当前位置: 代码迷 >> Web前端 >> Java Web运用CAS Client端的配置详解
  详细解决方案

Java Web运用CAS Client端的配置详解

热度:331   发布时间:2013-04-07 12:50:11.0
Java Web应用CAS Client端的配置详解

CAS是SSO常用的开源解决方案,可以适用多种语言实现的Web应用。前面介绍了CAS Server端的配置。下面结合本人的实际操作,详细说明下Java应用CAS Client配置。首先,说明下配置环境:

1. CAS Server 3.4.5,跑在tomcat 7上。 部署在http://www.cas.com/cas上(本地hosts文件配置域名)。
2. CAS Client Java SSH应用(Struts 2.3.4.1、Spring 3.0.5、Hibernate 3.3.2,如应用使用了特定安全框架如Spring Security,且集成了CAS Client,可直接使用其提供的配置方法), web应用也跑在tomcat 7上,部署在
http://www.my.com/app(本地hosts文件配置域名)。

配置步骤:

1.添加cas-client-core-3.1.10-sources.jar,如使用mvn,pom.xml中添加

 

   		<dependency>
  			<groupId>org.jasig.cas</groupId>
  			<artifactId>cas-client-core</artifactId>
  			<version>3.1.10</version>
  			<exclusions>
  		    	<exclusion>
  				<artifactId>servlet-api</artifactId>
  				<groupId>javax.servlet</groupId>
  			</exclusion>
  			</exclusions>
  		</dependency> 


 

2. web.xml中添加:

	<!-- 与CAS Single Sign Out Filter配合,注销登录信息  -->
	
	<listener>
  	 	<listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class>
	</listener>

	

	
    
	<!-- CAS Server 通知 CAS Client,删除session,注销登录信息  -->
    	<filter> 
   		<filter-name>CAS Single Sign Out Filter</filter-name>
    		<filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>
	</filter> 
    	<filter-mapping>
    		<filter-name>CAS Single Sign Out Filter</filter-name>
    		<url-pattern>/*</url-pattern>
	</filter-mapping>
    
    	<!-- 登录认证,未登录用户导向CAS Server进行认证 -->
   	 <filter> 
		<filter-name>CAS Filter</filter-name>
		<filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>
    		<init-param>
   			<param-name>casServerLoginUrl</param-name>
     			<param-value>http://www.cas.com/cas/login</param-value>
  		</init-param>
    		<init-param>
       			<param-name>serverName</param-name>
      			<param-value>http://api.zfwx.com:8080</param-value>
    		</init-param>
	</filter> 
	<filter-mapping>
    		<filter-name>CAS Filter</filter-name>
    		<url-pattern>/*</url-pattern>
	</filter-mapping> 
	
	<!-- CAS Client向CAS Server进行ticket验证 -->
    	<filter>  
         	<filter-name>CAS Validation Filter</filter-name>
        	<filter-class>org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</filter-class>
         	<init-param>
                 	<param-name>casServerUrlPrefix</param-name>
                 	<param-value>http://www.cas.com/cas</param-value>
        	</init-param>
         	<init-param>
                 	<param-name>serverName</param-name>
                	<param-value>http://api.zfwx.com:8080</param-value>
        	</init-param>
 	</filter>
   	<filter-mapping>
         	<filter-name>CAS Validation Filter</filter-name>
        	 <url-pattern>/*</url-pattern>
 	</filter-mapping>
 	
   	<!-- 封装request, 支持getUserPrincipal等方法-->
    	<filter> 
         	<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
         	<filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class>
 	</filter>
 	<filter-mapping>
         	<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
        	<url-pattern>/*</url-pattern>
 	</filter-mapping>
 	
 	<!-- 存放Assertion到ThreadLocal中   -->
    	<filter> 
        	<filter-name>CAS Assertion Thread Local Filter</filter-name>
        	<filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class>
	</filter> 
    	<filter-mapping>
        	<filter-name>CAS Assertion Thread Local Filter</filter-name>
        	<url-pattern>/*</url-pattern>
	</filter-mapping>


3. 编写个简单的测试页面test.jsp进行测试。

 

<%@ page import="org.jasig.cas.client.authentication.AttributePrincipal" %>
<html>
	<head><title>cas test</title></head>
	<body>

<%
AttributePrincipal principal = (AttributePrincipal)request.getUserPrincipal();   
String username = principal.getName();
%>
<% if(null!=username){ %>
	<h2>Hello <%=username %> !</h2>
	<a href="http://www.cas.com/cas/logout">logout</a>
<% }%>
	
	</body>
</html>

  相关解决方案