spring boot-整合CAS Client实现单点登陆验证

实现方式一：使用第三方的starter

1、依赖的jar

            net.unicon.cas
            cas-client-autoconfig-support
            1.4.0-GA
        

2、增加配置文件

cas.server-url-prefix=http://127.0.0.1
cas.server-login-url=http://127.0.0.1/login
cas.client-host-url=http://192.26.4.28:8080
cas.validation-type=CAS

3、开启CAS Client支持

@SpringBootApplication
@ComponentScan(basePackages={"com.chhliu.emailservice"})
@EnableCasClient // 开启CAS支持
public class Application extends SpringBootServletInitializer{

	public static void main(String[] args) {
		SpringApplication.run(Application.class, args);
		
	}
}

通过上面的3步，就可以完成CAS的客户端认证了！

4、扩展

cas.validation-type目前支持3中方式：1、CAS；2、CAS3；3、SAML

其他可用的配置如下：

cas.authentication-url-patterns
cas.validation-url-patterns
cas.request-wrapper-url-patterns
cas.assertion-thread-local-url-patterns
cas.gateway
cas.use-session
cas.redirect-after-validation
cas.allowed-proxy-chains
cas.proxy-callback-url
cas.proxy-receptor-url
cas.accept-any-proxy
server.context-parameters.renew

具体的含义从名字上就可以很清楚的看出来。

实现方式二：手动配置

我们原来使用CAS Client，需要在web.xml中做如下配置：

		authenticationFilter
		org.jasig.cas.client.authentication.AuthenticationFilter
		
			casServerLoginUrl
			http://127.0.0.1/login
		
		
			serverName
			http://192.26.4.28:8080
		
	
	
		authenticationFilter
		/*
	
	
	
		validationFilter
		org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter
		
			casServerUrlPrefix
			http://127.0.0.1
		
		
			serverName
			http://192.26.4.28:8080
		
		
	
	
		validationFilter
		/*
	
	
	
		httpServletRequestWrapperFilter
		org.jasig.cas.client.util.HttpServletRequestWrapperFilter
	
	
		httpServletRequestWrapperFilter
		/*
	

所以，我们手动配置的时候，需要手动配置上面xml中对应的Filter，代码如下：

@Configuration
@Component
public class CasConfigure {
	
	@Bean
	public FilterRegistrationBean authenticationFilterRegistrationBean() {
		FilterRegistrationBean authenticationFilter = new FilterRegistrationBean();
		authenticationFilter.setFilter(new AuthenticationFilter());
		Map initParameters = new HashMap();
		initParameters.put("casServerLoginUrl", "http://127.0.0.1/login");
		initParameters.put("serverName", "http://192.26.4.28:8080");
		authenticationFilter.setInitParameters(initParameters);
		authenticationFilter.setOrder(2);
		List urlPatterns = new ArrayList();
		urlPatterns.add("/*");// 设置匹配的url
		authenticationFilter.setUrlPatterns(urlPatterns);
		return authenticationFilter;
	}
	
	@Bean
	public FilterRegistrationBean ValidationFilterRegistrationBean(){
		FilterRegistrationBean authenticationFilter = new FilterRegistrationBean();
		authenticationFilter.setFilter(new Cas20ProxyReceivingTicketValidationFilter());
		Map initParameters = new HashMap();
		initParameters.put("casServerUrlPrefix", "http://127.0.0.1");
		initParameters.put("serverName", "http://192.26.4.28:8080");
		authenticationFilter.setInitParameters(initParameters);
		authenticationFilter.setOrder(1);
		List urlPatterns = new ArrayList();
		urlPatterns.add("/*");// 设置匹配的url
		authenticationFilter.setUrlPatterns(urlPatterns);
		return authenticationFilter;
	}
	
	@Bean
	public FilterRegistrationBean casHttpServletRequestWrapperFilter(){
		FilterRegistrationBean authenticationFilter = new FilterRegistrationBean();
		authenticationFilter.setFilter(new HttpServletRequestWrapperFilter());
		authenticationFilter.setOrder(3);
		List urlPatterns = new ArrayList();
		urlPatterns.add("/*");// 设置匹配的url
		authenticationFilter.setUrlPatterns(urlPatterns);
		return authenticationFilter;
	}
	
	@Bean
	public FilterRegistrationBean casAssertionThreadLocalFilter(){
		FilterRegistrationBean authenticationFilter = new FilterRegistrationBean();
		authenticationFilter.setFilter(new AssertionThreadLocalFilter());
		authenticationFilter.setOrder(4);
		List urlPatterns = new ArrayList();
		urlPatterns.add("/*");// 设置匹配的url
		authenticationFilter.setUrlPatterns(urlPatterns);
		return authenticationFilter;
	}
}

通过上面的配置，也可以完成CAS Client的认证