CAS获取用户更多信息

 配置SingleRowJdbcPersonAttributeDao

基于deployerConfigContext.xml配置文件，添加SingleRowJdbcPersonAttributeDao节点，其使用jdbc连接mysql认证，并且返回更多的用户信息放到session里让客户端获取

?

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22

< bean id = "xiaokacengAttributeRepository"          class = "org.jasig.services.persondir.support.jdbc.SingleRowJdbcPersonAttributeDao" >          < constructor-arg index = "0" ref = "dataSource" />          < constructor-arg index = "1" value = "select email,name,username,password from cas_user where {0}" />                    <!-- 组装sql用的查询条件属性 -->             < property name = "queryAttributeMapping" >              < map >                  <!-- key必须是uername而且是小写否则会导致取不到用户的其它信息，value对应数据库用户名字段,系统会自己匹配 -->                  < entry key = "username" value = "username" />              </ map >          </ property >          < property name = "resultAttributeMapping" >              < map >                  <!-- key为对应的数据库字段名称，value为提供给客户端获取的属性名字，系统会自动填充值 -->                  < entry key = "username" value = "username" ></ entry >                  < entry key = "email" value = "email" ></ entry >                  < entry key = "name" value = "name" ></ entry >                  < entry key = "password" value = "password" ></ entry >              </ map >          </ property >      </ bean >

配置用户认证凭据转化的解析器

在deployerConfigContext.xml中，为UsernamePasswordCredentialsToPrincipalResolver注入attributeRepository

?

1 2 3

< bean class = "org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver" >      < property name = "attributeRepository" ref = "xiaokacengAttributeRepository" /> </ bean >

删除serviceRegistryDao节点下的配置

如果不注释掉里面的内容，将会导致客户端无法获取用户更多的信息

?

1 2 3 4 5 6 7 8 9 10 11 12 13 14

< bean id = "serviceRegistryDao" class = "org.jasig.cas.services.InMemoryServiceRegistryDaoImpl" >             <!--  <propertyname="registeredServices">                 <list>                     <bean class="org.jasig.cas.services.RegexRegisteredService">                         <property name="id" value="0" />                         <property name="name" value="HTTP and IMAP" />                         <property name="description" value="Allows HTTP(S) and IMAP(S) protocols" />                         <property name="serviceId" value="^(https?|imaps?)://.*" />                         <property name="evaluationOrder" value="10000001" />                       </bean>                 </list>              </property>-->      </ bean >

添加用户信息返回

找到WEB-INF/view/jsp/protocol/2.0/casServiceValidationSuccess.jsp。此文件作用是在server验证成功后，这个页面负责生成与客户端交互的xml信息，在默认casServiceValidationSuccess.jsp中，只包括用户登录名，并不提供其他的属性信息，因此需要对页面进行扩展

?

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30

<%@ page session= "false" %> <%@ taglib prefix= "c" uri= "http://java.sun.com/jsp/jstl/core" %> <%@ taglib uri= "http://java.sun.com/jsp/jstl/functions" prefix= "fn" %> <cas:serviceResponse xmlns:cas= 'http://www.yale.edu/tp/cas' >      <cas:authenticationSuccess>          <cas:user>${fn:escapeXml(assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)- 1 ].principal.id)}</cas:user>          <c: if test= "${not empty pgtIou}" >              <cas:proxyGrantingTicket>${pgtIou}</cas:proxyGrantingTicket>          </c: if >          <c: if test= "${fn:length(assertion.chainedAuthentications) > 1}" >              <cas:proxies>                  <c:forEach var= "proxy" items= "${assertion.chainedAuthentications}"                      varStatus= "loopStatus" begin= "0"                      end= "${fn:length(assertion.chainedAuthentications)-2}" step= "1" >                      <cas:proxy>${fn:escapeXml(proxy.principal.id)}</cas:proxy>                  </c:forEach>              </cas:proxies>          </c: if >          <!-- 在server验证成功后，这个页面负责生成与客户端交互的xml信息，在默认的casServiceValidationSuccess.jsp中，只包括用户名，并不提供其他的属性信息，因此需要对页面进行扩展 -->         <c:if             test="${fn:length(assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.attributes) > 0}">             <cas:attributes>                 <c:forEach var="attr"                     items="${assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.attributes}">                     <cas:${fn:escapeXml(attr.key)}>${fn:escapeXml(attr.value)}</cas:${fn:escapeXml(attr.key)}>                 </c:forEach>             </cas:attributes>         </c:if>      </cas:authenticationSuccess> </cas:serviceResponse>

客户端获取

示例基于jsp页面获取

?

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24

<%@ page import = " org.jasig.cas.client.util.*" %> <%@ page import = " org.jasig.cas.client.authentication.*" %> <%@ page import = " org.jasig.cas.client.validation.*" %> <%@ page import = " java.util.*" %>            <%                   AttributePrincipal principal = (AttributePrincipal) request.getUserPrincipal();                   // AttributePrincipal principal = AssertionHolder.getAssertion().getPrincipal();                  String loginName = principal.getName();                   out.println( "loginName:" + loginName);                   Map<String, Object> attributes = principal.getAttributes();                   out.println( "<br>" );                   if (attributes != null )                   {                     out.println( "username:" + attributes.get( "username" ));                       out.println( "<br>" );                      out.println( "password:" + attributes.get( "password" ));                       out.println( "<br>" );                       out.println( "email:" + attributes.get( "email" ));                       out.println( "<br>" );                       out.println( "name:" + attributes.get( "name" ));                       out.println( "<br>" );                   }           %>

from:http://my.oschina.net/xiaokaceng/blog/182547?p=1