使用cas做单点登录,web.xml配置
2015-12-18 16:24
579 查看
1、 添加maven依赖
<dependency>
<groupId>org.jasig.cas.client</groupId>
<artifactId>cas-client-core</artifactId>
<version>3.3.3</version>
</dependency>
2、 web.xml添加一下项,以tms为例
<filter>
<filter-name>ssoFilter</filter-name>
<filter-class>com.autostreets.web.cas.admin.shiro.filter.SSOFilter</filter-class>
<init-param>
<param-name>loginFlag</param-name>
<param-value>_dealer_login_flag</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>ssoFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<listener>
<listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class>
</listener>
<!-- 该过滤器用于实现单点登出功能,可选配置。 -->
<filter>
<filter-name>CASSingleSignOutFilter</filter-name>
<filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>
<init-param>
<param-name>casServerUrlPrefix</param-name>
<param-value>https://passport.autostreets.com</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CASSingleSignOutFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- 该过滤器负责用户的认证工作,必须启用它 -->
<filter>
<filter-name>CASAuthenticationFilter</filter-name>
<filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>
<init-param>
<param-name>casServerLoginUrl</param-name>
<param-value>https://passport.autostreets.com/login</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>http://tms.autostreets.com</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CASAuthenticationFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- 该过滤器负责对Ticket的校验工作,必须启用它 -->
<filter>
<filter-name>CASValidationFilter</filter-name>
<filter-class>org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</filter-class>
<init-param>
<param-name>casServerUrlPrefix</param-name>
<param-value>https://passport.autostreets.com</param-value>
</init-param>
<!--这里的server是服务端的IP -->
<init-param>
<param-name>serverName</param-name>
<param-value>http://tms.autostreets.com</param-value>
</init-param>
<init-param>
<param-name>redirectAfterValidation</param-name>
<param-value>true</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CASValidationFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- 该过滤器负责实现HttpServletRequest请求的包裹, 比如允许开发者通过HttpServletRequest的getRemoteUser()方法获得SSO登录用户的登录名,可选配置。 -->
<filter>
<filter-name>CASHttpServletRequestWrapperFilter</filter-name>
<filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CASHttpServletRequestWrapperFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- 该过滤器使得开发者可以通过org.jasig.cas.client.util.AssertionHolder来获取用户的登录名。 比如AssertionHolder.getAssertion().getPrincipal().getName()。 -->
<filter>
<filter-name>CASAssertionThreadLocalFilter</filter-name>
<filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CASAssertionThreadLocalFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
com.autostreets.web.cas.admin.shiro.filter.SSOFilter 代码如下,供参考。
另外:tms集成的单点登录地址 http://passport.autostreets.com
Wms集成的单点登录地址 http://sso.autostreets.com
Wms的ssoFilter配置如下,和tms的文件稍微有点区别
<filter>
<filter-name>ssoFilter</filter-name>
<filter-class>com.autostreets.web.cas.admin.shiro.filter.SSOFilter</filter-class>
<init-param>
<param-name>loginFlag</param-name>
<param-value>_back_login_flag</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>ssoFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<dependency>
<groupId>org.jasig.cas.client</groupId>
<artifactId>cas-client-core</artifactId>
<version>3.3.3</version>
</dependency>
2、 web.xml添加一下项,以tms为例
<filter>
<filter-name>ssoFilter</filter-name>
<filter-class>com.autostreets.web.cas.admin.shiro.filter.SSOFilter</filter-class>
<init-param>
<param-name>loginFlag</param-name>
<param-value>_dealer_login_flag</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>ssoFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<listener>
<listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class>
</listener>
<!-- 该过滤器用于实现单点登出功能,可选配置。 -->
<filter>
<filter-name>CASSingleSignOutFilter</filter-name>
<filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>
<init-param>
<param-name>casServerUrlPrefix</param-name>
<param-value>https://passport.autostreets.com</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CASSingleSignOutFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- 该过滤器负责用户的认证工作,必须启用它 -->
<filter>
<filter-name>CASAuthenticationFilter</filter-name>
<filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>
<init-param>
<param-name>casServerLoginUrl</param-name>
<param-value>https://passport.autostreets.com/login</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>http://tms.autostreets.com</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CASAuthenticationFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- 该过滤器负责对Ticket的校验工作,必须启用它 -->
<filter>
<filter-name>CASValidationFilter</filter-name>
<filter-class>org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</filter-class>
<init-param>
<param-name>casServerUrlPrefix</param-name>
<param-value>https://passport.autostreets.com</param-value>
</init-param>
<!--这里的server是服务端的IP -->
<init-param>
<param-name>serverName</param-name>
<param-value>http://tms.autostreets.com</param-value>
</init-param>
<init-param>
<param-name>redirectAfterValidation</param-name>
<param-value>true</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CASValidationFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- 该过滤器负责实现HttpServletRequest请求的包裹, 比如允许开发者通过HttpServletRequest的getRemoteUser()方法获得SSO登录用户的登录名,可选配置。 -->
<filter>
<filter-name>CASHttpServletRequestWrapperFilter</filter-name>
<filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CASHttpServletRequestWrapperFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- 该过滤器使得开发者可以通过org.jasig.cas.client.util.AssertionHolder来获取用户的登录名。 比如AssertionHolder.getAssertion().getPrincipal().getName()。 -->
<filter>
<filter-name>CASAssertionThreadLocalFilter</filter-name>
<filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CASAssertionThreadLocalFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
com.autostreets.web.cas.admin.shiro.filter.SSOFilter 代码如下,供参考。
另外:tms集成的单点登录地址 http://passport.autostreets.com
Wms集成的单点登录地址 http://sso.autostreets.com
Wms的ssoFilter配置如下,和tms的文件稍微有点区别
<filter>
<filter-name>ssoFilter</filter-name>
<filter-class>com.autostreets.web.cas.admin.shiro.filter.SSOFilter</filter-class>
<init-param>
<param-name>loginFlag</param-name>
<param-value>_back_login_flag</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>ssoFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
相关文章推荐
- cas3.x版本单点登录之一
- CAS实现SSO单点登录原理
- 用CAS框架实现单点登录(tomcat7,jdk1.7)
- CAS单点登录(SSO)完整教程(2012-02-01更新)
- Yale CAS实现原理及其基础协议
- cas服务下单点登录
- 【No.2】CAS单点登录的原理分析
- spring security 集成 cas单点登陆 之 【登出后无法登陆的问题】
- CAS票据之ST与TGT过期策略详细说明
- CAS5.2x单点登录(四)------restful请求
- CAS5.2x单点登录(三)------自定义登录验证
- CAS5.2x单点登录(二)cas服务器连接数据库
- java架构师项目实战(Nginx、SOA、storm、Solr大数据高可用,SpringBoot等)视频教程
- apache cas-4.2.7 + tomcat8.5
- 一站式登录授权系统(单点登录+授权管理)
- PHP discuz3.2 cas
- springboot整合security+cas单点登陆
- 欢迎使用CSDN-markdown编辑器
- Cas单点登录客户端配置
- CAS实现单点登录(SSO)经典完整教程