1.添加依赖jar
<!-- spring security -->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<!-- cas -->
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-cas</artifactId>
</dependency>
2.extends WebSecurityConfigurerAdapter
注意:MyUserDetailsService implements UserDetailsService , AuthenticationUserDetailsService<CasAssertionAuthenticationToken>一定要实现AuthenticationUserDetailsService<CasAssertionAuthenticationToken>,cas服务器认证通过后会回调此接口的public UserDetails loadUserDetails(CasAssertionAuthenticationToken token)方法。
关键代码添加过滤器Filter链:
http.exceptionHandling().authenticationEntryPoint(casAuthenticationEntryPoint(serviceProperties()));
// 单点注销的过滤器,必须配置在SpringSecurity的过滤器链中,如果直接配置在Web容器中,貌似是不起作用的。我自己的是不起作用的。
SingleSignOutFilter singleSignOutFilter = new SingleSignOutFilter();
singleSignOutFilter.setCasServerUrlPrefix(this.casServerConfig.getHost());
http.addFilter(casAuthenticationFilter())
.addFilterBefore(logoutFilter(), LogoutFilter.class)
.addFilterBefore(singleSignOutFilter, CasAuthenticationFilter.class);
在application.properties添加:
security.cas.server.host = http://192.168.10.95:8080/cas
security.cas.server.login = ${security.cas.server.host}/login
security.cas.server.logout = ${security.cas.server.host}/logout
security.cas.service.host = http://192.168.10.95:8088
security.cas.service.login = /login
security.cas.service.logout = /logout
创建@Component
@ConfigurationProperties(prefix = "security.cas.server")
public class CasServerConfig类和@Component
@ConfigurationProperties(prefix = "security.cas.service")
public class CasServiceConfig 类
以下为实现代码:
package pit.security;
import java.util.ArrayList;
import javax.annotation.Resource;
import javax.sql.DataSource;
import org.jasig.cas.client.session.SingleSignOutFilter;
import org.jasig.cas.client.validation.Cas30ServiceTicketValidator;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.ProviderManager;
import org.springframework.security.cas.ServiceProperties;
import org.springframework.security.cas.authentication.CasAssertionAuthenticationToken;
import org.springframework.security.cas.authentication.CasAuthenticationProvider;