Cas单点登录客户端配置

一直不喜欢说太多东西，直接上代码。

    主要是以下几个步骤：

1、项目加入cas-client-core-3.2.1.jar到lib中

        2、导入证书（此步骤根据项目判断是否需要操作）

        3、配置web.xml

        4、编写客户端代码（filter,servlet,....）

        5、进行验证

1、项目加入cas-client-core-3.2.1.jar到lib中

      http://download.csdn.net/download/qq741437836/9740128          （不用积分）

2、导入证书（此步骤根据项目判断是否需要操作）

      将cacerts文件导入JDK目录（C:\ProgramFiles\Java\jdk1.7.0_67\jre\lib\security）建议直接替换即可。

3、配置web.xml

<filter>   <filter-name>CAS Single Sign Out Filter</filter-name>   <filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class></filter><filter>  <filter-name>CAS Authentication Filter</filter-name>  <filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>  <init-param>    <param-name>casServerLoginUrl</param-name>    <param-value>服务端地址(https://login.xxxx.cn/cas)</param-value>  </init-param>  <init-param>    <param-name>serverName</param-name>    <param-value>http://你的项目地址(http://ip:port)</param-value>  </init-param></filter><filter>    <filter-name>CAS Validation Filter</filter-name>    <filter-class>org.jasig.cas.client.validation.Cas10TicketValidationFilter</filter-class>    <init-param>        <param-name>casServerUrlPrefix</param-name>        <param-value>服务端地址(https://login.xxxx.cn/cas)</param-value>    </init-param>    <init-param>        <param-name>serverName</param-name><param-value>http://你的项目地址(http://ip:port)</param-value>    </init-param>    <init-param>        <param-name>redirectAfterValidation</param-name>        <param-value>true</param-value>    </init-param></filter><filter>  <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>  <filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class></filter><filter>  <filter-name>CAS Assertion Thread Local Filter</filter-name>  <filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class></filter><filter-mapping>   <filter-name>CAS Single Sign Out Filter</filter-name>   <url-pattern>/*</url-pattern></filter-mapping><filter-mapping>    <filter-name>CAS Authentication Filter</filter-name>    <url-pattern>/*</url-pattern></filter-mapping><filter-mapping>    <filter-name>CAS Validation Filter</filter-name>    <url-pattern>/*</url-pattern></filter-mapping><filter-mapping>    <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>    <url-pattern>/*</url-pattern></filter-mapping><filter-mapping>    <filter-name>CAS Assertion Thread Local Filter</filter-name>    <url-pattern>/*</url-pattern></filter-mapping><listener>    <listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class></listener>

                特别要注意的地方就是写 你项目地址的地方  是你web工程的Ip加端口，不需要前后文。

                下面的filter-mapping根据你项目实际情况进行配置。

4、编写客户端代码

      

@Overridepublic boolean service(Request request, Response response, RequestHandler handler)throws IOException {//http://ip:port/web/casif (request.getPath().equals("/cas")){try {Cookie[] cookies = httpServletRequest.getCookies();String loginCookie = null;if (null != cookies) {for (Cookie cookie : cookies) {if ("k".equals(cookie.getName())) {loginCookie = cookie.getValue();break;}}}if(loginCookie == null){Assertion assertion = AssertionHolder.getAssertion();String userNo = assertion.getPrincipal().getName();//cas认证登录用户(邮箱前缀)if(!StringUtil.isEmpty(userNo)){doLogin(userNo);//根据cas返回值进行授权操作return true;}else{response.sendRedirect(request.getContextPath() + "/logout");return true;}}else{enter();return true;}} catch (Exception e) {e.printStackTrace();response.sendRedirect(request.getContextPath() + "/logout");return true;}}else{if(request.getPath().equals("/")){response.sendRedirect(request.getContextPath() + "/logout");return true;}else{return handler.service(request, response);}}}

private void doLogin(String userNo) throws IOException {String remoteAddr = httpServletRequest.getHeader("X-Real-IP") == null ? httpServletRequest.getRemoteAddr(): httpServletRequest.getHeader("X-Real-IP");LoginResult rm = xxxx.loginByCasSrv(userNo, remoteAddr, "ZHS");if (rm != null && "success".equals(rm.getResultMsg())) {Cookie cookie = new Cookie("k", rm.getPermitCode());cookie.setHttpOnly(true);cookie.setPath(httpServletRequest.getContextPath() + "/");cookie.setMaxAge(-1);cookie.setSecure(httpServletRequest.isSecure());httpServletResponse.addCookie(cookie);enter();} else {String toast = null;if ("user_invalidate".equals(rm.getResultMsg())) {toast = "用户冻结";} else if ("tenant_invalidate".equals(rm.getResultMsg())) {toast = "用户不存在";} else if ("uid_duplicate".equals(rm.getResultMsg())) {toast = "用户不存在";}else {toast = "密码错误";}httpServletResponse.getWriter().append(toast);}}/** * 进入系统页面，根据url参数判断是进入什么页面 *  * @throws IOException */private void enter() throws IOException {String target = httpServletRequest.getParameter("target");String id = httpServletRequest.getParameter("id");if (target != null && !target.isEmpty()) {String url = null;if (target.equals("xxxx")) {url = httpServletRequest.getContextPath() + "/home/xxxx/" + id;} else if (target.equals("yyyy")) {url = httpServletRequest.getContextPath() + "/home/yyyy/" + id;}httpServletResponse.sendRedirect(url);} else {httpServletResponse.sendRedirect(httpServletRequest.getContextPath() + "/home");}}

            人比较懒，直接复制已经完成好的代码，前后cookie是我项目需要的东西，你可以根据你实际项目来进行编写。

            比较完整，稍作修改就可使用。

5、进行验证

       去百度。