acegi 作为 yale cas认证服务器的客户端在springside项目中的应用
First,? Set SpringSide's web.xml,? we use Acegi CAS Filter:
???? < filter-mapping >
???????? < filter-name > hibernateFilter </ filter-name >
???????? < url-pattern > /j_acegi_cas_security_check </ url-pattern >
???? </ filter-mapping >
We Should Set Main ACEGI application Context:
1) filterChainProxy should add a cas filter as Acegi's Sample, but here, we reuse
authenticationProcessingFilter, which we act as cas client filter.
???? < bean? id ="filterChainProxy"
????????? class ="org.acegisecurity.util.FilterChainProxy" >
???????? < property? name ="filterInvocationDefinitionSource" >
???????????? < value >
??????????????? CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
??????????????? PATTERN_TYPE_APACHE_ANT
??????????????? /**=httpSessionContextIntegrationFilter,anonymousProcessingFilter,authenticationProcessingFilter,rememberMeProcessingFilter,logoutFilter,channelProcessingFilter,basicProcessingFilter,securityContextHolderAwareRequestFilter,exceptionTranslationFilter,filterInvocationInterceptor
???????????? </ value >
???????? </ property >
???? </ bean >
2) authenticationProcessingFilter, of course, play the most important role in this
applicationContext_acegi.xml.
In SpringSide,? /admin? is protected resource, so defaultTargetUrl protected it
and all those request to the target url must be authenticated by authenticationManager.
??? <bean id="authenticationProcessingFilter" ref="authenticationManager"/>
??????? <property name="authenticationFailureUrl">
??????????? <value>/security/login.jsp?login_error=1</value>
??????? </property>
??????? <property name="defaultTargetUrl">
??????????? <value>/admin/</value>
??????? </property>
??????? <property name="filterProcessesUrl">
??????????? <value>/j_acegi_cas_security_check</value>
??????? </property>
??????? <property name="rememberMeServices" ref="rememberMeServices"/>
??????? <property name="exceptionMappings">
??????????? <value>
??????????????? org.acegisecurity.userdetails.UsernameNotFoundException=/security/login.jsp?login_error=user_not_found_error
??????????????? org.acegisecurity.BadCredentialsException=/security/login.jsp?login_error=user_psw_error
??????????????? org.acegisecurity.concurrent.ConcurrentLoginException=/security/login.jsp?login_error=too_many_user_error
??????????? </value>
??????? </property>
??? </bean>
3) Then, we set all the needed beans in CAS Filter
??? <!-- =========? Acegi as a CAS Client的配置============= -->
??? <bean id="exceptionTranslationFilter" />
??? -->
??? <bean id="casProxyDecider" />
???
??? <bean id="serviceProperties" value="userCache"/>
??????????? </bean>
??????? </property>
??? </bean>
???
??? <bean id="casAuthoritiesPopulator" ref="dataSource"/>
??????? <property name="usersByUsernameQuery">
??????????? <value>
??????????????? select loginid,passwd,1 from ss_users where status='1' and loginid = ?
??????????? </value>
??????? </property>
??????? <property name="authoritiesByUsernameQuery">
??????????? <value>
??????????????? select u.loginid,p.name from ss_users u,ss_roles r,ss_permissions
??????????????? p,ss_user_role ur,ss_role_permis rp where u.id=ur.user_id and
??????????????? r.id=ur.role_id and p.id=rp.permis_id and
??????????????? r.id=rp.role_id and p.status='1' and u.loginid=?
??????????? </value>
??????? </property>
??? </bean>
There is little difference between casclient 2.0.12 and Acegi, right?
Note that in my env, gzug:8080/springside is bookstore webapp
and sourcesite:8443 is the CAS 3 Server.
Hope for suggestion.....
?
?
本文来自CSDN博客,转载请标明出处:http://blog.csdn.net/HuDon/archive/2007/02/06/1503506.aspx
