SpringBoot整合cas单点登录

注意：(1).  项目使用了lombok工具包

           (2).  在CasConfig中配置了原web.xml中cas的过滤器和监听器

1、(1).  定义一个类CasAutoconfig用于放置cas的一些属性配置

import org.springframework.boot.context.properties.ConfigurationProperties;import lombok.Getter;import lombok.Setter;@Setter@Getter@ConfigurationProperties (prefix = "cas") public class CasAutoconfig {    private String casServerLoginUrl;    private String serverName;        /**     * 不用登录即可直接访问的URL，多个URL用,隔开     */    private String casPassUrl;    private boolean renew = false;    private boolean gateway = false;    /**     * ticket校验filter参数     */    private String casServerUrlPrefix;    private boolean useSession = true;    private boolean redirectAfterValidation = true;    private boolean exceptionOnValidationFailure = false;        /**     * 默认登录时，跳回的URL统一为该URL     */    private String serviceUrl;        /**     * 静态资源过滤     */    private String resource;}

     (2).  properties文件中配置的cas属性值，这些key对应CasAutoconfig中属性

cas.casServerLoginUrl =https://cas-server.dev.uboxol.com:8443/casservicecas.serverName=http://127.0.0.1:14080/login##不用登录即可直接访问的URL，多个URL用,隔开cas.casPassUrl=/func/receiveFile,/menu/deleteRebootTimecas.renew=falsecas.gateway=false#ticket校验filter参数cas.casServerUrlPrefix =https://cas-server.dev.uboxol.com:8443/casservicecas.useSession=truecas.redirectAfterValidation =truecas.exceptionOnValidationFailure =false#默认登录时，跳回的URL统一为该URLcas.serviceUrl=http://127.0.0.1:14080#静态资源过滤cas.resource=/images/,/css/,/js/,/framemark/,/favicon.icocas.exitUrl=https://cas-server.dev.uboxol.com:8443/casservice/logout?service=http://127.0.0.1:14080/login?renew=true

2、单点登录配置类（用于配置单点登录的过滤器、监听器等，即web.xml中配置的cas过滤器和监听器）

方法解析:(1). setOrder(Integer arg)                               用于设置过滤器或监听器的执行顺序

        (2). addUrlPatterns("/page/*" )                          设置URL过滤规则

        (3). addInitParameter("casPassUrl" , '/user/userList');  给对象属性赋值

        (4). setFilter(new SingleSignOutFilter())                设置你的过滤器或监听器对象

import org.jasig.cas.client.session.SingleSignOutFilter;import org.jasig.cas.client.session.SingleSignOutHttpSessionListener;import org.jasig.cas.client.util.AssertionThreadLocalFilter;import org.springframework.beans.factory.annotation.Autowired;import org.springframework.boot.web.servlet.FilterRegistrationBean;import org.springframework.boot.web.servlet.ServletListenerRegistrationBean;import org.springframework.context.annotation.Bean;import org.springframework.context.annotation.Configuration;/** * 单点登录配置类 */@Configurationpublic class CasConfig {    @Autowired     private CasAutoconfig casAutoconfig;          private static boolean casEnabled  = true;          public CasConfig() {}      @Bean     public CasAutoconfig getCasAutoconfig(){         return new CasAutoconfig();     }      /**     * 用于实现单点登出功能     */      @Bean     public ServletListenerRegistrationBean<SingleSignOutHttpSessionListener> singleSignOutHttpSessionListener() {         ServletListenerRegistrationBean<SingleSignOutHttpSessionListener> listener = new ServletListenerRegistrationBean<>();         listener.setEnabled(casEnabled);         listener.setListener(new SingleSignOutHttpSessionListener());         listener.setOrder(1);         return listener ;     }      /**     * 该过滤器用于实现单点登出功能，单点退出配置，一定要放在其他filter之前     */      @Bean     public FilterRegistrationBean singleSignOutFilter() {         FilterRegistrationBean filterRegistration = new FilterRegistrationBean();         filterRegistration.setFilter(new SingleSignOutFilter());         filterRegistration.setEnabled(casEnabled);         filterRegistration.addUrlPatterns("/*" );         filterRegistration.addInitParameter("casServerUrlPrefix" , casAutoconfig .getCasServerUrlPrefix());         filterRegistration.setOrder(2);         return filterRegistration ;     }      /**      * 该过滤器负责用户的认证工作      */      @Bean     public FilterRegistrationBean authenticationFilter() {         FilterRegistrationBean filterRegistration = new FilterRegistrationBean();         filterRegistration.setFilter(new AuthenticationFilter());         filterRegistration.setEnabled(casEnabled);         filterRegistration.addUrlPatterns("/*" );         filterRegistration.addInitParameter("casServerLoginUrl" , casAutoconfig .getCasServerLoginUrl());         filterRegistration.addInitParameter("casPassUrl" , casAutoconfig.getCasPassUrl());         filterRegistration.addInitParameter("serverName" , casAutoconfig.getServerName());         filterRegistration.addInitParameter("renew" , casAutoconfig.isRenew() ? "true" :"false" );         filterRegistration.addInitParameter("gateway" , casAutoconfig.isGateway() ? "true" :"false" );         filterRegistration.addInitParameter("casResource" , casAutoconfig.getResource());         filterRegistration.setOrder(3);         return filterRegistration ;     }      /**      * 该过滤器负责对Ticket的校验工作      */      @Bean     public FilterRegistrationBean cas20ProxyReceivingTicketValidationFilter() {         FilterRegistrationBean filterRegistration = new FilterRegistrationBean();         UboxCasProxyReceivingTicketValidationFilter uboxCasProxyReceivingTicketValidationFilter = new UboxCasProxyReceivingTicketValidationFilter();         filterRegistration.setFilter(uboxCasProxyReceivingTicketValidationFilter );         filterRegistration.setEnabled(casEnabled);         filterRegistration.addUrlPatterns("/*" );         filterRegistration.addInitParameter("casServerUrlPrefix" , casAutoconfig .getCasServerUrlPrefix());         filterRegistration.addInitParameter("serverName" , casAutoconfig.getServerName());         filterRegistration.addInitParameter("useSession" , casAutoconfig.isUseSession() ? "true" :"false" );         filterRegistration.addInitParameter("exceptionOnValidationFailure" , casAutoconfig.isExceptionOnValidationFailure() ? "true":"false" );         filterRegistration.addInitParameter("redirectAfterValidation" , casAutoconfig .isRedirectAfterValidation() ? "true":"false" );         filterRegistration.setOrder(4);         return filterRegistration ;     }      /**      * 该过滤器使得可以通过org.jasig.cas.client.util.AssertionHolder来获取用户的登录名。      * 比如AssertionHolder.getAssertion().getPrincipal().getName()。      * 这个类把Assertion信息放在ThreadLocal变量中，这样应用程序不在web层也能够获取到当前登录信息      */      @Bean     public FilterRegistrationBean assertionThreadLocalFilter() {         FilterRegistrationBean filterRegistration = new FilterRegistrationBean();         filterRegistration.setFilter(new AssertionThreadLocalFilter());         filterRegistration.setEnabled(true);         filterRegistration.addUrlPatterns("/*" );        filterRegistration.setOrder(5);         return filterRegistration ;    }       /**     * 登录后的Filter(不是必须的)     */         //LoginValidationFilter是自定义登录后业务处理过滤器，将loginValidationFilter对象放到括号里可以让Spring自动注入    @Bean     public FilterRegistrationBean loginValidationFilter (LoginValidationFilter loginValidationFilter ) {         FilterRegistrationBean filterRegistration = new FilterRegistrationBean();         filterRegistration.setFilter(loginValidationFilter );         filterRegistration.setEnabled(true);         filterRegistration.addUrlPatterns("/page/*" );        filterRegistration.addInitParameter("casPassUrl" , casAutoconfig.getCasPassUrl());         filterRegistration.addInitParameter("casResource" , casAutoconfig.getResource());         filterRegistration.setOrder(6);         return filterRegistration ;     } }