Java cas-client-3.1.3 设置不拦截失效解决办法

1、今天在和客户联调时发现个问题，就是cas的不拦截失效，所有的方法都被拦截了，原因就是

web.xml配置如下：

如上可以看出，cas拦截了所有的路径，不拦截的配置并没有起到作用。

2、解决办法：这样的问题首先要搞懂原理，底层代码的编写，首先准备一个反编译工具Java Decompiler ，打开后可以看到：

如上图，这个是cas-client-3.1.3的jar包的子方法，它这个和3.2.1/3.4.1都有不同，本人也解决了很久，因为这个3.1.3版本在maven仓库是没有的，客户用这个版本，没办法。不然就会存在cas接收不到登出的信息。找到这个authentication方法，它主要就是cas的核心，拦截、请求解析等。

3、现在重写这个方法

Java代码如下：

package com.dossp.ods.common.util;

import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.logging.Log;
import org.jasig.cas.client.util.AbstractCasFilter;
import org.jasig.cas.client.util.CommonUtils;
import org.jasig.cas.client.validation.Assertion;

public class AuthenticationFilterWithExcludeUrl
  extends AbstractCasFilter
{
  private String[] excludePaths;//要排除的url路径
  public static final String CONST_CAS_GATEWAY = "_const_cas_gateway_";
  private String casServerLoginUrl;
  private boolean renew = false;
  private boolean gateway = false;
  
  protected void initInternal(FilterConfig filterConfig)
    throws ServletException
  {
    super.initInternal(filterConfig);
    setCasServerLoginUrl(getPropertyFromInitParams(filterConfig, "casServerLoginUrl", null));
    this.log.trace("Loaded CasServerLoginUrl parameter: " + this.casServerLoginUrl);
    setRenew(Boolean.parseBoolean(getPropertyFromInitParams(filterConfig, "renew", "false")));
    this.log.trace("Loaded renew parameter: " + this.renew);
    setGateway(Boolean.parseBoolean(getPropertyFromInitParams(filterConfig, "gateway", "false")));
    this.log.trace("Loaded gateway parameter: " + this.gateway);
    
    super.initInternal(filterConfig);
    //从web.xml中解析出init-param要排除的url配置
    String _excludePaths =  getPropertyFromInitParams(filterConfig, "exceptPaths", null);// filterConfig.getInitParameter("excludePaths");
    System.out.println(_excludePaths+"---=-=");
    if(CommonUtils.isNotBlank(_excludePaths)){
    setExcludePaths(_excludePaths.trim().split(","));
    }
  }
  
  public void init()
  {
    super.init();
    CommonUtils.assertNotNull(this.casServerLoginUrl, "casServerLoginUrl cannot be null.");
  }
  
  public final void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain)
    throws IOException, ServletException
  {
    HttpServletRequest request = (HttpServletRequest)servletRequest;
    HttpServletResponse response = (HttpServletResponse)servletResponse;
    HttpSession session = request.getSession(false);
    String ticket = request.getParameter(getArtifactParameterName());
    Assertion assertion = session != null ? (Assertion)session.getAttribute("_const_cas_assertion_") : null;
    
  //拦截器过滤修改************begin********************
    String uri = request.getRequestURI();
    System.out.println(uri+"======");
    boolean isInWhiteList = false;
    if(excludePaths!=null && excludePaths.length>0 && uri!=null){
        for(String path : excludePaths){
         if(CommonUtils.isNotBlank(path)){
          isInWhiteList = uri.indexOf(path.trim())>-1;
           if(isInWhiteList){
             break;
           }
          }
        }
    }
    
    if(isInWhiteList){
        filterChain.doFilter(request, response);
        return;
       }
    //拦截器过滤修改************end********************************

    
    boolean wasGatewayed = (session != null) && (session.getAttribute("_const_cas_gateway_") != null);
    if ((CommonUtils.isBlank(ticket)) && (assertion == null) && (!wasGatewayed))
    {
      this.log.debug("no ticket and no assertion found");
      if (this.gateway)
      {
        this.log.debug("setting gateway attribute in session");
        request.getSession(true).setAttribute("_const_cas_gateway_", "yes");
      }
      String serviceUrl = constructServiceUrl(request, response);
      if (this.log.isDebugEnabled()) {
        this.log.debug("Constructed service url: " + serviceUrl);
      }
      String urlToRedirectTo = CommonUtils.constructRedirectUrl(this.casServerLoginUrl, getServiceParameterName(), serviceUrl, this.renew, this.gateway);
      if (this.log.isDebugEnabled()) {
        this.log.debug("redirecting to \"" + urlToRedirectTo + "\"");
      }
      response.sendRedirect(urlToRedirectTo);
      return;
    }
    if (session != null)
    {
      this.log.debug("removing gateway attribute from session");
      session.setAttribute("_const_cas_gateway_", null);
    }
    filterChain.doFilter(request, response);
  }
  
  public final void setRenew(boolean renew)
  {
    this.renew = renew;
  }
  
  public final void setGateway(boolean gateway)
  {
    this.gateway = gateway;
  }
  
  public final void setCasServerLoginUrl(String casServerLoginUrl)
  {
    this.casServerLoginUrl = casServerLoginUrl;
  }

public String[] getExcludePaths() {
    return excludePaths;
}

public void setExcludePaths(String[] excludePaths) {
    this.excludePaths = excludePaths;
}
  
}

 

其中：

这个是对配置文件中配置的地址进行获取，

这个是对请求进行接收，验证、不拦截。

4、web.xml文件中要配置不拦截的地址（相对地址  request.getRequestURI()---绝对地址 request.getRequestURL()），根据自己项目的需要进行修改。

配置如下：

大功告成，问题解决。