配置SingleRowJdbcPersonAttributeDao
基于deployerConfigContext.xml配置文件,添加SingleRowJdbcPersonAttributeDao节点,其使用jdbc连接mysql认证,并且返回更多的用户信息放到session里让客户端获取
<bean id="xiaokacengAttributeRepository"
class="org.jasig.services.persondir.support.jdbc.SingleRowJdbcPersonAttributeDao">
<constructor-arg index="0" ref="dataSource" />
<constructor-arg index="1" value="select email,name,username,password from cas_user where {0}" />
<!-- 组装sql用的查询条件属性 -->
<property name="queryAttributeMapping">
<map>
<!-- key必须是uername而且是小写否则会导致取不到用户的其它信息,value对应数据库用户名字段,系统会自己匹配 -->
<entry key="username" value="username" />
</map>
</property>
<property name="resultAttributeMapping">
<map>
<!-- key为对应的数据库字段名称,value为提供给客户端获取的属性名字,系统会自动填充值 -->
<entry key="username" value="username"></entry>
<entry key="email" value="email"></entry>
<entry key="name" value="name"></entry>
<entry key="password" value="password"></entry>
</map>
</property>
</bean>
配置用户认证凭据转化的解析器
在deployerConfigContext.xml中,为UsernamePasswordCredentialsToPrincipalResolver注入attributeRepository
<bean class="org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver" >
<property name="attributeRepository" ref="xiaokacengAttributeRepository" />
</bean>
删除serviceRegistryDao节点下的配置
如果不注释掉里面的内容,将会导致客户端无法获取用户更多的信息
<bean id="serviceRegistryDao" class="org.jasig.cas.services.InMemoryServiceRegistryDaoImpl">
<property name="registeredServices">
<!-- <list>
<bean class="org.jasig.cas.services.RegexRegisteredService">
<property name="id" value="0" />
<property name="name" value="HTTP and IMAP" />
<property name="description" value="Allows HTTP(S) and IMAP(S) protocols" />
<property name="serviceId" value="^(https?|imaps?)://.*" />
<property name="evaluationOrder" value="10000001" />
</bean>
</list> -->
</property>
</bean>
添加用户信息返回
找到WEB-INF/view/jsp/protocol/2.0/casServiceValidationSuccess.jsp。此文件作用是在server验证成功后,这个页面负责生成与客户端交互的xml信息,在默认casServiceValidationSuccess.jsp中,只包括用户登录名,并不提供其他的属性信息,因此需要对页面进行扩展
<%@ page session="false" %>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<%@ taglib uri="http://java.sun.com/jsp/jstl/functions" prefix="fn" %>
<cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
<cas:authenticationSuccess>
<cas:user>${fn:escapeXml(assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.id)}</cas:user>
<c:if test="${not empty pgtIou}">
<cas:proxyGrantingTicket>${pgtIou}</cas:proxyGrantingTicket>
</c:if>
<c:if test="${fn:length(assertion.chainedAuthentications) > 1}">
<cas:proxies>
<c:forEach var="proxy" items="${assertion.chainedAuthentications}"
varStatus="loopStatus" begin="0"
end="${fn:length(assertion.chainedAuthentications)-2}" step="1">
<cas:proxy>${fn:escapeXml(proxy.principal.id)}</cas:proxy>
</c:forEach>
</cas:proxies>
</c:if>
<!-- 在server验证成功后,这个页面负责生成与客户端交互的xml信息,在默认的casServiceValidationSuccess.jsp中,只包括用户名,并不提供其他的属性信息,因此需要对页面进行扩展 -->
<c:if
test="${fn:length(assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.attributes) > 0}">
<cas:attributes>
<c:forEach var="attr"
items="${assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.attributes}">
<cas:${fn:escapeXml(attr.key)}>${fn:escapeXml(attr.value)}</cas:${fn:escapeXml(attr.key)}>
</c:forEach>
</cas:attributes>
</c:if>
</cas:authenticationSuccess>
</cas:serviceResponse>
客户端获取
示例基于jsp页面获取
<%@ page import=" org.jasig.cas.client.util.*" %>
<%@ page import=" org.jasig.cas.client.authentication.*" %>
<%@ page import=" org.jasig.cas.client.validation.*" %>
<%@ page import=" java.util.*" %>
<%
AttributePrincipal principal = (AttributePrincipal) request.getUserPrincipal();
// AttributePrincipal principal = AssertionHolder.getAssertion().getPrincipal();
String loginName = principal.getName();
out.println("loginName:" + loginName);
Map<String, Object> attributes = principal.getAttributes();
out.println("<br>");
if (attributes != null)
{
out.println("username:" + attributes.get("username"));
out.println("<br>");
out.println("password:" + attributes.get("password"));
out.println("<br>");
out.println("email:" + attributes.get("email"));
out.println("<br>");
out.println("name:" + attributes.get("name"));
out.println("<br>");
}
%>