我是靠谱客的博主 娇气冰淇淋,最近开发中收集的这篇文章主要介绍spring boot 整合 CAS,觉得挺不错的,现在分享给大家,希望可以做个参考。

概述

在下不才,以下是我花了好几天的时间才整合出来的在spring boot里面的CAS配置整合

为了帮助没搞定的人,毕竟自己踩了很多坑,一步一步爬过来的,有什么不足之处可以给建议  谢谢

(小部分代码是整合他人的)


1.不多废话,直接上最重要的代码,以下代码整合cas的重要过程

import org.jasig.cas.client.authentication.AuthenticationFilter;
import org.jasig.cas.client.session.SingleSignOutFilter;
import org.jasig.cas.client.session.SingleSignOutHttpSessionListener;
import org.jasig.cas.client.util.AssertionThreadLocalFilter;
import org.jasig.cas.client.util.HttpServletRequestWrapperFilter;
import org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter;
import org.jasig.cas.client.validation.Cas20ServiceTicketValidator;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.boot.web.servlet.ServletListenerRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.cas.ServiceProperties;
import org.springframework.security.cas.authentication.CasAuthenticationProvider;
import org.springframework.security.cas.userdetails.GrantedAuthorityFromAssertionAttributesUserDetailsService;
import org.springframework.security.web.authentication.logout.LogoutFilter;
import org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler;

import java.util.List;


@Configuration
public class CasConfig {
	
	@Autowired
	SpringCasAutoconfig autoconfig;
	
	private static boolean casEnabled  = true;
	
	public CasConfig() {
	}

	@Bean
	public SpringCasAutoconfig getSpringCasAutoconfig(){
		return new SpringCasAutoconfig();
	}

	/**
	 * 用于实现单点登出功能
	 */
	@Bean
	public ServletListenerRegistrationBean<SingleSignOutHttpSessionListener> singleSignOutHttpSessionListener() {
		ServletListenerRegistrationBean<SingleSignOutHttpSessionListener> listener = new ServletListenerRegistrationBean<>();
		listener.setEnabled(casEnabled);
		listener.setListener(new SingleSignOutHttpSessionListener());
		listener.setOrder(1);
		return listener;
	}

	/**
	 * 该过滤器用于实现单点登出功能,单点退出配置,一定要放在其他filter之前
	 */
	@Bean
	public FilterRegistrationBean logOutFilter() {
		FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
		LogoutFilter logoutFilter = new LogoutFilter(autoconfig.getCasServerUrlPrefix() + "/logout?service=" + autoconfig.getServerName(),new SecurityContextLogoutHandler());
		filterRegistration.setFilter(logoutFilter);
		filterRegistration.setEnabled(casEnabled);
		if(autoconfig.getSignOutFilters().size()>0)
			filterRegistration.setUrlPatterns(autoconfig.getSignOutFilters());
		else
			filterRegistration.addUrlPatterns("/logout");
		filterRegistration.addInitParameter("casServerUrlPrefix", autoconfig.getCasServerUrlPrefix());
		filterRegistration.addInitParameter("serverName", autoconfig.getServerName());
		filterRegistration.setOrder(2);
		return filterRegistration;
	}

	/**
	 * 该过滤器用于实现单点登出功能,单点退出配置,一定要放在其他filter之前
	 */
	@Bean
	public FilterRegistrationBean singleSignOutFilter() {
		FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
		filterRegistration.setFilter(new SingleSignOutFilter());
		filterRegistration.setEnabled(casEnabled);
		if(autoconfig.getSignOutFilters().size()>0)
			filterRegistration.setUrlPatterns(autoconfig.getSignOutFilters());
		else
			filterRegistration.addUrlPatterns("/*");
		filterRegistration.addInitParameter("casServerUrlPrefix", autoconfig.getCasServerUrlPrefix());
		filterRegistration.addInitParameter("serverName", autoconfig.getServerName());
		filterRegistration.setOrder(3);
		return filterRegistration;
	}

	/**
	 * 该过滤器负责用户的认证工作
	 */
	@Bean
	public FilterRegistrationBean authenticationFilter() {
		FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
		filterRegistration.setFilter(new AuthenticationFilter());
		filterRegistration.setEnabled(casEnabled);
		if(autoconfig.getAuthFilters().size()>0)
			filterRegistration.setUrlPatterns(autoconfig.getAuthFilters());
		else
			filterRegistration.addUrlPatterns("/*");
		//casServerLoginUrl:cas服务的登陆url
		filterRegistration.addInitParameter("casServerLoginUrl", autoconfig.getCasServerLoginUrl());
		//本项目登录ip+port
		filterRegistration.addInitParameter("serverName", autoconfig.getServerName());
		filterRegistration.addInitParameter("useSession", autoconfig.isUseSession()?"true":"false");
		filterRegistration.addInitParameter("redirectAfterValidation", autoconfig.isRedirectAfterValidation()?"true":"false");
		filterRegistration.setOrder(4);
		return filterRegistration;
	}

	/**
	 * 该过滤器负责对Ticket的校验工作
	 */
	@Bean
	public FilterRegistrationBean cas20ProxyReceivingTicketValidationFilter() {
		FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
		Cas20ProxyReceivingTicketValidationFilter cas20ProxyReceivingTicketValidationFilter = new Cas20ProxyReceivingTicketValidationFilter();
		//cas20ProxyReceivingTicketValidationFilter.setTicketValidator(cas20ServiceTicketValidator());
		cas20ProxyReceivingTicketValidationFilter.setServerName(autoconfig.getServerName());
		filterRegistration.setFilter(cas20ProxyReceivingTicketValidationFilter);
		filterRegistration.setEnabled(casEnabled);
		if(autoconfig.getValidateFilters().size()>0)
			filterRegistration.setUrlPatterns(autoconfig.getValidateFilters());
		else
			filterRegistration.addUrlPatterns("/*");
		filterRegistration.addInitParameter("casServerUrlPrefix", autoconfig.getCasServerUrlPrefix());
		filterRegistration.addInitParameter("serverName", autoconfig.getServerName());
		filterRegistration.setOrder(5);
		return filterRegistration;
	}


	/**
	 * 该过滤器对HttpServletRequest请求包装, 可通过HttpServletRequest的getRemoteUser()方法获得登录用户的登录名
	 *
	 */
	@Bean
	public FilterRegistrationBean httpServletRequestWrapperFilter() {
		FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
		filterRegistration.setFilter(new HttpServletRequestWrapperFilter());
		filterRegistration.setEnabled(true);
		if(autoconfig.getRequestWrapperFilters().size()>0)
			filterRegistration.setUrlPatterns(autoconfig.getRequestWrapperFilters());
		else
			filterRegistration.addUrlPatterns("/*");
		filterRegistration.setOrder(6);
		return filterRegistration;
	}

	/**
	 * 该过滤器使得可以通过org.jasig.cas.client.util.AssertionHolder来获取用户的登录名。
	 比如AssertionHolder.getAssertion().getPrincipal().getName()。
	 这个类把Assertion信息放在ThreadLocal变量中,这样应用程序不在web层也能够获取到当前登录信息
	 */
	@Bean
	public FilterRegistrationBean assertionThreadLocalFilter() {
		FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
		filterRegistration.setFilter(new AssertionThreadLocalFilter());
		filterRegistration.setEnabled(true);
		if(autoconfig.getAssertionFilters().size()>0)
			filterRegistration.setUrlPatterns(autoconfig.getAssertionFilters());
		else
			filterRegistration.addUrlPatterns("/*");
		filterRegistration.setOrder(7);
		return filterRegistration;
	}


}


2.为了让你们更省力且直接的看到效果,我把相关配置也贴出来

import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.context.annotation.Configuration;

import java.util.Arrays;
import java.util.List;

@ConfigurationProperties(prefix = "spring.cas")
public class SpringCasAutoconfig {

	static final String separator = ",";

	private String validateFilters;
	private String signOutFilters;
	private String authFilters;
	private String assertionFilters;
	private String requestWrapperFilters;

	private String casServerUrlPrefix;
	private String casServerLoginUrl;
	private String serverName;
	private boolean useSession = true;
	private boolean redirectAfterValidation = true;

	public List<String> getValidateFilters() {
		return Arrays.asList(validateFilters.split(separator));
	}
	public void setValidateFilters(String validateFilters) {
		this.validateFilters = validateFilters;
	}
	public List<String> getSignOutFilters() {
		return Arrays.asList(signOutFilters.split(separator));
	}
	public void setSignOutFilters(String signOutFilters) {
		this.signOutFilters = signOutFilters;
	}
	public List<String> getAuthFilters() {
		return Arrays.asList(authFilters.split(separator));
	}
	public void setAuthFilters(String authFilters) {
		this.authFilters = authFilters;
	}
	public List<String> getAssertionFilters() {
		return Arrays.asList(assertionFilters.split(separator));
	}
	public void setAssertionFilters(String assertionFilters) {
		this.assertionFilters = assertionFilters;
	}
	public List<String> getRequestWrapperFilters() {
		return Arrays.asList(requestWrapperFilters.split(separator));
	}
	public void setRequestWrapperFilters(String requestWrapperFilters) {
		this.requestWrapperFilters = requestWrapperFilters;
	}
	public String getCasServerUrlPrefix() {
		return casServerUrlPrefix;
	}
	public void setCasServerUrlPrefix(String casServerUrlPrefix) {
		this.casServerUrlPrefix = casServerUrlPrefix;
	}
	public String getCasServerLoginUrl() {
		return casServerLoginUrl;
	}
	public void setCasServerLoginUrl(String casServerLoginUrl) {
		this.casServerLoginUrl = casServerLoginUrl;
	}
	public String getServerName() {
		return serverName;
	}
	public void setServerName(String serverName) {
		this.serverName = serverName;
	}
	public boolean isRedirectAfterValidation() {
		return redirectAfterValidation;
	}
	public void setRedirectAfterValidation(boolean redirectAfterValidation) {
		this.redirectAfterValidation = redirectAfterValidation;
	}
	public boolean isUseSession() {
		return useSession;
	}
	public void setUseSession(boolean useSession) {
		this.useSession = useSession;
	}

}

3.配置文件  dev.yml

#cas client config
spring:
  cas:
    sign-out-filters: /logout
    auth-filters: /*
    validate-filters: /*
    request-wrapper-filters: /*
    assertion-filters: /*
    cas-server-login-url: cas登录url
    cas-server-url-prefix:cas登录域名
    redirect-after-validation: true
    use-session: true
    server-name: http://localhost:8080







最后

以上就是娇气冰淇淋为你收集整理的spring boot 整合 CAS的全部内容,希望文章能够帮你解决spring boot 整合 CAS所遇到的程序开发问题。

如果觉得靠谱客网站的内容还不错,欢迎将靠谱客网站推荐给程序员好友。

本图文内容来源于网友提供,作为学习参考使用,或来自网络收集整理,版权属于原作者所有。
点赞(36)

评论列表共有 0 条评论

立即
投稿
返回
顶部