springboot 下将shiro-cas替换为buji-pac4j
1.在pom.xml中添加:
<dependency> <groupId>org.pac4jgroupId> <artifactId>pac4j-casartifactId> <version>2.1.0version> dependency> <dependency> <groupId>io.bujigroupId> <artifactId>buji-pac4jartifactId> <version>3.0.0version> dependency>
2.新增Pac4jConfig.java文件
import org.pac4j.cas.client.CasClient;
import org.pac4j.cas.config.CasConfiguration;
import org.pac4j.core.authorization.authorizer.RequireAnyRoleAuthorizer;
import org.pac4j.core.client.Clients;
import org.pac4j.core.config.Config;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
@Configuration
public class Pac4jConfig {
//地址为:cas地址
@Value("${shiro.cas}") String casServerUrlPrefix;
//地址为:验证返回后的项目地址:http://localhost:8080
@Value("${shiro.server}")
String shiroServerUrlPrefix;
//相当于一个标志,可以随意,shiroConfig中也会用到
@Value("${pac4j.clientName}")
String clientName;
@Bean
public Config config() {
// CAS
final CasConfiguration configuration = new CasConfiguration(casServerUrlPrefix + "/login", casServerUrlPrefix);
configuration.setAcceptAnyProxy(true);
CasClient casClient = new CasClient(configuration);
casClient.setCallbackUrl(shiroServerUrlPrefix + "/callback?client_name=" + clientName);
casClient.setName(clientName);
final Clients clients = new Clients(shiroServerUrlPrefix + "/callback?client_name="+clientName, casClient);
final Config config = new Config(clients);
return config;
}
}
3.修改ShiroConfig.java文件
增加
//引用的包
import org.pac4j.core.config.Config;
//需要注入
@Autowired
private Config config;
//在类中添加下面三个方法
@Bean(name = "securityManager")
public SecurityManager securityManager() {
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
Pac4jRealm casRealm = pac4jRealm();
securityManager.setRealm(casRealm);
securityManager.setSubjectFactory(subjectFactory());
//securityManager.setCacheManager(ehCacheManager());
return securityManager;
}
@Bean(name = "pac4jRealm")
public Pac4jRealm pac4jRealm() {
//Pac4jRealm realm = new MyShiroRealm();
Pac4jRealm myShiroRealm = new MyShiroRealm();
return myShiroRealm;
}
@Bean(name = "subjectFactory")
public Pac4jSubjectFactory subjectFactory() {
Pac4jSubjectFactory subjectFactory = new Pac4jSubjectFactory();
return subjectFactory;
}
修改Bean shiroFilter 方法,增加
CallbackFilter callbackFilter = new CallbackFilter();
callbackFilter.setConfig(config);
callbackFilter.setDefaultUrl("/starter");
shiroFilterFactoryBean.getFilters().put("casFilter", callbackFilter);
Map<String, String> filterChainDefinitionMap = new LinkedHashMap<String, String>();
filterChainDefinitionMap.put("/callback", "casFilter");
shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap); //loginUrl中需要加上clinetname
String loginUrl = casServerUrlPrefix + "/login?service=" + shiroServerUrlPrefix + "/callback?client_name=" + clientName; shiroFilterFactoryBean.setLoginUrl(loginUrl);
4.自定义的Realm不再继承自CasRealm,修改为Pac4jRealm,并且修改其中的方法
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
final Pac4jToken token = (Pac4jToken) authenticationToken;
final LinkedHashMap profiles = token.getProfiles();
final Pac4jPrincipal principal = new Pac4jPrincipal(profiles);
String loginName = principal.getProfile().getId();
Session session = SecurityUtils.getSubject().getSession();
session.setAttribute("userSessionId", loginName );
return new SimpleAuthenticationInfo(user, profiles.hashCode(), getName());
}
//此方法的逻辑不变,还是在此处赋请求链接权限,只是改变获取用户的方法更改一下,可以将本地查询的用户信息保存在doGetAuthenticationInfo方法中,此方法可以直接取出来
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
//获取当前登录输入的用户名,等价于(String) principalCollection.fromRealm(getName()).iterator().next();
Session session = SecurityUtils.getSubject().getSession();
String loginName = (String)session.getAttribute("name");
return info;
}