CAS是SSO常用的开源解决方案,可以适用多种语言实现的Web应用。介绍了CAS Server端的配置。下面结合本人的实际操作,详细说明下Java应用CAS Client配置。首先,说明下配置环境:
1. CAS Server 3.4.5,跑在tomcat 7上。 部署在上(本地hosts文件配置域名)。 2. CAS Client Java SSH应用(Struts 2.3.4.1、Spring 3.0.5、Hibernate 3.3.2,如应用使用了特定安全框架如Spring Security,且集成了CAS Client,可直接使用其提供的配置方法), web应用也跑在tomcat 7上,部署在(本地hosts文件配置域名)。
配置步骤:
1.添加cas-client-core-3.1.10-sources.jar,如使用mvn,pom.xml中添加
org.jasig.cas cas-client-core 3.1.10 servlet-api javax.servlet
2. web.xml中添加:
3. 编写个简单的测试页面test.jsp进行测试。org.jasig.cas.client.session.SingleSignOutHttpSessionListener CAS Single Sign Out Filter org.jasig.cas.client.session.SingleSignOutFilter CAS Single Sign Out Filter /* CAS Filter org.jasig.cas.client.authentication.AuthenticationFilter casServerLoginUrl http://www.cas.com/cas/login serverName http://api.zfwx.com:8080 CAS Filter /* CAS Validation Filter org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter casServerUrlPrefix http://www.cas.com/cas serverName http://api.zfwx.com:8080 CAS Validation Filter /* CAS HttpServletRequest Wrapper Filter org.jasig.cas.client.util.HttpServletRequestWrapperFilter CAS HttpServletRequest Wrapper Filter /* CAS Assertion Thread Local Filter org.jasig.cas.client.util.AssertionThreadLocalFilter CAS Assertion Thread Local Filter /*
<%@ page import="org.jasig.cas.client.authentication.AttributePrincipal" %>cas test <%AttributePrincipal principal = (AttributePrincipal)request.getUserPrincipal(); String username = principal.getName();%><% if(null!=username){ %>Hello <%=username %> !
logout<% }%>