Springboot对接CAS服务端，客户端登录登出，资源拦截，获取登录信息

本文基础：熟悉springboot，CAS服务端已配置好或第三方已提供。

一.添加pom依赖，我这里贴一下完整的pom

  <dependencies>
        <!-- Spring Boot Web 依赖 -->
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web</artifactId>
        </dependency>
        <!-- Spring Boot Test 依赖 -->
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-test</artifactId>
            <scope>test</scope>
        </dependency>
        <!-- Spring Boot Mybatis 依赖 -->
        <dependency>
            <groupId>org.mybatis.spring.boot</groupId>
            <artifactId>mybatis-spring-boot-starter</artifactId>
            <version>${mybatis-spring-boot}</version>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-thymeleaf</artifactId>
        </dependency>
        <!-- MySQL 连接驱动依赖 -->
        <dependency>
            <groupId>mysql</groupId>
            <artifactId>mysql-connector-java</artifactId>
            <version>${mysql-connector}</version>
        </dependency>
        <!-- Junit -->
        <dependency>
            <groupId>junit</groupId>
            <artifactId>junit</artifactId>
            <version>4.12</version>
        </dependency>
        <dependency>
            <groupId>org.springframework.cloud</groupId>
            <artifactId>spring-cloud-starter-eureka</artifactId>
        </dependency>
        <!-- 原始配置 -->
        <!-- 添加spring security cas支持 -->
        <dependency>
            <groupId>org.springframework.security</groupId>
            <artifactId>spring-security-cas</artifactId>
        </dependency>
        <!-- 添加sswagger2支持 -->
        <dependency>
            <groupId>io.springfox</groupId>
            <artifactId>springfox-swagger2</artifactId>
            <version>2.2.2</version>
        </dependency>
        <dependency>
            <groupId>io.springfox</groupId>
            <artifactId>springfox-swagger-ui</artifactId>
            <version>2.2.2</version>
        </dependency>
    </dependencies>

二，CAS配置，对接CAS服务端，代码目录如下：

1.png

三、具体代码：
CasConfig.java:

package com.we.config;

import com.we.Application;
import org.apache.log4j.Logger;
import org.jasig.cas.client.authentication.AuthenticationFilter;
import org.jasig.cas.client.session.SingleSignOutFilter;
import org.jasig.cas.client.session.SingleSignOutHttpSessionListener;
import org.jasig.cas.client.util.HttpServletRequestWrapperFilter;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.boot.web.servlet.ServletContextInitializer;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.view.InternalResourceViewResolver;
import org.springframework.web.servlet.view.JstlView;

import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import java.net.UnknownHostException;

@Configuration
public class CasConfig {
    private static Logger logger = Logger.getLogger(Application.class);
    @Value("${hostname}")
    private String hostname;
    @Bean
    public ServletContextInitializer servletContextInitializer(){
        return new ServletContextInitializer() {
            @Override
            public void onStartup(ServletContext servletContext) throws ServletException {
                servletContext.addListener(new SingleSignOutHttpSessionListener());
            }
        };
    }
    @Bean
    public FilterRegistrationBean registSingleSignOutFilter() throws UnknownHostException {
        String casServerLoginUrl = "http://100.000.000.000:8080/cas";
        FilterRegistrationBean registration = new FilterRegistrationBean();
        registration.setFilter(new SingleSignOutFilter());
        registration.addUrlPatterns("/cas/*","/we/*");/
        registration.addInitParameter("casServerUrlPrefix",casServerLoginUrl);
        registration.setName("singleSignOutFilter");
        return registration;
    }
    @Bean
    public FilterRegistrationBean registAuthFilter(){
        String casServerLoginUrl = "http://100.000.000.000:8080/cas";
        String serverName = hostname;
        FilterRegistrationBean registration = new FilterRegistrationBean();
        registration.setFilter(new AuthenticationFilter());
        registration.addUrlPatterns("/cas/*","/we/*");
        registration.addInitParameter("casServerLoginUrl",casServerLoginUrl);
        registration.addInitParameter("serverName", serverName);
        registration.setName("registAuthFilter");
        return registration;
    }
    @Bean
    public FilterRegistrationBean registTicketValidationFilter()
  {
        FilterRegistrationBean registration = new FilterRegistrationBean();
        TBDSReceivingTicketValidationFilter filter = new TBDSReceivingTicketValidationFilter();
        registration.setFilter(filter);
        registration.addUrlPatterns("/cas/*","/we/*");
        String casServerUrlPrefix = "http://100.000.000.000:8080/cas";
        logger.info("casServerUrlPrefix : " +casServerUrlPrefix);
        registration.addInitParameter("casServerUrlPrefix", casServerUrlPrefix);
        String serverName = hostname;
        registration.addInitParameter("serverName", serverName);
        registration.setName("ticketValidationFilter");
        return registration;
    }
    @Bean
    public FilterRegistrationBean registWrapperFilter() 
  {
        FilterRegistrationBean registration = new FilterRegistrationBean();
        registration.setFilter(new HttpServletRequestWrapperFilter());
        registration.addUrlPatterns("/cas/*", "/html/*","/we/*");
        registration.setName("wrapperFilter");
        return registration;
    }
    @Bean
    public InternalResourceViewResolver viewResolver()
  {
        InternalResourceViewResolver viewResolver=new InternalResourceViewResolver();
        viewResolver.setPrefix("/WEB-INF/classes/views/");
        viewResolver.setSuffix(".html");
        viewResolver.setViewClass(JstlView.class);
        return viewResolver;
    }
}

TBDSReceivingTicketValidationFilter.java:

package com.we.config;

import org.jasig.cas.client.authentication.AttributePrincipal;
import org.jasig.cas.client.util.AssertionHolder;
import org.jasig.cas.client.validation.Assertion;
import org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

public class TBDSReceivingTicketValidationFilter extends Cas20ProxyReceivingTicketValidationFilter {
    @Override
    public void onSuccessfulValidation(HttpServletRequest request,
                                       HttpServletResponse response, Assertion assertion)
    {
        AttributePrincipal principal = assertion.getPrincipal();
        logger.info(principal.getName()+"--------------------------------");
        AssertionHolder.setAssertion(assertion);//获取用户信息
    }
    @Override
    public void onFailedValidation(HttpServletRequest request, HttpServletResponse response) {
        logger.info("Failed to validate cas ticket");
    }
}

其他，在ui层获取登录用户信息：

public String getSSOUser(){
        AttributePrincipal userPrincipal = (AttributePrincipal) httpServletRequest.getUserPrincipal();
        if (userPrincipal != null) {
            String userName = userPrincipal.getName();
            logger.info("userName============"+userName);
            return userName;
        } else {
            return "user is null";
        }
    }

addUrlPatterns配置需要拦截的静态资源或URL的路径。

代码直接照搬即可，登出时前端调用logout?service=xxx,并同时清除cookie。

完结。