由于项目由多个应用组成,因此需要采用SSO。参考SSO开源软件,最终采用cas 耶鲁开源系统,该系统使用比较广泛,有问题可以进行结合网上教程使用。
1.下载cas server 版本 cas-server-3.5.1-release.zip
2.解压 cas-server-3.5.1-release.zip,把 cas-server-webapp导入myeclipse。
3.把cas-server-core的源文件也导入myeclipse,和第二步合同一个工程
4.把cas-server-webapp-3.5.1.war中的内容导入到工程的webroot下面
5.把webroot的classes的配置文件放到新的src目录下面
6.由于不采用https方式,需要修改配置文件
WEB-INF/deployerConfigContext.xml
< bean class = "org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler" p:httpClient-ref = "httpClient" />
增加参数 p:requireSecure="false" ,是否需要安全验证,即 HTTPS , false 为不采用 如下:
< bean class = "org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler" p:httpClient-ref = "httpClient" p:requireSecure= "false" />
WEB-INF/spring-configuration/ticketGrantingTicketCookieGenerator.xml
< bean id = "ticketGrantingTicketCookieGenerator" class = "org.jasig.cas.web.support.CookieRetrievingCookieGenerator"
p:cookieSecure = " false "
p:cookieMaxAge = "-1"
p:cookieName = "CASTGC"
p:cookiePath = "/cas" />
WEB-INF\spring-configuration\warnCookieGenerator.xml
< bean id = "warnCookieGenerator" class = "org.jasig.cas.web.support.CookieRetrievingCookieGenerator"
p:cookieSecure = " false "
p:cookieMaxAge = "-1"
p:cookieName = "CASPRIVACY"
p:cookiePath = "/cas" />
7.添加数据库验证用户名和密码
在WEB-INF/spring-configuration/applicationContext.xml添加
<bean id="dataSource" class="org.apache.commons.dbcp.BasicDataSource" destroy-method="close">
<property name="driverClassName" value="com.mysql.jdbc.Driver"></property>
<property name="url" value="jdbc:mysql://10.18.11.100:3306/rm?autoReconnect=true"></property>
<property name="username" value="root"></property>
<property name="password" value="111111"></property>
</bean>
<bean id="loginMonitor" class="com.inspur.sso.LoginMonitor" p:dataSource-ref="dataSource" />
<bean id="jdbcTemplate" class="org.springframework.jdbc.core.JdbcTemplate">
<property name="dataSource" ref="dataSource"/>
</bean>
8.在WEB-INF\deployerConfigContext.xm添加自定义验证类
<property name="authenticationHandlers">
<list>
<bean class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler"
p:httpClient-ref="httpClient" />
<bean class="com.zhb.sso.Auth" >
<property name="jdbcTemplate" ref="jdbcTemplate"/>
</bean>
</list>
</property>
9.Auth方法:
public class Auth extends AbstractUsernamePasswordAuthenticationHandler { private JdbcTemplate jdbcTemplate; public JdbcTemplate getJdbcTemplate() { return jdbcTemplate; } public void setJdbcTemplate(JdbcTemplate jdbcTemplate) { this.jdbcTemplate = jdbcTemplate; } @Override protected boolean authenticateUsernamePasswordInternal( UsernamePasswordCredentials credentials) throws AuthenticationException { // TODO Auto-generated method stub final String username = credentials.getUsername(); final String password = credentials.getPassword(); String sql="select * from user where USER_ID=? and PASSWORD=?"; List list=jdbcTemplate.queryForList(sql, new String[]{username,password}); if(list!=null&&list.size()>0){ Map map=(Map)list.get(0); log .debug("User [" + username + "] was successfully authenticated."); System.out.println(map.get("USER_NAME")); return true; }else{ return false; } } }
cas客户端配置
1.新建新的web工程test
添加cas-client-core-3.2.1.jar及相关jar包
修改web.xml
<?xml version="1.0" encoding="UTF-8"?> <web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"> <filter> <filter-name>CAS Authentication Filter</filter-name> <filter-class> org.jasig.cas.client.authentication.AuthenticationFilter</filter-class> <init-param> <param-name>casServerLoginUrl</param-name> <param-value> http://localhost:8090/casserver/login </param-value> </init-param> <init-param> <param-name>renew</param-name> <param-value>false</param-value> </init-param> <init-param> <param-name>gateway</param-name> <param-value>false</param-value> </init-param> <init-param> <param-name>serverName</param-name> <param-value>http://localhost:8090</param-value> </init-param> </filter> <filter> <filter-name>CAS Validation Filter</filter-name> <filter-class> org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</filter-class> <init-param> <param-name>casServerUrlPrefix</param-name> <param-value>http://localhost:8090/casserver</param-value> </init-param> <init-param> <param-name>serverName</param-name> <param-value>http://localhost:8090</param-value> </init-param> <init-param> <param-name>useSession</param-name> <param-value>true</param-value> </init-param> <init-param> <param-name>redirectAfterValidation</param-name> <param-value>true</param-value> </init-param> </filter> <filter> <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name> <filter-class> org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class> </filter> <filter> <filter-name>CAS Assertion Thread Local Filter</filter-name> <filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class> </filter> <!-- 填写退出的URL --> <context-param> <param-name>casServerLogoutUrl</param-name> <param-value>http://localhost:8090/casserver/logout</param-value> </context-param> <!-- 重新登录回调地址 --> <context-param> <param-name>serverName</param-name> <param-value>http://localhost:8090/test</param-value> </context-param> <!--单点退出配置--> <listener> <listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class> </listener> <filter> <filter-name>CAS Single Sign Out Filter</filter-name> <filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class> </filter> <filter-mapping> <filter-name>CAS Single Sign Out Filter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <filter-mapping> <filter-name>CAS Authentication Filter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <filter-mapping> <filter-name>CAS Validation Filter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <filter-mapping> <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <filter-mapping> <filter-name>CAS Assertion Thread Local Filter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <welcome-file-list> <welcome-file>index.jsp</welcome-file> </welcome-file-list> </web-app>
编写index.jsp
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%> <%@ page import="org.jasig.cas.client.authentication.AttributePrincipal" %> <% String path = request.getContextPath(); String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/"; %> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <base href="<%=basePath%>"> <title>My JSP 'index.jsp' starting page</title> <meta http-equiv="pragma" content="no-cache"> <meta http-equiv="cache-control" content="no-cache"> <meta http-equiv="expires" content="0"> <meta http-equiv="keywords" content="keyword1,keyword2,keyword3"> <meta http-equiv="description" content="This is my page"> <!-- <link rel="stylesheet" type="text/css" href="styles.css"> --> </head> <body> <% AttributePrincipal principal = (AttributePrincipal)request.getUserPrincipal(); String username = principal.getName(); %> <% if(null!=username){ %> <h2>Hello <%=username %> !</h2> <a href="${pageContext.request.contextPath}/logout.jsp" >logout</a> <% }%> </body> </html>
退出logout.jsp
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%> <% String path = request.getContextPath(); String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/"; %> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <base href="<%=basePath%>"> <title>My JSP 'logout.jsp' starting page</title> <meta http-equiv="pragma" content="no-cache"> <meta http-equiv="cache-control" content="no-cache"> <meta http-equiv="expires" content="0"> <meta http-equiv="keywords" content="keyword1,keyword2,keyword3"> <meta http-equiv="description" content="This is my page"> <!-- <link rel="stylesheet" type="text/css" href="styles.css"> --> </head> <body> <% session.invalidate(); response.sendRedirect(application .getInitParameter("casServerLogoutUrl") + "?service=" + application.getInitParameter("serverName") + "/index.jsp"); %> </body> </html>
在浏览器中输入:http://localhost:8090/test进行测试
注意:AuthenticationManagerImpl 所有的验证hander类型都在此类中进行调用,代理类。
相关推荐
cas-server安装说明,配置cas的相关步骤
包含cas源码、cas使用说明文档(包含配置信息)、连接数据库所需jar包、cas服务端自定义返回值等
基于cas 4.1改造实现单点登陆。自定义了服务注册中心、登陆控制(基于dubbo)、令牌服务类、退出通知类及个别微改。
3 cas client 1.0配置说明 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"> ...
1. 配置SSL a) 生成证书 b) 将证书导出为证书文件 ... d) 修改<TOMCAT_HOME>/conf下面得server.xml文件 2. 部署CAS服务器 3. 修改CAS登录的用户库 4. 测试是否配置成功 5. 配置过程中可能会出现的错误
H3C_CAS_CAStools安装操作指导书(Red Hat Enterprise Linux Server 7.x ) H3C_CAS_CAStools升级特性操作指导书 H3C_CAS支持OVF虚拟机格式操作指导书 H3C_CAS资源性能监控操作指导书 H3C_CAS虚拟机磁盘限速功能...
按步骤详细说明was(application WebSphere server)服务器对cas证书生成、SSL配置、类加载、数据源配置、部署等操作。
单点登录cas服务端连接数据库获取用户数据做登录验证用
按步骤详细说明was(application WebSphere server)服务器对cas证书生成、SSL配置、类加载、数据源配置、部署等操作.doc
[置顶] SSO单点登录系列3:cas-server端配置认证方式实践(数据源+自定义java类认证) http://blog.csdn.net/ae6623/article/details/8851801 [置顶] SSO单点登录系列2:cas客户端和cas服务端交互原理动画图解,cas...
配置说明: 首先运行cas-server,保证其运行。 (可以用上面的改造好的,也可以用原生的cas-server。 只要等成功登陆cas-server即可) 在application.yml配置 cas.server.url 例如: 和 cas.project.url 例如 (test....
springmvc+spring+shiro+cas单点登录实例 加入了登录验证码认证,修改了下首页样式,不过样式没有弄好,很丑的,有空自己再弄下 说明:cas-server是单点登录服务端,用的是maven项目,但是WEB-INF里面的lib目录下面...
1. 端口说明,cas:8080,node1:8081,node2:8082,大家可以采用maven提供的tomcat7插件,配置如下: ``` xml <groupId>org.apache.tomcat.maven <artifactId>tomcat7-maven-plugin <version>2.1 ...
构建服务器扩展 cd cas-server-support-wwpassmvn clean package install使用Maven Overlay Method配置CAS 按照的说明下载模板快速配置CAS 服务器行为取决于一组配置文件 - 编译时和运行时cas-server
使用struts2+spring+cas实现的单点登录功能,里面包括cas-server3.5.2项目一个,cas-client3.2.1 web项目两个,数据库脚本,请按照里面的说明文档进行部署,希望你们也能配置成功。
CAS系列博客配套demo:https://blog.csdn.net/u010588262/article/category/7548325 建议看一下Server配置的博客,资源里没有带依赖包不然太大了,博客里有说明怎么添加依赖 实现了mysql查询验证,restful api
CAS系列博客配套demo:https://blog.csdn.net/u010588262/article/category/7548325 ...建议看一下Server配置的博客,资源里没有带依赖包不然太大了,博客里有说明怎么添加依赖 实现了mysql查询验证,restful api
cas-server-extension-duo 该模块基于 。目标是提取使用Duo进行两因素身份验证所需的代码/配置,并将其打包到一个可以轻松包含在其中的模块中。 CAS部署。 使用移动设备,座机电话和硬件令牌为两因素身份验证提供...
cas单点登录服务器端和客户端配置说明,以及源码解析,实例演示。