SSO之返回多个值
在做SSO时,有时不一定返回客户端的不仅仅是用户名,有时还会要求返回用户ID等。
一、准备工作
cas官方网站
http://www.jasig.org/cas
下载最新的服务端 CAS Server 3.3.3 Final
cas官方网站上面的客户端下载地址比较隐秘,没有完全公开,具体地址为
http://www.ja-sig.org/downloads/cas-clients/
下载最新的cas-client-3.1.6-release.zip
下载附件中的所有JAR包。
二、数据库设置
create database userinfogouse userinfocreate table tb_userinfo(id int identity primary key,username varchar(20) NOT NULL,password varchar(50) NOT NULL)insert into tb_userinfo values('arix04','123456')?
三、服务器设置
1、将服务器端解压,将modules下面的cas-server-webapp-3.3.3.war部署到web服务器,重命名为CAS.war,作为单点的服务器。
2、导入modules中的cas-server-support-jdbc-3.3.3.jar包
3、导入数据库驱动
4、导入附件中的所有文件
修改WEB-INF中的deployerConfigContext.xml文件
5、添加数据源
<bean id="casDataSource" name="code"><bean/>
?
在注释掉的相应的位置加入以下配置
<bean ref="casDataSource" /> <property name="sql" value="select password from tb_userinfo where username = ?" /></bean>
?
7、定义attributeRepository,通过jdbc查询用户的详细信息,可以把用户表的信息查询出来。
<bean id="attributeRepository" ref="casDataSource" /> <constructor-arg index="1" > <list> <value>username</value> </list> </constructor-arg> <constructor-arg index="2"> <value> select id,username,password from tb_userinfo where username = ?</value> </constructor-arg> <property name="columnsToAttributes"> <map> <entry key="id" value="id" /> <entry key="userName" value="userName" /> <entry key="password" value="password" /> </map> </property> </bean>
?
8、配置authenticationManager中credentialsToPrincipalResolvers属性
<bean><property name="attributeRepository" ref="attributeRepository"/>
?
9、默认cas登录服务器没有把用户信息传到客户端中,所以要修改WEB-INF\view\jsp\protocol\2.0\casServiceValidationSuccess.jsp文件,增加以下代码:
<c:if test="${fn:length(assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.attributes) > 0}"> <cas:attributes> <c:forEach var="attr" items="${assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.attributes}"> <cas:${fn:escapeXml(attr.key)}>${fn:escapeXml(attr.value)}</cas:${fn:escapeXml(attr.key)}> </c:forEach> </cas:attributes> </c:if> ?
四、配置客户端
1、解压后把modules下面的包放到我们的web应用中。导入相庆的SPRING.JAR包
2.配置web.xml,注意encodingFilter要提前配置,不然会出现数据插入数据库的时候有乱码。
serverName是我们web应用的地址和端口
<context-param> <param-name>serverName</param-name> <param-value>www.test.com:9080</param-value> </context-param> <filter> <filter-name>encodingFilter</filter-name> <filter-class> org.springframework.web.filter.CharacterEncodingFilter </filter-class> <init-param> <param-name>encoding</param-name> <param-value>UTF-8</param-value> </init-param> <init-param> <param-name>forceEncoding</param-name> <param-value>true</param-value> </init-param> </filter> <filter-mapping> <filter-name>encodingFilter</filter-name> <url-pattern>*.htm</url-pattern> </filter-mapping> <filter-mapping> <filter-name>encodingFilter</filter-name> <url-pattern>*.ftl</url-pattern> </filter-mapping> <filter-mapping> <filter-name>encodingFilter</filter-name> <url-pattern>*.xhtml</url-pattern> </filter-mapping> <filter-mapping> <filter-name>encodingFilter</filter-name> <url-pattern>*.html</url-pattern> </filter-mapping> <filter-mapping> <filter-name>encodingFilter</filter-name> <url-pattern>*.shtml</url-pattern> </filter-mapping> <filter-mapping> <filter-name>encodingFilter</filter-name> <url-pattern>*.jsp</url-pattern> </filter-mapping> <filter-mapping> <filter-name>encodingFilter</filter-name> <url-pattern>*.do</url-pattern> </filter-mapping> <filter-mapping> <filter-name>encodingFilter</filter-name> <url-pattern>*.vm</url-pattern> </filter-mapping> <filter> <filter-name>CAS Single Sign Out Filter</filter-name> <filter-class> org.jasig.cas.client.session.SingleSignOutFilter </filter-class> </filter> <filter-mapping> <filter-name>CAS Single Sign Out Filter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <listener> <listener-class> org.jasig.cas.client.session.SingleSignOutHttpSessionListener </listener-class> </listener> <filter> <filter-name>CAS Authentication Filter</filter-name> <filter-class> org.jasig.cas.client.authentication.AuthenticationFilter </filter-class> <init-param> <param-name>casServerLoginUrl</param-name> <param-value>https://www.test.com:8443/cas/login</param-value> </init-param> </filter> <filter> <filter-name>CAS Validation Filter</filter-name> <filter-class> org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter </filter-class> <init-param> <param-name>casServerUrlPrefix</param-name> <param-value>https://www.test.com:8443/cas</param-value> </init-param> </filter> <filter> <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name> <filter-class> org.jasig.cas.client.util.HttpServletRequestWrapperFilter </filter-class> </filter> <filter> <filter-name>CAS Assertion Thread Local Filter</filter-name> <filter-class> org.jasig.cas.client.util.AssertionThreadLocalFilter </filter-class> </filter> <filter-mapping> <filter-name>CAS Authentication Filter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <filter-mapping> <filter-name>CAS Validation Filter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <filter-mapping> <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <filter-mapping> <filter-name>CAS Assertion Thread Local Filter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping>
3、得到相应的返回参数
AttributePrincipal principal = (AttributePrincipal)request.getUserPrincipal(); String username = principal.getName(); Long id = Long.parseLong(principal.getAttributes().get("id").toString()); String password = principal.getAttributes().get("password").toString();out.println(username);out.println(id);out.println(password);?
?