cas单点登录集成说明
1.所需依赖jar包
cas-client-core.jar
版本:3.4.1
2.工程配置
2.1工程配置web.xml修改
新增:
<!-- CAS SSO -->
<!-- 该过滤器用于实现单点登出功能,可选配置。须置于最前 -->
<listener>
<listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class>
</listener>
<filter>
<filter-name>CAS Single Sign Out Filter</filter-name>
<filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>
<init-param>
<param-name>casServerUrlPrefix</param-name>
<param-value>http://localhost:9999/cas/</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CAS Single Sign Out Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>CAS Authentication Filter</filter-name>
<filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>
<init-param>
<param-name>casServerLoginUrl</param-name>
<param-value>http://localhost:9999/cas/login</param-value>
</init-param>
<context-param>
<param-name>renew</param-name>
<param-value>false</param-value>
</context-param>
<init-param>
<param-name>gateway</param-name>
<param-value>false</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>http://localhost:8080</param-value>
</init-param>
<!--<init-param>
<param-name>ignorePattern</param-name>
<param-value>/static/*</param-value>
</init-param>-->
</filter>
<filter>
<filter-name>CAS Validation Filter</filter-name>
<filter-class>
org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter
</filter-class>
<init-param>
<param-name>casServerUrlPrefix</param-name>
<param-value>http://localhost:9999/cas/</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>http://localhost:8080</param-value>
</init-param>
<init-param>
<param-name>useSession</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>redirectAfterValidation</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>encoding</param-name>
<param-value>UTF-8</param-value>
</init-param>
</filter>
<filter>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<filter-class>
org.jasig.cas.client.util.HttpServletRequestWrapperFilter
</filter-class>
</filter>
<filter>
<filter-name>CAS Assertion Thread Local Filter</filter-name>
<filter-class>
org.jasig.cas.client.util.AssertionThreadLocalFilter
</filter-class>
</filter>
<filter-mapping>
<filter-name>CAS Authentication Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS Validation Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS Assertion Thread Local Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
2.2配置说明
casServerLoginUrl.png
需要将casServerLoginUrl的参数设置为本地使用的casServer的登录访问路径
casServerUrlPrefix.png
需要将casServerUrlPrefix的参数设置为本地使用的casServer的根访问路径
serverName.png
需要将serverName的参数设置为本地登录系统使用的ip:port参数
2.3使用说明
2.3.1程序中获取用户信息
示例如下:
AttributePrincipal principal = (AttributePrincipal)request.getUserPrincipal();
WdimInfo wdimInfo = principal.getWdimInfo();
以上为获取用户信息的方法,包含用户信息和用户所属部门信息
2.3.2casServer登录重定向
在登录时将参数service加入到login?之后,登录casServer成功后将跳转到参数所述地址
示例如下:
https://wangwei:8443/cas/login?service=http://www.baidu.com
登录成功后将跳转到百度首页
2.4登出说明
登出链接:
与登录路径casServerLoginUrl类似,只需要将login改为logout即可,如下所示:
https://wangwei:8443/cas/logout
2.5补充说明
casServer服务器版本为4.2.7
