Set CAS Filter to filter certain URLs

Others 2022-05-23 13:24:20 views: 0
    The company's platform introduces CAS SSO to realize the single sign-on function of the entire system. In the web.xml of the CAS Client, a Filter needs to be configured to intercept external requests, so as to realize single sign-on, single sign-out, authority authentication, Ticket authentication, Set user information, etc.

    One of the systems is deployed at multiple points, and data is transmitted between different points through HTTP. The server side is implemented with SpringMVC, so such requests that are not initiated through pages need to be excluded from the CAS Filter. The initial idea was to use regular expressions in the FilterMapping declaration, but the deployment test was invalid. Google learned from SOF that Servlet does not support regular expressions, as follows: 

No, you can't use a regex there. According to the Java Servlet Specification v2.4 (section srv.11.1), the url-path is interpreted as follows:

•A string beginning with a ‘/’ character and ending with a ‘/*’ suffix is used for path mapping.
•A string beginning with a ‘*.’ prefix is used as an extension mapping.
•A string containing only the ’/’ character indicates the "default" servlet of the application. In this case the servlet path is the request URI minus the context path and the path info is null.

•All other strings are used for exact matches only.

No regexes. Not even complicated wild-cards.


    The meaning seems to be that those starting with "/" can only be filtered by the prefix, those starting with "*" can only be filtered by the suffix, and other strings can only be completely matched, regular and even complex wildcards are not supported. Since Servlet does not support it, it has to find another way. Other methods that come to mind are:
  • 1. Customize the Filter, and then refer to the Filter of CAS itself;
  • 2. Strip the request to transfer data from MVC.

Because the functions of CAS permission verification, login, and logout are intercepted by multiple filters, the modification is more complicated and has potential risks. So in the end, I chose to write a separate Servlet to implement the function of receiving data.






=========================================================================================================================================================================================================================================================================================================;

Guess you like

Origin http://10.200.1.11:23101/article/api/json?id=326803737&siteId=291194637
Recommended
Ranking
Linux关机和重启详解(shutdown、halt、poweroff、reboot、init)
Netty work notes 0007---NIO's three core component relationships
Knife4j tutorial
2021.10.29,内容:什么时候用接口和抽象类
How to solve the problem that changing the memory frequency causes the computer to become unusable?
SpringMVC Tutorial - Controller
linux learning skills -Linux 25 transport Vega paid special privileges and facl extension
Financial quarterly report evaluation report data automatic generation 1.0
Agile Development Series - The Values of Agile Development
scrapy achieve browsercookie Middleware
Daily
More
2024-05-19(0)
2024-05-18(31)
2024-05-17(6)
2024-05-16(23)
2024-05-15(5)
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)

Code World

© 2018 codetd.com