单点登录－客户端配置

web.config

 

 <listener>  
        <listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class>
    </listener>
    <filter>
        <filter-name>CAS Single Sign Out Filter</filter-name>
        <filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>
    </filter>
    <!-- 用于单点登录 -->
    <filter>
    <filter-name>CAS Filter</filter-name>
        <filter-class>edu.yale.its.tp.cas.client.filter.CASFilter</filter-class>
            <init-param>
              <param-name>edu.yale.its.tp.cas.client.filter.loginUrl</param-name>
               <param-value>http://server:8080/cas/login</param-value>
            </init-param>
            <init-param>
               <param-name>edu.yale.its.tp.cas.client.filter.validateUrl</param-name>
               <param-value>http://server:8080/cas/serviceValidate</param-value>
        </init-param>
        <init-param>
           <param-name>edu.yale.its.tp.cas.client.filter.serverName</param-name>
           <param-value>client:8200</param-value>
        </init-param>
    </filter>
    
    <filter-mapping>
        <filter-name>CAS Single Sign Out Filter</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>
    
    <filter-mapping>
        <filter-name>CAS Filter</filter-name>
        <url-pattern>/admin/*</url-pattern>
    </filter-mapping>

 核心代码：

 private boolean isValidSession(ServletRequest request) {
        HttpServletRequest objHttpRequest = (HttpServletRequest)request;
        String strIsLogin = (String)objHttpRequest.getSession().
                            getAttribute(ComtopGlobalConstants.SECURITY_LOGIN_KEY);
        boolean bIsValid = ComtopGlobalConstants.SECURITY_IS_LOGIN.equals(strIsLogin);

        if(!bIsValid && logger.isDebugEnabled()) {
            logger.debug(" AAAAAValid " + System.currentTimeMillis());
            logger.debug("Session无效,请求：" + objHttpRequest.getRequestURI());
        }