Di sini kami menggunakan SPRING-Security dan paket Jasig CAS asli untuk integrasi. Mengapa Spring-Security-Cas disediakan oleh Spring tidak secara langsung digunakan? Itu akan dijelaskan nanti.
Konfigurasi
Web.xml
<filter> <filter-name>casFilterChain</filter-name> <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class></filter><filter-mapping> <filter-name>casFilterChain</filter-name> <url-pattern>/*</url-pattern></filter-mapping><listener> <listener-class> org.jasig.cas.client.Session.SingLesignoutHttpSessionListener </engeaner-class> </engeaner>
ApplicationContext-Security.xml
<? XML Versi = "1.0" encoding = "utf-8"?> <beans xmlns = "http://www.springframework.org/schema/beans" xmlns: xsi = "http://www.w3.org/2001/xmls XMLNS: Security = "http://www.springframework.org/schema/security" xmlns: util = "http://www.springframework.org/schema/util" xsi: schemalocation = "http:/schema http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.2.xsd http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd"> <bean id="casFilterChain"> <constructor-arg> <util:list> <security:filter-chain pattern="/**" filter = "singlemersignoutfilter, cas20proxyreceiveticketvalidationfilter, authenticationFilter, httpservletrequestwrapperfilter, assertionThreadlocalfilter"/> </util: daftar> </konstruktor-arg> </bean> <bean iD = "singer =" singlegner> id = "cas20proxyreceiveticketValidationFilter"> <name properti = "servername" value = "$ {client.url}"/> <name properti = "ticketvalidator" ref = "cas20servicetickvalidator"/> </bean> <bean id = "cas20serviceticket"/> </bean> <bean id = "cas20serviceticket"/> </bean> <bean id = "cas20serviceticket"/</bean> <bean id = "cas20serviceticket"/</bean "<bean id =" cas20serviceticket "/</bean" <bean id = "cas20serviceticket"/</bean "<bean id =" cas20serviceticket ” value = "$ {cas.url}"/> <name properti = "renew" value = "false"/> </ bean> <bean id = "authenticationFilter"> <name properti = "renew" value = "false"/> <properti name = "casserverloginur" value = "$ {cas.url} {{" {"{" {"{" {casserVinL "value =" $ "$" $ " </bean> <bean id = "httpservletrequestwrapperfilter"/> <bean id = "assertionThreadlocalSalfilter"/> </tean> Properti
#CAS Alamat Layanan cas.url = https: //cas.example.com: 8443#CAS Alamat klien adalah alamat aplikasi ini klien.url = http: // localhost: 8080
menganalisa
Dalam rantai filter keamanan di ApplicationContext-Security.xml, kami menggunakan 5 filter, yaitu: SingLemersignoutFilter, Cas20ProxyReceiveticketValidationFilter, AuthenticationFilter, HttpservletRequestWrapperFilter, dan AssertionThreadleCalfilter.
Mengapa Tidak Menggunakan Cas Security Spring
CAS SPRING-Security
Filter Validator Tiket yang Bertanggung Jawab di Spring-Security-Cas adalah org.springframework.security.cas.authentication.casauthenticationProvider.
CasAuthenticationToken Private AuthenticAteNow (Otentikasi Otentikasi Akhir) melempar AuthenticationException {try {final Assertion Assertion = this.ticketValidator.validate (authentication.getCredentials (). Tostring (), getServiceUrl (otentikasi)); ...Saat membangun parameter kedua dari metode validator validator
string private getServiceUrl (otentikasi otentikasi) {string serviceUrl; if (authentication.getDetails () instance dari serviceAuthenticationDetails) {serviceUrl = ((serviceAuthenticationDetails) authentication.getDetails ()). GetServiceUrl (); } lain jika (serviceProPerties == null) {lempar baru ilegalstateException ("ServiceProPerties tidak dapat menjadi null kecuali otentikasi.getDetails () mengimplementasikan serviceAuthenticationDetails."); } lain jika (serviceProPerties.getService () == null) {lempar baru ilegalstateException ("serviceProPerties.getService () tidak dapat menjadi nol kecuali otentikasi.getDetails () mengimplementasikan serviceAuthenticationDetails."); } else {serviceUrl = serviceProPerties.getService (); } if (logger.isdebugeNabled ()) {logger.debug ("serviceUrl ="+serviceUrl); } return serviceUrl;}Di atas adalah semua konten artikel ini. Saya berharap ini akan membantu untuk pembelajaran semua orang dan saya harap semua orang akan lebih mendukung wulin.com.