CAS实战の获取多用户信息

　　先列出版本号：

　　服务端版本：cas server 4.0.0

　　客户端版本：cas client 3.3.3

　　 cas server

　　 step1:先将primaryPrincipalResolver bean属性attributeRepository注释，因为cas 默认是通过配置xml来获取多用户信息的。

<bean id="primaryPrincipalResolver"
class="org.jasig.cas.authentication.principal.PersonDirectoryPrincipalResolver" >
<!--<property name="attributeRepository" ref="attributeRepository" />-->
</bean>

　　 step2：自定义获取多用户信息类，此类继承PrincipalResolver，重写resolve和supports，另附代码如下：

@Autowired
private J1DBService dbService;

@Override
public Principal resolve(Credential credential) {
// TODO Auto-generated method stub
final UsernamePasswordCredential usernamePasswordCredentials = (UsernamePasswordCredential) credential;
String userStr = "";
try {
String username = usernamePasswordCredentials.getUsername();
String password = usernamePasswordCredentials.getPassword();
password = MD5.getMD5(password);
User r = new User();
r.setUserName(username);
r.setPassword(password);
Map<String,Object> m = dbService.getUser(r);
if (null!=m) {
r.setUserId(Integer.parseInt(m.get("userId").toString()));
r.setUserRealName(m.get("userRealName")==null?null:m.get("userRealName").toString());
}
userStr = JSON.toJSONString(r);
userStr = Base64.getBase64(userStr);
} catch (Exception e) {
e.printStackTrace();
}
return new SimplePrincipal(userStr, null);
}
/**
* @Description(功能描述)        : 确定一个凭证类型支持这个解析器
* @author(作者)                : hhl
* @date (开发日期)            : 2015年3月16日 下午15:17:25
* @param credentials        : 确定一个凭证类型支持这个解析器
* @return  boolean         : 返回true,支持这些凭证,否则假。
*/
@Override
public boolean supports(Credential credential) {
// TODO Auto-generated method stub
return credential != null && UsernamePasswordCredential.class.isAssignableFrom(credential.getClass());
}

　　由于返回给客户端用户信息中存在中文，所以进行了Base64加密。

　　step3:将primaryPrincipalResolver bean映射的类路径变更为你自定义的类。

<bean id="primaryPrincipalResolver"
class="xx.xx.xx" >
<!--<property name="attributeRepository" ref="attributeRepository" />-->
</bean>

　　cas client

　　如在class中:

/**
* 从中央授权服务器获取得到用户信息
* @param request
*/
@RequestMapping(value="/sysuser/saveUserIntoSession")
@ResponseBody
public String saveUserInfoIntoSession(HttpServletRequest request){
Assertion assertion = (Assertion)request.getSession().getAttribute(AbstractCasFilter.CONST_CAS_ASSERTION);
String json=null;
if (null!=assertion) {
AttributePrincipal principal = assertion.getPrincipal();
String userStr=principal.getName();
userStr = Base64.getFromBase64(userStr);
User u  = JSON.parseObject(userStr, User.class);
String tokenId = UUID.randomUUID().toString();
request.getSession().setAttribute("password",u.getPassword());
request.getSession().setAttribute("userName",u.getUserName());
request.getSession().setAttribute("realName",u.getUserRealName());
SysUser e = systemService.getUser(u.getUserName());
//取得用户的角色id
String roleId = getUserRoleById(e.getUserId());
request.getSession().setAttribute("userId",e.getUserId());
request.getSession().setAttribute("tokenId",tokenId);
request.getSession().setAttribute("roleId",roleId);

LoginBto b = new LoginBto();
b.setPassword(u.getPassword());
b.setRealName(u.getUserRealName());
b.setRoleId(roleId);
b.setTokenId(tokenId);
b.setUserId(e.getUserId());
b.setUserName(u.getUserName());
json = JSON.toJSONString(b);
}
return json;
}

　　如在jsp中：

<%@ page import="org.jasig.cas.client.validation.Assertion" %>
<%@ page import="org.jasig.cas.client.authentication.AttributePrincipal" %>
<%@ page import="org.jasig.cas.client.util.AbstractCasFilter" %>
<%@ page import="com.founder.ec.sso.model.User" %>
<%@ page import="com.alibaba.fastjson.JSON" %>
<%@ page import="com.founder.ec.sso.util.Base64" %>
<%@ page import="java.util.UUID" %>
<span style="float: right; padding-right: 20px; margin-top: 10px;" class="head">
<% Assertion assertion = (Assertion)request.getSession().getAttribute(AbstractCasFilter.CONST_CAS_ASSERTION);
String userName = null;
String realName = null;
String flag = null;
if(null!=assertion){
AttributePrincipal principal = assertion.getPrincipal();
String userStr=principal.getName();
userStr = Base64.getFromBase64(userStr);
User u  = JSON.parseObject(userStr, User.class);
userName = u.getUserName();
realName = u.getUserRealName();
flag = "cas";
}
%>
<% if(null!=flag){ %>
欢迎  <%=realName %>(<%=userName %>)  
<% }%>
<% if(null==flag){ %>
欢迎  ${sessionScope.realName}(${sessionScope.userName})  
<% }%>
<a href="javascript:void(0)" id="editpass" style="color: #000"> 修改密码</a> 
<a href="http://192.168.2.11:8080/cas/logout?service=http://101.test.com/" style="color: #000">注销登录</a> 
<!-- <a href="javascript:void(0)" id="loginOut" style="color:#000 ">注销登录</a>  -->
<a href="javascript:void(0)" id="colNorth"><img border="0" style="margin-bottom: 0px" src="${ctx }/images/system/icon/detail-collapse.png" /></a>
<a href="javascript:void(0)" id="newWindow"><img border="0" style="margin-bottom: 0px" src="${ctx }/images/common/fullscreen.gif" /></a>
</span>