Spring boot 集成cas单点登录
1、安装tomcat
下载地址:https://tomcat.apache.org/download-90.cgi 根据自己电脑选择对应的版本
配置环境变量 TomcatHome
在path种添加%TomcatHome%\bin
运行bin目录下的 startup.bat ,若中文编码不正确,则将\conf 文件夹中的logging.properties
java.util.logging.ConsoleHandler.encoding = UTF-8 注释掉
第二步 安装cas
下载地址:
https://musetransfer.com/s/xhyk7styv(有效期至8月9日)|【Muse】你有一份文件待查收,请点击链接获取文件
失效后可以私信我
1、解压后用idea打开,然后使用mvn package 命令打包,将war包放到Tomcat的webapps文件下,启动tomcat后自动解压war包。
2、浏览器打开http://localhost:8080/cas 系统有内置的用户名和密码分别是casuser密码Mellon ,静态的密码是可以修改的,进入tomcat—webapps—cas—WEB-INF—classes—application.Properties 拉在最后一行可以看到:cas.authn.accept.users=casuser::Mellon ,直接更改casuser 和Mellon就可以了。注意:在更改后要重启Tomcat才可以用你自定义的密码。我这里的端口号是7000
第三步 集成cas登陆
在pom文件中添加依赖
<dependency> <groupId>org.jasig.cas.client</groupId> <artifactId>cas-client-core</artifactId> <version>3.5.0</version> </dependency>
在配置文件中配置cas地址,和应用的地址
cas.server-url=http://localhost:7000/cas cas.client-host=http://localhost:8088
创建util包,并在其中创建一个工具类,用于登录成功后获取用户信息使用
package com.sso.ssocasclient.util; import org.jasig.cas.client.authentication.AttributePrincipal; import org.jasig.cas.client.util.AbstractCasFilter; import org.jasig.cas.client.validation.Assertion; import javax.servlet.http.HttpServletRequest; /** * 类 {@code CasUtil} <br> 获取登录后的用户信息工具类. * * <p>详细描述 * <p> * @author <a href="mailto:lz2392504@gmail.com">CN華少</a> * @since v1.0.0 */ public class CasUtil { /** * 从cas中获取用户名 * * @param request * @return */ public static String getAccountNameFromCas(HttpServletRequest request) { Assertion assertion = (Assertion) request.getSession().getAttribute(AbstractCasFilter.CONST_CAS_ASSERTION); if(assertion!= null){ AttributePrincipal principal = assertion.getPrincipal(); return principal.getName(); }else{ return null; } } }
创建filter包,并创建CasFilter文件并实现多个拦截器
package com.sso.ssocasclient.filter; import org.jasig.cas.client.authentication.AuthenticationFilter; import org.jasig.cas.client.session.SingleSignOutFilter; import org.jasig.cas.client.util.AssertionThreadLocalFilter; import org.jasig.cas.client.util.HttpServletRequestWrapperFilter; import org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter; import org.springframework.beans.factory.annotation.Value; import org.springframework.boot.web.servlet.FilterRegistrationBean; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.PropertySource; /** * 类 {@code CasFilter} <br> 认证拦截器配置. * * <p>详细描述 * <p> * @author <a href="mailto:lz2392504@gmail.com">CN華少</a> * @since v1.0.0 */ @Configuration @PropertySource("classpath:application.properties") public class CasFilter { @Value("${cas.server-url}") private String CAS_URL; @Value("${cas.client-host}") private String APP_URL; /** * 单点登录退出 * @return */ @Bean public FilterRegistrationBean singleSignOutFilter(){ FilterRegistrationBean registrationBean = new FilterRegistrationBean(); registrationBean.setFilter(new SingleSignOutFilter()); registrationBean.addUrlPatterns("/*"); registrationBean.addInitParameter("casServerUrlPrefix", CAS_URL ); registrationBean.setName("CAS Single Sign Out Filter"); registrationBean.setOrder(2); return registrationBean; } /** * 单点登录认证 * @return */ @Bean public FilterRegistrationBean AuthenticationFilter(){ FilterRegistrationBean registrationBean = new FilterRegistrationBean(); registrationBean.setFilter(new AuthenticationFilter()); registrationBean.addUrlPatterns("/*"); registrationBean.setName("CAS Filter"); registrationBean.addInitParameter("casServerLoginUrl",CAS_URL); registrationBean.addInitParameter("serverName", APP_URL ); registrationBean.setOrder(3); return registrationBean; } /** * Ticket的校验工作 * @return */ @Bean public FilterRegistrationBean cas20ProxyReceivingTicketValidationFilter(){ FilterRegistrationBean registrationBean = new FilterRegistrationBean(); registrationBean.setFilter(new Cas20ProxyReceivingTicketValidationFilter()); registrationBean.addUrlPatterns("/*"); registrationBean.setName("CAS Validation Filter"); registrationBean.addInitParameter("casServerUrlPrefix", CAS_URL ); registrationBean.addInitParameter("serverName", APP_URL ); registrationBean.addInitParameter("acceptAnyProxy","true"); registrationBean.addInitParameter("proxyReceptorUrl","/proxyCallback"); registrationBean.addInitParameter("proxyCallbackUrl",APP_URL+"/proxyCallback"); registrationBean.setOrder(4); return registrationBean; } /** * 单点登录请求包装 * @return */ @Bean public FilterRegistrationBean httpServletRequestWrapperFilter(){ FilterRegistrationBean registrationBean = new FilterRegistrationBean(); registrationBean.setFilter(new HttpServletRequestWrapperFilter()); registrationBean.addUrlPatterns("/*"); registrationBean.setName("CAS HttpServletRequest Wrapper Filter"); registrationBean.setOrder(5); return registrationBean; } @Bean public FilterRegistrationBean assertionThreadLocalFilter(){ FilterRegistrationBean registrationBean = new FilterRegistrationBean(); registrationBean.setFilter(new AssertionThreadLocalFilter()); registrationBean.addUrlPatterns("/*"); registrationBean.setName("CAS Assertion Thread Local Filter"); registrationBean.setOrder(6); return registrationBean; } }
Controller 退出方法存在问题 还在调整
import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Value; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.*; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import java.io.IOException; import java.util.HashMap; import java.util.Map; /** * */ @RestController @Controller public class DemoController { Logger logger = LoggerFactory.getLogger(DemoController.class); @Value("${cas.server-url}") private String CAS_URL; //进入系统首页方法,如果没有登录,会跳转到CAS统一登录页面,登录成功后会回调该方法。 //登出 @RequestMapping("/logout") public void logout(HttpSession session, HttpServletResponse response) throws IOException { session.invalidate(); response.sendRedirect("http://localhost:7000/cas/logout?service=http://localhost:7001/result"); // return "redirect:"+CAS_URL+"/logout?service="+CAS_URL; // return "redirect:http://localhost:7000/cas/logout?service=http://localhost:7001/result"; // return "redirect:http://localhost:7000/cas/logout"; // return "redirect:https://sso.cnhuashao.com/sso/logout?service=http://localhost:8080/index"; } @GetMapping("/result") public Map<String,String> casLogout(){ Map<String,String> result = new HashMap<>(); result.put("a","a"); return result; } @RequestMapping("/login") // @ResponseBody public Map<String,String> string(HttpServletRequest httpServletRequest){ // logger.info("user:{}",httpServletRequest.getSession().getAttribute("loginName")); String loginUser = (String) httpServletRequest.getSession().getAttribute("loginName"); Map<String,String> map = new HashMap<>(); map.put("ss","sss"); map.put("loginUser",loginUser); return map; } }
参考文章:
Cas服务端部署
https://blog.csdn.net/weixin_44543307/article/details/117928781
简单搭建CAS和测试认证
https://blog.csdn.net/withoutfear/article/details/115343559
spring boot 集成cas
https://www.jianshu.com/p/2b784d06033d