点登录是一项常见的企业级应用技术,旨在提供用户一次登录即可访问多个系统的便捷体验。CAS(Central Authentication Service)是一个开源的身份验证框架,它允许用户在一个集中的服务器上...
spring boot整合CAS配置详解
08-30
Spring Boot 整合 CAS 配置详解 Spring Boot 是一个基于 Java 的框架,提供了许多便捷的功能来快速开发 Web 应用程序。CAS(Central Authentication Service)是一种流行的身份验证协议,用于实现单点登录和单点...
SpringBoot+Security+Cas
09-07
SpringBoot+Security+Cas是一个集成解决方案,用于构建安全的Web应用程序。这个Demo是为那些希望了解如何在Spring Boot应用中整合Spring Security和CAS(Central Authentication Service)服务的开发者准备的。下面...
Springboot 2.1.2集成CAS5.2.6版本之客户端集成
01-23
 在这之前由于没有使用过Cas用来做单点登录,结果是一个坑接一个坑,我相信大多数第一次使用这个来做单点登录的大牛们=都会有类似的经历,今天就简单的把CAS客户端以SpringBoot的方式来讲述一下.(重点说一下忽略某些Url不使用CAS的情况),代码下载导入IDE即可使用
springboot+security+cas集成demo
11-23
本文将详细解析"springboot+security+cas集成demo"的相关知识点。 首先,Spring Boot是由Pivotal团队提供的一个用于简化Spring应用初始搭建以及开发过程的框架。它集成了大量的常用组件,并提供了默认配置,使得...
spring bootcas 整合
weixin_30710457的博客
07-26 501
1. 修改依赖 <!-- spring-boot-configuration 配置信息 ,加入此项可以提示 配置信息 --> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-confi...
SpringBoot整合CAS登录
Rumor_Liu的博客
01-17 2658
关于springboot整合cas登录相关内容
SpringBoot+CAS整合服务端和客户端实现SSO单点登录与登出快速入门上手
热门推荐
杨杨吖的博客
03-04 1万+
SpringBoot+CAS整合服务端和客户端实现SSO单点登录与登出快速入门上手
springboot集成cas客户端
on the way . . .
01-08 2068
中央身份认证服务(Central Authentication Service)通常被称为CAS,是针对Web的企业级多语言单点登录解决方案,并致力于成为身份验证和授权需求的全面平台。
实战springboot+CAS单点登录系统
weixin_54106682的博客
06-20 3445
cas单点登录
springboot整合CAS
09-22
SpringBoot整合CAS,需要进行以下步骤: 1. 在application.properties文件中配置CAS服务器和客户端的相关参数,如cas.server-url-prefix、cas.server-login-url、cas.client-host-url等。 2. 在启动类中添加注解@EnableCasClient,以启用CAS客户端功能。 3. (可选)根据需要可以在启动类中自定义AuthenticationFilter,以替换默认的认证过滤器。 请问还有其他相关问题吗? 相关问题: 1. 如何配置CAS服务器和客户端的参数? 2. 如何自定义CAS的认证过滤器? 3. 如何在SpringBoot项目中实现单点登录?
评论 3
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值