springboot springsecurity cas集成

最新推荐文章于 2024-07-30 19:45:00 发布

xgjj68163

最新推荐文章于 2024-07-30 19:45:00 发布

阅读量1.9k

点赞数 1

分类专栏：权限

本文链接：https://blog.csdn.net/u014161595/article/details/87913595

版权

1.添加依赖jar

<dependency>
       <groupId>org.springframework.boot</groupId>
       <artifactId>spring-boot-starter-security</artifactId>
   </dependency>
   
   <dependency>
        <groupId>org.springframework.security</groupId>
       <artifactId>spring-security-cas</artifactId>
   </dependency>

2.extends WebSecurityConfigurerAdapter

注意：MyUserDetailsService implements UserDetailsService , AuthenticationUserDetailsService<CasAssertionAuthenticationToken>一定要实现AuthenticationUserDetailsService<CasAssertionAuthenticationToken>,cas服务器认证通过后会回调此接口的public UserDetails loadUserDetails(CasAssertionAuthenticationToken token)方法。

关键代码添加过滤器Filter链：

http.exceptionHandling().authenticationEntryPoint(casAuthenticationEntryPoint(serviceProperties()));
// 单点注销的过滤器，必须配置在SpringSecurity的过滤器链中，如果直接配置在Web容器中，貌似是不起作用的。我自己的是不起作用的。
SingleSignOutFilter singleSignOutFilter = new SingleSignOutFilter();
singleSignOutFilter.setCasServerUrlPrefix(this.casServerConfig.getHost());

http.addFilter(casAuthenticationFilter())
.addFilterBefore(logoutFilter(), LogoutFilter.class)
.addFilterBefore(singleSignOutFilter, CasAuthenticationFilter.class);

在application.properties添加：

security.cas.server.host = http://192.168.10.95:8080/cas
security.cas.server.login = ${security.cas.server.host}/login
security.cas.server.logout = ${security.cas.server.host}/logout

security.cas.service.host = http://192.168.10.95:8088
security.cas.service.login = /login
security.cas.service.logout = /logout

创建@Component
@ConfigurationProperties(prefix = "security.cas.server")

public class CasServerConfig类和@Component
@ConfigurationProperties(prefix = "security.cas.service")
public class CasServiceConfig 类

以下为实现代码：

package pit.security;

import java.util.ArrayList;

import javax.annotation.Resource;
import javax.sql.DataSource;

import org.jasig.cas.client.session.SingleSignOutFilter;
import org.jasig.cas.client.validation.Cas30ServiceTicketValidator;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.ProviderManager;
import org.springframework.security.cas.ServiceProperties;
import org.springframework.security.cas.authentication.CasAssertionAuthenticationToken;
import org.springframework.security.cas.authentication.CasAuthenticationProvider;