1.在pom.xml中添加:
<dependency> <groupId>org.pac4j</groupId> <artifactId>pac4j-cas</artifactId> <version>2.1.0</version> </dependency> <dependency> <groupId>io.buji</groupId> <artifactId>buji-pac4j</artifactId> <version>3.0.0</version> </dependency>
2.新增Pac4jConfig.java文件
import org.pac4j.cas.client.CasClient; import org.pac4j.cas.config.CasConfiguration; import org.pac4j.core.authorization.authorizer.RequireAnyRoleAuthorizer; import org.pac4j.core.client.Clients; import org.pac4j.core.config.Config; import org.springframework.beans.factory.annotation.Value; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; @Configuration public class Pac4jConfig { //地址为:cas地址 @Value("${shiro.cas}") String casServerUrlPrefix; //地址为:验证返回后的项目地址:http://localhost:8080 @Value("${shiro.server}") String shiroServerUrlPrefix; //相当于一个标志,可以随意,shiroConfig中也会用到 @Value("${pac4j.clientName}") String clientName; @Bean public Config config() { // CAS final CasConfiguration configuration = new CasConfiguration(casServerUrlPrefix + "/login", casServerUrlPrefix); configuration.setAcceptAnyProxy(true); CasClient casClient = new CasClient(configuration); casClient.setCallbackUrl(shiroServerUrlPrefix + "/callback?client_name=" + clientName); casClient.setName(clientName); final Clients clients = new Clients(shiroServerUrlPrefix + "/callback?client_name="+clientName, casClient); final Config config = new Config(clients); return config; } }
3.修改ShiroConfig.java文件
增加
//引用的包 import org.pac4j.core.config.Config; //需要注入 @Autowired private Config config; //在类中添加下面三个方法 @Bean(name = "securityManager") public SecurityManager securityManager() { DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager(); Pac4jRealm casRealm = pac4jRealm(); securityManager.setRealm(casRealm); securityManager.setSubjectFactory(subjectFactory()); //securityManager.setCacheManager(ehCacheManager()); return securityManager; } @Bean(name = "pac4jRealm") public Pac4jRealm pac4jRealm() { //Pac4jRealm realm = new MyShiroRealm(); Pac4jRealm myShiroRealm = new MyShiroRealm(); return myShiroRealm; } @Bean(name = "subjectFactory") public Pac4jSubjectFactory subjectFactory() { Pac4jSubjectFactory subjectFactory = new Pac4jSubjectFactory(); return subjectFactory; }
修改Bean shiroFilter 方法,增加
CallbackFilter callbackFilter = new CallbackFilter();
callbackFilter.setConfig(config);
callbackFilter.setDefaultUrl("/starter");
shiroFilterFactoryBean.getFilters().put("casFilter", callbackFilter);
Map<String, String> filterChainDefinitionMap = new LinkedHashMap<String, String>();
filterChainDefinitionMap.put("/callback", "casFilter");
shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap); //loginUrl中需要加上clinetname
String loginUrl = casServerUrlPrefix + "/login?service=" + shiroServerUrlPrefix + "/callback?client_name=" + clientName; shiroFilterFactoryBean.setLoginUrl(loginUrl);
4.自定义的Realm不再继承自CasRealm,修改为Pac4jRealm,并且修改其中的方法
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
final Pac4jToken token = (Pac4jToken) authenticationToken;
final LinkedHashMap<String, CommonProfile> profiles = token.getProfiles();
final Pac4jPrincipal principal = new Pac4jPrincipal(profiles);
String loginName = principal.getProfile().getId();
Session session = SecurityUtils.getSubject().getSession();
session.setAttribute("userSessionId", loginName );
return new SimpleAuthenticationInfo(user, profiles.hashCode(), getName());
}
//此方法的逻辑不变,还是在此处赋请求链接权限,只是改变获取用户的方法更改一下,可以将本地查询的用户信息保存在doGetAuthenticationInfo方法中,此方法可以直接取出来
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
//获取当前登录输入的用户名,等价于(String) principalCollection.fromRealm(getName()).iterator().next();
Session session = SecurityUtils.getSubject().getSession();
String loginName = (String)session.getAttribute("name");
return info;
}
扫一扫
6271
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
