cas4.0 單點登錄 之 cas-client
cas4.0 單點登錄 之 https證書?已經做好了證書的準備工作,現在結合cas-server來配置單點登錄;
一、安裝cas服務端(cas-server)
cas服務端是一個war包,這里只做體驗單點登錄,cas-server下載點這里cas-server-webapp-4.0.0.war,將war包放tomcat下運行即可,運行cas-server的tomcat的要開啟SSL支持,上面文章也有說明,server.xml需要如下配置:
<Connector port="8443" protocol="HTTP/1.1" maxThreads="150" SSLEnabled="true" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" keystoreFile="d:/cas/keystore" keystorePass="caspass"/>- 1
- 2
- 3
cas-server的定制開發后面文章再講。
二、cas客戶端配置(cas-client)
1、web.xml方式配置
plsql連接oracle配置、寫了個簡單客戶端配置,源碼cas_client_test_demo.zip
a) pom.xml
<dependencies><dependency><groupId>junit</groupId> <artifactId>junit</artifactId> <version>3.8.1</version> <scope>test</scope> </dependency> <dependency> <groupId>javax.servlet</groupId> <artifactId>servlet-api</artifactId> <version>2.5</version> <scope>provided</scope> </dependency> <dependency> <groupId>org.springframework</groupId> <artifactId>spring-webmvc</artifactId> <version>4.0.3.RELEASE</version> </dependency> <dependency> <groupId>org.jasig.cas.client</groupId> <artifactId>cas-client-core</artifactId> <version>3.4.1</version> </dependency> </dependencies> b) web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app id="WebApp_ID" version="3.0" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"> <servlet> <servlet-name>mvc-dispatcher</servlet-name> <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class> <init-param> <param-name>contextConfigLocation</param-name> <param-value>classpath:/spring-mvc.xml</param-value> </init-param> <load-on-startup>1</load-on-startup> </servlet> <servlet-mapping> <servlet-name>mvc-dispatcher</servlet-name> <url-pattern>/</url-pattern> </servlet-mapping> <!-- ****************** 單點登錄開始 ********************--> <!-- 用于實現單點登出功能 可選 --> <listener> <listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class> </listener> <!-- 該過濾器用于實現單點登出功能,單點退出配置,一定要放在其他filter之前 可選 --> <filter> <filter-name>CAS Single Sign Out Filter</filter-name> <filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class> <init-param> <param-name>casServerUrlPrefix</param-name> <param-value>https://cas.castest.com:8443/cas/</param-value> </init-param> </filter> <filter-mapping> <filter-name>CAS Single Sign Out Filter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <!-- 該過濾器負責用戶的認證工作,必須 --> <filter> <filter-name>CASFilter</filter-name> <filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class> <init-param> <!--casServerLoginUrl:cas服務的登陸url --> <param-name>casServerLoginUrl</param-name> <param-value>https://cas.castest.com:8443/cas/login</param-value> </init-param> <init-param> <!--serverName:本項目的ip+port --> <param-name>serverName</param-name> <param-value>http://www.zrk1000.com:8081</param-value> </init-param> <init-param> <param-name>useSession</param-name> <param-value>true</param-value> </init-param> <init-param> <param-name>redirectAfterValidation</param-name> <param-value>true</param-value> </init-param> </filter> <filter-mapping> <filter-name>CASFilter</filter-name> <url-pattern>/test</url-pattern> </filter-mapping> <!-- 該過濾器負責對Ticket的校驗工作,必須--> <filter> <filter-name>CAS Validation Filter</filter-name> <filter-class> org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter </filter-class> <init-param> <param-name>casServerUrlPrefix</param-name> <param-value>https://cas.castest.com:8443/cas/</param-value> </init-param> <init-param> <param-name>serverName</param-name> <param-value>http://www.zrk1000.com:8081</param-value> </init-param> </filter> <filter-mapping> <filter-name>CAS Validation Filter</filter-name> <!-- 對test做登錄攔截--> <url-pattern>/test</url-pattern> </filter-mapping> <!-- 該過濾器對HttpServletRequest請求包裝, 可通過HttpServletRequest的getRemoteUser()方法獲得登錄用戶的登錄名,可選 --> <filter> <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name> <filter-class> org.jasig.cas.client.util.HttpServletRequestWrapperFilter </filter-class> </filter> <filter-mapping> <filter-name>CAS HttpServletRequest Wrapper Filter