cas4.x 单点登录开发入门
从github上下载cas最新的server和client相关代码,这里就不多说了
1、项目导入与部署
首先将server代码导入到myeclipse下,项目部署到tomcat中。启动项目后尝试登入,登入配置默认在WEB-INF的deployerConfigContext.xml文件下有如下代码
template
com.xxx
1.0-SNAPSHOT
4.0.0
war
web-sso
org.jasig.cas
cas-server-webapp-support
${cas.version}
compile
commons-logging
commons-logging
c3p0
c3p0
org.jasig.cas
cas-server-support-jdbc
${cas.version}
com.rjsoft
template-ums
${project.version}
org.springframework
spring-expression
${spring.version}
runtime
javax.servlet
jstl
jar
${jstl.version}
runtime
taglibs
standard
1.1.2
jar
runtime
org.jasig.cas
cas-server-security-filter
${cas-server-security-filter.version}
runtime
com.ryantenney.metrics
metrics-spring
${metrics.spring.version}
io.dropwizard.metrics
metrics-jvm
${metrics.version}
io.dropwizard.metrics
metrics-servlets
${metrics.version}
org.slf4j
slf4j-api
jackson-databind
com.fasterxml.jackson.core
org.mockito
mockito-core
${mockito.version}
test
org.hamcrest
hamcrest-core
javax.servlet
javax.servlet-api
${servlet.api.version}
provided
org.aspectj
aspectjrt
${aspectj.version}
compile
org.aspectj
aspectjweaver
${aspectj.version}
compile
javax.validation
validation-api
${javax.validation.version}
compile
org.springframework
spring-test
${spring.version}
test
javax.el
javax.el-api
${javax.el-api.version}
provided
org.glassfish.web
javax.el
${javax.el-impl.version}
runtime
javax.el
javax.el-api
org.slf4j
slf4j-api
${slf4j.version}
compile
org.slf4j
jul-to-slf4j
${slf4j.version}
runtime
org.apache.logging.log4j
log4j-api
${log4j.version}
runtime
org.apache.logging.log4j
log4j-core
${log4j.version}
runtime
org.apache.logging.log4j
log4j-slf4j-impl
${log4j.version}
runtime
org.slf4j
slf4j-api
org.apache.logging.log4j
log4j-jcl
${log4j.version}
runtime
org.jasig.inspektr
inspektr-aspects
${inspektr.version}
compile
javax.validation
validation-api
4.1.8
2.4.1.RELEASE
4.1.8.RELEASE
1.0.0
1.0.7
4.0.1.RELEASE
1.1.0.Final
1.1
5.2.4.Final
5.1.0.Final
1.7.21
1.7.0
3.0.1
2.0-cr-1
3.1.2
1.10
3.1.0
2.3
4.12
6.7
3.4
4.0
1.3.GA
2.4
1.10.19
2.10.0
2.3.2
4.4.1
2.8.1
3.4.1
2.2.1
0.9.10
1.2.3
2.5.3
2.3.8
3.1.1
1.4.01
1.2
0.9.8
2.0.4
18.0
1.0.0
1.0.0
3.0.0
2.2.6
1.19
0.4.1
0.9.5.1
4.4.1
1.7.1
1.51
2.1
3.5
1.0
2.10.3
2.2
2.4
3.4
2.5
2.8
2.4
2.18.1
2.15
1.4
2.5.5
1.7
1.8
3.0.1
6.2.1
1.4.1
1.3
2.7
9.3.0.v20150612
1.7
1.7
false
yyyy-MM-dd HH:mm:ssa
${project.basedir}
CAS
UTF-8
UTF-8
/tmp/cas-deploy-site
尝试使用配置的账户登入成功说明部署成功了。
2、服务端数据库校验方式的修改deployerConfigContext.xml
首先注释掉配置文件中一下bean的配置
3、配置登入后获取用户属性放回给客户端
服务器通过bean名称为primaryPrincipalResolver的类来获取登入用户相关信息
默认具体实现类是org.jasig.cas.authentication.principal.PersonDirectoryPrincipalResolver
通过查看源码关键是如下代码
final IPersonAttributes personAttributes = this.attributeRepository.getPerson(principalId);因此关键是attributeRepository的实现类
默认配置
修改具体实现即可自定义返回的属性
上述修改后还需要修改如下配置
p:ignoreAttributes="true"
才可生效,这种方式是返回所有属性,也可根据正则表达式来过滤,具体代码可以看
org.jasig.cas.CentralAuthenticationServiceImpl.validateServiceTicket(String, Service)这个方法中处理
服务器回传的信息是回传xml信息,页面在
/server Maven Webapp/src/main/webapp/WEB-INF/view/jsp/protocol/3.0/casServiceValidationSuccess.jsp
或
/server Maven Webapp/src/main/webapp/WEB-INF/view/jsp/protocol/2.0/casServiceValidationSuccess.jsp
具体页面看客户端的校验配置
使用3.0下的页面才会回传属性
修改
WEB-INF/spring-configuration/ticketGrantingTicketCookieGenerator.xml
下的配置文件主要是修改cookie存活时间,默认是-1
3、客户端配置
就不多说配置文件中每个类的作用了,github都有说明,直接上配置
源码地址https://github.com/UniconLabs/cas-sample-java-webapp.git
web.xml
CAS Authentication Filter
org.jasig.cas.client.authentication.AuthenticationFilter
casServerLoginUrl
http://localhost:8080/cas-server/login
serverName
http://localhost:8080/cas-webClient
CAS Validation Filter
org.jasig.cas.client.validation.Cas30ProxyReceivingTicketValidationFilter
casServerUrlPrefix
http://localhost:8080/cas-server
serverName
http://localhost:8080/cas-webClient
redirectAfterValidation
true
useSession
true
CAS HttpServletRequest Wrapper Filter
org.jasig.cas.client.util.HttpServletRequestWrapperFilter
CAS Authentication Filter
/*
CAS Validation Filter
/*
CAS HttpServletRequest Wrapper Filter
/*
index.jsp
pom.xml
4.0.0
iamlabs.unicon.net
cas-sample-java-webapp
0.0.1-SNAPSHOT
war
CAS Example Java Web App
A sample web application that exercises the CAS protocol features via the Java CAS Client.
cas-sample-java-webapp
org.apache.maven.plugins
maven-compiler-plugin
2.5.1
1.7
1.7
commons-logging
commons-logging
1.1.1
log4j
log4j
1.2.16
org.opensaml
opensaml1
1.1
org.jasig.cas.client
cas-client-core
3.4.0
javax.servlet
servlet-api
commons-codec
commons-codec
1.6
org.apache.santuario
xmlsec
1.4.3
自行修改下web.xml自己的服务器地址和客户端地址
运行项目后访问客户端直接跳转到对应的服务器,登入成功后再跳回客户端
成功登入后页面
其他细节:
修改cas server 默认语言为中文:
修改文件cas-server.xml