SpringSecurity3整合CAS
SpringSecurity本身已经做好了与CAS的集成工作,只需要我们做简单配置就可以了
步骤1 spring-cas.xml配置文件内容如下(完整版)
<?xml version="1.0" encoding="UTF-8"?> <beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:context="http://www.springframework.org/schema/context" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:p="http://www.springframework.org/schema/p" xmlns:beans="http://www.springframework.org/schema/beans" xsi:schemaLocation=" http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-2.5.xsd http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd" default-lazy-init="true"> <context:component-scan base-package="com.itec.core" /> <!--SSO --> <http auto-config="false" entry-point-ref="casEntryPoint" servlet-api-provision="true"> <intercept-url pattern="/login.do" filters="none" /> <intercept-url pattern="/p_w_picpath.do" filters="none" /> <intercept-url pattern="/admin/*.do*" access="ROLE_LOGIN" /> <!-- logout-success-url="/login.html" --> <!-- <logout logout-url="/login.do" success-handler-ref="casLogoutSuccessHandler"/> --> <custom-filter ref="requestSingleLogoutFilter" before="LOGOUT_FILTER" /> <custom-filter position="FORM_LOGIN_FILTER" ref="casFilter"/> <custom-filter ref="singleLogoutFilter" before="CAS_FILTER" /> </http> <beans:bean id="casEntryPoint" class="org.springframework.security.cas.web.CasAuthenticationEntryPoint"> <beans:property name="loginUrl" value="http://172.19.50.21:9083/HASLSSO/login"/> <beans:property name="serviceProperties" ref="serviceProperties"/> </beans:bean> <beans:bean id="serviceProperties" class="org.springframework.security.cas.ServiceProperties"> <beans:property name="service" value="http://172.19.4.225:8080/HACMS/j_spring_cas_security_check"/> <beans:property name="sendRenew" value="false"/> </beans:bean> <beans:bean id="casFilter" class="org.springframework.security.cas.web.CasAuthenticationFilter"> <beans:property name="authenticationManager" ref="authenticationManager"/> </beans:bean> <authentication-manager alias="authenticationManager"> <authentication-provider ref="casAuthenticationProvider"/> </authentication-manager> <beans:bean id="casAuthenticationUserDetailsService" class="org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper"> <beans:property name="userDetailsService" > <beans:ref bean="userDetailsManager" /> </beans:property> </beans:bean> <beans:bean id="casAuthenticationProvider" class="org.springframework.security.cas.authentication.CasAuthenticationProvider"> <beans:property name="authenticationUserDetailsService" ref="casAuthenticationUserDetailsService"/> <beans:property name="serviceProperties" ref="serviceProperties" /> <beans:property name="ticketValidator"> <beans:bean class="org.jasig.cas.client.validation.Cas20ServiceTicketValidator"> <beans:constructor-arg index="0" value="http://172.19.50.21:9083/HASLSSO" /> </beans:bean> </beans:property> <beans:property name="key" value="an_id_for_this_auth_provider_only"/> </beans:bean> <!-- 注销客户端 --> <beans:bean id="singleLogoutFilter" class="org.jasig.cas.client.session.SingleSignOutFilter" /> <!-- 注销服务器端 --> <beans:bean id="requestSingleLogoutFilter" class="org.springframework.security.web.authentication.logout.LogoutFilter"> <beans:constructor-arg value="http://172.19.50.21:9083/HASLSSO/logout" /> <beans:constructor-arg> <beans:bean class="org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler"/> </beans:constructor-arg> <beans:property name="filterProcessesUrl" value="/j_spring_cas_security_logout" /> </beans:bean> </beans:beans> 步骤2 之前的UserDetailsManager不需要改任何代码
@Service public class UserDetailsManager implements UserDetailsService { 步骤3 web.xml需要修改一点东西,不加载Security的配置文件就行了
<context-param> <param-name>contextConfigLocation</param-name> <!-- 使用工程本身验证 --> <param-value>/WEB-INF/spring-config.xml,/WEB-INF/spring-freemarker.xml,/WEB-INF/spring-jpa.xml,/WEB-INF/spring-security.xml</param-value> <!-- 使用 SSO 验证 --> <!-- <param-value>/WEB-INF/spring-config.xml,/WEB-INF/spring-freemarker.xml,/WEB-INF/spring-jpa.xml,/WEB-INF/spring-cas.xml</param-value> --> </context-param> 大功告成~!
本文参与 腾讯云自媒体分享计划,分享自作者个人站点/博客。
原始发表:2019-09-16 ,如有侵权请联系 cloudcommunity@tencent.com 删除
评论
登录后参与评论
推荐阅读