cas-client基于CAS协议客户端搭建

前面介绍了cas服务端的搭建,今天来介绍一下基于cas协议客户端的搭建,下面是服务端搭建的介绍

CAS服务端的搭建并配置OAtuh2.0协议_t梧桐树t的博客-CSDN博客

解决了服务端的问题,客户端的搭建就简单多了

引入cas-client依赖

        
            net.unicon.cas
            cas-client-autoconfig-support
            2.3.0-GA
        

注意:仅为简单测试并未引入其他安全框架,如果有其他安全框架需要自去改拦截器

 增加配置

在yml配置文件中添加如下配置

#cas单点登录
cas:
  server-url-prefix: ${cas.client-host-url}:8443/cas
  server-login-url: ${cas.server-url-prefix}/login
  client-host-url: https://cas.test.com  #换成自己的域名
  validation-type: cas3

 在启动类上添加@EnableCasClient注解

编写拦截器

此处代码参考:CAS+OAuth2的SSO认证授权单点登录_cas能实现oauth2_一码贪欢的博客-CSDN博客

 CASFilterConfig拦截器配置

@Configuration
public class CASFilterConfig {

    @Value("${cas.server-url-prefix}")
    private String CAS_URL;
    @Value("${cas.client-host-url}")
    private String APP_URL;

    /**
     * 配置监听器
     * @return
     */
    @Bean
    public ServletListenerRegistrationBean servletListenerRegistrationBean(){
        ServletListenerRegistrationBean  listenerRegistrationBean = new ServletListenerRegistrationBean();
        listenerRegistrationBean.setListener(new SingleSignOutHttpSessionListener());
        listenerRegistrationBean.setOrder(Ordered.HIGHEST_PRECEDENCE);
        return listenerRegistrationBean;
    }

    /**
     * 单点登录退出
     * @return
     */
    @Bean
    public FilterRegistrationBean singleSignOutFilter(){
        FilterRegistrationBean registrationBean = new FilterRegistrationBean();
        registrationBean.setFilter(new SingleSignOutFilter());
        registrationBean.addUrlPatterns("/*");
        registrationBean.addInitParameter("casServerUrlPrefix", CAS_URL );
        registrationBean.setName("CAS Single Sign Out Filter");
        registrationBean.setOrder(2);
        return registrationBean;
    }

    /**
     * 单点登录认证
     * @return
     */
    @Bean
    public FilterRegistrationBean AuthenticationFilter(){
        FilterRegistrationBean registrationBean = new FilterRegistrationBean();
        registrationBean.setFilter(new AuthenticationFilter());
        registrationBean.addUrlPatterns("/*");
        registrationBean.setName("CAS Filter");
        registrationBean.addInitParameter("casServerLoginUrl",CAS_URL);
        registrationBean.addInitParameter("serverName", APP_URL );
        registrationBean.setOrder(3);
        return registrationBean;
    }

    /**
     * 单点登录校验
     * @return
     */
    @Bean
    public FilterRegistrationBean cas30ProxyReceivingTicketValidationFilter(){
        FilterRegistrationBean registrationBean = new FilterRegistrationBean();
        registrationBean.setFilter(new Cas30ProxyReceivingTicketValidationFilter());
        registrationBean.addUrlPatterns("/*");
        registrationBean.setName("CAS Validation Filter");
        registrationBean.addInitParameter("casServerUrlPrefix", CAS_URL );
        registrationBean.addInitParameter("serverName", APP_URL );
        registrationBean.setOrder(4);
        return registrationBean;
    }

    /**
     * 单点登录请求包装
     * @return
     */
    @Bean
    public FilterRegistrationBean httpServletRequestWrapperFilter(){
        FilterRegistrationBean registrationBean = new FilterRegistrationBean();
        registrationBean.setFilter(new HttpServletRequestWrapperFilter());
        registrationBean.addUrlPatterns("/*");
        registrationBean.setName("CAS HttpServletRequest Wrapper Filter");
        registrationBean.setOrder(5);
        return registrationBean;
    }

    /**
     * 获取当前登录用户信息
     * @return
     */
    @Bean
    public FilterRegistrationBean getLoginUserInfoFilter(){
        FilterRegistrationBean registrationBean = new FilterRegistrationBean();
        registrationBean.setFilter(new LoginUserInfoFilter());
        registrationBean.addUrlPatterns("/*");
        registrationBean.setName("loginUserInfoFilter");
        registrationBean.setOrder(6);
        return registrationBean;
    }
}

 CASUtil 获取登录人

public class CASUtil {

    public static String getLoginNameFromCas(HttpServletRequest request) {
        Assertion assertion = (Assertion) request.getSession().getAttribute(AbstractCasFilter.CONST_CAS_ASSERTION);
        if(assertion!= null) {
            AttributePrincipal principal = assertion.getPrincipal();
            return principal.getName();
        } else {
            return null;
        }
    }
}

 LoginUserInfoFilter 登录拦截器

public class LoginUserInfoFilter implements Filter {

    Logger logger =  LoggerFactory.getLogger(LoginUserInfoFilter.class);

    @Override
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
        HttpServletRequest request_ = (HttpServletRequest)request;
        String loginName = CASUtil.getLoginNameFromCas(request_);
        if(!StringUtils.isEmpty(loginName)){
            logger.info("访问者 ：" +loginName);
            request_.getSession().setAttribute("loginName", loginName);
        }

        chain.doFilter(request, response);
    }
}

测试Controller

@Controller
public class TestController {

    @GetMapping("/hello")
    @ResponseBody
    public String hello() {
        return "cas-client11111!!!!!!!!";
    }

    //登出
    @RequestMapping("/logout")
    public String logout(HttpSession session){
        session.invalidate();
        return "redirect:https://cas.test.com:8443/cas/logout";
    }
}

测试

启动客户端后访问 http://127.0.0.1:8081/hello

 输入用户名密码后,自动反问了客户端的接口