第十一节 CAS服务端RememberMe

阅读更多

 

关于启用RememberMe功能所需做的修改描述

 

 

/**
 * @see CAS服务端RememberMe
 * @see ------------------------------------------------------------------------------------------------------------------------
 * @see 关于RememberMe,可参考官方文档,网址如下(下面两个网址描述的RememberMe实现都是一样的,只是第二个还有其它描述)
 * @see http://jasig.github.io/cas/development/installation/Configuring-LongTerm-Authentication.html
 * @see http://jasig.github.io/cas/4.0.x/installation/Configuring-Authentication-Components.html#long-term-authentication
 * @see RememberMe也就是平时所说的记住密码的功能,可以让用户登录成功后,关闭浏览器再重新打开浏览器访问应用时不需要再次登录
 * @see RememberMe与上面的Session超时配置tgt.timeToKillInSeconds是两回事,Session超时是针对一次会话而言,RememberMe则更广
 * @see 另外本文的CAS-4.0.3服务端源码修改,是在我的以下三篇博文基础上修改的,最终我会在CSDN上提供整体源码下载
 * @see http://blog.csdn.net/jadyer/article/details/46875393
 * @see http://blog.csdn.net/jadyer/article/details/46914661
 * @see http://blog.csdn.net/jadyer/article/details/46916169
 * @see 具体修改步骤如下
 * @see 1.cas.properties中新增配置项rememberMeDuration=1209600
 * @see 2.ticketExpirationPolicies.xml中新增RememberMe过期策略的配置
 * @see 3.ticketGrantingTicketCookieGenerator.xml中新增属性项p:rememberMeMaxAge="${rememberMeDuration:1209600}"
 * @see 4.deployerConfigContext.xml
 * @see 5.casLoginView.jsp表单中增加rememberMe字段
 * @see 6.login-webflow.xml增加接收表单rememberMe字段的配置
 * @see 7.UsernamePasswordCaptchaCredential.java集成RememberMeUsernamePasswordCredential使得可以接收表单的rememberMe字段
 * @see ------------------------------------------------------------------------------------------------------------------------
  * @create  @create 2016-6-6 下午08:34:18
 * @author 玄玉
 */

 

1.ticketExpirationPolicies.xml的修改

 

 

xml version="1.0" encoding="UTF-8"?>

    <util:constant id="SECONDS" static-field="java.util.concurrent.TimeUnit.SECONDS"/>
    <bean id="serviceTicketExpirationPolicy" class="org.jasig.cas.ticket.support.MultiTimeUseOrTimeoutExpirationPolicy"
          c:numberOfUses="1" c:timeToKill="${st.timeToKillInSeconds:10}" c:timeUnit-ref="SECONDS"/>









    <bean id="ticketGrantingTicketCookieGenerator" class="org.jasig.cas.web.support.CookieRetrievingCookieGenerator"
        p:cookieSecure="false"
        p:cookieMaxAge="-1"
        p:rememberMeMaxAge="${rememberMeDuration:1209600}"
        p:cookieName="CASTGC"
        p:cookiePath="/cas" />
beans>

 

 

3.deployerConfigContext.xml修改的部分

 

<bean id="authenticationManager" class="org.jasig.cas.authentication.PolicyBasedAuthenticationManager">
    <constructor-arg>
        <map>
            <entry key-ref="proxyAuthenticationHandler" value-ref="proxyPrincipalResolver" />
            <entry key-ref="primaryAuthenticationHandler" value-ref="primaryPrincipalResolver" />
        map>
    constructor-arg>

    <property name="authenticationPolicy">
        <bean class="org.jasig.cas.authentication.AnyAuthenticationPolicy" />
    property>


    <property name="authenticationMetaDataPopulators">
        <list>
            <bean class="org.jasig.cas.authentication.SuccessfulHandlerMetaDataPopulator"/>
            <bean class="org.jasig.cas.authentication.principal.RememberMeAuthenticationMetaDataPopulator"/>
        list>
    property>
bean>

 

4.login-webflow.xml修改的部分

<view-state id="viewLoginForm" view="casLoginView" model="credential">
       <binder>
           <binding property="username"/>
           <binding property="password"/>

           <binding property="captcha"/>

           <binding property="rememberMe"/>
       binder>
       <on-entry>
           <set name="viewScope.commandName" value="'credential'" />
       on-entry>
    <transition on="submit" bind="true" validate="true" to="validateCaptcha">
           <evaluate expression="authenticationViaCaptchaFormAction.doBind(flowRequestContext, flowScope.credential)" />
       transition>
view-state>

 

 

5.//WEB-INF//view//jsp//star//ui//casLoginView.jsp

 

<tr>
            <td>
                <input type="checkbox" tabindex="4" name="rememberMe" value="true"/>
                <label for="warn">RememberMelabel>
            td>
        tr>

 

6.最后是cas.properties中增加的rememberMeDuration配置

 

 

#服务端RememberMe的有效期,默认为1209600s,即两周
rememberMeDuration=120960