http://tonyaction.blog.51cto.com/227462/898173
SpringSecurity本身已经做好了与CAS的集成工作,只需要我们做简单配置就可以了
步骤1 spring-cas.xml配置文件内容如下(完整版)
- <?xml version="1.0" encoding="UTF-8"?>
- <beans:beans xmlns="http://www.springframework.org/schema/security"
- xmlns:context="http://www.springframework.org/schema/context"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:p="http://www.springframework.org/schema/p"
- xmlns:beans="http://www.springframework.org/schema/beans"
- xsi:schemaLocation=" http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-2.5.xsd
- http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd"
- default-lazy-init="true">
- <context:component-scan base-package="com.itec.core" />
- <!--SSO -->
- <http auto-config="false" entry-point-ref="casEntryPoint" servlet-api-provision="true">
- <intercept-url pattern="/login.do" filters="none" />
- <intercept-url pattern="/image.do" filters="none" />
- <intercept-url pattern="/admin/*.do*" access="ROLE_LOGIN" />
- <!-- logout-success-url="/login.html" -->
- <!-- <logout logout-url="/login.do" success-handler-ref="casLogoutSuccessHandler"/> -->
- <custom-filter ref="requestSingleLogoutFilter" before="LOGOUT_FILTER" />
- <custom-filter position="FORM_LOGIN_FILTER" ref="casFilter"/>
- <custom-filter ref="singleLogoutFilter" before="CAS_FILTER" />
- </http>
- <beans:bean id="casEntryPoint" class="org.springframework.security.cas.web.CasAuthenticationEntryPoint">
- <beans:property name="loginUrl" value="http://172.19.50.21:9083/HASLSSO/login"/>
- <beans:property name="serviceProperties" ref="serviceProperties"/>
- </beans:bean>
- <beans:bean id="serviceProperties" class="org.springframework.security.cas.ServiceProperties">
- <beans:property name="service" value="http://172.19.4.225:8080/HACMS/j_spring_cas_security_check"/>
- <beans:property name="sendRenew" value="false"/>
- </beans:bean>
- <beans:bean id="casFilter" class="org.springframework.security.cas.web.CasAuthenticationFilter">
- <beans:property name="authenticationManager" ref="authenticationManager"/>
- </beans:bean>
- <authentication-manager alias="authenticationManager">
- <authentication-provider ref="casAuthenticationProvider"/>
- </authentication-manager>
- <beans:bean id="casAuthenticationUserDetailsService" class="org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper">
- <beans:property name="userDetailsService" >
- <beans:ref bean="userDetailsManager" />
- </beans:property>
- </beans:bean>
- <beans:bean id="casAuthenticationProvider"
- class="org.springframework.security.cas.authentication.CasAuthenticationProvider">
- <beans:property name="authenticationUserDetailsService" ref="casAuthenticationUserDetailsService"/>
- <beans:property name="serviceProperties" ref="serviceProperties" />
- <beans:property name="ticketValidator">
- <beans:bean class="org.jasig.cas.client.validation.Cas20ServiceTicketValidator">
- <beans:constructor-arg index="0" value="http://172.19.50.21:9083/HASLSSO" />
- </beans:bean>
- </beans:property>
- <beans:property name="key" value="an_id_for_this_auth_provider_only"/>
- </beans:bean>
- <!-- 注销客户端 -->
- <beans:bean id="singleLogoutFilter" class="org.jasig.cas.client.session.SingleSignOutFilter" />
- <!-- 注销服务器端 -->
- <beans:bean id="requestSingleLogoutFilter"
- class="org.springframework.security.web.authentication.logout.LogoutFilter">
- <beans:constructor-arg
- value="http://172.19.50.21:9083/HASLSSO/logout" />
- <beans:constructor-arg>
- <beans:bean
- class="org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler"/>
- </beans:constructor-arg>
- <beans:property name="filterProcessesUrl" value="/j_spring_cas_security_logout" />
- </beans:bean>
- </beans:beans>
步骤2 之前的UserDetailsManager不需要改任何代码
- @Service
- public class UserDetailsManager implements UserDetailsService {
步骤3 web.xml需要修改一点东西,不加载Security的配置文件就行了
- <context-param>
- <param-name>contextConfigLocation</param-name>
- <!-- 使用工程本身验证 -->
- <param-value>/WEB-INF/spring-config.xml,/WEB-INF/spring-freemarker.xml,/WEB-INF/spring-jpa.xml,/WEB-INF/spring-security.xml</param-value>
- <!-- 使用 SSO 验证 -->
- <!-- <param-value>/WEB-INF/spring-config.xml,/WEB-INF/spring-freemarker.xml,/WEB-INF/spring-jpa.xml,/WEB-INF/spring-cas.xml</param-value> -->
- </context-param>
大功告成~!
本文出自 “绝缘材料” 博客,请务必保留此出处http://tonyaction.blog.51cto.com/227462/898173
相关推荐
本篇文章主要介绍了spring boot整合CAS Client实现单点登陆验证的示例,小编觉得挺不错的,现在分享给大家,也给大家做个参考。一起跟随小编过来看看吧
Spring Security 3 与 CAS单点登录配置.doc
spring security 基于oauth 2.0 实现 sso 单点登录Demo 使用 spring security 基于oauth 2.0 实现 sso 单点登录Demo spring boot + spring security + spring security oauth
spring security + oauth 2.0 实现单点登录、认证授权,直接贴代码
单点登录实现 Spring_security+CAS 包含实现教程和程序源代码
该资源是springsecurity+oauth2+jwt实现的单点登录demo,模式为授权码模式,实现自定义登录页面和自定义授权页面。应用数据存在内存中或者存在数据库中(附带数据库表结构),token存储分为数据库或者Redis。demo...
NULL 博文链接:https://liuqq.iteye.com/blog/720014
单点登录SSO解决方案之SpringSecurity+JWT实现.docx
1.本项目为SpringCloud Gateway的微服务框架,整合了SpringSecurity,微服务间使用Redis来获取登陆的用户信息。 2.由于Gat
SSO单点登录Spring-Security & CAS 使用手册
SpringBoot+SpringSecurity整合示例代码,实现了从数据库中获取信息进行登录认证和权限认证。 本项目为idea工程,请用idea2019导入(老版应该也可以)。 本项目用户信息所需sql文件,在工程的resources文件夹下,...
cas版本3.4.0,spring security版本3.1.4,经测试可用!
这是一个Spring Security集成CAS实现单点登录的客户端实例,使用Maven集成开发,项目中使用到的Oframer和otauser(CAS服务端)请至我的资源中寻找下载。
使用 spring security 基于oauth 2.0 实现 sso 单点登录Demo spring boot + spring security + spring security oauth
主要介绍了Spring Security基于JWT实现SSO单点登录详解,文中通过示例代码介绍的非常详细,对大家的学习或者工作具有一定的参考学习价值,需要的朋友们下面随着小编来一起学习学习吧
springboot+ spring security实现登录认证
springsecurity整合cas全过程,超低分分享,请大家下载看看
基于JWT OAUTH2 SpringSecurity单点登录 . 单点登录流: 1. 访问client1 2. `client1`将请求导向`sso-server` 3. 同意授权 4. 携带授权码`code`返回`client1` 5. `client1`拿着授权码请求令牌 6. 返回`JWT`令牌 7. ...
用STS(Spring Tool Suite)开发的,spring mvc + spring security 实现的最简单的登录系统,无数据库。