介绍
本篇文章为大家展示了使用弹簧引导如何实现配置单点登录,内容简明扼要并且容易理解,绝对能使你眼前一亮,通过这篇文章的详细介绍希望你能有所收获。
<强>概述强>
企业内部一般都有一套单点登录系统(常用的实现有apereo cas),所有的内部系统的登录认证都对接它。本文介绍弹簧引导的程序如何对接cas服务。
常用的安全框架有spring security和apache shiro.shiro的配置和使用相对简单,本文使用shrio对接cas服务。
<强>配置强>
<强>新增依赖强>
砰的一声。xml新增:
& lt; properties> & lt; shiro.version> 1.2.4 & lt;/properties> & lt; dependencies> & lt; !——Apache Shiro祝辞 & lt; dependency> & lt; groupId> org.apache.shiro & lt; artifactId> shiro-spring & lt; version> $ {shiro.version} & lt;/version> & lt;/dependency> & lt; dependency> & lt; groupId> org.apache.shiro & lt; artifactId> shiro-ehcache & lt; version> $ {shiro.version} & lt;/version> & lt;/dependency> & lt; dependency> & lt; groupId> org.apache.shiro & lt; artifactId> shiro-cas & lt; version> $ {shiro.version} & lt;/version> & lt;/dependency> & lt;/dependencies>
<强>春季启动配置强>
应用程序。属性
shiro.cas=https://cas.xxx.com这是中科院服务的地址 shiro.server=http://127.0.0.1:8080自己应用的地址,测试使用127即可
<强>应用配置强>
初始化shiro豆,将文件放到任意子包下即可,比如xxx。配置,春天会引导自动扫描加载
@ configuration 公开课ShiroCasConfiguration { 私有静态最终字符串casFilterUrlPattern=?shiro-cas"; @ bean 公共FilterRegistrationBean FilterRegistrationBean () { FilterRegistrationBean filterRegistration=new FilterRegistrationBean (); filterRegistration。setFilter(新DelegatingFilterProxy (“shiroFilter")); filterRegistration.addInitParameter (“targetFilterLifecycle",“true"); filterRegistration.setEnabled(真正的); filterRegistration.addUrlPatterns (“/*”); 返回filterRegistration; } @ bean (name=發ifecycleBeanPostProcessor") 公共LifecycleBeanPostProcessor getLifecycleBeanPostProcessor () { 返回新LifecycleBeanPostProcessor (); } @ bean (name=皊ecurityManager") 公共DefaultWebSecurityManager getDefaultWebSecurityManager (@ value (“$ {shiro.cas}“)字符串casServerUrlPrefix, @ value (“$ {shiro.server}“)字符串shiroServerUrlPrefix) { DefaultWebSecurityManager securityManager=new DefaultWebSecurityManager (); CasRealm CasRealm=new CasRealm (); casRealm.setDefaultRoles (“ROLE_USER"); casRealm.setCasServerUrlPrefix (casServerUrlPrefix); casRealm。setCasService (shiroServerUrlPrefix + casFilterUrlPattern); securityManager.setRealm (casRealm); securityManager。setCacheManager(新MemoryConstrainedCacheManager ()); securityManager。setSubjectFactory(新CasSubjectFactory ()); 返回securityManager; } 私人空间loadShiroFilterChain (ShiroFilterFactoryBean ShiroFilterFactoryBean) { String> Map<字符串;,filterChainDefinitionMap=new LinkedHashMap<的在(); filterChainDefinitionMap。把(casFilterUrlPattern“casFilter"); filterChainDefinitionMap.put (“/login",“anon"); filterChainDefinitionMap.put (“/bower_components/* *“,“anon");//可以将不需要拦截的静态文件目录加进去 filterChainDefinitionMap.put (“/logout",“logout"); filterChainDefinitionMap.put (“/* *”,“authc"); shiroFilterFactoryBean.setFilterChainDefinitionMap (filterChainDefinitionMap); }/* * * CAS过滤器 */@ bean (name=癱asFilter") 公共CasFilter getCasFilter (@ value (“$ {shiro.cas}“)字符串casServerUrlPrefix, @ value (“$ {shiro.server}“)字符串shiroServerUrlPrefix) { CasFilter CasFilter=new CasFilter (); casFilter.setName (“casFilter"); casFilter.setEnabled(真正的); 字符串loginUrl=casServerUrlPrefix +“/login& # 63;服务=?+ shiroServerUrlPrefix + casFilterUrlPattern; casFilter.setFailureUrl (loginUrl); 返回casFilter; } @ bean (name=皊hiroFilter") 公共ShiroFilterFactoryBean getShiroFilterFactoryBean (DefaultWebSecurityManager securityManager, CasFilter CasFilter, @ value (“$ {shiro.cas}“)字符串casServerUrlPrefix, @ value (“$ {shiro.server}“)字符串shiroServerUrlPrefix) { ShiroFilterFactoryBean ShiroFilterFactoryBean=new ShiroFilterFactoryBean (); shiroFilterFactoryBean.setSecurityManager (securityManager); 字符串loginUrl=casServerUrlPrefix +“/login& # 63;服务=?+ shiroServerUrlPrefix + casFilterUrlPattern; shiroFilterFactoryBean.setLoginUrl (loginUrl); shiroFilterFactoryBean.setSuccessUrl (“/?; Filter> Map使用弹簧引导如何实现配置单点登录