cas單點登錄集成說明
1.所需依賴jar包
cas-client-core.jar
版本:3.4.1
2.工程配置
2.1工程配置web.xml修改
新增:
<!-- CAS SSO -->
<!-- 該過濾器用于實現(xiàn)單點登出功能,可選配置甥郑。須置于最前 -->
<listener>
<listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class>
</listener>
<filter>
<filter-name>CAS Single Sign Out Filter</filter-name>
<filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>
<init-param>
<param-name>casServerUrlPrefix</param-name>
<param-value>http://localhost:9999/cas/</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CAS Single Sign Out Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>CAS Authentication Filter</filter-name>
<filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>
<init-param>
<param-name>casServerLoginUrl</param-name>
<param-value>http://localhost:9999/cas/login</param-value>
</init-param>
<context-param>
<param-name>renew</param-name>
<param-value>false</param-value>
</context-param>
<init-param>
<param-name>gateway</param-name>
<param-value>false</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>http://localhost:8080</param-value>
</init-param>
<!--<init-param>
<param-name>ignorePattern</param-name>
<param-value>/static/*</param-value>
</init-param>-->
</filter>
<filter>
<filter-name>CAS Validation Filter</filter-name>
<filter-class>
org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter
</filter-class>
<init-param>
<param-name>casServerUrlPrefix</param-name>
<param-value>http://localhost:9999/cas/</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>http://localhost:8080</param-value>
</init-param>
<init-param>
<param-name>useSession</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>redirectAfterValidation</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>encoding</param-name>
<param-value>UTF-8</param-value>
</init-param>
</filter>
<filter>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<filter-class>
org.jasig.cas.client.util.HttpServletRequestWrapperFilter
</filter-class>
</filter>
<filter>
<filter-name>CAS Assertion Thread Local Filter</filter-name>
<filter-class>
org.jasig.cas.client.util.AssertionThreadLocalFilter
</filter-class>
</filter>
<filter-mapping>
<filter-name>CAS Authentication Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS Validation Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS Assertion Thread Local Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
2.2配置說明
casServerLoginUrl.png
需要將casServerLoginUrl的參數(shù)設(shè)置為本地使用的casServer的登錄訪問路徑
casServerUrlPrefix.png
需要將casServerUrlPrefix的參數(shù)設(shè)置為本地使用的casServer的根訪問路徑
serverName.png
需要將serverName的參數(shù)設(shè)置為本地登錄系統(tǒng)使用的ip:port參數(shù)
2.3使用說明
2.3.1程序中獲取用戶信息
示例如下:
AttributePrincipal principal = (AttributePrincipal)request.getUserPrincipal();
WdimInfo wdimInfo = principal.getWdimInfo();
以上為獲取用戶信息的方法蹄殃,包含用戶信息和用戶所屬部門信息
2.3.2casServer登錄重定向
在登錄時將參數(shù)service加入到login?之后,登錄casServer成功后將跳轉(zhuǎn)到參數(shù)所述地址
示例如下:
https://wangwei:8443/cas/login?service=http://www.baidu.com
登錄成功后將跳轉(zhuǎn)到百度首頁
2.4登出說明
登出鏈接:
與登錄路徑casServerLoginUrl類似筝野,只需要將login改為logout即可,如下所示:
https://wangwei:8443/cas/logout
2.5補充說明
casServer服務(wù)器版本為4.2.7
