-
cas-client基于CAS协议客户端搭建
前面介绍了cas服务端的搭建,今天来介绍一下基于cas协议客户端的搭建,下面是服务端搭建的介绍
CAS服务端的搭建并配置OAtuh2.0协议_t梧桐树t的博客-CSDN博客
解决了服务端的问题,客户端的搭建就简单多了
引入cas-client依赖
- <dependency>
- <groupId>net.unicon.casgroupId>
- <artifactId>cas-client-autoconfig-supportartifactId>
- <version>2.3.0-GAversion>
- dependency>
注意:仅为简单测试并未引入其他安全框架,如果有其他安全框架需要自去改拦截器
增加配置
在yml配置文件中添加如下配置
- #cas单点登录
- cas:
- server-url-prefix: ${cas.client-host-url}:8443/cas
- server-login-url: ${cas.server-url-prefix}/login
- client-host-url: https://cas.test.com #换成自己的域名
- validation-type: cas3
在启动类上添加@EnableCasClient注解
编写拦截器
此处代码参考:CAS+OAuth2的SSO认证授权单点登录_cas能实现oauth2_一码贪欢的博客-CSDN博客
CASFilterConfig拦截器配置
- @Configuration
- public class CASFilterConfig {
- @Value("${cas.server-url-prefix}")
- private String CAS_URL;
- @Value("${cas.client-host-url}")
- private String APP_URL;
- /**
- * 配置监听器
- * @return
- */
- @Bean
- public ServletListenerRegistrationBean servletListenerRegistrationBean(){
- ServletListenerRegistrationBean listenerRegistrationBean = new ServletListenerRegistrationBean();
- listenerRegistrationBean.setListener(new SingleSignOutHttpSessionListener());
- listenerRegistrationBean.setOrder(Ordered.HIGHEST_PRECEDENCE);
- return listenerRegistrationBean;
- }
- /**
- * 单点登录退出
- * @return
- */
- @Bean
- public FilterRegistrationBean singleSignOutFilter(){
- FilterRegistrationBean registrationBean = new FilterRegistrationBean();
- registrationBean.setFilter(new SingleSignOutFilter());
- registrationBean.addUrlPatterns("/*");
- registrationBean.addInitParameter("casServerUrlPrefix", CAS_URL );
- registrationBean.setName("CAS Single Sign Out Filter");
- registrationBean.setOrder(2);
- return registrationBean;
- }
- /**
- * 单点登录认证
- * @return
- */
- @Bean
- public FilterRegistrationBean AuthenticationFilter(){
- FilterRegistrationBean registrationBean = new FilterRegistrationBean();
- registrationBean.setFilter(new AuthenticationFilter());
- registrationBean.addUrlPatterns("/*");
- registrationBean.setName("CAS Filter");
- registrationBean.addInitParameter("casServerLoginUrl",CAS_URL);
- registrationBean.addInitParameter("serverName", APP_URL );
- registrationBean.setOrder(3);
- return registrationBean;
- }
- /**
- * 单点登录校验
- * @return
- */
- @Bean
- public FilterRegistrationBean cas30ProxyReceivingTicketValidationFilter(){
- FilterRegistrationBean registrationBean = new FilterRegistrationBean();
- registrationBean.setFilter(new Cas30ProxyReceivingTicketValidationFilter());
- registrationBean.addUrlPatterns("/*");
- registrationBean.setName("CAS Validation Filter");
- registrationBean.addInitParameter("casServerUrlPrefix", CAS_URL );
- registrationBean.addInitParameter("serverName", APP_URL );
- registrationBean.setOrder(4);
- return registrationBean;
- }
- /**
- * 单点登录请求包装
- * @return
- */
- @Bean
- public FilterRegistrationBean httpServletRequestWrapperFilter(){
- FilterRegistrationBean registrationBean = new FilterRegistrationBean();
- registrationBean.setFilter(new HttpServletRequestWrapperFilter());
- registrationBean.addUrlPatterns("/*");
- registrationBean.setName("CAS HttpServletRequest Wrapper Filter");
- registrationBean.setOrder(5);
- return registrationBean;
- }
- /**
- * 获取当前登录用户信息
- * @return
- */
- @Bean
- public FilterRegistrationBean getLoginUserInfoFilter(){
- FilterRegistrationBean registrationBean = new FilterRegistrationBean();
- registrationBean.setFilter(new LoginUserInfoFilter());
- registrationBean.addUrlPatterns("/*");
- registrationBean.setName("loginUserInfoFilter");
- registrationBean.setOrder(6);
- return registrationBean;
- }
- }
CASUtil 获取登录人
- public class CASUtil {
- public static String getLoginNameFromCas(HttpServletRequest request) {
- Assertion assertion = (Assertion) request.getSession().getAttribute(AbstractCasFilter.CONST_CAS_ASSERTION);
- if(assertion!= null) {
- AttributePrincipal principal = assertion.getPrincipal();
- return principal.getName();
- } else {
- return null;
- }
- }
- }
LoginUserInfoFilter 登录拦截器
- public class LoginUserInfoFilter implements Filter {
- Logger logger = LoggerFactory.getLogger(LoginUserInfoFilter.class);
- @Override
- public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
- HttpServletRequest request_ = (HttpServletRequest)request;
- String loginName = CASUtil.getLoginNameFromCas(request_);
- if(!StringUtils.isEmpty(loginName)){
- logger.info("访问者 :" +loginName);
- request_.getSession().setAttribute("loginName", loginName);
- }
- chain.doFilter(request, response);
- }
- }
测试Controller
- @Controller
- public class TestController {
- @GetMapping("/hello")
- @ResponseBody
- public String hello() {
- return "cas-client11111!!!!!!!!";
- }
- //登出
- @RequestMapping("/logout")
- public String logout(HttpSession session){
- session.invalidate();
- return "redirect:https://cas.test.com:8443/cas/logout";
- }
- }
测试
启动客户端后访问 http://127.0.0.1:8081/hello
输入用户名密码后,自动反问了客户端的接口
-
相关阅读:
JSP JAVA javaweb企业仓库库存管理系统(仓库进销存管理系统ssm库存管理系统仓库管理系统)
三维地图(3D地图)离线地图开发
(附源码)云南濒危动物知识问答系统的设计与实现 毕业设计 020833
NeuralProphet之一:安装与使用
iRGD-PEG-SH 环肽iRGD聚乙二醇巯基 SH-PEG-iRGD iRGD-SH-PEG 的参数信息
python对英雄皮肤进行图片采集~
情人节后属于单身狗的浪漫
[激光原理与应用-39]:《光电检测技术-6》- 光干涉的原理与基础
目标检测YOLO实战应用案例100讲-基于YOLOv5_tiny算法的路面裂缝智能检测
Qt5开发从入门到精通——第四篇七节(工具盒类)
- 原文地址:https://blog.csdn.net/winerpro/article/details/132907299
