spring boot整合CAS Client实现单点登陆验证的示例

本文介绍了spring boot整合CAS Client实现单点登陆验证的示例，分享给大家，也给自己留个笔记，具体如下：

单点登录（ Single Sign-On , 简称 SSO ）是目前比较流行的服务于企业业务整合的解决方案之一， SSO 使得在多个应用系统中，用户只需要 登录一次 就可以访问所有相互信任的应用系统。

CAS Client

负责处理对客户端受保护资源的访问请求，需要对请求方进行身份认证时，重定向到 CAS Server 进行认证。（原则上，客户端应用不再接受任何的用户名密码等 Credentials ）。

实现方式一：使用第三方的starter

1、依赖的jar

 
  net.unicon.cas 
  cas-client-autoconfig-support 
  1.4.0-GA 
  

2、增加配置文件

cas.server-url-prefix=http://127.0.0.1 
cas.server-login-url=http://127.0.0.1/login 
cas.client-host-url=http://192.26.4.28:8080 
cas.validation-type=CAS 

3、开启CAS Client支持

@SpringBootApplication 
@ComponentScan(basePackages={"com.chhliu.emailservice"}) 
@EnableCasClient // 开启CAS支持 
public class Application extends SpringBootServletInitializer{ 
 
 public static void main(String[] args) { 
 SpringApplication.run(Application.class, args); 
  
 } 
} 

通过上面的3步，就可以完成CAS的客户端认证了！

4、扩展

cas.validation-type目前支持3中方式：1、CAS；2、CAS3；3、SAML

其他可用的配置如下：

cas.authentication-url-patterns 
cas.validation-url-patterns 
cas.request-wrapper-url-patterns 
cas.assertion-thread-local-url-patterns 
cas.gateway 
cas.use-session 
cas.redirect-after-validation 
cas.allowed-proxy-chains 
cas.proxy-callback-url 
cas.proxy-receptor-url 
cas.accept-any-proxy 
server.context-parameters.renew 

具体的含义从名字上就可以很清楚的看出来。

实现方式二：手动配置

我们原来使用CAS Client，需要在web.xml中做如下配置：

 
 authenticationFilter 
 org.jasig.cas.client.authentication.AuthenticationFilter 
  
  casServerLoginUrl 
  http://127.0.0.1/login 
  
  
  serverName 
  http://192.26.4.28:8080 
  
  
  
 authenticationFilter 
 /* 
  
  
  
 validationFilter 
 org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter 
  
  casServerUrlPrefix 
  http://127.0.0.1 
  
  
  serverName 
  http://192.26.4.28:8080 
  
  
  
  
 validationFilter 
 /* 
  
  
  
 httpServletRequestWrapperFilter 
 org.jasig.cas.client.util.HttpServletRequestWrapperFilter 
  
  
 httpServletRequestWrapperFilter 
 /* 
  

所以，我们手动配置的时候，需要手动配置上面xml中对应的Filter，代码如下：

@Configuration 
@Component 
public class CasConfigure { 
 
 @Bean 
 public FilterRegistrationBean authenticationFilterRegistrationBean() { 
 FilterRegistrationBean authenticationFilter = new FilterRegistrationBean(); 
 authenticationFilter.setFilter(new AuthenticationFilter()); 
 Map initParameters = new HashMap(); 
 initParameters.put("casServerLoginUrl", "http://127.0.0.1/login"); 
 initParameters.put("serverName", "http://192.26.4.28:8080"); 
 authenticationFilter.setInitParameters(initParameters); 
 authenticationFilter.setOrder(2); 
 List urlPatterns = new ArrayList(); 
 urlPatterns.add("/*");// 设置匹配的url 
 authenticationFilter.setUrlPatterns(urlPatterns); 
 return authenticationFilter; 
 } 
 
 @Bean 
 public FilterRegistrationBean ValidationFilterRegistrationBean(){ 
 FilterRegistrationBean authenticationFilter = new FilterRegistrationBean(); 
 authenticationFilter.setFilter(new Cas20ProxyReceivingTicketValidationFilter()); 
 Map initParameters = new HashMap(); 
 initParameters.put("casServerUrlPrefix", "http://127.0.0.1"); 
 initParameters.put("serverName", "http://192.26.4.28:8080"); 
 authenticationFilter.setInitParameters(initParameters); 
 authenticationFilter.setOrder(1); 
 List urlPatterns = new ArrayList(); 
 urlPatterns.add("/*");// 设置匹配的url 
 authenticationFilter.setUrlPatterns(urlPatterns); 
 return authenticationFilter; 
 } 
 
 @Bean 
 public FilterRegistrationBean casHttpServletRequestWrapperFilter(){ 
 FilterRegistrationBean authenticationFilter = new FilterRegistrationBean(); 
 authenticationFilter.setFilter(new HttpServletRequestWrapperFilter()); 
 authenticationFilter.setOrder(3); 
 List urlPatterns = new ArrayList(); 
 urlPatterns.add("/*");// 设置匹配的url 
 authenticationFilter.setUrlPatterns(urlPatterns); 
 return authenticationFilter; 
 } 
 
 @Bean 
 public FilterRegistrationBean casAssertionThreadLocalFilter(){ 
 FilterRegistrationBean authenticationFilter = new FilterRegistrationBean(); 
 authenticationFilter.setFilter(new AssertionThreadLocalFilter()); 
 authenticationFilter.setOrder(4); 
 List urlPatterns = new ArrayList(); 
 urlPatterns.add("/*");// 设置匹配的url 
 authenticationFilter.setUrlPatterns(urlPatterns); 
 return authenticationFilter; 
 } 
} 

通过上面的配置，也可以完成CAS Client的认证

以上就是本文的全部内容，希望对大家的学习有所帮助，也希望大家多多支持脚本之家。