security 集成cas

1. web.xml
2. <context-param>
3. <param-name>contextConfigLocation</param-name>
4. <param-value>
5. /WEB-INF/applicationContext-security.xml
6. </param-value>
7. </context-param>
9. <context-param>
10. <param-name>log4jConfigLocation</param-name>
11. <param-value>/WEB-INF/classes/log4j.properties</param-value>
12. </context-param>
14. <context-param>
15. <param-name>webAppRootKey</param-name>
16. <param-value>cas.root</param-value>
17. </context-param>
19. <filter>
20. <filter-name>CAS Single Sign Out Filter</filter-name>
21. <filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>
22. </filter>
24. <filter>
25. <filter-name>springSecurityFilterChain</filter-name>
26. <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
27. </filter>
29. <filter-mapping>
30. <filter-name>CAS Single Sign Out Filter</filter-name>
31. <url-pattern>/*</url-pattern>
32. </filter-mapping>
34. <filter-mapping>
35. <filter-name>springSecurityFilterChain</filter-name>
36. <url-pattern>/*</url-pattern>
37. </filter-mapping>
39. <listener>
40. <listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class>
41. </listener>
43. <listener>
44. <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
45. </listener>
47. <listener>
48. <listener-class>org.springframework.web.util.Log4jConfigListener</listener-class>
49. </listener>
2)applicationContext-security.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:p="http://www.springframework.org/schema/p"
xmlns:beans="http://www.springframework.org/schema/beans"
xsi:schemaLocation=" http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-2.5.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd"
default-lazy-init="true">
<context:component-scan base-package="com.itec.core" />
<http auto-config="false" entry-point-ref="casEntryPoint" servlet-api-provision="true">
<intercept-url pattern="/login.do" filters="none" />
<intercept-url pattern="/image.do" filters="none" />
<intercept-url pattern="/admin/*.do*" access="ROLE_LOGIN" />
<custom-filter ref="requestSingleLogoutFilter" before="LOGOUT_FILTER" />
<custom-filter position="FORM_LOGIN_FILTER" ref="casFilter"/>
<custom-filter ref="singleLogoutFilter" before="CAS_FILTER" />
</http>
<beans:bean id="casEntryPoint" class="org.springframework.security.cas.web.CasAuthenticationEntryPoint">
<beans:property name="loginUrl" value="http://172.19.50.21:9083/HASLSSO/login"/>
<beans:property name="serviceProperties" ref="serviceProperties"/>
</beans:bean>
<beans:bean id="serviceProperties" class="org.springframework.security.cas.ServiceProperties">
<beans:property name="service" value="http://172.19.4.225:8080/HACMS/j_spring_cas_security_check"/>
<beans:property name="sendRenew" value="false"/>
</beans:bean>
<beans:bean id="casFilter" class="org.springframework.security.cas.web.CasAuthenticationFilter">
<beans:property name="authenticationManager" ref="authenticationManager"/>
</beans:bean>
<authentication-manager alias="authenticationManager">
<authentication-provider ref="casAuthenticationProvider"/>
</authentication-manager>
<beans:bean id="casAuthenticationUserDetailsService" class="org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper">
<beans:property name="userDetailsService" >
<beans:ref bean="userDetailsManager" />
</beans:property>
</beans:bean>
<beans:bean id="casAuthenticationProvider"
class="org.springframework.security.cas.authentication.CasAuthenticationProvider">
<beans:property name="authenticationUserDetailsService" ref="casAuthenticationUserDetailsService"/>
<beans:property name="serviceProperties" ref="serviceProperties" />
<beans:property name="ticketValidator">
<beans:bean class="org.jasig.cas.client.validation.Cas20ServiceTicketValidator">
<beans:constructor-arg index="0" value="http://172.19.50.21:9083/HASLSSO" />
</beans:bean>
</beans:property>
<beans:property name="key" value="an_id_for_this_auth_provider_only"/>
</beans:bean>
<beans:bean id="singleLogoutFilter" class="org.jasig.cas.client.session.SingleSignOutFilter" />
<beans:bean id="requestSingleLogoutFilter"
class="org.springframework.security.web.authentication.logout.LogoutFilter">
<beans:constructor-arg
value="http://172.19.50.21:9083/HASLSSO/logout" />
<beans:constructor-arg>
<beans:bean
class="org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler"/>
</beans:constructor-arg>
<beans:property name="filterProcessesUrl" value="/j_spring_cas_security_logout" />
</beans:bean>
</beans:beans>

http://www.cnblogs.com/victorma/p/springcas.html

http://www.cnblogs.com/question-sky/p/7068511.html

http://blog.csdn.net/cl_andywin/article/details/53998986

http://www.cnblogs.com/scau-chm/p/6836748.html?utm_source=tuicool&utm_medium=referral

http://blog.csdn.net/hejingyuan6/article/details/45111703

http://blog.csdn.net/qq_33264648/article/details/68493262

自定义cas返回

http://blog.csdn.net/jadyer/article/details/46970747

http://zhenkm0507.iteye.com/blog/546785

http://blog.csdn.net/ahpo/article/details/46412859

http://blog.csdn.net/w410589502/article/details/51508336

http://www.jb51.net/article/114678.htm

http://liulijun-cn-2011.iteye.com/blog/2247166

注：至于获取ServletContext对象，可以从request,session中获取，他们都有getServletContext()方法

ApplicationContext ac1 = WebApplicationContextUtils.getRequiredWebApplicationContext(ServletContext sc)

ApplicationContext ac2 = WebApplicationContextUtils.getWebApplicationContext(ServletContext sc)

UserLogService service = ApplicationContext.getBean(UserLogService.class);

posted @ 2017-09-27 23:27 采姑娘的蘑菇阅读(254) 评论(0) 编辑收藏举报

刷新页面返回顶部

采姑娘的蘑菇

security 集成cas

公告