CAS获取用户更多信息

来源：互联网发布：bootcamp助理下载 mac 编辑：程序博客网时间：2024/04/28 23:18

配置SingleRowJdbcPersonAttributeDao

基于deployerConfigContext.xml配置文件，添加SingleRowJdbcPersonAttributeDao节点，其使用jdbc连接mysql认证，并且返回更多的用户信息放到session里让客户端获取

?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
<beanid="xiaokacengAttributeRepository"
        class="org.jasig.services.persondir.support.jdbc.SingleRowJdbcPersonAttributeDao">
        <constructor-argindex="0"ref="dataSource"/>
        <constructor-argindex="1"value="select email,name,username,password from cas_user where {0}"/>
         
        <!-- 组装sql用的查询条件属性 -->   
        <propertyname="queryAttributeMapping">
            <map>
                <!-- key必须是uername而且是小写否则会导致取不到用户的其它信息，value对应数据库用户名字段,系统会自己匹配 -->
                <entrykey="username"value="username"/>
            </map>
        </property>
        <propertyname="resultAttributeMapping">
            <map>
                <!-- key为对应的数据库字段名称，value为提供给客户端获取的属性名字，系统会自动填充值 -->
                <entrykey="username"value="username"></entry>
                <entrykey="email"value="email"></entry>
                <entrykey="name"value="name"></entry>
                <entrykey="password"value="password"></entry>
            </map>
        </property>
    </bean>

配置用户认证凭据转化的解析器

在deployerConfigContext.xml中，为UsernamePasswordCredentialsToPrincipalResolver注入attributeRepository

?
1
2
3
<beanclass="org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver">
    <propertyname="attributeRepository"ref="xiaokacengAttributeRepository"/>
</bean>

删除serviceRegistryDao节点下的配置

如果不注释掉里面的内容，将会导致客户端无法获取用户更多的信息

?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
<beanid="serviceRegistryDao"class="org.jasig.cas.services.InMemoryServiceRegistryDaoImpl">
            <!-- <propertyname="registeredServices">
                <list>
                    <bean class="org.jasig.cas.services.RegexRegisteredService">
                        <property name="id" value="0" />
                        <property name="name" value="HTTP and IMAP" />
                        <property name="description" value="Allows HTTP(S) and IMAP(S) protocols" />
                        <property name="serviceId" value="^(https?|imaps?)://.*" />
                        <property name="evaluationOrder" value="10000001" />
 
                    </bean>
                </list> 
            </property>-->
    </bean>

添加用户信息返回

找到WEB-INF/view/jsp/protocol/2.0/casServiceValidationSuccess.jsp。此文件作用是在server验证成功后，这个页面负责生成与客户端交互的xml信息，在默认casServiceValidationSuccess.jsp中，只包括用户登录名，并不提供其他的属性信息，因此需要对页面进行扩展

?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
<%@ page session="false"%>
<%@ taglib prefix="c"uri="http://java.sun.com/jsp/jstl/core"%>
<%@ taglib uri="http://java.sun.com/jsp/jstl/functions"prefix="fn"%>
<cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
    <cas:authenticationSuccess>
        <cas:user>${fn:escapeXml(assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.id)}</cas:user>
        <c:iftest="${not empty pgtIou}">
            <cas:proxyGrantingTicket>${pgtIou}</cas:proxyGrantingTicket>
        </c:if>
        <c:iftest="${fn:length(assertion.chainedAuthentications) > 1}">
            <cas:proxies>
                <c:forEach var="proxy"items="${assertion.chainedAuthentications}"
                    varStatus="loopStatus"begin="0"
                    end="${fn:length(assertion.chainedAuthentications)-2}"step="1">
                    <cas:proxy>${fn:escapeXml(proxy.principal.id)}</cas:proxy>
                </c:forEach>
            </cas:proxies>
        </c:if>
        <!-- 在server验证成功后，这个页面负责生成与客户端交互的xml信息，在默认的casServiceValidationSuccess.jsp中，只包括用户名，并不提供其他的属性信息，因此需要对页面进行扩展 -->
        <c:if
            test="${fn:length(assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.attributes) > 0}">
            <cas:attributes>
                <c:forEach var="attr"
                    items="${assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.attributes}">
                    <cas:${fn:escapeXml(attr.key)}>${fn:escapeXml(attr.value)}</cas:${fn:escapeXml(attr.key)}>
                </c:forEach>
            </cas:attributes>
        </c:if>
    </cas:authenticationSuccess>
</cas:serviceResponse>

客户端获取

示例基于jsp页面获取

?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
<%@ page import=" org.jasig.cas.client.util.*"%>
<%@ page import=" org.jasig.cas.client.authentication.*"%>
<%@ page import=" org.jasig.cas.client.validation.*"%>
<%@ page import=" java.util.*"%>
 
        <% 
                AttributePrincipal principal = (AttributePrincipal) request.getUserPrincipal(); 
                // AttributePrincipal principal = AssertionHolder.getAssertion().getPrincipal();
                String loginName = principal.getName(); 
                out.println("loginName:"+ loginName); 
                Map<String, Object> attributes = principal.getAttributes(); 
                out.println("<br>"); 
                if(attributes !=null) 
                { 
                  out.println("username:"+ attributes.get("username")); 
                    out.println("<br>");
                    out.println("password:"+ attributes.get("password")); 
                    out.println("<br>"); 
                    out.println("email:"+ attributes.get("email")); 
                    out.println("<br>"); 
                    out.println("name:"+ attributes.get("name")); 
                    out.println("<br>"); 
                } 
        %>

from:http://my.oschina.net/xiaokaceng/blog/182547?p=1

0 0