ssh+spring security+cas搭建(二)
来源:互联网 发布:电子商务的软件流程 编辑:程序博客网 时间:2024/05/16 13:48
一中 经过CAS认证通过,返回结果如图.
web.xml配置如下:
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID" version="2.5">
<display-name>CASTEST</display-name>
<welcome-file-list>
<welcome-file>Hello.jsp</welcome-file>
</welcome-file-list>
<filter>
<filter-name>CAS Single Sign Out Filter</filter-name>
<filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CAS Single Sign Out Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<listener>
<listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class>
</listener>
<!-- 认证过滤器,当本地不含登录信息时,跳转到casServerLoginUrl进行身份认证 -->
<filter>
<filter-name>CAS Authentication Filter</filter-name>
<filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>
<init-param>
<param-name>casServerLoginUrl</param-name>
<param-value>https://sso.test.com:8443/cas/login</param-value> <!-- 单点登录服务器的登录URL -->
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>http://sso.test.com:8080</param-value> <!-- 登陆后返回的服务器地址 -->
</init-param>
</filter>
<filter-mapping>
<filter-name>CAS Authentication Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- 解析登录服务器返回的认证信息,可选多种protocol -->
<filter>
<filter-name>CAS Validation Filter</filter-name>
<filter-class>org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</filter-class>
<init-param>
<param-name>casServerUrlPrefix</param-name>
<param-value>https://sso.test.com:8443/cas</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>http://sso.test.com:8080</param-value>
</init-param>
<init-param>
<param-name>redirectAfterValidation</param-name>
<param-value>true</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CAS Validation Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- 将上面解析的结果装入request -->
<filter>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- 在本地线程保存解析结果 -->
<filter>
<filter-name>CAS Assertion Thread Local Filter</filter-name>
<filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CAS Assertion Thread Local Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
</web-app>
存在问题是:1.登录登出图片需要换乘实际项目图片。
2.登录sql验证需要加入其它属性。
3.CAS如何将USER权限分配给spring security用户的UserDetail接口?
在本章中,主要讨论如何将上述功能整合到spring security3中!
首先,打开http://docs.spring.io/spring-security/site/docs/3.0.x/reference/springsecurity-single.html#cas-sample官方文档,了解基本配置。
1.CasAuthenticationFilter
这是cas认证过滤器入口,包含
attemptAuthentication方法
其中password就是ticket对应的值.认证后返回Authentication。
successfulAuthentication方法
private boolean authenticated() {
Authentication authentication = SecurityContextHolder.getContext()
.getAuthentication();
return ((authentication != null) && (authentication.isAuthenticated()) && (!(authentication instanceof AnonymousAuthenticationToken)));
}
CasAuthenticationFailureHandler方法处理认证失败逻辑。
- ssh+spring security+cas搭建(二)
- ssh+spring security+cas搭建(一)
- spring security与cas 集成(上)
- spring security与cas 集成(中)
- spring security 整合 CAS
- spring security 整合 CAS
- spring security 整合cas
- spring-security整合CAS
- Spring Security 整合Cas
- Spring security集成CAS
- spring security cas
- Spring Security(二)
- spring security +cas单点登录
- Spring Security 参考手册(二)
- CAS、Spring Security、Ldap配置整合(资料整合)
- spring security与cas 集成(中)续
- Spring Security(20)——整合Cas
- Spring Security(20)——整合Cas
- 单例模式 - 创建者模式
- 有关Google面试的资料集合
- android edittext + listview 实现搜索listview中的内容
- Majority Element II
- java-web 第五讲 应用程序的部署 和 会话跟踪
- ssh+spring security+cas搭建(二)
- leetcode解题报告229——Majority Element II
- java架构解密——实时动态aop
- struts2开发中在jsp页面顶用js取得action中传过来的值
- 求某二进制数中1的个数
- jQuery 备忘
- 【Google Chrome】谷歌浏览器 Google Chrome 卡 动不了
- POJ-1321-(棋盘问题)
- javaSE中的输入输出流---一个读取流,对应多个输出流。而且生成的碎片文件都有有序的编号