原https://blog.csdn.net/emailscott/article/details/79448422
1. 添加 cas-client-core-3.2.1.jar 包
<dependency>
<groupId>org.jasig.cas.client</groupId>
<artifactId>cas-client-core</artifactId>
<version>3.2.1</version>
2. 项目添加 caslogin.jsp
<%@ page language="java" contentType="text/html; charset=UTF-8"%><%
/* /ossDemo/shouye.jsp=项目名+首页 */
response.sendRedirect("/ahome/index.jsp");
%>
3. 编写 filter
package com.cusd.oss;
import java.io.PrintWriter;
import java.util.List;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.log4j.Logger;
import org.jasig.cas.client.validation.Assertion;
import org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter;
import org.springframework.web.context.support.WebApplicationContextUtils;
import org.springframework.web.context.support.XmlWebApplicationContext;
import sun.misc.BASE64Encoder;
import com.ahome.basic.entity.User;
import com.ahome.basic.service.impl.UserServiceImpl;
public class MyCas20ProxyReceivingTicketValidationFilter extends Cas20ProxyReceivingTicketValidationFilter{
private Logger log = Logger.getLogger(MyCas20ProxyReceivingTicketValidationFilter.class.getName());
public void init() {
super.init();
}
protected void onSuccessfulValidation(final HttpServletRequest request, final HttpServletResponse response, final Assertion assertion) {
//验证成功后初始化用户信息
System.out.println("----successful validation ,then init the userobject");
String username = assertion.getPrincipal().getName();
HttpSession session = request.getSession();
session.setAttribute("username", username);
session.getAttribute(username);
System.out.println("username=="+username);
// 获取spring 上的实例
ServletContext sc = session.getServletContext();
XmlWebApplicationContext cxt = (XmlWebApplicationContext)WebApplicationContextUtils.getWebApplicationContext(sc);
UserServiceImpl userService = (UserServiceImpl) cxt.getBean("userService");
/************************/
//在这里根据传过来的username(系统登录帐号)初始化业务信息
//此处已经通过cas验证安全,因此只需要根据用户名初始化session即可
User user = userService.getUser(username);
if(user == null) {
log.error("It can not find the user with the username[username="
+ username
+ "] in the ahome, please import the ahome user to the cas db and try again.");
String loginUrl = request.getContextPath() + "/ahome/login.jsp";
String str = "<script language='javascript'>"
+ "window.top.location.href='"
+ loginUrl
+ "';</script>";
response.setContentType("text/html;charset=UTF-8");// 解决中文乱码
try {
PrintWriter writer = response.getWriter();
writer.write(str);
writer.flush();
writer.close();
} catch (Exception e) {
e.printStackTrace();
}
} else {
// 加载用户信息到, 不要添加任何调转地址
}
}
public void destroy() {
super.destroy();
}
}
4. 编写 web.xml 文件
<!-- cas开始 -->
<listener>
<listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class>
</listener>
<!--单点退出配置-->
<filter>
<filter-name>CAS Single Sign Out Filter</filter-name>
<filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CAS Single Sign Out Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- 该过滤器负责用户的认证工作,必须启用它 -->
<filter>
<filter-name>CASFilter</filter-name>
<filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>
<init-param>
<!-- 内部门户cas server登录认证地址 -->
<param-name>casServerLoginUrl</param-name>
<param-value>http://192.168.1.201:8080/cas/login</param-value>
</init-param>
<init-param>
<!--第三方系统的主机+端口号,根据实际情况修改-->
<param-name>serverName</param-name>
<param-value>http://192.168.1.202:8080</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CASFilter</filter-name>
<url-pattern>/caslogin.jsp</url-pattern> <!-- 需要过滤第三方系统相关地址 -->
</filter-mapping>
<!-- 该过滤器负责对Ticket的校验工作,必须启用它 -->
<filter>
<filter-name>CASValidationFilter</filter-name>
<filter-class>com.cusd.oss.MyCas20ProxyReceivingTicketValidationFilter</filter-class>
<init-param>
<!-- 门户单点登录认证服务地址(测试环境) -->
<param-name>casServerUrlPrefix</param-name>
<param-value>http://192.168.1.201:8080/cas</param-value>
</init-param>
<init-param>
<param-name>redirectAfterValidation</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<!--第三方系统的主机+端口号,根据实际情况修改-->
<param-name>serverName</param-name>
<param-value>http://192.168.1.202:8080</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CASValidationFilter</filter-name>
<url-pattern>/caslogin.jsp</url-pattern>
</filter-mapping>
<!-- cas结束 -->
5. 访问: http://192.168.1.202:8080/ahome/caslogin.jsp 会跳到 http://192.168.1.201:8080/cas/login.jsp, 登录成功后跳到 http://192.168.1.202:8080/ahome/index.jsp
---------------------
作者:ScottSZLuo
来源:CSDN
原文:https://blog.csdn.net/emailscott/article/details/79448422
版权声明:本文为博主原创文章,转载请附上博文链接!