SpringBoot+CAS Client 实现单点登录
一、引入CAS client依赖
<!-- https://mvnrepository.com/artifact/net.unicon.cas/cas-client-autoconfig-support -->
<!-- cas客户端-->
<dependency>
<groupId>net.unicon.cas</groupId>
<artifactId>cas-client-autoconfig-support</artifactId>
<version>2.3.0-GA</version>
</dependency>
二、配置
在application.properties或者application.yml中添加相关配置,主要配置内容包括服务器的相关地址,客户端的相关地址等。我这里是application.yml,配置内容如下:
server:
port: 8011
cas:
#后端服务地址
client-host-url: http://192.168.0.113:8011
#cas认证中心地址
server-url-prefix: http://192.168.0.113:8089/cas
#cas认证中心登录地址
server-login-url: http://192.168.0.113:8089/cas/login
validation-type: cas3
cas-ignore-pattern: (/test/*)|(/file/*)
三、在启动类中添加启用注解
@SpringBootApplication
@EnableCasClient
public class DemoApplication {
public static void main(String[] args) {
SpringApplication.run(DemoApplication.class, args);
}
}
过滤器
@Configuration
public class CasConfig {
@Value("${cas.server-login-url}")
private String casServerLoginUrl;
@Value("${cas.client-host-url}")
private String casClientHostUrl;
@Value("${cas-ignore-pattern}")
private String casIgnorePattern;
/**
* description:授权过滤器
* ignoreUrlPatternType 使用CAS现成的正则表达式过滤策略
*/
@Bean
public FilterRegistrationBean filterAuthenticationRegistration() {
FilterRegistrationBean registration = new FilterRegistrationBean();
registration.setFilter(new AuthenticationFilter());
registration.addUrlPatterns("/*");
Map<String,String> initParameters = new HashMap<String, String>();
initParameters.put("casServerLoginUrl", casServerLoginUrl);
initParameters.put("serverName", casClientHostUrl);
//配置文件中设置要过滤拦截的路径
initParameters.put("ignorePattern", casIgnorePattern);
initParameters.put("ignoreUrlPatternType", "org.jasig.cas.client.authentication.RegexUrlPatternMatcherStrategy");
registration.setInitParameters(initParameters);
registration.setOrder(1);
return registration;
}
}
测试
@Controller
public class TestController {
@Value(value = "${cas.server-url-prefix}")
private String serverUrlPrefix;
@Value(value = "${cas.client-host-url}")
private String clientHostUrl;
@RequestMapping("/login")
@ResponseBody
public String login(HttpServletRequest request) {
Assertion assertion = (Assertion) request.getSession().getAttribute(AbstractCasFilter.CONST_CAS_ASSERTION);
String loginName = null;
if (assertion != null) {
AttributePrincipal principal = assertion.getPrincipal();
loginName = principal.getName();
System.out.println("访问者:" + loginName);
}
return "success";
}
@RequestMapping("/logout")
public String logout(HttpServletRequest request) {
request.getSession().invalidate();
return "redirect:" + serverUrlPrefix + "/logout?service=" + clientHostUrl;
}
@RequestMapping("/test")
@ResponseBody
public String test(HttpServletRequest request) {
return "test";
}
}