<转>实现CAS单点登出

普通项目（没有结合Spring Security）的可以在web.xml中加入如下代码

<filter>
   <filter-name>CAS Single Sign Out Filter</filter-name>
   <filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>
</filter>

<filter-mapping>
   <filter-name>CAS Single Sign Out Filter</filter-name>
   <url-pattern>/*</url-pattern>
</filter-mapping>

<listener>
    <listener-class>
       org.jasig.cas.client.session.SingleSignOutHttpSessionListener
    </listener-class>
</listener>

项目结合CAS SpringSecurity SSH 可以将filter加入到spring Security过滤链中，也可以直接向上面的一样加入web.xml中

首先在web.xml中加入监听器。

<!-- single sign out -->
<listener>
      <listener-class>
          org.jasig.cas.client.session.SingleSignOutHttpSessionListener
      </listener-class>
</listener>
<!-- single sign out -->

然后把filter加入到spring Security过滤链中

<!-- single sign out -->
<b:bean id="casSingleSignOutFilter" class="check.SingleSignOutFilter">
 <custom-filter before="CAS_PROCESSING_FILTER"/>
</b:bean>
<!-- single sign out -->

注意上面的class="check.SingleSignOutFilter"是自定义的filter（由于CAS3.1.3定义的SingleSignOutFilter在某种意思上没有起到作用）详情请见http://www.iteye.com/topic/546785

package check;

import java.io.IOException;
import java.util.Enumeration;

import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.jasig.cas.client.session.HashMapBackedSessionMappingStorage;
import org.jasig.cas.client.session.SessionMappingStorage;
import org.jasig.cas.client.util.AbstractConfigurationFilter;
import org.jasig.cas.client.util.CommonUtils;
import org.jasig.cas.client.util.XmlUtils;

public final class SingleSignOutFilter extends AbstractConfigurationFilter
{
  private String artifactParameterName;
  private static SessionMappingStorage SESSION_MAPPING_STORAGE = new HashMapBackedSessionMappingStorage();
  private static Log log = LogFactory.getLog(SingleSignOutFilter.class);

  public SingleSignOutFilter()
  {
    this.artifactParameterName = "ticket";
  }

  public void init(FilterConfig filterConfig)
    throws ServletException
  {
    setArtifactParameterName(getPropertyFromInitParams(filterConfig, "artifactParameterName", "ticket"));
    init();
  }

  public void init() {
    CommonUtils.assertNotNull(this.artifactParameterName, "artifactParameterName cannot be null.");
    CommonUtils.assertNotNull(SESSION_MAPPING_STORAGE, "sessionMappingStorage cannote be null.");
  }

  public void setArtifactParameterName(String artifactParameterName) {
    this.artifactParameterName = artifactParameterName;
  }

  public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
    final HttpServletRequest request = (HttpServletRequest) servletRequest;  
    final String logoutRequest = CommonUtils.safeGetParameter(request, "logoutRequest");  
    Enumeration ff = request.getParameterNames();  
    String a = request.getQueryString();  
    if (CommonUtils.isNotBlank(logoutRequest)) {  
         final String sessionIdentifier = XmlUtils.getTextForElement(logoutRequest, "SessionIndex");  

         if (CommonUtils.isNotBlank(sessionIdentifier)) {  
            final HttpSession session = SESSION_MAPPING_STORAGE.removeSessionByMappingId(sessionIdentifier);  

            if (session != null) {  
                 String sessionID = session.getId();                     
                 try {  
                    session.invalidate();  
                 } catch (final IllegalStateException e) {  
                      
                 }  
            }  
         }  
     }  
      
    else{  
        final String artifact = CommonUtils.safeGetParameter(request, this.artifactParameterName);  
        final HttpSession session = request.getSession(false);  
          
        if (CommonUtils.isNotBlank(artifact) && session!=null) {  
            try {  
                SESSION_MAPPING_STORAGE.removeBySessionById(session.getId());  
            } catch (final Exception e) {  
                  
            }  
            SESSION_MAPPING_STORAGE.addSessionById(artifact, session);  
        }  
    }  

    filterChain.doFilter(servletRequest, servletResponse);  
  }

  public void setSessionMappingStorage(SessionMappingStorage storage) {
    SESSION_MAPPING_STORAGE = storage;
  }

  public static SessionMappingStorage getSessionMappingStorage() {
    return SESSION_MAPPING_STORAGE;
  }

  public void destroy()
  {
  }
}