ASP.NET MVC配置客户端单点登录CAS

DEMON可以查看https://www.cnblogs.com/woxpp/p/4653769.html

本文只说明客户端的配置

1.WEB.CONFIG

添加以下节点，需要注意的事项

<configuration>
  <configSections>
    <section name="casClientConfig" type="DotNetCasClient.Configuration.CasClientConfiguration, DotNetCasClient"/>

  <casClientConfig
    casServerLoginUrl="http://***:8080/sso/login"    ---单点登录地址
    casServerUrlPrefix="http://***:8080/sso"              ---单点登录地址
    serverName="http://**:52801"                                ---客户端配置地址
    notAuthorizedUrl="~/Login/Index"                         ---客户端登录界面
    cookiesRequiredUrl="~/Admin/Home/Index"     ---客户端登录成功后的跳转界面
    redirectAfterValidation="true"
    gateway="false"
    renew="false"
    singleSignOut="true"
    ticketTimeTolerance="5000"
    ticketValidatorName="Cas20"
    proxyTicketManager="CacheProxyTicketManager"
    serviceTicketManager="CacheServiceTicketManager"
    gatewayStatusCookieName="CasGatewayStatus" />

  <system.web>
    <!--<authentication mode="None" />-->
    <authentication mode="Forms">
      <forms
          loginUrl="http://**:8080/sso/login"    ---单点登录地址
          timeout="30"
          defaultUrl="http://**:52801"              ---客户端配置地址
          cookieless="UseCookies"
          slidingExpiration="true"
          path="/"
          />
    </authentication>

  <system.webServer>
    <modules>
      <remove name="FormsAuthenticationModule" />
      <remove name="DotNetCasClient"/>
      <add name="DotNetCasClient" type="DotNetCasClient.CasAuthenticationModule,DotNetCasClient"/>
   </modules>
  </system.webServer>

 <system.diagnostics>
    <trace autoflush="true" useGlobalLock="false" />
    <sharedListeners>
      
                <!--Writing trace output to a log file is recommended.
                IMPORTANT:
                The user account under which the containing application pool runs
                must have privileges to create and modify the trace log file.-->
            
      <add name="TraceFile"
           type="System.Diagnostics.TextWriterTraceListener"
           initializeData="C:\inetpub\logs\LogFiles\DotNetCasClient.Log"
           traceOutputOptions="DateTime" />
    </sharedListeners>
    <sources>
       <!--Provides diagnostic information on module configuration parameters.-->
      <source name="DotNetCasClient.Config" switchName="Config" switchType="System.Diagnostics.SourceSwitch" >
        <listeners>
          <add name="TraceFile" />
        </listeners>
      </source>

       <!--Traces IHttpModule lifecycle events and meaningful operations performed therein.-->
      <source name="DotNetCasClient.HttpModule" switchName="HttpModule" switchType="System.Diagnostics.SourceSwitch" >
        <listeners>
          <add name="TraceFile" />
        </listeners>
      </source>

       <!--Provides protocol message and routing information.-->
      <source name="DotNetCasClient.Protocol" switchName="Protocol" switchType="System.Diagnostics.SourceSwitch" >
        <listeners>
          <add name="TraceFile" />
        </listeners>
      </source>

       <!--Provides details on security operations and notable security conditions.-->
      <source name="DotNetCasClient.Security" switchName="Security" switchType="System.Diagnostics.SourceSwitch" >
        <listeners>
          <add name="TraceFile" />
        </listeners>
      </source>
    </sources>
    <switches>
      
                <!--Set trace switches to appropriate logging level.  Recommended values in order of increasing verbosity:
                - Off
                - Error
                - Warning
                - Information
                - Verbose
            
      
                Config category displays detailed information about CasAuthenticationModule configuration.
                The output of this category is only displayed when the module is initialized, which happens
                for the first request following application/server startup.-->
            
      <add name="Config" value="Information"/>

      
                <!--Set this category to Verbose to trace HttpModule lifecycle events in CasAuthenticationModule.
                This category produces voluminous output in Verbose mode and should be avoided except for
                limited periods of time troubleshooting vexing integration problems.-->
            
      <add name="HttpModule" value="Verbose"/>

      
                <!--Set to Verbose to display protocol messages between the client and server.
                This category is very helpful for troubleshooting integration problems.-->
            
      <add name="Protocol" value="Information"/>

      
                <!--Displays important security-related information.-->
            
      <add name="Security" value="Information"/>
    </switches>
  </system.diagnostics>
</configuration>

2. LoginController配置

[Authorize]  //这个一定要配置，不然服务端不知道需要拦截那个方法
        public ActionResult Index()
        {

          string userId = "";
            if (!System.Web.HttpContext.Current.User.Identity.IsAuthenticated)
            {
                DotNetCasClient.CasAuthentication.RedirectToLoginPage();
                return View();
            }
            else
            {
                userId = CasAuthentication.CurrentPrincipal.Identity.Name;   //获取服务端传过来的ID

            }

……//写入SESSION

Response.Redirect("~/Admin/Home/Index");  //跳转到登陆成功后的界面
            return View();

}

3.退出

项目需求是需要跳转到

http://**:8080/sso/logout

@using DotNetCasClient;

// 退出
        $('#loginOut').click(function () {
            $.messager.confirm('系统提示', '您确定要退出本次登录吗?', function (r) {
                if (r) {
                    //window.location.href = "/Login/Index/";
                    $.post("/Login/LognOut", function (r) {
                        if(r=="OK")
                        {
                        top.location.href = "http://**:8080/sso/logout";
                    }
                    });
                }

              
            });
        })

3.1Controller层

消除SESSION

        public ActionResult LognOut()
        {
            Session["UserInfo"] = null;
            Session.RemoveAll();
            Session.Clear();
            return Content("OK");
            //return View();
        }

3.2 因为客户端和CAS地址不在一个域，一直跳转不过去，

实现跨域访问：

在Admin View的web.config配置文件中添加

<system.webServer>

    <handlers>

      <removename="BlockViewHandler"/>

      <addname="BlockViewHandler"path="*"verb="*"preCondition="integratedMode"type="System.Web.HttpNotFoundHandler" />

    </handlers>

    <httpProtocol>

      <customHeaders>

        <addname="Access-Control-Allow-Origin"value="*" />

        <addname="Access-Control-Allow-Headers"value="Content-Type" />

        <addname="Access-Control-Allow-Methods"value="GET, POST, PUT, DELETE, OPTIONS" />

      </customHeaders>

    </httpProtocol>

  </system.webServer>

 

相关文章：

http://www.cnblogs.com/zhenyulu/archive/2013/01/22/2870936.html

配置web.config的详细信息参见 

https://wiki.jasig.org/display/CASC/.Net+Cas+Client