CAS 单点登录安装笔记3 -- 与acegi集成

最新推荐文章于 2023-06-26 17:49:50 发布

wenzi_li

最新推荐文章于 2023-06-26 17:49:50 发布

阅读量335

点赞数

分类专栏： JAVA 文章标签： Acegi SSO Security .net JSP

JAVA 专栏收录该内容

54 篇文章 0 订阅

订阅专栏

CAS 单点登录安装笔记3
-- 与acegi集成

在我的项目中应用了acigi安全框架,以下是结合yale cas单点登录系统进行的相关配置



 <!-- =========  Acegi as a CAS Client的配置============= --> 
	<bean id="authenticationProcessingFilter"
		class="org.acegisecurity.ui.cas.CasProcessingFilter">
		<property name="authenticationManager"
			ref="authenticationManager" />
		<property name="authenticationFailureUrl"
			value="/login.do?login_error=1" />
		<property name="defaultTargetUrl" value="/main.do" />

        <property name="filterProcessesUrl">
            <value>/j_acegi_cas_security_check</value>
        </property>		

		<property name="rememberMeServices" ref="rememberMeServices" />
		<property name="exceptionMappings">
            <value>
				org.acegisecurity.AuthenticationServiceException=/login.do?login_error=user_not_found_error
				org.acegisecurity.BadCredentialsException=/login.do?login_error=user_psw_error
				org.acegisecurity.concurrent.ConcurrentLoginException=/login.do?login_error=too_many_user_error
				org.acegisecurity.DisabledException=/login.do?login_error=disabled_user_error
            </value>
        </property> 		
	</bean>	

    <bean id="exceptionTranslationFilter" class="org.acegisecurity.ui.ExceptionTranslationFilter">
        <property name="authenticationEntryPoint">
            <ref local="casProcessingFilterEntryPoint"/>
        </property>
		<property name="accessDeniedHandler">
			<bean
				class="org.acegisecurity.ui.AccessDeniedHandlerImpl">
				<property name="errorPage"
					value="/errors/accessDenied.jsp" />
			</bean>
		</property>        
    </bean>

   <!-- cas config -->
    <bean id="casProcessingFilterEntryPoint" class="org.acegisecurity.ui.cas.CasProcessingFilterEntryPoint">
        <property name="loginUrl"><value>https://sso.gzps.net:8443/cas/login</value></property>
        <property name="serviceProperties"><ref local="serviceProperties"/></property>
    </bean>

    <bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager">
        <property name="providers">
            <list>
                <ref local="casAuthenticationProvider"/>
            </list>
        </property>
    </bean>

    <bean id="casAuthenticationProvider" class="org.acegisecurity.providers.cas.CasAuthenticationProvider">
        <property name="casAuthoritiesPopulator"><ref bean="casAuthoritiesPopulator"/></property>
        <property name="casProxyDecider"><ref local="casProxyDecider"/></property>
        <property name="ticketValidator"><ref local="casProxyTicketValidator"/></property>
        <property name="statelessTicketCache"><ref local="statelessTicketCache"/></property>
        <property name="key"><value>my_password_for_this_auth_provider_only</value></property>
    </bean>
    <bean id="casProxyTicketValidator" class="org.acegisecurity.providers.cas.ticketvalidator.CasProxyTicketValidator">
        <property name="casValidate"><value>https://sso.gzps.net:8443/cas/proxyValidate</value></property>
        <property name="serviceProperties"><ref local="serviceProperties"/></property>
    </bean>
    <!-- 
    <bean id="casProxyDecider" class="org.acegisecurity.providers.cas.proxy.AcceptAnyCasProxy" />
    -->
    <bean id="casProxyDecider" class="org.acegisecurity.providers.cas.proxy.RejectProxyTickets" />

    <bean id="serviceProperties" class="org.acegisecurity.ui.cas.ServiceProperties">
        <property name="service">
            <value>http://localhost:8080/aio/j_acegi_cas_security_check</value>
        </property>
        <property name="sendRenew">
            <value>false</value>
        </property>
    </bean>

    <bean id="statelessTicketCache" class="org.acegisecurity.providers.cas.cache.EhCacheBasedTicketCache">
        <property name="cache">
            <bean class="org.springframework.cache.ehcache.EhCacheFactoryBean">
                <property name="cacheManager">
                    <bean class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean"/>
                </property>
                <property name="cacheName" value="userCache"/>
            </bean>
        </property>
    </bean>

    <bean id="casAuthoritiesPopulator" class="org.acegisecurity.providers.cas.populator.DaoCasAuthoritiesPopulator">
        <property name="userDetailsService"><ref local="userDetailsService"/></property>
    </bean>

    <bean id="casProcessingFilter" class="org.acegisecurity.ui.cas.CasProcessingFilter">
        <property name="authenticationManager"><ref local="authenticationManager"/></property>
        <property name="authenticationFailureUrl"><value>/casfailed.jsp</value></property>
        <property name="defaultTargetUrl"><value>/</value></property>
        <property name="filterProcessesUrl"><value>/j_acegi_cas_security_check</value></property>
    </bean>


    <!-- ======================================================= -->