cas单点登录 （二） 客户端与springboot集成

在springboot项目中实现cas单点登录统一认证，只需要在项目中配置 cas过滤器即可使用.

1. springboot项目pom.xml中 添加web支持依赖 、cas客户端依赖包

    org.springframework.boot
    spring-boot-starter-web



    org.jasig.cas.client
    cas-client-core
    3.5.0

2.cas过滤器配置

/**
 * cas过滤器配置
 */
@Configuration
public class casFilterConfig {

	private static final String CAS_URL= "https://localhost:8445/cas";

	private static final String APP_URL= "http://localhost:8083";

	@Bean
	public ServletListenerRegistrationBean servletListenerRegistrationBean(){
		ServletListenerRegistrationBean  listenerRegistrationBean = new ServletListenerRegistrationBean();
		listenerRegistrationBean.setListener(new SingleSignOutHttpSessionListener());
		listenerRegistrationBean.setOrder(Ordered.HIGHEST_PRECEDENCE);
		return listenerRegistrationBean;
	}

	/**
	 * 单点登录退出
	 * @return
	 */
	@Bean
	public FilterRegistrationBean singleSignOutFilter(){
		FilterRegistrationBean registrationBean = new FilterRegistrationBean();
		registrationBean.setFilter(new SingleSignOutFilter());
		registrationBean.addUrlPatterns("/*");
		registrationBean.addInitParameter("casServerUrlPrefix", CAS_URL );
		registrationBean.setName("CAS Single Sign Out Filter");
		registrationBean.setOrder(2);
		return registrationBean;
	}

	/**
	 * 单点登录认证
	 * @return
	 */
	@Bean
	public FilterRegistrationBean AuthenticationFilter(){
		FilterRegistrationBean registrationBean = new FilterRegistrationBean();
		registrationBean.setFilter(new AuthenticationFilter());
		registrationBean.addUrlPatterns("/*");
		registrationBean.setName("CAS Filter");
		registrationBean.addInitParameter("casServerLoginUrl",CAS_URL);
		registrationBean.addInitParameter("serverName", APP_URL );
		registrationBean.setOrder(3);
		return registrationBean;
	}

	/**
	 * 单点登录校验
	 * @return
	 */
	@Bean
	public FilterRegistrationBean cas20ProxyReceivingTicketValidationFilter(){
		FilterRegistrationBean registrationBean = new FilterRegistrationBean();
		registrationBean.setFilter(new Cas20ProxyReceivingTicketValidationFilter());
		registrationBean.addUrlPatterns("/*");
		registrationBean.setName("CAS Validation Filter");
		registrationBean.addInitParameter("casServerUrlPrefix", CAS_URL );
		registrationBean.addInitParameter("serverName", APP_URL );
		registrationBean.setOrder(4);
		return registrationBean;
	}

	/**
	 * 单点登录请求包装
	 * @return
	 */
	@Bean
	public FilterRegistrationBean httpServletRequestWrapperFilter(){
		FilterRegistrationBean registrationBean = new FilterRegistrationBean();
		registrationBean.setFilter(new HttpServletRequestWrapperFilter());
		registrationBean.addUrlPatterns("/*");
		registrationBean.setName("CAS HttpServletRequest Wrapper Filter");
		registrationBean.setOrder(5);
		return registrationBean;
	}

	/**
	 * 单点登录本地用户信息
	 * @return
	 */
	@Bean
	public FilterRegistrationBean localUserInfoFilter(){
		FilterRegistrationBean registrationBean = new FilterRegistrationBean();
		registrationBean.setFilter(new LocalUserInfoFilter());
		registrationBean.addUrlPatterns("/*");
		registrationBean.setName("localUserInfoFilter");
		registrationBean.setOrder(6);
		return registrationBean;
	}

}

3、定义本地过滤器

 本地过滤器作用是通过从单点登录服务器中获取用户ID，从而使获取本地用户信息同步到session

/**
 * 本地用户信息过滤器
 *
 * @author weiller 2018年1月23日10:27:30
 */
public class LocalUserInfoFilter implements Filter {

    Logger logger =  LoggerFactory.getLogger(LocalUserInfoFilter.class);

    @Override
    public void init(FilterConfig filterConfig) throws ServletException {

    }

    @Override
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
        HttpServletRequest request_ = (HttpServletRequest)request;
        String loginName = CASUtil.getAccountNameFromCas(request_);
        if(StringUtils.isNotEmpty(loginName)){
            logger.info("访问者 ：" +loginName);
            request_.getSession().setAttribute("loginName", loginName);
        }

        chain.doFilter(request, response);
    }

    @Override
    public void destroy() {

    }
}

/**
 * cas client常用工具类
 *
 * @author weiller  
 */
public class CASUtil {

    /**
     * 从cas中获取用户名
     *
     * @param request
     * @return
     */
    public static String getAccountNameFromCas(HttpServletRequest request) {
        Assertion assertion = (Assertion) request.getSession().getAttribute(AbstractCasFilter.CONST_CAS_ASSERTION);
       if(assertion!= null){
           AttributePrincipal principal = assertion.getPrincipal();
           return principal.getName();
       }else return null;

    }
}

 4. 定义一个访问demo

@Controller
public class DemoController {

    @RequestMapping("/")
    public String index(){
        return "index";
    }

    @RequestMapping("/logout")
    public String logout(HttpSession session){
        session.invalidate();
        return "redirect:https://localhost:8445/cas/logout?service=https://localhost:8445/cas";
    }
}

5.自定义退出时跳转页面 

修改服务端application.properties ，添加cas.logout.followServiceRedirects=true，让客户端可以自己制定退出的路径。