SpringBoot 基于 CAS 實(shí)現(xiàn)單點(diǎn)登錄登出
點(diǎn)擊上方藍(lán)色字體,選擇“標(biāo)星公眾號(hào)”
優(yōu)質(zhì)文章,第一時(shí)間送達(dá)
? 作者?|??d0usr
來(lái)源 |? urlify.cn/uIfUV3
66套java從入門(mén)到精通實(shí)戰(zhàn)課程分享
1、下載 CAS 5.3 源碼:
git clone https://github.com/apereo/cas-overlay-template.git由于以上命令會(huì)拷貝 CAS 的最新版本,如需切換到歷史版本,可執(zhí)行如下操作:
1)cd 到該項(xiàng)目下;
2)git log 查看提交記錄,找到想要的提交記錄,粘貼對(duì)應(yīng)的哈希值;
3)執(zhí)行 git checkout 哈希值;
這時(shí)本地的代碼就會(huì)變成你想要的那個(gè)版本的代碼。
2、將下載的源碼導(dǎo)入 Idea:
(1)目錄結(jié)構(gòu)如下(CAS5.3 采用 maven 項(xiàng)目結(jié)構(gòu)):
(2)打開(kāi) POM.XML 文件,更換 repositories :
????
????
????
????????
????????????central
????????????aliyun?maven
????????????http://maven.aliyun.com/nexus/content/groups/public/
????????????
????????????
????????????????true
????????????
????????????
????????????
????????????????false
????????????
????????
????
3、對(duì)源碼進(jìn)行打包:
打包完成后會(huì)生成一個(gè) target 目錄:
4、將打包后的 cas 文件夾復(fù)制到 tomcat 的 webapps 目錄下:
5、修改CAS服務(wù)端配置文件:
(1)在 cas\WEB-INF\classes 目錄的 application.properties 添加如下的內(nèi)容:
# 自定義cas 登錄用戶名和密碼為 admin
#cas.authn.accept.users=casuser::Mellon
cas.authn.accept.users=admin::admin
# 兼容 Http 協(xié)議
cas.tgc.secure=false
# 開(kāi)啟識(shí)別Json文件,默認(rèn)false
cas.serviceRegistry.initFromJson=true
# 允許退出登錄后重定向到其他頁(yè)面
cas.logout.followServiceRedirects=true
(2)在 cas\WEB-INF\classes\services 目錄下的 HTTPSandIMAPS-10000001.json:
修改內(nèi)容如下,即添加http
"serviceId" : "^(https|http|imaps)://.*",
6、啟動(dòng) tomcat 查看是否可以啟動(dòng) CAS Server:
?
如上,已成功訪問(wèn) CAS Server 登錄頁(yè)。
7、 CAS 客戶端配置:
(1)項(xiàng)目結(jié)構(gòu):
?項(xiàng)目結(jié)構(gòu)為 maven 多模塊工程,其中sp-common模塊為公用模塊;sp-member 為會(huì)員模塊;sp-order 為訂單模塊。
(2)POM.XML 依賴(lài):
??net.unicon.cas
??cas-client-autoconfig-support
??2.1.0-GA
(3)application.yml 配置:
1)客戶端 sp-member 模塊配置如下:
server:
??port:?8081
#?配置?cas?server?信息
cas:
??#?cas服務(wù)端的地址
??server-url-prefix:?http://localhost:8080/cas
??#?cas服務(wù)端的登錄地址
??server-login-url:?http://localhost:8080/cas/login
??#?當(dāng)前服務(wù)器的地址(客戶端)
??client-host-url:?http://localhost:8081
??#?Ticket校驗(yàn)器使用Cas30ProxyReceivingTicketValidationFilter
??validation-type:?cas3
2)客戶端 sp-order 模塊配置如下:
server:
??port:?8082
#?配置?cas?server?信息
cas:
??#?cas服務(wù)端的地址
??server-url-prefix:?http://localhost:8080/cas
??#?cas服務(wù)端的登錄地址
??server-login-url:?http://localhost:8080/cas/login
??#?當(dāng)前服務(wù)器的地址(客戶端)
??client-host-url:?http://localhost:8082
??#?Ticket校驗(yàn)器使用Cas30ProxyReceivingTicketValidationFilter
??validation-type:?cas3
8、進(jìn)行客戶端測(cè)試:
(1)客戶端 sp-member模塊配置如下:
MemberController 類(lèi):
package?member.controller;
import?org.springframework.stereotype.Controller;
import?org.springframework.web.bind.annotation.RequestMapping;
import?org.springframework.web.bind.annotation.ResponseBody;
import?javax.servlet.http.HttpServletRequest;
import?javax.servlet.http.HttpSession;
@Controller
public?class?MemberController?{
????@RequestMapping("/test")
????@ResponseBody
????public?String?test(HttpServletRequest?request)?{
????????return?"member";
????}
????/**
?????*?退出
?????*?@param?request
?????*?@return
?????*/
????@RequestMapping("/logout")
????public?String?logout(HttpServletRequest?request)?{
????????HttpSession?session?=?request.getSession();
????????session.invalidate();
????????return?"redirect:http://localhost:8080/cas/logout?service=http://localhost:8081/logoutSuccess";
????}
????/**
?????*?退出成功頁(yè)
?????*?@return
?????*/
????@RequestMapping("/logoutSuccess")
????@ResponseBody
????public?String?logoutSuccess()?{
????????return?"member?logoutSuccess";
????}
}
StartMember8081類(lèi)(啟動(dòng)類(lèi)):
package?member;
/**
?*?會(huì)員服務(wù)啟動(dòng)類(lèi)
?*/
import?net.unicon.cas.client.configuration.EnableCasClient;
import?org.jasig.cas.client.authentication.AuthenticationFilter;
import?org.springframework.boot.SpringApplication;
import?org.springframework.boot.autoconfigure.SpringBootApplication;
import?org.springframework.boot.web.servlet.FilterRegistrationBean;
import?org.springframework.context.annotation.Bean;
import?java.util.HashMap;
import?java.util.Map;
@EnableCasClient????????//?開(kāi)啟?Cas?Client?注解
@SpringBootApplication
public?class?StartMember8081?{
????private?static?final?String?CAS_SERVER_URL_LOGIN?=?"http://localhost:8080/cas/login";
????private?static?final?String?SERVER_NAME?=?"http://localhost:8081/";
????@Bean
????public?FilterRegistrationBean?filterAuthenticationRegistration()?{
????????FilterRegistrationBean?registration?=?new?FilterRegistrationBean();
????????//?AuthenticationFilter??該過(guò)濾器負(fù)責(zé)用戶的認(rèn)證工作
????????registration.setFilter(new?AuthenticationFilter());
????????//?設(shè)定匹配的路徑
????????registration.addUrlPatterns("/*");
????????Map?initParameters?=?new?HashMap();
????????initParameters.put("casServerLoginUrl",?CAS_SERVER_URL_LOGIN);
????????initParameters.put("serverName",?SERVER_NAME);
????????//?忽略?/logoutSuccess?的路徑
????????initParameters.put("ignorePattern",?"/logoutSuccess/*");
????????registration.setInitParameters(initParameters);
????????//?設(shè)定加載的順序
????????registration.setOrder(1);
????????return?registration;
????}
????public?static?void?main(String[]?args)?{
????????SpringApplication.run(StartMember8081.class,?args);
????}
}
(2)客戶端 sp-order 模塊配置如下:
OrderController類(lèi):
package?order.controller;
import?org.springframework.stereotype.Controller;
import?org.springframework.web.bind.annotation.RequestMapping;
import?org.springframework.web.bind.annotation.ResponseBody;
import?javax.servlet.http.HttpServletRequest;
import?javax.servlet.http.HttpSession;
@Controller
public?class?OrderController?{
????@RequestMapping("/test")
????@ResponseBody
????public?String?test()?{
????????return?"order";
????}
????/**
?????*?退出
?????*?@param?request
?????*?@return
?????*/
????@RequestMapping("/logout")
????public?String?logout(HttpServletRequest?request)?{
????????HttpSession?session?=?request.getSession();
????????session.invalidate();
????????return?"redirect:http://localhost:8080/cas/logout?service=http://localhost:8082/logoutSuccess";
????}
????/**
?????*?退出成功頁(yè)
?????*?@return
?????*/
????@RequestMapping("/logoutSuccess")
????@ResponseBody
????public?String?logoutSuccess()?{
????????return?"order?logoutSuccess";
????}
}
StartOrder8082類(lèi)(啟動(dòng)類(lèi)):
package?order;
import?net.unicon.cas.client.configuration.EnableCasClient;
import?org.jasig.cas.client.authentication.AuthenticationFilter;
import?org.springframework.boot.SpringApplication;
import?org.springframework.boot.autoconfigure.SpringBootApplication;
import?org.springframework.boot.web.servlet.FilterRegistrationBean;
import?org.springframework.context.annotation.Bean;
import?java.util.HashMap;
import?java.util.Map;
/**
?*?訂單服務(wù)啟動(dòng)類(lèi)
?*/
@EnableCasClient????????//?開(kāi)啟?Cas?Client?注解
@SpringBootApplication
public?class?StartOrder8082?{
????private?static?final?String?CAS_SERVER_URL_LOGIN?=?"http://localhost:8080/cas/login";
????private?static?final?String?SERVER_NAME?=?"http://localhost:8082/";
????@Bean
????public?FilterRegistrationBean?filterAuthenticationRegistration()?{
????????FilterRegistrationBean?registration?=?new?FilterRegistrationBean();
????????registration.setFilter(new?AuthenticationFilter());
????????//?設(shè)定匹配的路徑
????????registration.addUrlPatterns("/*");
????????Map?initParameters?=?new?HashMap();
????????initParameters.put("casServerLoginUrl",?CAS_SERVER_URL_LOGIN);
????????initParameters.put("serverName",?SERVER_NAME);
????????//?忽略?/logoutSuccess?的路徑
????????initParameters.put("ignorePattern",?"/logoutSuccess/*");
????????registration.setInitParameters(initParameters);
????????//?設(shè)定加載的順序
????????registration.setOrder(1);
????????System.out.println("init?filter");
????????return?registration;
????}
????public?static?void?main(String[]?args)?{
????????SpringApplication.run(StartOrder8082.class,?args);
????}
}
(3)測(cè)試訪問(wèn)(會(huì)員業(yè)務(wù)) http://localhost:8081/test 是否會(huì)被攔截:
如上,會(huì)員服務(wù)接口已被成功攔截,地址重定向了 CAS Server 的登錄頁(yè)面。
(4)測(cè)試訪問(wèn)(訂單服務(wù)) http://localhost:8082/test 是否會(huì)被攔截:
如上,訂單服務(wù)接口也成功被攔截。
(5)測(cè)試當(dāng)一個(gè)客戶端登錄后,另外一個(gè)客戶端是否可以訪問(wèn):
?
?如上,登錄后成功返回會(huì)員服務(wù)內(nèi)容。
?
如上,刷新剛剛訂單服務(wù)請(qǐng)求地址,也成功返回訂單服務(wù)內(nèi)容。
(6)測(cè)試當(dāng)一個(gè)客戶端退出后,另外一個(gè)客戶端是否還可以訪問(wèn):
?
如上,先在瀏覽器訪問(wèn) http://localhost:8081/logout 接口,url 重定到 http://localhost:8081/logoutSuccess 接口,即表示會(huì)員服務(wù)已退出。
這時(shí)再刷新之前兩個(gè)服務(wù)的接口地址,均重定向到了 CAS Server 登錄頁(yè),即實(shí)現(xiàn)了單點(diǎn)登出效果。
粉絲福利:Java從入門(mén)到入土學(xué)習(xí)路線圖
???
?長(zhǎng)按上方微信二維碼?2 秒
感謝點(diǎn)贊支持下哈?