此文章用于记录自己学习springBoot集成cas的过程。
针对cas实现单点登录主要是两个部分,一个部分是client,一个部分是server。对于client,我们实现的时候需要在自己的项目中引入相应的jar包,然后增加相应的配置,并且实现相应的过滤器即可。而针对server,目前在cas的官网上下载的server都是springmvc的工程,所以建议直接下载使用,并且根据自己的需要进行修改配置,而不建议将server工程修改成springBoot工程。
(1)添加相应的maven依赖
<dependency>
<groupId></groupId>
<artifactId>cas-client-core</artifactId>
<version>3.3.3</version>
</dependency>#cas config
-out-filters=/logout
-filters=/*
-filters=/*
-wrapper-filters=/*
-filters=/*
-server-login-url=http://localhost:8080/login
-server-url-prefix=http://localhost:8080
-after-validation=true
-session=true
-name=http://localhost:8001(3)添加cas自动配置项
package ;
import ;
import ;
import ;
@ConfigurationProperties(prefix = "")
public class SpringCasAutoconfig {
static final String separator = ",";
private String validateFilters;
private String signOutFilters;
private String authFilters;
private String assertionFilters;
private String requestWrapperFilters;
private String casServerUrlPrefix;
private String casServerLoginUrl;
private String serverName;
private boolean useSession = true;
private boolean redirectAfterValidation = true;
public List<String> getValidateFilters() {
return ((separator));
}
public void setValidateFilters(String validateFilters) {
= validateFilters;
}
public List<String> getSignOutFilters() {
return ((separator));
}
public void setSignOutFilters(String signOutFilters) {
= signOutFilters;
}
public List<String> getAuthFilters() {
return ((separator));
}
public void setAuthFilters(String authFilters) {
= authFilters;
}
public List<String> getAssertionFilters() {
return ((separator));
}
public void setAssertionFilters(String assertionFilters) {
= assertionFilters;
}
public List<String> getRequestWrapperFilters() {
return ((separator));
}
public void setRequestWrapperFilters(String requestWrapperFilters) {
= requestWrapperFilters;
}
public String getCasServerUrlPrefix() {
return casServerUrlPrefix;
}
public void setCasServerUrlPrefix(String casServerUrlPrefix) {
= casServerUrlPrefix;
}
public String getCasServerLoginUrl() {
return casServerLoginUrl;
}
public void setCasServerLoginUrl(String casServerLoginUrl) {
= casServerLoginUrl;
}
public String getServerName() {
return serverName;
}
public void setServerName(String serverName) {
= serverName;
}
public boolean isRedirectAfterValidation() {
return redirectAfterValidation;
}
public void setRedirectAfterValidation(boolean redirectAfterValidation) {
= redirectAfterValidation;
}
public boolean isUseSession() {
return useSession;
}
public void setUseSession(boolean useSession) {
= useSession;
}
}
package ;
import ;
import ;
import ;
import ;
import ;
import .Cas20ProxyReceivingTicketValidationFilter;
import ;
import ;
import ;
import ;
import ;
import ;
import ;
@Configuration
public class CasConfig {
@Autowired
SpringCasAutoconfig autoconfig;
private static boolean casEnabled = true;
public CasConfig() {
}
@Bean
public SpringCasAutoconfig getSpringCasAutoconfig(){
return new SpringCasAutoconfig();
}
/**
* 用于实现单点登出功能
*/
@Bean
public ServletListenerRegistrationBean<SingleSignOutHttpSessionListener> singleSignOutHttpSessionListener() {
ServletListenerRegistrationBean<SingleSignOutHttpSessionListener> listener = new ServletListenerRegistrationBean<>();
(casEnabled);
(new SingleSignOutHttpSessionListener());
(1);
return listener;
}
/**
* 该过滤器用于实现单点登出功能,单点退出配置,一定要放在其他filter之前
*/
@Bean
public FilterRegistrationBean logOutFilter() {
FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
LogoutFilter logoutFilter = new LogoutFilter(() + "/logout?service=" + (),new SecurityContextLogoutHandler());
(logoutFilter);
(casEnabled);
if(().size()>0)
(());
else
("/logout");
("casServerUrlPrefix", ());
("serverName", ());
(2);
return filterRegistration;
}
/**
* 该过滤器用于实现单点登出功能,单点退出配置,一定要放在其他filter之前
*/
@Bean
public FilterRegistrationBean singleSignOutFilter() {
FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
(new SingleSignOutFilter());
(casEnabled);
if(().size()>0)
(());
else
("/*");
("casServerUrlPrefix", ());
("serverName", ());
(3);
return filterRegistration;
}
/**
* 该过滤器负责用户的认证工作
*/
@Bean
public FilterRegistrationBean authenticationFilter() {
FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
(new AuthenticationFilter());
(casEnabled);
if(().size()>0)
(());
else
("/*");
//casServerLoginUrl:cas服务的登陆url
("casServerLoginUrl", ());
//本项目登录ip+port
("serverName", ());
("useSession", ()?"true":"false");
("redirectAfterValidation", ()?"true":"false");
(4);
return filterRegistration;
}
/**
* 该过滤器负责对Ticket的校验工作
*/
@Bean
public FilterRegistrationBean cas20ProxyReceivingTicketValidationFilter() {
FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
Cas20ProxyReceivingTicketValidationFilter cas20ProxyReceivingTicketValidationFilter = new Cas20ProxyReceivingTicketValidationFilter();
(());
(cas20ProxyReceivingTicketValidationFilter);
(casEnabled);
if(().size()>0)
(());
else
("/*");
("casServerUrlPrefix", ());
("serverName", ());
(5);
return filterRegistration;
}
/**
* 该过滤器对HttpServletRequest请求包装, 可通过HttpServletRequest的getRemoteUser()方法获得登录用户的登录名
*
*/
@Bean
public FilterRegistrationBean httpServletRequestWrapperFilter() {
FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
(new HttpServletRequestWrapperFilter());
(true);
if(().size()>0)
(());
else
("/login");
(6);
return filterRegistration;
}
/**
* 该过滤器使得可以通过来获取用户的登录名。
比如().getPrincipal().getName()。
这个类把Assertion信息放在ThreadLocal变量中,这样应用程序不在web层也能够获取到当前登录信息
*/
@Bean
public FilterRegistrationBean assertionThreadLocalFilter() {
FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
(new AssertionThreadLocalFilter());
(true);
if(().size()>0)
(());
else
("/*");
(7);
return filterRegistration;
}
}至此就完成了SpringBoot集成cas客户端,详细代码可参考gitHub地址: springboot-cas client