基础框架
1.spring mvc:spring核心容器
2.maven:项目管理工具
3.cas client:java cas client客户端
4.spring session:缓存框架
基本流程
1.项目中添加maven依赖:
<!--java cas client-->
<dependency>
<groupId>org.jasig.cas.client</groupId>
<artifactId>cas-client-core</artifactId>
<version>3.4.1</version>
</dependency>
<!-- spring-session-data-redis -->
<dependency>
<groupId>org.springframework.session</groupId>
<artifactId>spring-session-data-redis</artifactId>
<version>1.3.1.RELEASE</version>
</dependency>
2.webapp/web.xml配置:
<!--注意需要放在最前面,防止生成两个sessionid-->
<!--spring session redis share start-->
<filter>
<filter-name>springSessionRepositoryFilter</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSessionRepositoryFilter</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>ERROR</dispatcher>
</filter-mapping>
<!--spring session redis share end-->
<!-- Filter to handle logout requests sent directly by the CAS server -->
<!-- #放在所有过滤器之前 -->
<filter>
<filter-name>CAS Single Sign Out Filter</filter-name>
<filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>
<init-param>
<param-name>casServerUrlPrefix</param-name>
<!--这里配置cas服务器的url地址-->
<param-value>https://localhost/cas</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CAS Single Sign Out Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<listener>
<listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class>
</listener>
<!--cas配置 start-->
<!-- Define the protected urls of your application -->
<!-- #### change with your own CAS server and your host name #### -->
<filter>
<filter-name>CAS Authentication Filter</filter-name>
<filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>
<init-param>
<param-name>casServerLoginUrl</param-name>
<param-value>https://localhost/cas/login</param-value>
</init-param>
<init-param>
<param-name>service</param-name>
<param-value>http://localhost/test/login</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CAS Authentication Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- Define the urls on which you can validate a service ticket -->
<!-- #### change with your own CAS server and your host name #### -->
<filter>
<filter-name>CAS Validation Filter</filter-name>
<filter-class>org.jasig.cas.client.validation.Cas30ProxyReceivingTicketValidationFilter</filter-class>
<init-param>
<param-name>casServerUrlPrefix</param-name>
<param-value>https://localhost/cas</param-value>
</init-param>
<init-param>
<param-name>service</param-name>
<param-value>http://localhost/test/login</param-value>
</init-param>
<!-- <init-param>
<param-name>proxyGrantingTicketStorageClass</param-name>
<param-value>org.jasig.cas.client.proxy.EhcacheBackedProxyGrantingTicketStorageImpl</param-value>
</init-param>-->
<init-param>
<param-name>redirectAfterValidation</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>useSession</param-name>
<param-value>true</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CAS Validation Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- Put the CAS principal in the HTTP request -->
<filter>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
3.配置spring-session-redis配置,将session缓存到redis中进行配置
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:p="http://www.springframework.org/schema/p"
xmlns:util="http://www.springframework.org/schema/util"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/util
http://www.springframework.org/schema/util/spring-util.xsd"
default-lazy-init="true">
<bean id="redisHttpSessionConfiguration" class="org.springframework.session.data.redis.config.annotation.web.http.RedisHttpSessionConfiguration">
<!--表示超时时间,默认是1800秒。写上述配置的时候我个人习惯采用xml来定义,官方文档中有采用注解来声明一个配置类。-->
<!--<property name="maxInactiveIntervalInSeconds" value="600"/>-->
</bean>
<bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
<property name="location" value="classpath:config/config.properties"/>
<property name="ignoreUnresolvablePlaceholders" value="true"/>
</bean>
<!-- Jedis连接池-->
<bean id="jedisConnFactory"
class="org.springframework.data.redis.connection.jedis.JedisConnectionFactory"
p:hostName="${redis_host}"
p:port="${redis_port}"
p:password=""
p:use-pool="true"
p:poolConfig-ref="jedisPoolConfig"/>
<bean id="jedisPoolConfig"
class="redis.clients.jedis.JedisPoolConfig"
p:maxTotal="500"
p:maxIdle="100"
p:maxWaitMillis="5000"
p:testOnBorrow="false"
p:testOnReturn="false"/>
<!--禁用redis config命令,否则tomcat启动报错-->
<util:constant
static-field="org.springframework.session.data.redis.config.ConfigureRedisAction.NO_OP"/>
</beans>
4.回调url中:http://localhost/test/login,可以获取cas server返回的用户信息,自己实现需要的业务逻辑。
5.统一注销和登陆,例如:test项目请求cas server,需要在cas server配置回调注销url,删除用户的登陆信息统一进行注销,cas client会统一注销掉当前用户所有登陆的系统,url地址需要cas server来提供,例如:https://localhost/cas/logout
6.可以参考:https://github.com/pac4j/pac4j