weixin_30247307
weixin_30247307

cas 服务端、客服端详细配置

一、准备

    1、下载官方源码

       CAS-Server下载地址:https://www.apereo.org/projects/cas/download-cas

         CAS-Client下载地址:http://developer.jasig.org/cas-clients/

    版本:

  • CAS Server版本:cas-server-4.1.5
  • CAS Client版本:cas-client-3.3.3

  2、新建一个maven 聚合项目

 

  项目结构cas 服务端、客服端详细配置_第1张图片

 

   2.1、解压 cas-server-4.1.5后把cas-server-webapp所有文件拷贝到新建的maven项目中 

   2.2、pom.xml 配置源码

<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
  <modelVersion>4.0.0modelVersion>

  <groupId>xyz.casgroupId>
  <artifactId>xyz-casartifactId>
  <version>1.0.0.20170214version>
  <packaging>pompackaging>

  <name>xyz-casname>
  <url>http://maven.apache.orgurl>

  <properties>
    <project.build.sourceEncoding>UTF-8project.build.sourceEncoding>
    <cas.version>4.1.5cas.version>
  properties>
  <modules>
      <module>xyz-cas-assemblemodule>
  modules>

  <dependencies>
    <dependency>
      <groupId>junitgroupId>
      <artifactId>junitartifactId>
      <version>3.8.1version>
      <scope>testscope>
    dependency>
    
     
            <dependency>
                <groupId>org.jasig.casgroupId>
                <artifactId>cas-server-webappartifactId>
                <version>${cas.version}version>
                <type>wartype>
                <scope>runtimescope>
            dependency>
            <dependency>
                <groupId>org.jasig.casgroupId>
                <artifactId>cas-server-webapp-supportartifactId>
                <version>${cas.version}version>
                <scope>runtimescope>
            dependency>
            <dependency>
                <groupId>org.jasig.casgroupId>
                <artifactId>cas-server-support-jdbcartifactId>
                <version>${cas.version}version>
                <scope>runtimescope>
            dependency>
            <dependency>
                <groupId>org.jasig.casgroupId>
                <artifactId>cas-server-support-restartifactId>
                <version>${cas.version}version>
                <scope>runtimescope>
            dependency>
            <dependency>
                  <groupId>org.jasig.casgroupId>
                  <artifactId>cas-server-integration-ehcacheartifactId>
                  <version>${cas.version}version>
                  <scope>runtimescope>
            dependency>
         
     
        <dependency>
            <groupId>org.mybatisgroupId>
            <artifactId>mybatis-springartifactId>
            <version>1.2.3version>
        dependency>
        <dependency>
            <groupId>org.mybatisgroupId>
            <artifactId>mybatisartifactId>
            <version>3.3.1version>
        dependency>
        <dependency>
            <groupId>org.mybatis.generatorgroupId>
            <artifactId>mybatis-generator-coreartifactId>
            <version>1.3.2version>
        dependency>
        <dependency>
            <groupId>mysqlgroupId>
            <artifactId>mysql-connector-javaartifactId>
            <version>5.1.38version>
        dependency>
        
        <dependency>
            <groupId>com.github.pagehelpergroupId>
            <artifactId>pagehelperartifactId>
            <version>4.0.1version>
        dependency>
        <dependency>
            <groupId>com.alibabagroupId>
            <artifactId>druidartifactId>
            <version>1.0.17version>
        dependency>
        
            <dependency>
                <groupId>com.alibabagroupId>
                <artifactId>fastjsonartifactId>
                <version>1.2.7version>
            dependency>
            
            <dependency>
                <groupId>commons-httpclientgroupId>
                <artifactId>commons-httpclientartifactId>
                <version>3.1version>
            dependency>
            <dependency>
                <groupId>javax.servletgroupId>
                <artifactId>javax.servlet-apiartifactId>
                <version>3.1.0version>
            dependency>
dependencies>

    <build>
    <plugins>
      <plugin>
        <groupId>org.apache.maven.pluginsgroupId>
        <artifactId>maven-war-pluginartifactId>
        <configuration>
          <warName>caswarName>
          <webResources>
            <resource>
              <directory>${basedir}/src/main/webapp/WEB-INFdirectory>
              <filtering>truefiltering>
              <targetPath>WEB-INFtargetPath>
              <includes>
                <include>**/web.xmlinclude>
              includes>
            resource>
          webResources>
        configuration>
      plugin>
      <plugin>
        <groupId>org.eclipse.jettygroupId>
        <artifactId>jetty-maven-pluginartifactId>
        <version>${maven-jetty-plugin.version}version>
        <configuration>
          <webApp>
            <contextPath>/cascontextPath>
          webApp>
        configuration>
      plugin>
    plugins>
  build>
project>
View Code

  2.3、打包成war放到tomcat目录下webapps中,启动tomcat 访问到cas,能访问到cas 准备工作也就完成!

二、修改cas配置

   1、打开 deployerConfigContext.xml 文件,找到 serviceRegistryDao 修改成下图所示。

 

    
    <bean id="serviceRegistryDao" class="org.jasig.cas.services.InMemoryServiceRegistryDaoImpl">
        <property name="registeredServices">
            <list>
                <bean class="org.jasig.cas.services.RegexRegisteredService">
                    <property name="id" value="0" />
                    <property name="name" value="HTTP and IMAP" />
                    <property name="description" value="Allows HTTP(S) and IMAP(S) protocols" />
                    <property name="serviceId" value="^(https?|imaps?)://.*" />
                    <property name="evaluationOrder" value="10000001" />
                bean>
            list>
        property>
    bean>

  1.1、直接修改cas自带的服务文件,打开图上标记文件 

cas 服务端、客服端详细配置_第2张图片

 

修改serviceId为  ^(https?|imaps?)://.*   这样我们的客服端就能访问到cas服务端了

cas 服务端、客服端详细配置_第3张图片

 

 2、自定义用户登录验证

    2.1、找到deployerConfigContext.xml 文件 authenticationManager 把 primaryAuthenticationHandler 注释掉改成自己的验证类

    <bean id="authenticationManager" class="org.jasig.cas.authentication.PolicyBasedAuthenticationManager">
        <constructor-arg>
            <map>
                
                <entry key-ref="proxyAuthenticationHandler" value-ref="proxyPrincipalResolver" />
               
                <entry key-ref="ssoLoginHander" value-ref="primaryPrincipalResolver" />
            map>
        constructor-arg>

 

   2.2、加入注解context,在authenticationManager 它的上面添加

  <context:component-scan base-package="com.xyz.cas.*" />

完整的beans

<beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"   xmlns:p="http://www.springframework.org/schema/p"
       xmlns:c="http://www.springframework.org/schema/c"       xmlns:tx="http://www.springframework.org/schema/tx"
       xmlns:util="http://www.springframework.org/schema/util"       xmlns:sec="http://www.springframework.org/schema/security"
       xmlns:context="http://www.springframework.org/schema/context"
       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
       http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx.xsd
       http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd
       http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd
       http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd">

2.2.1、找到deployerConfigContext.xml 文件 attributeRepository 注释掉

 

 2.3、在biz下新建文件,如图

cas 服务端、客服端详细配置_第4张图片

2.3.1、在login下新建SSOLoginHander类继承 AbstractPreAndPostProcessingAuthenticationHandler 用于登录验证,源码如下

package com.xyz.cas.login;

import java.security.GeneralSecurityException;
import java.util.List;

import javax.security.auth.login.FailedLoginException;

import org.jasig.cas.authentication.Credential;
import org.jasig.cas.authentication.HandlerResult;
import org.jasig.cas.authentication.PreventedException;
import org.jasig.cas.authentication.handler.support.AbstractPreAndPostProcessingAuthenticationHandler;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;

import com.xyz.cas.common.md5.Md5Encrypt;
import com.xyz.cas.model.MyCredential;
import com.xyz.dal.mybatis.maps.UserMapper;
import com.xyz.dal.mybatis.model.User;
import com.xyz.dal.mybatis.model.UserExample;

/**
 *
 *
 * @author 
 *AbstractPreAndPostProcessingAuthenticationHandler
 */
@Service("ssoLoginHander")
public class SSOLoginHander extends AbstractPreAndPostProcessingAuthenticationHandler {
    
    protected final Logger logger = LoggerFactory.getLogger(this.getClass());
    @Autowired
    public UserMapper userMapper;
    
    /**
     * @param credential
     * @return
     * @see org.jasig.cas.authentication.AuthenticationHandler#supports(org.jasig.cas.authentication.Credential)
     */
    @Override
    public boolean supports(Credential credential) {
        return true;
    }

    /**
     * @param credential
     * @return
     * @throws GeneralSecurityException
     * @throws PreventedException
     * @see org.jasig.cas.authentication.handler.support.AbstractPreAndPostProcessingAuthenticationHandler#doAuthentication(org.jasig.cas.authentication.Credential)
     */
    @Override
    protected HandlerResult doAuthentication(Credential credential) throws GeneralSecurityException, PreventedException {
        MyCredential  credential2 =null;
        try
        {
        credential2= (MyCredential)credential;
        UserExample example=new UserExample();
        example.createCriteria().andLoginNameEqualTo(credential2.getUsername()).andPasswordEqualTo(Md5Encrypt.encrypt(credential2.getPassword()));
        Listlist= userMapper.selectByExample(example);
        if (list.isEmpty()&&list.size()==0)
        {
            throw new FailedLoginException("账号密码错误");
        }
            
        } catch (Exception e)
        {
            logger.info("web login fail, password does not match username on record. ");
            e.printStackTrace();
            throw new FailedLoginException(e.getMessage());
        }
    

        //验证是否登录成功
        //if(result.isFail()){
            logger.info("=============================================================");
        //    logger.info("who:"+username);
            logger.info("web login fail, password does not match username on record. ");
            logger.info("=============================================================");
            //throw new FailedLoginException("password does not match username on record.");
        //}
    //    upu.setUserId(result.getList().get(0).getBaseId());
        return createHandlerResult(credential, this.principalFactory.createPrincipal(credential2.getUsername()), null);
    }

}
View Code

在dal下的java 下新建 MyCredential 类 用于接收用户名密码

package com.xyz.dal.mybatis.model;

import org.jasig.cas.authentication.UsernamePasswordCredential;


public class MyCredential extends UsernamePasswordCredential {
    
    private static final long serialVersionUID = 2693123647112406019L;
    //
    private String serviceUrl;
    //类型
    private String idtype;  
    //用户ID
    private String userId;
    //票据
    private String tgt; 

    
    
    public String getUserId()
    {
        return userId;
    }

    public void setUserId(String userId)
    {
        this.userId = userId;
    }

    public String getTgt()
    {
        return tgt;
    }

    public void setTgt(String tgt)
    {
        this.tgt = tgt;
    }

    public static long getSerialversionuid()
    {
        return serialVersionUID;
    }

    public void setIdtype(String idtype)
    {
        this.idtype = idtype;
    }

    public String getServiceUrl()
    {
        return serviceUrl;
    }

    public void setServiceUrl(String serviceUrl)
    {
        this.serviceUrl = serviceUrl;
    }

    public String getIdtype()
    {
        return idtype;
    }
}
View Code

在 attribute 下 新建UserStubPersonAttributeDao类 用于登录验证成功后返回信息给客户端,这里我使用了mybatis 来操作数据库

package com.xyz.cas.attribute;

import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;

import org.jasig.services.persondir.IPersonAttributes;
import org.jasig.services.persondir.support.AttributeNamedPersonImpl;
import org.jasig.services.persondir.support.StubPersonAttributeDao;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;

import com.alibaba.fastjson.JSONObject;
import com.xyz.dal.mybatis.maps.UserMapper;
import com.xyz.dal.mybatis.model.MyCredential;
import com.xyz.dal.mybatis.model.User;
import com.xyz.dal.mybatis.model.UserExample;


@Service("attributeRepository")
public class UserStubPersonAttributeDao extends StubPersonAttributeDao {
    
    protected final Logger logger = LoggerFactory.getLogger(this.getClass());
     @Autowired
        public UserMapper userMapper;

    /**
     * @param uid
     * @return
     * @see org.jasig.services.persondir.support.StubPersonAttributeDao#getPerson(java.lang.String)
     */
    @Override
    public IPersonAttributes getPerson(String uid) {
        
        Map> attributes = new HashMap>();
        
        MyCredential mycredential = JSONObject.parseObject(uid, MyCredential.class);
        
        UserExample example=new UserExample();
        example.createCriteria().andLoginNameEqualTo(mycredential.getUsername());
        
        Listlist= userMapper.selectByExample(example);
        
        mycredential.setUserId(list.get(0).getId());
        
        String userInfo=JSONObject.toJSONString(list);
        attributes.put("userInfo", Collections.singletonList((Object)userInfo));
       // attributes.put("permissionInfo", Collections.singletonList((Object)permissionInfo));
        //attributes.put("roleInfo", Collections.singletonList((Object)roleInfo));
        return new AttributeNamedPersonImpl(attributes);
    }

}
View Code

在assemble新建 org.jasig.cas.authentication.principal 包 新建类 PersonDirectoryPrincipalResolver

cas 服务端、客服端详细配置_第5张图片

源码如下

/*
 * Licensed to Apereo under one or more contributor license
 * agreements. See the NOTICE file distributed with this work
 * for additional information regarding copyright ownership.
 * Apereo licenses this file to you under the Apache License,
 * Version 2.0 (the "License"); you may not use this file
 * except in compliance with the License.  You may obtain a
 * copy of the License at the following location:
 *
 *   http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing,
 * software distributed under the License is distributed on an
 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 * KIND, either express or implied.  See the License for the
 * specific language governing permissions and limitations
 * under the License.
 */
package org.jasig.cas.authentication.principal;

import java.util.HashMap;
import java.util.List;
import java.util.Map;

import javax.validation.constraints.NotNull;

import org.jasig.cas.authentication.Credential;
import org.jasig.services.persondir.IPersonAttributeDao;
import org.jasig.services.persondir.IPersonAttributes;
import org.jasig.services.persondir.support.StubPersonAttributeDao;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import com.alibaba.fastjson.JSONObject;
import com.xyz.dal.mybatis.model.MyCredential;

/**
 * Resolves principals by querying a data source using the Jasig
 * http://developer.jasig.org/projects/person-directory/1.5.0-SNAPSHOT/apidocs/">Person Directory API.
 * The {@link org.jasig.cas.authentication.principal.Principal#getAttributes()} are populated by the results of the
 * query and the principal ID may optionally be set by proving an attribute whose first non-null value is used;
 * otherwise the credential ID is used for the principal ID.
 *
 * @author Marvin S. Addison
 * @since 4.0.0
 *
 */
public class PersonDirectoryPrincipalResolver implements PrincipalResolver {

    /** Log instance. */
    protected final Logger logger = LoggerFactory.getLogger(this.getClass());

    private boolean returnNullIfNoAttributes;

    /** Repository of principal attributes to be retrieved. */
    @NotNull
    private IPersonAttributeDao attributeRepository = new StubPersonAttributeDao(new HashMap>());

    /** Factory to create the principal type. **/
    @NotNull
    private PrincipalFactory principalFactory = new DefaultPrincipalFactory();

    /** Optional principal attribute name. */
    private String principalAttributeName;
    /**
     * @param credential
     * @return
     * @see org.jasig.cas.authentication.principal.PrincipalResolver#supports(org.jasig.cas.authentication.Credential)
     */
    public boolean supports(Credential credential)
    {
        return true;
    }
    /**
     * @param credential
     * @return
     * @see org.jasig.cas.authentication.principal.PrincipalResolver#resolve(org.jasig.cas.authentication.Credential)
     */
    public Principal resolve(Credential credential)
    {
         logger.debug("Attempting to resolve a principal...");

            String principalId = extractPrincipalId(credential);

            if (principalId == null) {
                logger.debug("Got null for extracted principal ID; returning null.");
                return null;
            }

            logger.debug("Creating SimplePrincipal for [{}]", principalId);
            final MyCredential  upu = (MyCredential)credential;;
            String principalIdExtend = JSONObject.toJSONString(upu);
            final IPersonAttributes personAttributes = this.attributeRepository.getPerson(principalIdExtend);
            final Map> attributes;

            if (personAttributes == null) {
                attributes = null;
            } else {
                attributes = personAttributes.getAttributes();
            }

            if (attributes == null || attributes.isEmpty()) {
                if (!this.returnNullIfNoAttributes) {
                    return this.principalFactory.createPrincipal(principalId);
                }
                return null;
            }

            final Map convertedAttributes = new HashMap();
            for (final Map.Entry> entry : attributes.entrySet()) {
                final String key = entry.getKey();
                final List values = entry.getValue();
                if (key.equalsIgnoreCase(this.principalAttributeName)) {
                    if (values.isEmpty()) {
                        logger.debug("{} is empty, using {} for principal", this.principalAttributeName, principalId);
                    } else {
                        principalId = values.get(0).toString();
                        logger.debug(
                                "Found principal attribute value {}; removing {} from attribute map.",
                                principalId,
                                this.principalAttributeName);
                    }
                } else {
                    convertedAttributes.put(key, values.size() == 1 ? values.get(0) : values);
                }
            }
           return this.principalFactory.createPrincipal(principalId, convertedAttributes);
    }

    public final void setAttributeRepository(final IPersonAttributeDao attributeRepository) {
        this.attributeRepository = attributeRepository;
    }

    public void setReturnNullIfNoAttributes(final boolean returnNullIfNoAttributes) {
        this.returnNullIfNoAttributes = returnNullIfNoAttributes;
    }

    /**
     * Sets the name of the attribute whose first non-null value should be used for the principal ID.
     *
     * @param attribute Name of attribute containing principal ID.
     */
    public void setPrincipalAttributeName(final String attribute) {
        this.principalAttributeName = attribute;
    }

    /**
     * Sets principal factory to create principal objects.
     *
     * @param principalFactory the principal factory
     */
    public void setPrincipalFactory(final PrincipalFactory principalFactory) {
        this.principalFactory = principalFactory;
    }

    /**
     * Extracts the id of the user from the provided credential. This method should be overridded by subclasses to
     * achieve more sophisticated strategies for producing a principal ID from a credential.
     *
     * @param credential the credential provided by the user.
     * @return the username, or null if it could not be resolved.
     */
    protected String extractPrincipalId(final Credential credential) {
        return credential.getId();
    }


} 
     
    View Code 
    
   
修改 webflow下面的 login-webflow.xml,找到 credential 修改成上面定义的类,用于接收页面输入的用户名密码
 
   
 
    

<var name="credential" class="com.xyz.cas.model.MyCredential"/>


<view-state id="viewLoginForm" view="casLoginView" model="credential">
<binder>
<binding property="username" required="true"/>
<binding property="password" required="true"/>

binder>
<on-entry>
<set name="viewScope.commandName" value="'credential'"/>


on-entry>
<transition on="submit" bind="true" validate="true" to="realSubmit"/>
view-state>
 
   
 
   
修改完成自定义类路径后在当前login-webflow.xml中找到 节点id serviceUnauthorizedCheck  修改如下
 
   
 
    
    <end-state id="viewServiceErrorView" view="serviceErrorView"/>
 


   
   
    <end-state id="viewServiceSsoErrorView" view="viewServiceSsoErrorView" />

    <global-transitions>
        <transition to="viewLoginForm" on-exception="org.jasig.cas.services.UnauthorizedSsoServiceException"/>
        <transition to="viewServiceErrorView"
                    on-exception="org.springframework.webflow.execution.repository.NoSuchFlowExecutionException"/>

         
      
        <transition to="viewServiceErrorView" on-exception="org.jasig.cas.services.UnauthorizedServiceException"/>
    global-transitions>
 
   
 
   
ps:这部分不修改 使用tomcat启动访问后 报错 :CAS is Unavailable There was an error trying to complete your request. Please notify your support desk or try again.
 
   
查看日志显示:Unable to load class ' com.xyz.cas.model.MyCredential'
 
   
完整的 login-webflow.xml 源码
 
   
 
     
     
    
 
     
xml version="1.0" encoding="UTF-8"?>

<flow xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
      xmlns="http://www.springframework.org/schema/webflow"
      xsi:schemaLocation="http://www.springframework.org/schema/webflow
                          http://www.springframework.org/schema/webflow/spring-webflow.xsd">

    <var name="credential" class="com.xyz.cas.model.MyCredential"/>
    <on-start>
        <evaluate expression="initialFlowSetupAction"/>
    on-start>

    <action-state id="ticketGrantingTicketCheck">
        <evaluate expression="ticketGrantingTicketCheckAction"/>
        <transition on="notExists" to="gatewayRequestCheck"/>
        <transition on="invalid" to="terminateSession"/>
        <transition on="valid" to="hasServiceCheck"/>
    action-state>

    <action-state id="terminateSession">
        <evaluate expression="terminateSessionAction.terminate(flowRequestContext)"/>
        <transition to="gatewayRequestCheck"/>
    action-state>

    <decision-state id="gatewayRequestCheck">
        <if test="requestParameters.gateway != '' and requestParameters.gateway != null and flowScope.service != null"
            then="gatewayServicesManagementCheck" else="serviceAuthorizationCheck"/>
    decision-state>

    <decision-state id="hasServiceCheck">
        <if test="flowScope.service != null" then="renewRequestCheck" else="viewGenericLoginSuccess"/>
    decision-state>

    <decision-state id="renewRequestCheck">
        <if test="requestParameters.renew != '' and requestParameters.renew != null" then="serviceAuthorizationCheck"
            else="generateServiceTicket"/>
    decision-state>

    
    <action-state id="serviceAuthorizationCheck">
        <evaluate expression="serviceAuthorizationCheck"/>
        <transition to="generateLoginTicket"/>
    action-state>

    
    <decision-state id="warn">
        <if test="flowScope.warnCookieValue" then="showWarningView" else="redirect"/>
    decision-state>

    

    <action-state id="generateLoginTicket">
        <evaluate expression="generateLoginTicketAction.generate(flowRequestContext)"/>
        <transition on="generated" to="viewLoginForm"/>
    action-state>

    <view-state id="viewLoginForm" view="casLoginView" model="credential">
        <binder>
            <binding property="username" required="true"/>
            <binding property="password" required="true"/>
        binder>
        <on-entry>
            <set name="viewScope.commandName" value="'credential'"/>

            
        on-entry>
        <transition on="submit" bind="true" validate="true" to="realSubmit"/>
    view-state>

    <action-state id="realSubmit">
        <evaluate
                expression="authenticationViaFormAction.submit(flowRequestContext, flowScope.credential, messageContext)"/>
        <transition on="warn" to="warn"/>
        
        <transition on="success" to="sendTicketGrantingTicket"/>
        <transition on="successWithWarnings" to="showMessages"/>
        <transition on="authenticationFailure" to="handleAuthenticationFailure"/>
        <transition on="error" to="generateLoginTicket"/>
    action-state>

    

    <view-state id="showMessages" view="casLoginMessageView">
        <on-entry>
            <evaluate expression="sendTicketGrantingTicketAction"/>
            <set name="requestScope.messages" value="messageContext.allMessages"/>
        on-entry>
        <transition on="proceed" to="serviceCheck"/>
    view-state>

    <action-state id="handleAuthenticationFailure">
        <evaluate expression="authenticationExceptionHandler.handle(currentEvent.attributes.error, messageContext)"/>
        <transition on="AccountDisabledException" to="casAccountDisabledView"/>
        <transition on="AccountLockedException" to="casAccountLockedView"/>
        <transition on="AccountPasswordMustChangeException" to="casMustChangePassView"/>
        <transition on="CredentialExpiredException" to="casExpiredPassView"/>
        <transition on="InvalidLoginLocationException" to="casBadWorkstationView"/>
        <transition on="InvalidLoginTimeException" to="casBadHoursView"/>
        <transition on="FailedLoginException" to="generateLoginTicket"/>
        <transition on="AccountNotFoundException" to="generateLoginTicket"/>
        <transition on="UNKNOWN" to="generateLoginTicket"/>
    action-state>

    <action-state id="sendTicketGrantingTicket">
        <evaluate expression="sendTicketGrantingTicketAction"/>
        <transition to="serviceCheck"/>
    action-state>

    <decision-state id="serviceCheck">
        <if test="flowScope.service != null" then="generateServiceTicket" else="viewGenericLoginSuccess"/>
    decision-state>

    <action-state id="generateServiceTicket">
        <evaluate expression="generateServiceTicketAction"/>
        <transition on="success" to="warn"/>
        <transition on="authenticationFailure" to="handleAuthenticationFailure"/>
        <transition on="error" to="generateLoginTicket"/>
        <transition on="gateway" to="gatewayServicesManagementCheck"/>
    action-state>

    <action-state id="gatewayServicesManagementCheck">
        <evaluate expression="gatewayServicesManagementCheck"/>
        <transition on="success" to="redirect"/>
    action-state>

    <action-state id="redirect">
        <evaluate expression="flowScope.service.getResponse(requestScope.serviceTicketId)"
                  result-type="org.jasig.cas.authentication.principal.Response" result="requestScope.response"/>
        <transition to="postRedirectDecision"/>
    action-state>

    <decision-state id="postRedirectDecision">
        <if test="requestScope.response.responseType.name() == 'POST'" then="postView" else="redirectView"/>
    decision-state>

    

    <end-state id="viewGenericLoginSuccess" view="casGenericSuccessView">
        <on-entry>
            <evaluate expression="genericSuccessViewAction.getAuthenticationPrincipal(flowScope.ticketGrantingTicketId)"
                      result="requestScope.principal"
                      result-type="org.jasig.cas.authentication.principal.Principal"/>
        on-entry>
    end-state>


    
    <end-state id="showWarningView" view="casConfirmView"/>


    
    <end-state id="abstactPasswordChangeView">
        <on-entry>
            <set name="flowScope.passwordPolicyUrl" value="passwordPolicy.passwordPolicyUrl"/>
        on-entry>
    end-state>
    <end-state id="casExpiredPassView" view="casExpiredPassView" parent="#abstactPasswordChangeView"/>
    <end-state id="casMustChangePassView" view="casMustChangePassView" parent="#abstactPasswordChangeView"/>
    <end-state id="casAccountDisabledView" view="casAccountDisabledView"/>
    <end-state id="casAccountLockedView" view="casAccountLockedView"/>
    <end-state id="casBadHoursView" view="casBadHoursView"/>
    <end-state id="casBadWorkstationView" view="casBadWorkstationView"/>

    <end-state id="postView" view="postResponseView">
        <on-entry>
            <set name="requestScope.parameters" value="requestScope.response.attributes"/>
            <set name="requestScope.originalUrl" value="flowScope.service.id"/>
        on-entry>
    end-state>

    
    <end-state id="redirectView" view="externalRedirect:#{requestScope.response.url}"/>

    <end-state id="viewServiceErrorView" view="serviceErrorView"/>

    
    <end-state id="viewServiceSsoErrorView" view="viewServiceSsoErrorView" />

    <global-transitions>
        <transition to="viewLoginForm" on-exception="org.jasig.cas.services.UnauthorizedSsoServiceException"/>
        <transition to="viewServiceErrorView"
                    on-exception="org.springframework.webflow.execution.repository.NoSuchFlowExecutionException"/>
        <transition to="viewServiceErrorView" on-exception="org.jasig.cas.services.UnauthorizedServiceException"/>
    global-transitions>
flow>
 
    
 
    View Code 
   
 
   
打开如图所示的文件
 
   
cas 服务端、客服端详细配置_第6张图片
 
   
 
 
   
 在 ${fn:escapeXml(principal.id)} 后面添加下面这段,添加后客服端才能接收返回的信息
 
   
 
    
if test="${fn:length(assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.attributes) > 0}">
            
                
                    ${fn:escapeXml(attr.value)}
                
            
        if>
 
   
 
   
 三、客服端配置 
 
   
客户端项目结构如下
 
   
cas 服务端、客服端详细配置_第7张图片
 
   
1、在客服端pom.xml中增加一下依赖包
 
   
 
    
            
        <dependency>
            <groupId>org.apache.shirogroupId>
            <artifactId>shiro-coreartifactId>
            <version>1.2.1version>
        dependency>
        <dependency>
            <groupId>org.apache.shirogroupId>
            <artifactId>shiro-webartifactId>
            <version>1.2.1version>
        dependency>
        <dependency>
            <groupId>org.apache.shirogroupId>
            <artifactId>shiro-ehcacheartifactId>
            <version>1.2.1version>
        dependency>
        <dependency>
            <groupId>org.apache.shirogroupId>
            <artifactId>shiro-springartifactId>
            <version>1.2.1version>
        dependency>
         <dependency>
                <groupId>org.apache.shirogroupId>
                <artifactId>shiro-casartifactId>
                <version>1.2.4version>
       dependency>
 
   
 
   
 2、在xyz-domo-web 下src\main\resources 下新建包 cache,在cache 下新建文件 ehcache.xsd 
 
   
 
     
     
    
 
     
xml version="1.0" encoding="UTF-8" standalone="no"?>
<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" elementFormDefault="qualified" version="1.7">

    <xs:element name="ehcache">
        <xs:complexType>
            <xs:sequence>
                <xs:element maxOccurs="1" minOccurs="0" ref="diskStore"/>
                <xs:element maxOccurs="1" minOccurs="0" ref="sizeOfPolicy"/>
                <xs:element maxOccurs="1" minOccurs="0" ref="transactionManagerLookup"/>
                <xs:element maxOccurs="1" minOccurs="0" ref="cacheManagerEventListenerFactory"/>
                <xs:element maxOccurs="unbounded" minOccurs="0" ref="cacheManagerPeerProviderFactory"/>
                <xs:element maxOccurs="unbounded" minOccurs="0" ref="cacheManagerPeerListenerFactory"/>
                <xs:element maxOccurs="1" minOccurs="0" ref="terracottaConfig"/>
                <xs:element maxOccurs= "1" minOccurs="0" ref="defaultCache"/>
                <xs:element maxOccurs="unbounded" minOccurs="0" ref="cache"/>
            xs:sequence>
            <xs:attribute name="name" use="optional"/>
            <xs:attribute default="true" name="updateCheck" type="xs:boolean" use="optional"/>
            <xs:attribute default="autodetect" name="monitoring" type="monitoringType" use="optional"/>
            <xs:attribute default="true" name="dynamicConfig" type="xs:boolean" use="optional"/>
            <xs:attribute default="15" name="defaultTransactionTimeoutInSeconds" type="xs:integer" use="optional"/>
            <xs:attribute default="0" name="maxBytesLocalHeap" type="memoryUnitOrPercentage" use="optional"/>
            <xs:attribute default="0" name="maxBytesLocalOffHeap" type="memoryUnit" use="optional"/>
            <xs:attribute default="0" name="maxBytesLocalDisk" type="memoryUnit" use="optional"/>
        xs:complexType>
    xs:element>
    <xs:element name="diskStore">
        <xs:complexType>
            <xs:attribute name="path" use="optional"/>
        xs:complexType>
    xs:element>
    <xs:element name="transactionManagerLookup">
        <xs:complexType>
            <xs:attribute name="class" use="required"/>
            <xs:attribute name="properties" use="optional"/>
            <xs:attribute name="propertySeparator" use="optional"/>
        xs:complexType>
    xs:element>
    <xs:element name="cacheManagerEventListenerFactory">
        <xs:complexType>
            <xs:attribute name="class" use="required"/>
            <xs:attribute name="properties" use="optional"/>
            <xs:attribute name="propertySeparator" use="optional"/>
        xs:complexType>
    xs:element>
    <xs:element name="cacheManagerPeerProviderFactory">
        <xs:complexType>
            <xs:attribute name="class" use="required"/>
            <xs:attribute name="properties" use="optional"/>
            <xs:attribute name="propertySeparator" use="optional"/>
        xs:complexType>
    xs:element>
    <xs:element name="cacheManagerPeerListenerFactory">
        <xs:complexType>
            <xs:attribute name="class" use="required"/>
            <xs:attribute name="properties" use="optional"/>
            <xs:attribute name="propertySeparator" use="optional"/>
        xs:complexType>
    xs:element>
    <xs:element name="terracottaConfig">
        <xs:complexType>
            <xs:sequence>
                <xs:element maxOccurs="1" minOccurs="0" name="tc-config">
                    <xs:complexType>
                        <xs:sequence>
                            <xs:any maxOccurs="unbounded" minOccurs="0" processContents="skip"/>
                        xs:sequence>
                    xs:complexType>
                xs:element>
            xs:sequence>
            <xs:attribute default="localhost:9510" name="url" use="optional"/>
            <xs:attribute name="rejoin" type="xs:boolean" use="optional" default="false"/>
        xs:complexType>
    xs:element>
    
    <xs:element name="defaultCache">
        <xs:complexType>
            <xs:sequence>
                <xs:element minOccurs="0" maxOccurs="unbounded" ref="cacheEventListenerFactory"/>
                <xs:element minOccurs="0" maxOccurs="unbounded" ref="cacheExtensionFactory"/>
                <xs:element minOccurs="0" maxOccurs="unbounded" ref="cacheLoaderFactory"/>
                <xs:element minOccurs="0" maxOccurs="unbounded" ref="cacheDecoratorFactory"/>
                <xs:element minOccurs="0" maxOccurs="1" ref="bootstrapCacheLoaderFactory"/>
                <xs:element minOccurs="0" maxOccurs="1" ref="cacheExceptionHandlerFactory"/>
                <xs:element minOccurs="0" maxOccurs="1" ref="pinning"/>
                <xs:element minOccurs="0" maxOccurs="1" ref="terracotta"/>
                <xs:element minOccurs="0" maxOccurs="1" ref="cacheWriter"/>
                <xs:element minOccurs="0" maxOccurs="1" ref="copyStrategy"/>
                <xs:element minOccurs="0" maxOccurs="1" ref="elementValueComparator"/>
                <xs:element minOccurs="0" maxOccurs="1" ref="sizeOfPolicy"/>
            xs:sequence>
            <xs:attribute name="diskExpiryThreadIntervalSeconds" type="xs:integer" use="optional"/>
            <xs:attribute name="diskSpoolBufferSizeMB" type="xs:integer" use="optional"/>
            <xs:attribute name="diskPersistent" type="xs:boolean" use="optional"/>
            <xs:attribute name="diskAccessStripes" type="xs:integer" use="optional" default="1"/>
            <xs:attribute name="eternal" type="xs:boolean" use="optional" default="false"/>
            <xs:attribute name="maxElementsInMemory" type="xs:integer" use="optional"/>
            <xs:attribute name="maxEntriesLocalHeap" type="xs:integer" use="optional"/>
            <xs:attribute name="clearOnFlush" type="xs:boolean" use="optional"/>
            <xs:attribute name="memoryStoreEvictionPolicy" type="xs:string" use="optional"/>
            <xs:attribute name="overflowToDisk" type="xs:boolean" use="optional"/>
            <xs:attribute name="timeToIdleSeconds" type="xs:integer" use="optional"/>
            <xs:attribute name="timeToLiveSeconds" type="xs:integer" use="optional"/>
            <xs:attribute name="maxElementsOnDisk" type="xs:integer" use="optional"/>
            <xs:attribute name="maxEntriesLocalDisk" type="xs:integer" use="optional"/>
            <xs:attribute name="transactionalMode" type="transactionalMode" use="optional" default="off"/>
            <xs:attribute name="statistics" type="xs:boolean" use="optional" default="false"/>
            <xs:attribute name="copyOnRead" type="xs:boolean" use="optional" default="false"/>
            <xs:attribute name="copyOnWrite" type="xs:boolean" use="optional" default="false"/>
            <xs:attribute name="cacheLoaderTimeoutMillis" type="xs:integer" use="optional" default="0"/>
            <xs:attribute name="overflowToOffHeap" type="xs:boolean" use="optional" default="false"/>
            <xs:attribute name="maxMemoryOffHeap" type="xs:string" use="optional"/>
        xs:complexType>
    xs:element>
    <xs:element name="cache">
        <xs:complexType>
            <xs:sequence>
                <xs:element minOccurs="0" maxOccurs="unbounded" ref="cacheEventListenerFactory"/>
                <xs:element minOccurs="0" maxOccurs="unbounded" ref="cacheExtensionFactory"/>
                <xs:element minOccurs="0" maxOccurs="unbounded" ref="cacheLoaderFactory"/>
                <xs:element minOccurs="0" maxOccurs="unbounded" ref="cacheDecoratorFactory"/>
                <xs:element minOccurs="0" maxOccurs="1" ref="bootstrapCacheLoaderFactory"/>
                <xs:element minOccurs="0" maxOccurs="1" ref="cacheExceptionHandlerFactory"/>
                <xs:element minOccurs="0" maxOccurs="1" ref="pinning"/>
                <xs:element minOccurs="0" maxOccurs="1" ref="terracotta"/>
                <xs:element minOccurs="0" maxOccurs="1" ref="cacheWriter"/>
                <xs:element minOccurs="0" maxOccurs="1" ref="copyStrategy"/>
                <xs:element minOccurs="0" maxOccurs="1" ref="searchable"/>
                <xs:element minOccurs="0" maxOccurs="1" ref="elementValueComparator"/>
                <xs:element minOccurs="0" maxOccurs="1" ref="sizeOfPolicy"/>
            xs:sequence>
            <xs:attribute name="diskExpiryThreadIntervalSeconds" type="xs:integer" use="optional"/>
            <xs:attribute name="diskSpoolBufferSizeMB" type="xs:integer" use="optional"/>
            <xs:attribute name="diskPersistent" type="xs:boolean" use="optional"/>
            <xs:attribute name="diskAccessStripes" type="xs:integer" use="optional" default="1"/>
            <xs:attribute name="eternal" type="xs:boolean" use="optional" default="false"/>
            <xs:attribute name="maxElementsInMemory" type="xs:integer" use="optional"/>
            <xs:attribute name="maxEntriesLocalHeap" type="xs:integer" use="optional"/>
            <xs:attribute name="memoryStoreEvictionPolicy" type="xs:string" use="optional"/>
            <xs:attribute name="clearOnFlush" type="xs:boolean" use="optional"/>
            <xs:attribute name="name" type="xs:string" use="required"/>
            <xs:attribute name="overflowToDisk" type="xs:boolean" use="optional"/>
            <xs:attribute name="timeToIdleSeconds" type="xs:integer" use="optional"/>
            <xs:attribute name="timeToLiveSeconds" type="xs:integer" use="optional"/>
            <xs:attribute name="maxElementsOnDisk" type="xs:integer" use="optional"/>
            <xs:attribute name="maxEntriesLocalDisk" type="xs:integer" use="optional"/>
            <xs:attribute name="transactionalMode" type="transactionalMode" use="optional" default="off" />
            <xs:attribute name="statistics" type="xs:boolean" use="optional" default="false"/>
            <xs:attribute name="copyOnRead" type="xs:boolean" use="optional" default="false"/>
            <xs:attribute name="copyOnWrite" type="xs:boolean" use="optional" default="false"/>
            <xs:attribute name="logging" type="xs:boolean" use="optional" default="false"/>
            <xs:attribute name="cacheLoaderTimeoutMillis" type="xs:integer" use="optional" default="0"/>
            <xs:attribute name="overflowToOffHeap" type="xs:boolean" use="optional" default="false"/>
            <xs:attribute name="maxMemoryOffHeap" type="xs:string" use="optional"/>
            <xs:attribute default="0" name="maxBytesLocalHeap" type="memoryUnitOrPercentage" use="optional"/>
            <xs:attribute default="0" name="maxBytesLocalOffHeap" type="memoryUnitOrPercentage" use="optional"/>
            <xs:attribute default="0" name="maxBytesLocalDisk" type="memoryUnitOrPercentage" use="optional"/>
        xs:complexType>
    xs:element>
    <xs:element name="cacheEventListenerFactory">
        <xs:complexType>
            <xs:attribute name="class" use="required"/>
            <xs:attribute name="properties" use="optional"/>
            <xs:attribute name="propertySeparator" use="optional"/>
            <xs:attribute name="listenFor" use="optional" type="notificationScope" default="all"/>
        xs:complexType>
    xs:element>
    <xs:element name="bootstrapCacheLoaderFactory">
        <xs:complexType>
            <xs:attribute name="class" use="required"/>
            <xs:attribute name="properties" use="optional"/>
            <xs:attribute name="propertySeparator" use="optional"/>
        xs:complexType>
    xs:element>
    <xs:element name="cacheExtensionFactory">
        <xs:complexType>
            <xs:attribute name="class" use="required"/>
            <xs:attribute name="properties" use="optional"/>
            <xs:attribute name="propertySeparator" use="optional"/>
        xs:complexType>
    xs:element>
    <xs:element name="cacheExceptionHandlerFactory">
        <xs:complexType>
            <xs:attribute name="class" use="required"/>
            <xs:attribute name="properties" use="optional"/>
            <xs:attribute name="propertySeparator" use="optional"/>
        xs:complexType>
    xs:element>
    <xs:element name="cacheLoaderFactory">
        <xs:complexType>
            <xs:attribute name="class" use="required"/>
            <xs:attribute name="properties" use="optional"/>
            <xs:attribute name="propertySeparator" use="optional"/>
        xs:complexType>
    xs:element>
    <xs:element name="cacheDecoratorFactory">
        <xs:complexType>
            <xs:attribute name="class" use="required"/>
            <xs:attribute name="properties" use="optional"/>
            <xs:attribute name="propertySeparator" use="optional"/>
        xs:complexType>
    xs:element>
    <xs:element name="searchAttribute">
        <xs:complexType>
            <xs:attribute name="name" use="required" type="xs:string"/>
            <xs:attribute name="expression" type="xs:string"/>
            <xs:attribute name="class" type="xs:string"/>
            <xs:attribute name="properties" use="optional"/>
            <xs:attribute name="propertySeparator" use="optional"/>
        xs:complexType>
    xs:element>

    <xs:element name="searchable">
      <xs:complexType>
        <xs:sequence>
          <xs:element minOccurs="0" maxOccurs="unbounded" ref="searchAttribute"/>
        xs:sequence>
        <xs:attribute name="keys" use="optional" type="xs:boolean" default="true"/>
        <xs:attribute name="values" use="optional" type="xs:boolean" default="true"/>
      xs:complexType>
    xs:element>

    <xs:element name="pinning">
        <xs:complexType>
            <xs:attribute name="store" use="required" type="pinningStoreType"/>
        xs:complexType>
    xs:element>

    <xs:element name="terracotta">
        <xs:complexType>
            <xs:sequence>
                <xs:element minOccurs="0" maxOccurs="1" ref="nonstop"/>
            xs:sequence>
            <xs:attribute name="clustered" use="optional" type="xs:boolean" default="true"/>
            <xs:attribute name="valueMode" use="optional" type="terracottaCacheValueType" default="serialization"/>
            <xs:attribute name="coherentReads" use="optional" type="xs:boolean" default="true"/>
            <xs:attribute name="localKeyCache" use="optional" type="xs:boolean" default="false"/>
            <xs:attribute name="localKeyCacheSize" use="optional" type="xs:positiveInteger" default="300000"/>
            <xs:attribute name="orphanEviction" use="optional" type="xs:boolean" default="true"/>
            <xs:attribute name="orphanEvictionPeriod" use="optional" type="xs:positiveInteger" default="4"/>
            <xs:attribute name="copyOnRead" use="optional" type="xs:boolean" default="false"/>
            <xs:attribute name="coherent" use="optional" type="xs:boolean" default="false"/>
            <xs:attribute name="consistency" use="optional" type="consistencyType" default="eventual"/>
            <xs:attribute name="synchronousWrites" use="optional" type="xs:boolean" default="false"/>
            <xs:attribute name="storageStrategy" use="optional" type="storageStrategyType" default="DCV2"/>
            <xs:attribute name="concurrency" use="optional" type="xs:nonNegativeInteger" default="0"/>
            <xs:attribute name="localCacheEnabled" use="optional" type="xs:boolean" default="true"/>
            <xs:attribute name="compressionEnabled" use="optional" type="xs:boolean" default="false"/>
        xs:complexType>
    xs:element>
    <xs:simpleType name="consistencyType">
        <xs:restriction base="xs:string">
            <xs:enumeration value="strong" />
            <xs:enumeration value="eventual" />
        xs:restriction>
    xs:simpleType>
    <xs:element name="nonstop">
        <xs:complexType>
            <xs:sequence>
                <xs:element minOccurs="0" maxOccurs="1" ref="timeoutBehavior"/>
            xs:sequence>
            <xs:attribute name="enabled" use="optional" type="xs:boolean" default="true"/>
            <xs:attribute name="immediateTimeout" use="optional" type="xs:boolean" default="false"/>
            <xs:attribute name="timeoutMillis" use="optional" type="xs:positiveInteger" default="30000"/>
        xs:complexType>
    xs:element>
    <xs:element name="timeoutBehavior">
        <xs:complexType>
            <xs:attribute name="type" use="optional" type="timeoutBehaviorType" default="exception"/>
            <xs:attribute name="properties" use="optional" default=""/>
            <xs:attribute name="propertySeparator" use="optional" default=","/>
        xs:complexType>
    xs:element>
    <xs:simpleType name="timeoutBehaviorType">
        <xs:restriction base="xs:string">
            <xs:enumeration value="noop" />
            <xs:enumeration value="exception" />
            <xs:enumeration value="localReads" />
        xs:restriction>
    xs:simpleType>
    <xs:simpleType name="monitoringType">
        <xs:restriction base="xs:string">
            <xs:enumeration value="autodetect"/>
            <xs:enumeration value="on"/>
            <xs:enumeration value="off"/>
        xs:restriction>
    xs:simpleType>
    <xs:simpleType name="pinningStoreType">
        <xs:restriction base="xs:string">
            <xs:enumeration value="localHeap" />
            <xs:enumeration value="localMemory" />
            <xs:enumeration value="inCache" />
        xs:restriction>
    xs:simpleType>
    <xs:simpleType name="terracottaCacheValueType">
        <xs:restriction base="xs:string">
            <xs:enumeration value="serialization" />
            <xs:enumeration value="identity" />
        xs:restriction>
    xs:simpleType>
    <xs:simpleType name="storageStrategyType">
        <xs:restriction base="xs:string">
            <xs:enumeration value="classic" />
            <xs:enumeration value="DCV2" />
        xs:restriction>
    xs:simpleType>

    <xs:simpleType name="transactionalMode">
        <xs:restriction base="xs:string">
            <xs:enumeration value="off"/>
            <xs:enumeration value="xa_strict"/>
            <xs:enumeration value="xa"/>
            <xs:enumeration value="local"/>
        xs:restriction>
    xs:simpleType>

    <xs:element name="cacheWriter">
        <xs:complexType>
            <xs:sequence >
                <xs:element minOccurs="0" maxOccurs="1" ref="cacheWriterFactory"/>
            xs:sequence>
            <xs:attribute name="writeMode" use="optional" type="writeModeType" default="write-through"/>
            <xs:attribute name="notifyListenersOnException" use="optional" type="xs:boolean" default="false"/>
            <xs:attribute name="minWriteDelay" use="optional" type="xs:nonNegativeInteger" default="1"/>
            <xs:attribute name="maxWriteDelay" use="optional" type="xs:nonNegativeInteger" default="1"/>
            <xs:attribute name="rateLimitPerSecond" use="optional" type="xs:nonNegativeInteger" default="0"/>
            <xs:attribute name="writeCoalescing" use="optional" type="xs:boolean" default="false"/>
            <xs:attribute name="writeBatching" use="optional" type="xs:boolean" default="false"/>
            <xs:attribute name="writeBatchSize" use="optional" type="xs:positiveInteger" default="1"/>
            <xs:attribute name="retryAttempts" use="optional" type="xs:nonNegativeInteger" default="0"/>
            <xs:attribute name="retryAttemptDelaySeconds" use="optional" type="xs:nonNegativeInteger" default="1"/>
            <xs:attribute name="writeBehindConcurrency" use="optional" type="xs:nonNegativeInteger" default="1"/>
            <xs:attribute name="writeBehindMaxQueueSize" use="optional" type="xs:nonNegativeInteger" default="0"/>
        xs:complexType>
    xs:element>
    <xs:simpleType name="writeModeType">
        <xs:restriction base="xs:string">
            <xs:enumeration value="write-through" />
            <xs:enumeration value="write-behind" />
        xs:restriction>
    xs:simpleType>
    <xs:element name="cacheWriterFactory">
        <xs:complexType>
            <xs:attribute name="class" use="required"/>
            <xs:attribute name="properties" use="optional"/>
            <xs:attribute name="propertySeparator" use="optional"/>
        xs:complexType>
    xs:element>

    <xs:element name="copyStrategy">
        <xs:complexType>
            <xs:attribute name="class" use="required" type="xs:string" />
        xs:complexType>
    xs:element>

    <xs:element name="elementValueComparator">
        <xs:complexType>
            <xs:attribute name="class" use="required" type="xs:string" />
        xs:complexType>
    xs:element>

    <xs:element name="sizeOfPolicy">
        <xs:complexType>
            <xs:attribute name="maxDepth" use="required" type="xs:integer" />
            <xs:attribute name="maxDepthExceededBehavior" use="optional" default="continue" type="maxDepthExceededBehavior" />
        xs:complexType>
    xs:element>

    <xs:simpleType name="maxDepthExceededBehavior">
        <xs:restriction base="xs:string">
            <xs:enumeration value="continue"/>
            <xs:enumeration value="abort"/>
        xs:restriction>
    xs:simpleType>

    <xs:simpleType name="notificationScope">
        <xs:restriction base="xs:string">
            <xs:enumeration value="local"/>
            <xs:enumeration value="remote"/>
            <xs:enumeration value="all"/>
        xs:restriction>
    xs:simpleType>
    <xs:simpleType name="memoryUnit">
        <xs:restriction base="xs:token">
            <xs:pattern value="[0-9]+[bBkKmMgG]?"/>
        xs:restriction>
    xs:simpleType>
    <xs:simpleType name="memoryUnitOrPercentage">
        <xs:restriction base="xs:token">
            <xs:pattern value="([0-9]+[bBkKmMgG]?|100%|[0-9]{1,2}%)"/>
        xs:restriction>
    xs:simpleType>
xs:schema>
 
    
 
    View Code 
   
 
   
2.1、新建shiro-cache.xml 文件 
 
   
 
     
     
    
 
     
<beans xmlns="http://www.springframework.org/schema/beans"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:aop="http://www.springframework.org/schema/aop"
    xmlns:tx="http://www.springframework.org/schema/tx" xmlns:context="http://www.springframework.org/schema/context"
    xmlns:util="http://www.springframework.org/schema/util"
    xsi:schemaLocation="
     http://www.springframework.org/schema/beans 
     http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
     http://www.springframework.org/schema/context 
     http://www.springframework.org/schema/context/spring-context-3.0.xsd
     http://www.springframework.org/schema/util
     http://www.springframework.org/schema/util/spring-util-3.0.xsd"
    default-lazy-init="true">
    
    <bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
        <property name="securityManager" ref="securityManager"/>
        
        <property name="loginUrl" value="${sso.shiro.login.url}" />
        
        
        <property name="filters">
            <util:map>
                
                <entry key="casFilter" value-ref="casFilter"/>
                <entry key="authc">
                    <bean class="com.xyz.domo.filter.FormAuthenticationFilterExt">bean>
                entry>
            util:map>
            
        property> 
        <property name="filterChainDefinitions">
            <value>                
                
                
                /cas = casFilter
                /version/uploadImage = anon
                /anon/** = anon
                /druid/** = anon
                /** = authc

            value>
        property>
    bean>
    
    <bean id="casFilter" class="org.apache.shiro.cas.CasFilter">
        
        <property name="failureUrl" value="/error.jsp"/>
    bean>
    
    <bean id="casRealm" class="com.xyz.domo.controller.realm.MyCasRealm">
        <property name="defaultRoles" value="ROLE_USER"/>        
        <property name="casServerUrlPrefix" value="${sso.cas.url.prefix}"/>
        
        <property name="casService" value="${sso.callback.url}"/>
        
    bean>
    
    <bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">      


        <property name="realm" ref="casRealm"/>
        <property name="subjectFactory" ref="casSubjectFactory"/>
    bean>
    
    
    <bean id="casSubjectFactory" class="org.apache.shiro.cas.CasSubjectFactory"/>

    <bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor"/>
    
    <bean class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator" depends-on="lifecycleBeanPostProcessor"/>
    <bean class="org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor">
        <property name="securityManager" ref="securityManager"/>
    bean>
    
    
    <bean id="cacheManagerFactory" class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean">  
        <property name="configLocation" value="classpath:cache/shiro-cache.xml"/>  
    bean>  
    <bean id="ehCacheManager" class="org.springframework.cache.ehcache.EhCacheCacheManager">  
        <property name="cacheManager" ref="cacheManagerFactory"/>  
    bean>

    <bean class="org.springframework.beans.factory.config.MethodInvokingFactoryBean">
        <property name="staticMethod" value="org.apache.shiro.SecurityUtils.setSecurityManager"/>
        <property name="arguments" ref="securityManager"/>
    bean>
    
    
    <bean id="handlerExceptionResolver" class="org.springframework.web.servlet.handler.SimpleMappingExceptionResolver">
        <property name="exceptionMappings">
            <props>
                <prop key="org.apache.shiro.authz.UnauthorizedException">authErrorprop>
                <prop key="org.apache.shiro.authz.AuthorizationException">authErrorprop>
               
            props>
        property>
    bean> 
beans>
 
    
 
    View Code 
   
 
   
3、在src\main\resources 下新建包 spring,在spring下新建 shiro-spring.xml 
 
   
 
     
     
    
 
     
<beans xmlns="http://www.springframework.org/schema/beans"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:aop="http://www.springframework.org/schema/aop"
    xmlns:tx="http://www.springframework.org/schema/tx" xmlns:context="http://www.springframework.org/schema/context"
    xmlns:util="http://www.springframework.org/schema/util"
    xsi:schemaLocation="
     http://www.springframework.org/schema/beans 
     http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
     http://www.springframework.org/schema/context 
     http://www.springframework.org/schema/context/spring-context-3.0.xsd
     http://www.springframework.org/schema/util
     http://www.springframework.org/schema/util/spring-util-3.0.xsd"
    default-lazy-init="true">
    
    <bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
        <property name="securityManager" ref="securityManager"/>
        
        <property name="loginUrl" value="${sso.shiro.login.url}" />
        
        
        <property name="filters">
            <util:map>
                
                <entry key="casFilter" value-ref="casFilter"/>
                <entry key="authc">
                    <bean class="com.xyz.domo.filter.FormAuthenticationFilterExt">bean>
                entry>
            util:map>
            
        property> 
        <property name="filterChainDefinitions">
            <value>                
                
                
                /cas = casFilter
                /version/uploadImage = anon
                /anon/** = anon
                /druid/** = anon
                /** = authc

            value>
        property>
    bean>
    
    <bean id="casFilter" class="org.apache.shiro.cas.CasFilter">
        
        <property name="failureUrl" value="/error.jsp"/>
    bean>
    
    <bean id="casRealm" class="com.xyz.domo.controller.realm.MyCasRealm">
        <property name="defaultRoles" value="ROLE_USER"/>        
        <property name="casServerUrlPrefix" value="${sso.cas.url.prefix}"/>
        
        <property name="casService" value="${sso.callback.url}"/>
        
    bean>
    
    <bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">      


        <property name="realm" ref="casRealm"/>
        <property name="subjectFactory" ref="casSubjectFactory"/>
    bean>
    
    
    <bean id="casSubjectFactory" class="org.apache.shiro.cas.CasSubjectFactory"/>

    <bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor"/>
    
    <bean class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator" depends-on="lifecycleBeanPostProcessor"/>
    <bean class="org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor">
        <property name="securityManager" ref="securityManager"/>
    bean>
    
    
    <bean id="cacheManagerFactory" class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean">  
        <property name="configLocation" value="classpath:cache/shiro-cache.xml"/>  
    bean>  
    <bean id="ehCacheManager" class="org.springframework.cache.ehcache.EhCacheCacheManager">  
        <property name="cacheManager" ref="cacheManagerFactory"/>  
    bean>

    <bean class="org.springframework.beans.factory.config.MethodInvokingFactoryBean">
        <property name="staticMethod" value="org.apache.shiro.SecurityUtils.setSecurityManager"/>
        <property name="arguments" ref="securityManager"/>
    bean>
    
    
    <bean id="handlerExceptionResolver" class="org.springframework.web.servlet.handler.SimpleMappingExceptionResolver">
        <property name="exceptionMappings">
            <props>
                <prop key="org.apache.shiro.authz.UnauthorizedException">authErrorprop>
                <prop key="org.apache.shiro.authz.AuthorizationException">authErrorprop>
               
            props>
        property>
    bean> 
beans>
 
    
 
    View Code 
   
 
   
3.1、新建文件 spring-cas.xml
 
   
 
     
     
    
 
     
<beans xmlns="http://www.springframework.org/schema/beans"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:aop="http://www.springframework.org/schema/aop"
    xmlns:p="http://www.springframework.org/schema/p"
    xmlns:tx="http://www.springframework.org/schema/tx" xmlns:context="http://www.springframework.org/schema/context"
    xmlns:util="http://www.springframework.org/schema/util"
    xsi:schemaLocation="
     http://www.springframework.org/schema/beans 
     http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
     http://www.springframework.org/schema/context 
     http://www.springframework.org/schema/context/spring-context-3.0.xsd
     http://www.springframework.org/schema/util
     http://www.springframework.org/schema/util/spring-util-3.0.xsd"
    default-lazy-init="true">

    <context:component-scan base-package="com.xyz.*" />

    <context:property-placeholder location="classpath*:spring/easyhome-${spring.profiles.active}.properties" />

    <bean name="authenticationFilter"
        class="org.jasig.cas.client.authentication.AuthenticationFilter">
        <property name="casServerLoginUrl" value="${sso.cas.url.prefix}">property>
        <property name="renew" value="false">property>
        <property name="gateway" value="false">property>
        <property name="serverName" value="${sso.server.name}">property>
    bean>

    <bean name="ticketValidationFilter"
        class="org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter">
        <property name="serverName" value="${sso.server.name}">property>
        <property name="redirectAfterValidation" value="false">property>
        <property name="ticketValidator">
            <bean class="org.jasig.cas.client.validation.Cas20ServiceTicketValidator">
                <constructor-arg index="0" value="${sso.cas.url.prefix}" />
            bean>
        property>
    bean>
beans>
 
    
 
    View Code 
   
 
   
4、在 src\main\java 下新建包 com.xyz.domo.filter ,新建类 FormAuthenticationFilterExt
 
   
 
     
     
    
 
     
/*
 * CHONGQING XYZ TECH CO.,LTD
 * Copyright (c) 2015 All Rights Reserved.
 */

/*
 * 修订记录:
 * xiangzy 上午11:09:54 创建
 */
package com.xyz.domo.filter;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.authc.AuthenticatingFilter;
import org.apache.shiro.web.filter.authc.FormAuthenticationFilter;
import org.apache.shiro.web.util.WebUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;


public class FormAuthenticationFilterExt extends AuthenticatingFilter{

    public static final String DEFAULT_ERROR_KEY_ATTRIBUTE_NAME = "shiroLoginFailure";

    public static final String DEFAULT_USERNAME_PARAM = "username";
    public static final String DEFAULT_PASSWORD_PARAM = "password";
    public static final String DEFAULT_REMEMBER_ME_PARAM = "rememberMe";

    private static final Logger log = LoggerFactory.getLogger(FormAuthenticationFilter.class);

    private String usernameParam = DEFAULT_USERNAME_PARAM;
    private String passwordParam = DEFAULT_PASSWORD_PARAM;
    private String rememberMeParam = DEFAULT_REMEMBER_ME_PARAM;

    private String failureKeyAttribute = DEFAULT_ERROR_KEY_ATTRIBUTE_NAME;

    public FormAuthenticationFilterExt() {
        setLoginUrl(DEFAULT_LOGIN_URL);
    }

    @Override
    public void setLoginUrl(String loginUrl) {
        String previous = getLoginUrl();
        if (previous != null) {
            this.appliedPaths.remove(previous);
        }
        super.setLoginUrl(loginUrl);
        if (log.isTraceEnabled()) {
            log.trace("Adding login url to applied paths.");
        }
        this.appliedPaths.put(getLoginUrl(), null);
    }

    public String getUsernameParam() {
        return usernameParam;
    }

    /**
     * Sets the request parameter name to look for when acquiring the username.  Unless overridden by calling this
     * method, the default is username.
     *
     * @param usernameParam the name of the request param to check for acquiring the username.
     */
    public void setUsernameParam(String usernameParam) {
        this.usernameParam = usernameParam;
    }

    public String getPasswordParam() {
        return passwordParam;
    }

    /**
     * Sets the request parameter name to look for when acquiring the password.  Unless overridden by calling this
     * method, the default is password.
     *
     * @param passwordParam the name of the request param to check for acquiring the password.
     */
    public void setPasswordParam(String passwordParam) {
        this.passwordParam = passwordParam;
    }

    public String getRememberMeParam() {
        return rememberMeParam;
    }

    /**
     * Sets the request parameter name to look for when acquiring the rememberMe boolean value.  Unless overridden
     * by calling this method, the default is rememberMe.
     * 

     * RememberMe will be true if the parameter value equals any of those supported by
     * {@link org.apache.shiro.web.util.WebUtils#isTrue(javax.servlet.ServletRequest, String) WebUtils.isTrue(request,value)}, false
     * otherwise.
     *
     * @param rememberMeParam the name of the request param to check for acquiring the rememberMe boolean value.
     */
    public void setRememberMeParam(String rememberMeParam) {
        this.rememberMeParam = rememberMeParam;
    }

    public String getFailureKeyAttribute() {
        return failureKeyAttribute;
    }

    public void setFailureKeyAttribute(String failureKeyAttribute) {
        this.failureKeyAttribute = failureKeyAttribute;
    }

    protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {
         HttpServletRequest httpServletRequest = (HttpServletRequest)request;
         String ajaxFlag = httpServletRequest.getHeader("x-requested-with");
        if (isLoginRequest(request, response)) {
            if (isLoginSubmission(request, response)) {
                if (log.isTraceEnabled()) {
                    log.trace("Login submission detected.  Attempting to execute login.");
                }
                return executeLogin(request, response);
            } else {
                if (log.isTraceEnabled()) {
                    log.trace("Login page view.");
                }
                //allow them to see the login page ;)
                if(null!=ajaxFlag&&"XMLHttpRequest".equals(ajaxFlag)){
                    log.debug("ajax request must return json update by xzy...");
                    String returnStr = "{\"recordsFiltered\":0,\"data\":[],\"notLogin\":true,\"recordsTotal\":0}";
                      response.getWriter().write(returnStr);
                      return false;
                  }
                return true;
            }
        } else {
            if (log.isTraceEnabled()) {
                log.trace("Attempting to access a path which requires authentication.  Forwarding to the " +
                        "Authentication url [" + getLoginUrl() + "]");
            }
           
            if(null!=ajaxFlag&&"XMLHttpRequest".equals(ajaxFlag)){
                log.debug("ajax request must return json update by xzy...");
                String returnStr = "{\"recordsFiltered\":0,\"data\":[],\"notLogin\":true,\"recordsTotal\":0}";
                    response.getWriter().write(returnStr);
           }else{
               saveRequestAndRedirectToLogin(request, response);
           }
            //saveRequestAndRedirectToLogin(request, response);
           return false;
        }
    }

    /**
     * This default implementation merely returns true if the request is an HTTP POST,
     * false otherwise. Can be overridden by subclasses for custom login submission detection behavior.
     *
     * @param request  the incoming ServletRequest
     * @param response the outgoing ServletResponse.
     * @return true if the request is an HTTP POST, false otherwise.
     */
    protected boolean isLoginSubmission(ServletRequest request, ServletResponse response) {
        return (request instanceof HttpServletRequest) && WebUtils.toHttp(request).getMethod().equalsIgnoreCase(POST_METHOD);
    }

    protected AuthenticationToken createToken(ServletRequest request, ServletResponse response) {
        String username = getUsername(request);
        String password = getPassword(request);
        return createToken(username, password, request, response);
    }

    protected boolean isRememberMe(ServletRequest request) {
        return WebUtils.isTrue(request, getRememberMeParam());
    }

    protected boolean onLoginSuccess(AuthenticationToken token, Subject subject,
                                     ServletRequest request, ServletResponse response) throws Exception {
        issueSuccessRedirect(request, response);
        //we handled the success redirect directly, prevent the chain from continuing:
        return false;
    }

    protected boolean onLoginFailure(AuthenticationToken token, AuthenticationException e,
                                     ServletRequest request, ServletResponse response) {
        setFailureAttribute(request, e);
        //login failed, let request continue back to the login page:
        return true;
    }

    protected void setFailureAttribute(ServletRequest request, AuthenticationException ae) {
        String className = ae.getClass().getName();
        request.setAttribute(getFailureKeyAttribute(), className);
    }

    protected String getUsername(ServletRequest request) {
        return WebUtils.getCleanParam(request, getUsernameParam());
    }

    protected String getPassword(ServletRequest request) {
        return WebUtils.getCleanParam(request, getPasswordParam());
    }
}
 
    
 
    View Code 
   
 
   
4.1、新建类 SSOLogoutFilter
 
   
 
     
     
    
 
     
/*
 * CHONGQING XYZ TECH CO.,LTD
 * Copyright (c) 2015 All Rights Reserved.
 */

/*
 * 修订记录:
 * xiangzy 下午6:11:24 创建
 */
package com.xyz.domo.filter;

import java.io.IOException;
import java.net.InetAddress;
import java.net.UnknownHostException;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Map;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;

import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import com.xyz.domo.common.http.WebUtils;
import com.xyz.domo.common.properties.PropertiesUtil;



public class SSOLogoutFilter implements Filter {

    protected final Logger    logger  = LoggerFactory.getLogger(getClass());
    /**
     * @param filterConfig
     * @throws ServletException
     * @see javax.servlet.Filter#init(javax.servlet.FilterConfig)
     */
    @Override
    public void init(FilterConfig filterConfig) throws ServletException {
    }

    /**
     * @param request
     * @param response
     * @param chain
     * @throws IOException
     * @throws ServletException
     * @see javax.servlet.Filter#doFilter(javax.servlet.ServletRequest, javax.servlet.ServletResponse, javax.servlet.FilterChain)
     */
    @Override
    public void doFilter(ServletRequest request, ServletResponse response,FilterChain chain) throws IOException, ServletException {
        try {
            HttpServletRequest httpservletrequest = (HttpServletRequest) request;
            String logoutRequest = httpservletrequest.getParameter("logoutRequest");
            logger.debug("cas post logout logoutRequest parameter value===>"+logoutRequest);
            String logoutFlag = httpservletrequest.getParameter("logoutFlag");
            if(StringUtils.isNotBlank(logoutRequest)&&StringUtils.isBlank(logoutFlag)){
                String url1 = PropertiesUtil.getInstance().getSysPro("server.ip1");
                String url2 = PropertiesUtil.getInstance().getSysPro("server.ip2");
                String currentIp = getIpAddress();
                logger.debug("cas post logout client, currentIp:【{}】, url1:【{}】, url2:【{}】", new Object[]{currentIp, url1, url2});
                if(url1.contains(currentIp)){
                    WebUtils.doPost(url2, getAllParam(httpservletrequest), 30000, 30000);
                }else if(url2.contains(currentIp)){
                    WebUtils.doPost(url1, getAllParam(httpservletrequest), 30000, 30000);
                }
                logger.debug("cas post logout client");
            }
        } catch (Exception e) {
            logger.error("shiro logout error",e);
        }
        chain.doFilter(request, response);
    }

    /**
     * 
     * @see javax.servlet.Filter#destroy()
     */
    @Override
    public void destroy() {
    }
    
    //获取当前IP
    private  String getIpAddress() throws UnknownHostException {   
        InetAddress address = InetAddress.getLocalHost();   
        return address.getHostAddress();   
    }  

    //获取request对象的所有请求参数
    private Map getAllParam(HttpServletRequest request){
        Map map = new HashMap();
        Enumeration paramNames = request.getParameterNames();
        StringBuffer strBuffer = new StringBuffer();
        while (paramNames.hasMoreElements()) {
            String paramName = (String) paramNames.nextElement();

            String[] paramValues = request.getParameterValues(paramName);
            if (paramValues.length == 1) {
                String paramValue = paramValues[0];
                if (paramValue.length() != 0) {
                    strBuffer.append(paramName).append("=").append(paramValue).append(",");
                    map.put(paramName, paramValue);
                }
            }
        }
        map.put("logoutFlag", "yes");
        return map;
    }

}
 
    
 
    View Code 
   
 
   
5、在 src\main\java 下新建包 com.xyz.domo.controller.realm,新建类 MyCasRealm 用于接收服务端返回的登录信息
 
   
 
     
     
    
 
     
/*
 * CHONGQING XYZ TECH CO.,LTD
 * Copyright (c) 2015 All Rights Reserved.
 */

/*
 * 修订记录:
 * Tzw 上午10:02:21 创建
 */
package com.xyz.domo.controller.realm;

import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;

import javax.servlet.http.HttpServletRequest;

import org.apache.bcel.generic.NEW;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.cas.CasAuthenticationException;
import org.apache.shiro.cas.CasRealm;
import org.apache.shiro.cas.CasToken;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.SimplePrincipalCollection;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.util.CollectionUtils;
import org.apache.shiro.util.StringUtils;
import org.jasig.cas.client.authentication.AttributePrincipal;
import org.jasig.cas.client.validation.Assertion;
import org.jasig.cas.client.validation.TicketValidationException;
import org.jasig.cas.client.validation.TicketValidator;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.cache.support.AbstractCacheManager;

import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONObject;
import com.xyz.dal.mybatis.model.User;


/**
 * @Filename MyCasRealm.java
 *
 * @Description:
 *
 * @Version 1.0
 *
 * @Author 
 *
 * @Email
 *
 */
public class MyCasRealm extends CasRealm {
    
    private static Logger log = LoggerFactory.getLogger(MyCasRealm.class);
    
    @Autowired
    AbstractCacheManager ehCacheCacheManager;
    
    @SuppressWarnings("unchecked")
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {

        Subject subject = SecurityUtils.getSubject();
        
        Set permissions = new HashSet();
        List permissionInfo = (List)subject.getSession().getAttribute("permissionInfo");
        if(permissionInfo != null){
            permissions.addAll(permissionInfo);
        }
        
        Set roles = new HashSet();
        List roleInfo = (List)subject.getSession().getAttribute("roleInfo");
        if(roleInfo != null){
            roles.addAll(roleInfo);
        }
        
        SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
        authorizationInfo.setStringPermissions(permissions);
        authorizationInfo.setRoles(roles);
        
        return authorizationInfo;
    }
    
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
        CasToken casToken = (CasToken) token;
        if (token == null) {
            return null;
        }
        
        String ticket = (String) casToken.getCredentials();
        if (!StringUtils.hasText(ticket)) {
            return null;
        }
        
        TicketValidator ticketValidator = ensureTicketValidator();
        
        try {
            // contact CAS server to validate service ticket
            Assertion casAssertion = ticketValidator.validate(ticket, getCasService());
            // get principal, user id and attributes
            AttributePrincipal casPrincipal = casAssertion.getPrincipal();
            String userId = casPrincipal.getName();
            log.debug("Validate ticket : {} in CAS server : {} to retrieve user : {}", new Object[] { ticket, getCasServerUrlPrefix(), userId });
            
            Map attributes = casPrincipal.getAttributes();
            Subject subject = SecurityUtils.getSubject();
            
            // 获取用户信息
            String userStr = (String)attributes.get("userInfo");
            List staffInfo = JSON.parseArray(userStr, User.class);
            subject.getSession().setAttribute("staffInfo", staffInfo);
            // 获取权限信息
        /*String permissionInfo = (String)attributes.get("permissionInfo");
            List permissionInfos = JSON.parseArray(permissionInfo, String.class);
            subject.getSession().setAttribute("permissionInfo", permissionInfos);
            // 获取角色信息
            String roleInfo = (String)attributes.get("roleInfo");
            List roleInfos = JSON.parseArray(roleInfo, String.class);
            subject.getSession().setAttribute("roleInfo", roleInfos);*/
            // refresh authentication token (user id + remember me)
            casToken.setUserId(userId);
            String rememberMeAttributeName = getRememberMeAttributeName();
            String rememberMeStringValue = (String) attributes.get(rememberMeAttributeName);
            boolean isRemembered = rememberMeStringValue != null&& Boolean.parseBoolean(rememberMeStringValue);
            if (isRemembered) {
                casToken.setRememberMe(true);
            }
            // create simple authentication info
            List principals = CollectionUtils.asList(userId, attributes);
            PrincipalCollection principalCollection = new SimplePrincipalCollection(principals,getName());
            return new SimpleAuthenticationInfo(principalCollection, ticket);
        } catch (TicketValidationException e) {
            throw new CasAuthenticationException("Unable to validate ticket [" + ticket + "]", e);
        }
    }
    
} 
     
    View Code 
    
   
 源码下载:点击下载
 
   
  
转载于:https://www.cnblogs.com/miskis/p/6393780.html
 
  

                            
                        
                    
                    
                    

                    
                    
                    

                
                

                    
                

            
        
    
    

        
你可能感兴趣的:(cas 服务端、客服端详细配置)

        

            

                
    
                    
  • swagger访问路径
                        igotyback
swagger
                        
    Swagger2.x版本访问地址:http://{ip}:{port}/{context-path}/swagger-ui.html{ip}是你的服务器IP地址。{port}是你的应用服务端口,通常为8080。{context-path}是你的应用上下文路径,如果应用部署在根路径下,则为空。Swagger3.x版本对于Swagger3.x版本(也称为OpenAPI3)访问地址:http://{ip
    
                    
    • 
                    
  • 高级编程--XML+socket练习题
                        masa010
java开发语言
                        
    1.北京华北2114.8万人上海华东2,500万人广州华南1292.68万人成都华西1417万人(1)使用dom4j将信息存入xml中(2)读取信息,并打印控制台(3)添加一个city节点与子节点(4)使用socketTCP协议编写服务端与客户端,客户端输入城市ID,服务器响应相应城市信息(5)使用socketTCP协议编写服务端与客户端,客户端要求用户输入city对象,服务端接收并使用dom4j
    
                    
    • 
                    
  • C#中使用split分割字符串
                        互联网打工人no1
c#
                        
    1、用字符串分隔:usingSystem.Text.RegularExpressions;stringstr="aaajsbbbjsccc";string[]sArray=Regex.Split(str,"js",RegexOptions.IgnoreCase);foreach(stringiinsArray)Response.Write(i.ToString()+"");输出结果:aaabbbc
    
                    
    • 
                    
  • 【PG】常见数据库、表属性设置
                        江无羡
数据库
                        
    PG的常见属性配置方法数据库复制、备份相关表的复制标识单表操作批量表操作链接数据库复制、备份相关表的复制标识单表操作通过ALTER语句单独更改一张表的复制标识。ALTERTABLE[tablename]REPLICAIDENTITYFULL;批量表操作通过代码块的方式,对某个schema中的所有表一起更新其复制标识。SELECTtablename,CASErelreplidentWHEN'd'TH
    
                    
    • 
                    
  • docker
                        igotyback
eureka云原生
                        
    Docker容器的文件系统是隔离的,但是可以通过挂载卷(Volumes)或绑定挂载(BindMounts)将宿主机的文件系统目录映射到容器内部。要查看Docker容器的映射路径,可以使用以下方法:查看容器配置:使用dockerinspect命令可以查看容器的详细配置信息,包括挂载的卷。例如:bashdockerinspect在输出的JSON格式中,查找"Mounts"部分,这里会列出所有的挂载信息
    
                    
    • 
                    
  • 网络编程基础
                        记得开心一点啊
网络
                        
    目录♫什么是网络编程♫Socket套接字♪什么是Socket套接字♪数据报套接字♪流套接字♫数据报套接字通信模型♪数据报套接字通讯模型♪DatagramSocket♪DatagramPacket♪实现UDP的服务端代码♪实现UDP的客户端代码♫流套接字通信模型♪流套接字通讯模型♪ServerSocket♪Socket♪实现TCP的服务端代码♪实现TCP的客户端代码♫什么是网络编程网络编程,指网络上
    
                    
    • 
                    
  • 「豆包Marscode体验官」 | 云端 IDE 启动 & Rust 体验
                        张风捷特烈
iderust开发语言后端
                        
    theme:cyanosis我正在参加「豆包MarsCode初体验」征文活动MarsCode可以看作一个运行在服务端的远程VSCode开发环境。对于我这种想要学习体验某些语言,但不想在电脑里装环境的人来说非常友好。本文就来介绍一下在MarsCode里,我的体验rust开发体验。一、MarsCode是什么它的本质是:提供代码助手和云端IDE服务的web网站,可通过下面的链接访问https://www
    
                    
    • 
                    
  • 06选课支付模块之基于消息队列发送支付通知消息
                        echo 云清
学成在线javarabbitmq消息队列支付通知学成在线
                        
    消息队列发送支付通知消息需求分析订单服务作为通用服务,在订单支付成功后需要将支付结果异步通知给其他对接的微服务,微服务收到支付结果根据订单的类型去更新自己的业务数据技术方案使用消息队列进行异步通知需要保证消息的可靠性即生产端将消息成功通知到服务端:消息发送到交换机-->由交换机发送到队列-->消费者监听队列,收到消息进行处理,参考文章02-使用Docker安装RabbitMQ-CSDN博客生产者确
    
                    
    • 
                    
  • 【RabbitMQ 项目】服务端:数据管理模块之绑定管理
                        月夜星辉雪
rabbitmq分布式
                        
    文章目录一.编写思路二.代码实践一.编写思路定义绑定信息类交换机名称队列名称绑定关键字:交换机的路由交换算法中会用到没有是否持久化的标志,因为绑定是否持久化取决于交换机和队列是否持久化,只有它们都持久化时绑定才需要持久化。绑定就好像一根绳子,两端连接着交换机和队列,当一方不存在,它就没有存在的必要了定义绑定持久化类构造函数:如果数据库文件不存在则创建,打开数据库,创建binding_table插入
    
                    
    • 
                    
  • 98_es生产集群部署之针对集群重启时的shard恢复耗时过长问题定制的重要参数
                        小山居

                        
    98_es生产集群部署之针对集群重启时的shard恢复耗时过长问题定制的重要参数shardrecovery配置以及集群重启时的无意义shard重分配问题在集群重启的时候,有一些配置会影响shard恢复的过程。首先,我们需要理解默认配置下,shard恢复过程会发生什么事情。如果我们有10个node,每个node都有一个shard,可能是primaryshard或者replicashard,你有一个i
    
                    
    • 
                    
  • Vue + Express实现一个表单提交
                        九旬大爷的梦

                        
    最近在折腾一个cms系统,用的vue+express,但是就一个表单提交就弄了好久,记录一下。环境:Node10+前端:Vue服务端:Express依赖包:vueexpressaxiosexpress-formidableelement-ui(可选)前言:axiosget请求参数是:paramsaxiospost请求参数是:dataexpressget接受参数是req.queryexpresspo
    
                    
    • 
                    
  • Kubernetes部署MySQL数据持久化
                        沫殇-MS
KubernetesMySQL数据库kubernetesmysql容器
                        
    一、安装配置NFS服务端1、安装nfs-kernel-server:sudoapt-yinstallnfs-kernel-server2、服务端创建共享目录#列出所有可用块设备的信息lsblk#格式化磁盘sudomkfs-text4/dev/sdb#创建一个目录:sudomkdir-p/data/nfs/mysql#更改目录权限:sudochown-Rnobody:nogroup/data/nfs
    
                    
    • 
                    
  • 【Death Note】网吧战神之7天爆肝渗透测试死亡笔记_sqlmap在默认情况下除了使用 char() 函数防止出现单引号
                        2401_84561374
程序员笔记
                        
    网上学习资料一大堆,但如果学到的知识不成体系,遇到问题时只是浅尝辄止,不再深入研究,那么很难做到真正的技术提升。需要这份系统化的资料的朋友,可以戳这里获取一个人可以走的很快,但一群人才能走的更远!不论你是正从事IT行业的老鸟或是对IT行业感兴趣的新人,都欢迎加入我们的的圈子(技术交流、学习资源、职场吐槽、大厂内推、面试辅导),让我们一起学习成长!特殊服务端口2181zookeeper服务未授权访问
    
                    
    • 
                    
  • Ubuntu Juju 与 Ansible的区别
                        xidianjiapei001
#Kubernetesubuntuansiblelinux云原生Juju
                        
    JujuandAnsiblearebothpowerfultoolsusedformanagingandorchestratingITinfrastructureandapplications,buttheyhavedifferentapproachesandusecases.Here’sabreakdownofthekeydifferencesbetweenthem:1.ConceptualFo
    
                    
    • 
                    
  • 【RabbitMQ 项目】服务端数据管理模块之交换机管理
                        月夜星辉雪
rabbitmqoracle数据库
                        
    文章目录一.编写思路二.代码实践一.编写思路定义交换机类型直接交换广播交换主题交换定义交换机名字类型是否持久化定义交换机持久化类(持久化到sqlite3)构造函数(只能成功,不能失败)如果数据库(文件)不存在则创建打开数据库打开exchange_table数据库表插入交换机移除交换机将数据库中的交换机恢复到内存中传入一个哈希表,key为名字,value为交换机的智能指针,填充该哈希表定义交换机管理
    
                    
    • 
                    
  • mysql case 干货
                        lack倪酱

                        
    这是我舍友@某人提供的是为了做酒店时判断每个楼栋有几间空房子的。房间表与数据楼栋表与数据查询楼栋房间总数查询空房间数当时就在想怎么把后一个单列的数据合并到前面那三列的数据里呢?又是百度,又是谷歌,都是什么“unitall”。。表示我要的不是这个。有点难为我小脑瓜,实在是对数据库不了解,只会日常操作。最后是我舍友想出了解决办法直接贴图好了,如果想要了解case是什么,你可以自行查资料。学习查东西也是
    
                    
    • 
                    
  • cookie和session的区别
                        小草_fdba

                        
    cookie是在客户端保持状态的方案,session是在服务端保持状态cookie不是很安全,可以分析本地的cookie,并进行cookie欺骗session一段时间内会保存在服务器上,当访问增多会占用服务器性能单个cookie保存数据不能超过4k,很有浏览器限制一个站点最多保存20个cookie
    
                    
    • 
                    
  • Java中的服务端点响应缓存:Spring Cache抽象
                        微赚淘客机器人开发者联盟@聚娃科技
java缓存spring
                        
    Java中的服务端点响应缓存:SpringCache抽象大家好,我是微赚淘客返利系统3.0的小编,是个冬天不穿秋裤,天冷也要风度的程序猿!在Java后端服务开发中,缓存是一个重要的性能优化手段。Spring框架提供了一个强大的缓存抽象,允许开发者以统一的方式使用不同的缓存技术。本文将介绍如何在Java应用中使用SpringCache抽象来实现服务端点的响应缓存。响应缓存的重要性响应缓存在服务端点中
    
                    
    • 
                    
  • 注册中心 Nacos 异常实例需要30s才能剔除 Nacos心跳时间设置(踩坑)
                        2401_84046645
程序员java开发语言
                        
    instance.setPort(9999);Mapmetadata=newHashMap();//设置心跳的周期,单位为秒,这里将心跳间隔设置为3秒:metadata.put(PreservedMetadataKeys.HEART_BEAT_INTERVAL,“3000”);//设置心跳超时时间,单位为秒,这里将心跳超时时间设为6秒,//即服务端6秒收不到客户端心跳,会将该客户端注册的实例设为不
    
                    
    • 
                    
  • 【大模型】triton inference server
                        idiotyi
大模型自然语言处理语言模型人工智能
                        
    前言:tritoninferenceserver常用于大模型部署,可以采用http或GRPC调用,支持大部分的backend,单GPU、多GPU都可以支持,CPU也支持。本文主要是使用tritoninferenceserver部署大模型的简单流程示例。目录1.整体流程2.搭建本地仓库3.服务端代码4.启动服务5.客户端调用1.整体流程搭建模型仓库模型配置服务端调用代码docker启动服务客户端调用
    
                    
    • 
                    
  • 频控限流设计---云信方案
                        M_灵均
java开发语言
                        
    方案背景频控限流是一种非常重要的技术手段,它主要用于控制对服务器或服务的访问频率,以防止服务器因请求过多而崩溃,同时也能够保护系统不会因为过载而影响服务质量。频控限流通常用于API接口调用、网站访问、服务端请求处理等多种场景。频控&限流方案频控限流的常见实现方式包括固定窗口算法、滑动窗口算法、漏桶算法和令牌桶算法。固定窗口算法通过在固定时间窗口内计数请求次数来实现限流,但可能会在窗口切换时出现流量
    
                    
    • 
                    
  • udp的广播,多播,单播 demo
                        mengzhi啊
udp网络
                        
    enumclassEMsgType:uint8_t{EMSGT_SINGLE,//单播EMSGT_MULTICAST,//多播EMSGT_BROADCAST,//广播};sendSocket=newQUdpSocket(this);sendSocket->setSocketOption(QAbstractSocket::MulticastTtlOption,1);sendSocket->bind(
    
                    
    • 
                    
  • 2020-11-12 写单片机内存的脚本 nc openocd 事务自动测试
                        linuxScripter

                        
    这是写单片机内存的脚本:z@z-ThinkPad-T400:~/zworkT400/EDA_heiche/zREPOgit/simple-gcc-stm32-project$catz.wholeRun.oneCase.cmdcattmp6.toWrite|awk'{system("echomwb"$1""$2"|nclocalhost4444");}'catUSER/DEBUG/debug.h|g
    
                    
    • 
                    
  • 佳音之日更葡萄酒I Day20 特别篇 - 天堂园 Il Paradiso di Manfredi
                        葡萄酒一杯靈

                        
    #佳音OneDayWine#IlParadisodiManfredi#BrunellodiMontalcino#Biodynamie#意大利#每日一酒曾任经典奇昂蒂葡萄酒协会(ConsorziodelVinoChiantiClassico)的主席,意大利CastelloDiAma”阿玛堡”庄主MarcoPallanti说过一句话﹕“Today,allwineisgood;thedifference
    
                    
    • 
                    
  • 解析REST API与OpenAPI之差异:避免混淆
                        幂简集成
程序人生
                        
    在网络API领域,常提及的两种术语为RestAPI与OpenAPI,其既存在差异亦存在联系。前者是一种API设计方式,后者则是一种API描述及定义规范。值得注意的是,OpenAPI可用于描述和定义RESTAPI。什么是RESTAPI?RESTAPI是一种符合REST的设计原则或具象状态传输架构风格的API,又称为RESTfulAPI。简单的说,REST就是客户端按照约定向服务端请求指定数据、或者在
    
                    
    • 
                    
  • Rsync服务端和客户端多模块和排错
                        梅坞茶坊
服务器linux服务器linux运维
                        
    一台服务器可能有N多个文件需要同步备份,那怎么办呢?其实这个也很容易解决,就是在服务器端多建几个模块,每个模块包含不同的文件夹,使用同样的密码文件即可实现.如同下面的:usechroot=false#不使用chroot,其实这个应该是针对linux系统来说的.既然是默认的,就不用修改了strictmodes=false#不使用严格的用户限制hostsallow=*#设定允许访问该服务的IP地址,如
    
                    
    • 
                    
  • Java基础一
                        十一路客
java开发语言
                        
    哔哩哔哩Java开发工程师面试该如()何准备?-知乎一.JavaOOP面试题(1)什么是B/S架构?什么是C/S架构Java都有那些开发平台?B/S(Browser/Server),浏览器/服务器程序C/S(Client/Server),客户端/服务端,桌面应用程序1、C/S和B/S各有优势,C/S在图形的表现能力上以及运行的速度上肯定是强于B/S模式的,不过缺点就是他需要运行专门的客户端,而且更
    
                    
    • 
                    
  • 【漏洞复现】2023HVV WPS Office 远程代码执行漏洞(RCE)
                        李火火安全阁
漏洞复现应用安全WPSOffice
                        
    文章目录前言声明一、漏洞描述二、影响范围三、漏洞复现服务端的功能客户端的功能四、修复建议前言2023HVV期间曝出的WPSOffice存在RCE漏洞,攻击者可通过该漏洞执行任意命令,获取服务器控制权限。声明请勿利用文章内的相关技术从事非法测试,由于传播、利用此文所提供的信息或者工具而造成的任何直接或者间接的后果及损失,均由使用者本人负责,所产生的一切不良后果与文章作者无关。该文章仅供学习用途使用。
    
                    
    • 
                    
  • 如果面试官问你CAS,你还这么答,可能就要回去等通知了
                        爱玛士
程序员面试Javajava面试开发语言程序员架构
                        
    前言大家好,我是JAVA高级开发之路,一个总在为粉丝解决面试题的程序员。最近有几个粉丝说在面试面试中遇到了CAS的问题,连着几次面试都没有让面试官满意,区区CAS底层源码,怎能难倒咱们这届程序员们呢?都支棱起来,跟我一起来搞定CAS底层源码。什么是CASCAS的全称是Compare-And-Swap,它是CPU并发原语。它的功能是判断内存某个位置的值是否为预期值,如果是则更改为新的值,这个过程是原
    
                    
    • 
                    
  • SQL server CROSS JOIN 的用法
                        潇锐killer
数据库sql
                        
    SELECT@DateThresholdasdt,t3.ck_id,t3.ck_name,t3.title_id,t3.title,casewhent4.numisnullthen0elset4.numendnum,casewhent4.moneyisnullthen0elset4.moneyendmoney,t3.startDay,t3.endDayfrom(SELECTt1.ck_id,t1.
    
                    
    • 
                                
  • java类加载顺序
                                    3213213333332132
java
                                    
    package com.demo;

/**
 * @Description 类加载顺序
 * @author FuJianyong
 * 2015-2-6上午11:21:37
 */
public class ClassLoaderSequence {
	
	String s1 = "成员属性"; 
	
	static String s2 = "
    
                                
    • 
                                
  • Hibernate与mybitas的比较
                                    BlueSkator
sqlHibernate框架ibatisorm
                                    
    第一章     Hibernate与MyBatis 
Hibernate 是当前最流行的O/R mapping框架,它出身于sf.net,现在已经成为Jboss的一部分。 Mybatis 是另外一种优秀的O/R mapping框架。目前属于apache的一个子项目。 
MyBatis 参考资料官网:http:
    
                                
    • 
                                
  • php多维数组排序以及实际工作中的应用
                                    dcj3sjt126com
PHPusortuasort
                                    
    自定义排序函数返回false或负数意味着第一个参数应该排在第二个参数的前面, 正数或true反之, 0相等usort不保存键名uasort 键名会保存下来uksort 排序是对键名进行的 
<!doctype html>
<html lang="en">
<head>
    <meta charset="utf-8&q
    
                                
    • 
                                
  • DOM改变字体大小
                                    周华华
前端
                                    
    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> 
<html xmlns="http://www.w3.org/1999/xhtml&q
    
                                
    • 
                                
  • c3p0的配置
                                    g21121
c3p0
                                    
    c3p0是一个开源的JDBC连接池,它实现了数据源和JNDI绑定,支持JDBC3规范和JDBC2的标准扩展。c3p0的下载地址是:http://sourceforge.net/projects/c3p0/这里可以下载到c3p0最新版本。 
以在spring中配置dataSource为例: 
<!-- spring加载资源文件 -->
<bean name="prope
    
                                
    • 
                                
  • Java获取工程路径的几种方法
                                    510888780
java
                                    
    第一种: 
File f = new File(this.getClass().getResource("/").getPath()); 
System.out.println(f); 
结果: 
C:\Documents%20and%20Settings\Administrator\workspace\projectName\bin 
获取当前类的所在工程路径; 
如果不加“
    
                                
    • 
                                
  • 在类Unix系统下实现SSH免密码登录服务器
                                    Harry642
免密ssh
                                    
    1.客户机 
    (1)执行ssh-keygen -t rsa -C "[email protected]"生成公钥,xxx为自定义大email地址 
    (2)执行scp ~/.ssh/id_rsa.pub root@xxxxxxxxx:/tmp将公钥拷贝到服务器上,xxx为服务器地址 
    (3)执行cat
    
                                
    • 
                                
  • Java新手入门的30个基本概念一
                                    aijuans
javajava 入门新手
                                    
    在我们学习Java的过程中,掌握其中的基本概念对我们的学习无论是J2SE,J2EE,J2ME都是很重要的,J2SE是Java的基础,所以有必要对其中的基本概念做以归纳,以便大家在以后的学习过程中更好的理解java的精髓,在此我总结了30条基本的概念。  Java概述:  目前Java主要应用于中间件的开发(middleware)---处理客户机于服务器之间的通信技术,早期的实践证明,Java不适合
    
                                
    • 
                                
  • Memcached for windows 简单介绍
                                    antlove
javaWebwindowscachememcached
                                    
    1. 安装memcached server 
a. 下载memcached-1.2.6-win32-bin.zip 
b. 解压缩,dos 窗口切换到 memcached.exe所在目录,运行memcached.exe -d install 
c.启动memcached Server,直接在dos窗口键入 net start "memcached Server&quo
    
                                
    • 
                                
  • 数据库对象的视图和索引
                                    百合不是茶
索引oeacle数据库视图
                                    
      
视图 
  
  视图是从一个表或视图导出的表,也可以是从多个表或视图导出的表。视图是一个虚表,数据库不对视图所对应的数据进行实际存储,只存储视图的定义,对视图的数据进行操作时,只能将字段定义为视图,不能将具体的数据定义为视图 
  
    为什么oracle需要视图; 
   &
    
                                
    • 
                                
  • Mockito(一) --入门篇
                                    bijian1013
持续集成mockito单元测试
                                    
            Mockito是一个针对Java的mocking框架,它与EasyMock和jMock很相似,但是通过在执行后校验什么已经被调用,它消除了对期望 行为(expectations)的需要。其它的mocking库需要你在执行前记录期望行为(expectations),而这导致了丑陋的初始化代码。 
 &nb
    
                                
    • 
                                
  • 精通Oracle10编程SQL(5)SQL函数
                                    bijian1013
oracle数据库plsql
                                    
    /*
 * SQL函数
*/

--数字函数
--ABS(n):返回数字n的绝对值
declare
  v_abs number(6,2);
begin
  v_abs:=abs(&no);
  dbms_output.put_line('绝对值:'||v_abs);
end;

--ACOS(n):返回数字n的反余弦值,输入值的范围是-1~1,输出值的单位为弧度
    
                                
    • 
                                
  • 【Log4j一】Log4j总体介绍
                                    bit1129
log4j
                                    
    Log4j组件:Logger、Appender、Layout 
  
Log4j核心包含三个组件:logger、appender和layout。这三个组件协作提供日志功能: 
 
 日志的输出目标 
 日志的输出格式 
  日志的输出级别(是否抑制日志的输出) 
  logger继承特性 
A logger is said to be an ancestor of anothe
    
                                
    • 
                                
  • Java IO笔记
                                    白糖_
java
                                    
    	public static void main(String[] args) throws IOException {
		//输入流
		InputStream in = Test.class.getResourceAsStream("/test");
		InputStreamReader isr = new InputStreamReader(in);
		Bu
    
                                
    • 
                                
  • Docker 监控
                                    ronin47
docker监控
                                    
             
目前项目内部署了docker,于是涉及到关于监控的事情,参考一些经典实例以及一些自己的想法,总结一下思路。 1、关于监控的内容 监控宿主机本身 
监控宿主机本身还是比较简单的,同其他服务器监控类似,对cpu、network、io、disk等做通用的检查,这里不再细说。 
额外的,因为是docker的
    
                                
    • 
                                
  • java-顺时针打印图形
                                    bylijinnan
java
                                    
    一个画图程序 要求打印出: 
 

1.int i=5;   
2.1  2  3  4  5  
3.16 17 18 19 6  
4.15 24 25 20 7  
5.14 23 22 21 8  
6.13 12 11 10 9  
7.  
8.int i=6  
9.1  2  3  4  5   6  
10.20 21 22 23 24  7  
11.19
    
                                
    • 
                                
  • 关于iReport汉化版强制使用英文的配置方法
                                    Kai_Ge
iReport汉化英文版
                                    
    对于那些具有强迫症的工程师来说,软件汉化固然好用,但是汉化不完整却极为头疼,本方法针对iReport汉化不完整的情况,强制使用英文版,方法如下: 
在 iReport 安装路径下的 etc/ireport.conf 里增加红色部分启动参数,即可变为英文版。   
# ${HOME} will be replaced by user home directory accordin
    
                                
    • 
                                
  • [并行计算]论宇宙的可计算性
                                    comsci
并行计算
                                    
     
 
      现在我们知道,一个涡旋系统具有并行计算能力.按照自然运动理论,这个系统也同时具有存储能力,同时具备计算和存储能力的系统,在某种条件下一般都会产生意识...... 
 
      那么,这种概念让我们推论出一个结论 
 
 
    &nb
    
                                
    • 
                                
  • 用OpenGL实现无限循环的coverflow
                                    dai_lm
androidcoverflow
                                    
    网上找了很久,都是用Gallery实现的,效果不是很满意,结果发现这个用OpenGL实现的,稍微修改了一下源码,实现了无限循环功能 
 
源码地址: 
https://github.com/jackfengji/glcoverflow 
 
 

public class CoverFlowOpenGL extends GLSurfaceView implements
		GLSurfaceV
    
                                
    • 
                                
  • JAVA数据计算的几个解决方案1
                                    datamachine
javaHibernate计算
                                    
    老大丢过来的软件跑了10天,摸到点门道,正好跟以前攒的私房有关联,整理存档。 
 
-----------------------------华丽的分割线------------------------------------- 
 
    数据计算层是指介于数据存储和应用程序之间,负责计算数据存储层的数据,并将计算结果返回应用程序的层次。J 
 &nbs
    
                                
    • 
                                
  • 简单的用户授权系统,利用给user表添加一个字段标识管理员的方式
                                    dcj3sjt126com
yii
                                    
    怎么创建一个简单的(非 RBAC)用户授权系统 
通过查看论坛,我发现这是一个常见的问题,所以我决定写这篇文章。 
本文只包括授权系统.假设你已经知道怎么创建身份验证系统(登录)。 数据库 
首先在 user 表创建一个新的字段(integer 类型),字段名 'accessLevel',它定义了用户的访问权限 扩展 CWebUser 类 
在配置文件(一般为 protecte
    
                                
    • 
                                
  • 未选之路
                                    dcj3sjt126com

                                    
    作者:罗伯特*费罗斯特 
  
黄色的树林里分出两条路, 
可惜我不能同时去涉足, 
我在那路口久久伫立, 
我向着一条路极目望去, 
直到它消失在丛林深处. 
  
但我却选了另外一条路, 
它荒草萋萋,十分幽寂; 
显得更诱人,更美丽, 
虽然在这两条小路上, 
都很少留下旅人的足迹. 
  
那天清晨落叶满地, 
两条路都未见脚印痕迹. 
呵,留下一条路等改日再
    
                                
    • 
                                
  • Java处理15位身份证变18位
                                    蕃薯耀
18位身份证变15位15位身份证变18位身份证转换
                                    
      
15位身份证变18位,18位身份证变15位 
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> 
蕃薯耀 201
    
                                
    • 
                                
  • SpringMVC4零配置--应用上下文配置【AppConfig】
                                    hanqunfeng
springmvc4
                                    
    从spring3.0开始,Spring将JavaConfig整合到核心模块,普通的POJO只需要标注@Configuration注解,就可以成为spring配置类,并通过在方法上标注@Bean注解的方式注入bean。 
  
Xml配置和Java类配置对比如下: 
applicationContext-AppConfig.xml 
  
<!-- 激活自动代理功能 参看:
    
                                
    • 
                                
  • Android中webview跟JAVASCRIPT中的交互
                                    jackyrong
JavaScripthtmlandroid脚本
                                    
      在android的应用程序中,可以直接调用webview中的javascript代码,而webview中的javascript代码,也可以去调用ANDROID应用程序(也就是JAVA部分的代码).下面举例说明之: 
 
1 JAVASCRIPT脚本调用android程序 
   要在webview中,调用addJavascriptInterface(OBJ,int
    
                                
    • 
                                
  • 8个最佳Web开发资源推荐
                                    lampcy
编程Web程序员
                                    
    Web开发对程序员来说是一项较为复杂的工作,程序员需要快速地满足用户需求。如今很多的在线资源可以给程序员提供帮助,比如指导手册、在线课程和一些参考资料,而且这些资源基本都是免费和适合初学者的。无论你是需要选择一门新的编程语言,或是了解最新的标准,还是需要从其他地方找到一些灵感,我们这里为你整理了一些很好的Web开发资源,帮助你更成功地进行Web开发。 
这里列出10个最佳Web开发资源,它们都是受
    
                                
    • 
                                
  • 架构师之面试------jdk的hashMap实现
                                    nannan408
HashMap
                                    
    1.前言。 
  如题。 
2.详述。 
  (1)hashMap算法就是数组链表。数组存放的元素是键值对。jdk通过移位算法(其实也就是简单的加乘算法),如下代码来生成数组下标(生成后indexFor一下就成下标了)。 
 

static int hash(int h) 
{ 
    h ^= (h >>> 20) ^ (h >>>
    
                                
    • 
                                
  • html禁止清除input文本输入缓存
                                    Rainbow702
html缓存input输入框change
                                    
    多数浏览器默认会缓存input的值,只有使用ctl+F5强制刷新的才可以清除缓存记录。    
如果不想让浏览器缓存input的值,有2种方法: 
方法一: 在不想使用缓存的input中添加 autocomplete="off";  
<input type="text" autocomplete="off" n
    
                                
    • 
                                
  • POJO和JavaBean的区别和联系
                                    tjmljw
POJOjava beans
                                    
    POJO 和JavaBean是我们常见的两个关键字,一般容易混淆,POJO全称是Plain Ordinary Java Object / Pure Old Java Object,中文可以翻译成:普通Java类,具有一部分getter/setter方法的那种类就可以称作POJO,但是JavaBean则比 POJO复杂很多, Java Bean 是可复用的组件,对 Java Bean 并没有严格的规
    
                                
    • 
                                
  • java中单例的五种写法
                                    liuxiaoling
java单例
                                    
    /**
 * 单例模式的五种写法:
 * 1、懒汉
 * 2、恶汉
 * 3、静态内部类
 * 4、枚举
 * 5、双重校验锁
 */
/**
 * 五、 双重校验锁,在当前的内存模型中无效
 */
class LockSingleton
{

    private volatile static LockSingleton singleton;

    pri
    
                                
    •