spring boot整合CAS配置详解

其他 2018-06-06 05:13:23 阅读次数: 0

不多废话,直接上最重要的代码,以下代码整合cas的重要过程

?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
import org.jasig.cas.client.authentication.AuthenticationFilter;
import org.jasig.cas.client.session.SingleSignOutFilter;
import org.jasig.cas.client.session.SingleSignOutHttpSessionListener;
import org.jasig.cas.client.util.AssertionThreadLocalFilter;
import org.jasig.cas.client.util.HttpServletRequestWrapperFilter;
import org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter;
import org.jasig.cas.client.validation.Cas20ServiceTicketValidator;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.boot.web.servlet.ServletListenerRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.cas.ServiceProperties;
import org.springframework.security.cas.authentication.CasAuthenticationProvider;
import org.springframework.security.cas.userdetails.GrantedAuthorityFromAssertionAttributesUserDetailsService;
import org.springframework.security.web.authentication.logout.LogoutFilter;
import org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler;
  
import java.util.List;
  
  
@Configuration
public class CasConfig {
    
   @Autowired
   SpringCasAutoconfig autoconfig;
    
   private static boolean casEnabled = true ;
    
   public CasConfig() {
   }
  
   @Bean
   public SpringCasAutoconfig getSpringCasAutoconfig(){
     return new SpringCasAutoconfig();
   }
  
   /**
    * 用于实现单点登出功能
    */
   @Bean
   public ServletListenerRegistrationBean<SingleSignOutHttpSessionListener> singleSignOutHttpSessionListener() {
     ServletListenerRegistrationBean<SingleSignOutHttpSessionListener> listener = new ServletListenerRegistrationBean<>();
     listener.setEnabled(casEnabled);
     listener.setListener( new SingleSignOutHttpSessionListener());
     listener.setOrder( 1 );
     return listener;
   }
  
   /**
    * 该过滤器用于实现单点登出功能,单点退出配置,一定要放在其他filter之前
    */
   @Bean
   public FilterRegistrationBean logOutFilter() {
     FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
     LogoutFilter logoutFilter = new LogoutFilter(autoconfig.getCasServerUrlPrefix() + "/logout?service=" + autoconfig.getServerName(), new SecurityContextLogoutHandler());
     filterRegistration.setFilter(logoutFilter);
     filterRegistration.setEnabled(casEnabled);
     if (autoconfig.getSignOutFilters().size()> 0 )
       filterRegistration.setUrlPatterns(autoconfig.getSignOutFilters());
     else
       filterRegistration.addUrlPatterns( "/logout" );
     filterRegistration.addInitParameter( "casServerUrlPrefix" , autoconfig.getCasServerUrlPrefix());
     filterRegistration.addInitParameter( "serverName" , autoconfig.getServerName());
     filterRegistration.setOrder( 2 );
     return filterRegistration;
   }
  
   /**
    * 该过滤器用于实现单点登出功能,单点退出配置,一定要放在其他filter之前
    */
   @Bean
   public FilterRegistrationBean singleSignOutFilter() {
     FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
     filterRegistration.setFilter( new SingleSignOutFilter());
     filterRegistration.setEnabled(casEnabled);
     if (autoconfig.getSignOutFilters().size()> 0 )
       filterRegistration.setUrlPatterns(autoconfig.getSignOutFilters());
     else
       filterRegistration.addUrlPatterns( "/*" );
     filterRegistration.addInitParameter( "casServerUrlPrefix" , autoconfig.getCasServerUrlPrefix());
     filterRegistration.addInitParameter( "serverName" , autoconfig.getServerName());
     filterRegistration.setOrder( 3 );
     return filterRegistration;
   }
  
   /**
    * 该过滤器负责用户的认证工作
    */
   @Bean
   public FilterRegistrationBean authenticationFilter() {
     FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
     filterRegistration.setFilter( new AuthenticationFilter());
     filterRegistration.setEnabled(casEnabled);
     if (autoconfig.getAuthFilters().size()> 0 )
       filterRegistration.setUrlPatterns(autoconfig.getAuthFilters());
     else
       filterRegistration.addUrlPatterns( "/*" );
     //casServerLoginUrl:cas服务的登陆url
     filterRegistration.addInitParameter( "casServerLoginUrl" , autoconfig.getCasServerLoginUrl());
     //本项目登录ip+port
     filterRegistration.addInitParameter( "serverName" , autoconfig.getServerName());
     filterRegistration.addInitParameter( "useSession" , autoconfig.isUseSession()? "true" : "false" );
     filterRegistration.addInitParameter( "redirectAfterValidation" , autoconfig.isRedirectAfterValidation()? "true" : "false" );
     filterRegistration.setOrder( 4 );
     return filterRegistration;
   }
  
   /**
    * 该过滤器负责对Ticket的校验工作
    */
   @Bean
   public FilterRegistrationBean cas20ProxyReceivingTicketValidationFilter() {
     FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
     Cas20ProxyReceivingTicketValidationFilter cas20ProxyReceivingTicketValidationFilter = new Cas20ProxyReceivingTicketValidationFilter();
     //cas20ProxyReceivingTicketValidationFilter.setTicketValidator(cas20ServiceTicketValidator());
     cas20ProxyReceivingTicketValidationFilter.setServerName(autoconfig.getServerName());
     filterRegistration.setFilter(cas20ProxyReceivingTicketValidationFilter);
     filterRegistration.setEnabled(casEnabled);
     if (autoconfig.getValidateFilters().size()> 0 )
       filterRegistration.setUrlPatterns(autoconfig.getValidateFilters());
     else
       filterRegistration.addUrlPatterns( "/*" );
     filterRegistration.addInitParameter( "casServerUrlPrefix" , autoconfig.getCasServerUrlPrefix());
     filterRegistration.addInitParameter( "serverName" , autoconfig.getServerName());
     filterRegistration.setOrder( 5 );
     return filterRegistration;
   }
  
  
   /**
    * 该过滤器对HttpServletRequest请求包装, 可通过HttpServletRequest的getRemoteUser()方法获得登录用户的登录名
    *
    */
   @Bean
   public FilterRegistrationBean httpServletRequestWrapperFilter() {
     FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
     filterRegistration.setFilter( new HttpServletRequestWrapperFilter());
     filterRegistration.setEnabled( true );
     if (autoconfig.getRequestWrapperFilters().size()> 0 )
       filterRegistration.setUrlPatterns(autoconfig.getRequestWrapperFilters());
     else
       filterRegistration.addUrlPatterns( "/*" );
     filterRegistration.setOrder( 6 );
     return filterRegistration;
   }
  
   /**
    * 该过滤器使得可以通过org.jasig.cas.client.util.AssertionHolder来获取用户的登录名。
    比如AssertionHolder.getAssertion().getPrincipal().getName()。
    这个类把Assertion信息放在ThreadLocal变量中,这样应用程序不在web层也能够获取到当前登录信息
    */
   @Bean
   public FilterRegistrationBean assertionThreadLocalFilter() {
     FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
     filterRegistration.setFilter( new AssertionThreadLocalFilter());
     filterRegistration.setEnabled( true );
     if (autoconfig.getAssertionFilters().size()> 0 )
       filterRegistration.setUrlPatterns(autoconfig.getAssertionFilters());
     else
       filterRegistration.addUrlPatterns( "/*" );
     filterRegistration.setOrder( 7 );
     return filterRegistration;
   }
}

2.为了让你们更省力且直接的看到效果,我把相关配置也贴出来

?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.context.annotation.Configuration;
  
import java.util.Arrays;
import java.util.List;
  
@ConfigurationProperties (prefix = "spring.cas" )
public class SpringCasAutoconfig {
  
   static final String separator = "," ;
  
   private String validateFilters;
   private String signOutFilters;
   private String authFilters;
   private String assertionFilters;
   private String requestWrapperFilters;
  
   private String casServerUrlPrefix;
   private String casServerLoginUrl;
   private String serverName;
   private boolean useSession = true ;
   private boolean redirectAfterValidation = true ;
  
   public List<String> getValidateFilters() {
     return Arrays.asList(validateFilters.split(separator));
   }
   public void setValidateFilters(String validateFilters) {
     this .validateFilters = validateFilters;
   }
   public List<String> getSignOutFilters() {
     return Arrays.asList(signOutFilters.split(separator));
   }
   public void setSignOutFilters(String signOutFilters) {
     this .signOutFilters = signOutFilters;
   }
   public List<String> getAuthFilters() {
     return Arrays.asList(authFilters.split(separator));
   }
   public void setAuthFilters(String authFilters) {
     this .authFilters = authFilters;
   }
   public List<String> getAssertionFilters() {
     return Arrays.asList(assertionFilters.split(separator));
   }
   public void setAssertionFilters(String assertionFilters) {
     this .assertionFilters = assertionFilters;
   }
   public List<String> getRequestWrapperFilters() {
     return Arrays.asList(requestWrapperFilters.split(separator));
   }
   public void setRequestWrapperFilters(String requestWrapperFilters) {
     this .requestWrapperFilters = requestWrapperFilters;
   }
   public String getCasServerUrlPrefix() {
     return casServerUrlPrefix;
   }
   public void setCasServerUrlPrefix(String casServerUrlPrefix) {
     this .casServerUrlPrefix = casServerUrlPrefix;
   }
   public String getCasServerLoginUrl() {
     return casServerLoginUrl;
   }
   public void setCasServerLoginUrl(String casServerLoginUrl) {
     this .casServerLoginUrl = casServerLoginUrl;
   }
   public String getServerName() {
     return serverName;
   }
   public void setServerName(String serverName) {
     this .serverName = serverName;
   }
   public boolean isRedirectAfterValidation() {
     return redirectAfterValidation;
   }
   public void setRedirectAfterValidation( boolean redirectAfterValidation) {
     this .redirectAfterValidation = redirectAfterValidation;
   }
   public boolean isUseSession() {
     return useSession;
   }
   public void setUseSession( boolean useSession) {
     this .useSession = useSession;
   }
  

3.配置文件  dev.yml

?
1
2
3
4
5
6
7
8
9
10
11
12
#cas client config
spring:
  cas:
    sign-out-filters: /logout
    auth-filters: /*
    validate-filters: /*
    request-wrapper-filters: /*
    assertion-filters: /*
    cas-server-login-url: cas登录url
    cas-server-url-prefix:cas登录域名
    redirect-after-validation: true
    use-session: true
    server-name: http://localhost:8080

猜你喜欢

转载自blog.csdn.net/sky786905664/article/details/80198083
今日推荐
美国拟限制 AI 大模型出口中国和俄罗斯
苹果将与 OpenAI 达成协议,将 ChatGPT 应用于 iPhone
openKylin 社区生态委员会第六次会议圆满召开
阿里云正式发布通义千问 2.5
Python 3.13 发布首个 Beta:实验性自由线程模式和 JIT、改进交互式解释器
Stack Overflow 拿我的代码去训练 AI 大模型,还封了我的账号
Pop!_OS 的 COSMIC 桌面完成 App Store 上架工作
报告:Django 仍然是 74% 开发者的首选
《2024 年一季度互联网投融资运行情况》研究报告
15 年前上了“FFmpeg 耻辱柱”,今天他还得谢谢咱——腾讯QQPlayer一雪前耻?
TIOBE 5 月榜单:Fortran “复活”进入 Top 10
GCC 14.1 发布
周排行
NEFU 117 素数个数的位数
Closest Common Ancestors (Lca,tarjan)
ELK部署
【转载】Hive笔记整理(三)
SQL语句(一)基本表的定义
关于Java web开发中的MySQL的事务语句
MFC创建自定义窗体
如何用一句话激怒程序员?
《逆袭大学》文摘——9.4 基础和应用的平衡中找到大学的节奏
【spring源码分析】@Value注解原理
每日归档
更多
2024-05-11(38)
2024-05-10(38)
2024-05-09(35)
2024-05-08(42)
2024-05-07(14)
2024-05-06(40)
2024-05-05(0)
2024-05-04(7)
2024-05-03(19)
2024-05-02(0)

代码天地 © 2018 codetd.com

境外服务器   最新电视剧2022