介绍
这篇文章将为大家详细讲解有关如何在Spring Security中使用CAS,文章内容质量较高,因此小编分享给大家做个参考,希望大家阅读完这篇文章后对相关知识有一定的了解。
<强>配置强>
web。xml
& lt; filter> ,& lt; filter-name> casFilterChain ,& lt; filter-class> org.springframework.web.filter.DelegatingFilterProxy & lt;/filter> & lt; filter-mapping> ,& lt; filter-name> casFilterChain ,& lt; url-pattern>/* & lt;/url-pattern> & lt;/filter-mapping> & lt; listener> ,& lt; listener-class> org.jasig.cas.client.session.SingleSignOutHttpSessionListener & lt;/listener>
applicationContext-security。xml
& lt; ? xml version=?.0“,编码=癠TF-8" ?比; http://www.springframework.org/schema/beans" & lt; beans  xmlns=?; ,,xmlns: xsi=癶ttp://www.w3.org/2001/XMLSchema-instance" xmlns:才能安全=癶ttp://www.springframework.org/schema/security" xmlns:才能util=癶ttp://www.springframework.org/schema/util" ,,xsi: schemaLocation=? http://www.springframework.org/schema/beans , http://www.springframework.org/schema/beans/spring-beans.xsd ,http://www.springframework.org/schema/security ,,http://www.springframework.org/schema/security/spring-security-3.2.xsd , http://www.springframework.org/schema/util , http://www.springframework.org/schema/util/spring-util.xsd"比; ,& lt; bean id=癱asFilterChain",类=皁rg.springframework.security.web.FilterChainProxy"比; & lt;才能constructor-arg> ,,& lt; util: list> ,,,& lt;安全:filter-chain 模式=?* *”,过滤器=皊ingleSignOutFilter,, cas20ProxyReceivingTicketValidationFilter,, authenticationFilter,, httpServletRequestWrapperFilter,, assertionThreadLocalFilter"/比; ,,& lt;/util: list> & lt;才能/constructor-arg> ,& lt;/bean> ,& lt; bean id=皊ingleSignOutFilter",类=皁rg.jasig.cas.client.session.SingleSignOutFilter"/比; ,& lt; bean id=癱as20ProxyReceivingTicketValidationFilter" 类,,=皁rg.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter"比; & lt;才能property name=皊erverName",价值=https://www.yisu.com/zixun/" $ {client.url} "/> <属性名=" ticketValidator“ref=" cas20ServiceTicketValidator "/> 豆><属性名="更新" value=" false "/> 豆> <属性名="更新" value=" false "/> <属性名=" casServerLoginUrl " value=" $ {cas.url} "/> <属性名=" serverName " value=" $ {client.url} "/> 豆> 豆>
属性
# CAS服务地址 cas.url=https://cas.example.com: 8443 # CAS客户端地址,就是本应用的地址 client.url=http://localhost: 8080
<强>分析强>
在applicationContext-security。xml中的安全过滤器链中,我们使用了5个过滤器,分别是:singleSignOutFilter, cas20ProxyReceivingTicketValidationFilter, authenticationFilter, httpServletRequestWrapperFilter assertionThreadLocalFilter。
<强>为什么不用spring-security-cas 强>
spring-security-cas
在spring-security-cas中负责票验证器过滤器使用的是org.springframework.security.cas.authentication。CasAuthenticationProvider .
private CasAuthenticationToken authenticateNow (final Authentication 身份验证),throws AuthenticationException { ,try { final 才能Assertion Assertion =, this.ticketValidator.validate (authentication.getCredentials () .toString (),, getServiceUrl(身份验证); ,,…
在构建验证器的验证器方法的第二个参数时
private String getServiceUrl (Authentication 身份验证),{ ,String serviceUrl; ,如果(authentication.getDetails (), instanceof ServiceAuthenticationDetails), { serviceUrl 才能=,((ServiceAuthenticationDetails) authentication.getDetails ()) .getServiceUrl (); ,}else 如果(serviceProperties ==, null) { throw 才能;new  IllegalStateException (“serviceProperties  cannot be null unless Authentication.getDetails (), implements ServiceAuthenticationDetails !”); ,}else 如果(serviceProperties.getService (),==, null) { null null null null null null null null null如何在Spring Security中使用CAS