SpringSecurity3整合CAS实现单点登录
2013-03-26 23:54
302 查看
SpringSecurity本身已经做好了与CAS的集成工作,只需要我们做简单配置就可以了
步骤1 spring-cas.xml配置文件内容如下(完整版)
步骤2 之前的UserDetailsManager不需要改任何代码
步骤3 web.xml需要修改一点东西,不加载Security的配置文件就行了
大功告成~!
步骤1 spring-cas.xml配置文件内容如下(完整版)
<?xml version="1.0" encoding="UTF-8"?> <beans:beans xmlns="http://www.springframework.org/schema/security" xmlns:context="http://www.springframework.org/schema/context" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:p="http://www.springframework.org/schema/p" xmlns:beans="http://www.springframework.org/schema/beans" xsi:schemaLocation=" http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-2.5.xsd http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd" default-lazy-init="true"> <context:component-scan base-package="com.itec.core" /> <!--SSO --> <http auto-config="false" entry-point-ref="casEntryPoint" servlet-api-provision="true"> <intercept-url pattern="/login.do" filters="none" /> <intercept-url pattern="/image.do" filters="none" /> <intercept-url pattern="/admin/*.do*" access="ROLE_LOGIN" /> <!-- logout-success-url="/login.html" --> <!-- <logout logout-url="/login.do" success-handler-ref="casLogoutSuccessHandler"/> --> <custom-filter ref="requestSingleLogoutFilter" before="LOGOUT_FILTER" /> <custom-filter position="FORM_LOGIN_FILTER" ref="casFilter"/> <custom-filter ref="singleLogoutFilter" before="CAS_FILTER" /> </http> <beans:bean id="casEntryPoint" class="org.springframework.security.cas.web.CasAuthenticationEntryPoint"> <beans:property name="loginUrl" value="http://172.19.50.21:9083/HASLSSO/login"/> <beans:property name="serviceProperties" ref="serviceProperties"/> </beans:bean> <beans:bean id="serviceProperties" class="org.springframework.security.cas.ServiceProperties"> <beans:property name="service" value="http://172.19.4.225:8080/HACMS/j_spring_cas_security_check"/> <beans:property name="sendRenew" value="false"/> </beans:bean> <beans:bean id="casFilter" class="org.springframework.security.cas.web.CasAuthenticationFilter"> <beans:property name="authenticationManager" ref="authenticationManager"/> </beans:bean> <authentication-manager alias="authenticationManager"> <authentication-provider ref="casAuthenticationProvider"/> </authentication-manager> <beans:bean id="casAuthenticationUserDetailsService" class="org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper"> <beans:property name="userDetailsService" > <beans:ref bean="userDetailsManager" /> </beans:property> </beans:bean> <beans:bean id="casAuthenticationProvider" class="org.springframework.security.cas.authentication.CasAuthenticationProvider"> <beans:property name="authenticationUserDetailsService" ref="casAuthenticationUserDetailsService"/> <beans:property name="serviceProperties" ref="serviceProperties" /> <beans:property name="ticketValidator"> <beans:bean class="org.jasig.cas.client.validation.Cas20ServiceTicketValidator"> <beans:constructor-arg index="0" value="http://172.19.50.21:9083/HASLSSO" /> </beans:bean> </beans:property> <beans:property name="key" value="an_id_for_this_auth_provider_only"/> </beans:bean> <!-- 注销客户端 --> <beans:bean id="singleLogoutFilter" class="org.jasig.cas.client.session.SingleSignOutFilter" /> <!-- 注销服务器端 --> <beans:bean id="requestSingleLogoutFilter" class="org.springframework.security.web.authentication.logout.LogoutFilter"> <beans:constructor-arg value="http://172.19.50.21:9083/HASLSSO/logout" /> <beans:constructor-arg> <beans:bean class="org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler"/> </beans:constructor-arg> <beans:property name="filterProcessesUrl" value="/j_spring_cas_security_logout" /> </beans:bean> </beans:beans>
步骤2 之前的UserDetailsManager不需要改任何代码
@Service public class UserDetailsManager implements UserDetailsService {
步骤3 web.xml需要修改一点东西,不加载Security的配置文件就行了
<context-param> <param-name>contextConfigLocation</param-name> <!-- 使用工程本身验证 --> <param-value>/WEB-INF/spring-config.xml,/WEB-INF/spring-freemarker.xml,/WEB-INF/spring-jpa.xml,/WEB-INF/spring-security.xml</param-value> <!-- 使用 SSO 验证 --> <!-- <param-value>/WEB-INF/spring-config.xml,/WEB-INF/spring-freemarker.xml,/WEB-INF/spring-jpa.xml,/WEB-INF/spring-cas.xml</param-value> --> </context-param>
大功告成~!
相关文章推荐
- SpringSecurity3整合CAS实现单点登录
- SpringSecurity3整合CAS实现单点登录
- SpringSecurity3整合CAS实现单点登录
- SpringSecurity3整合CAS实现单点登录
- SpringSecurity3整合CAS实现单点登录
- SpringSecurity3整合CAS实现单点登录
- java前后端分离项目整合CAS实现单点登录解决方案
- Shiro与CAS整合实现单点登录
- Liferay6.1学习笔记(四)--整合CAS实现单点登录
- mvnForum同CAS整合实现单点登录
- pac4j探索(一)之buji-pac4j shiro整合Cas实现单点登录
- 网站会员整合ucenter 实现多站点同步登录方法
- Struts2+Mybatis整合实现注册登录功能
- CAS实现单点登录实例源码
- Liferay基于CAS实现单点登录说明
- CAS实现单点登录(SSO)经典完整教程
- 使用 CAS 在 Tomcat 中实现单点登录
- 使用 CAS 在 Tomcat 中实现单点登录
- Shiro实现(一): SSM整合笔记实现登录,授权功能
- CAS实现单点登录(SSO)过程浅析