-
問題描述
cas server 廣播的登出請求蒿讥,如果是接收到該請求的客戶端是集群客戶端,則無法確保集群的客戶端能夠順利登出
-
部署環(huán)境
cas client 1
apache
A:http://client1.cas.com
tomcat
A1:http://client1.cas.com:8085
A2:http://client1.cas.com:8086
A3:http://client1.cas.com:8086cas client 2
B: http://client2.cas.comcas server
https://server.cas.com:8443/cas-
解決方法說明
集群A有客戶端A1壶熏,A2愕宋,A3纺铭。客戶端B登出歇盼,向cas server發(fā)出注銷請求, 接著cas server 就會向所有客戶端廣播登出請求后评抚,假設集群A中的A1接收到請求豹缀,如果session在A1,就退出A1就可以慨代,假如session不在A1邢笙,由A1廣播給集群里面的其他A2,A3侍匙,保證集群A可以登出氮惯。
-
代碼
1、 web.xml 改寫SingleSignOutFilter想暗,SingleSignOutHttpSessionListener替換掉原來的兩個類
<!-- cas 單點登出 -->
<filter>
<filter-name>SingleSignOutFilter</filter-name>
<filter-class>com.cas.SingleSignOutFilter</filter-class>
<!-- <filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class> -->
</filter>
<filter-mapping>
<filter-name>SingleSignOutFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<listener>
<listener-class>com.cas.SingleSignOutHttpSessionListener</listener-class>
<!-- <listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class> -->
</listener>
2妇汗、 applicationContext.xml 配置cas客戶端集群節(jié)點地址,用于cas客戶端集群登出 見SingleSignOutFilter
<util:list id="clusterNodeUrls" list-class="java.util.ArrayList">
<value>http://client1.cas.com:8085</value>
<value>http://client1.cas.com:8086</value>
<value>http://client1.cas.com:8087</value>
</util:list>
3说莫、 改寫的SingleSignOutFilter铛纬,SingleSignOutHandler
