CAS單點登入(3):cas-4.0.0 客戶端配置
阿新 • • 發佈:2018-12-22
新建web工程
新增依賴jar包
- cas-client-core-3.2.1.jar
- commons-logging-1.2.jar
Tips:
Maven專案直接新增Pom:
<dependency>
<groupId>org.jasig.cas.client</groupId>
<artifactId>cas-client-core</artifactId>
<version>3.2.1</version>
</dependency >
web.xml配置filter
web.xml加入如下配置:
<!-- 單點登出監聽器 (可選)-->
<listener>
<listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class>
</listener>
<!-- 用於實現單點登出功能和單點退出配置 (可選) -->
<filter>
<filter-name> CAS Single Sign Out Filter</filter-name>
<filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>
<init-param>
<param-name>casServerUrlPrefix</param-name>
<param-value>http://casserver:8080/cas/</param-value>
</init-param >
</filter>
<filter-mapping>
<filter-name>CAS Single Sign Out Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- 單點登入的認證工作過濾器 (必選) -->
<filter>
<filter-name>CASFilter</filter-name>
<filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>
<init-param>
<param-name>casServerLoginUrl</param-name>
<param-value>http://casserver:8080/cas/login</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>http://localhost:8080</param-value>
</init-param>
<init-param>
<param-name>useSession</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>redirectAfterValidation</param-name>
<param-value>true</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CASFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- 負責對Ticket的校驗 (必選) -->
<filter>
<filter-name>CAS Validation Filter</filter-name>
<filter-class>
org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter
</filter-class>
<init-param>
<param-name>casServerUrlPrefix</param-name>
<param-value>http://casserver:8080/cas/</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>http://localhost:8080</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CAS Validation Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- 該過濾器對HttpServletRequest請求包裝, 可通過HttpServletRequest的getRemoteUser()方法獲得登入使用者的登入名 (可選)-->
<filter>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<filter-class>
org.jasig.cas.client.util.HttpServletRequestWrapperFilter
</filter-class>
</filter>
<filter-mapping>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- 該過濾器使得可以通過org.jasig.cas.client.util.AssertionHolder來獲取使用者的登入名。
比如AssertionHolder.getAssertion().getPrincipal().getName()。
這個類把Assertion資訊放在ThreadLocal變數中,這樣應用程式不在web層也能夠獲取到當前登入資訊 (可選)-->
<filter>
<filter-name>CAS Assertion Thread Local Filter</filter-name>
<filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CAS Assertion Thread Local Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
測試單點登入
複製web專案
- 複製一個樣的web專案命名為cas-client2
- 修改兩者的index.jsp頁面用於區分不同客戶端:
部署到tomcat
啟動訪問cas-client1
被攔截到了CAS單點登入頁面:
這裡進行登入:登入成功後url後會帶有一個sessionID
訪問cas-client2
由於之前登入過,所以直接跳過登入進入index.jsp
- 至此 : 客戶端的配置和測試完成