CAS 客户端获取Credentials额外信息
程序员文章站
2022-06-14 16:10:03
...
服务端的配置
1、在deployerContext.xml中加上attributeRepository
2、配置,这里配置需要从数据库读取的属性,这里参考了这篇http://zxs19861202.iteye.com/blog/890965
3、另外由于我用的是http协议,所以还需要配置serviceRegistryDao,让attributeRepository返回信息
4、最后在/WEB-INF/view/jsp/protocol/2.0/casServiceValidationSuccess.jsp的<cas:user></cas:user>后里加入
下面是服务端的配置,主要是web.xml
获取信息的代码
1、在deployerContext.xml中加上attributeRepository
<bean class="org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver"> <property name="attributeRepository" ref="attributeRepository" /> </bean>
2、配置,这里配置需要从数据库读取的属性,这里参考了这篇http://zxs19861202.iteye.com/blog/890965
<bean id="attributeRepository" class="org.jasig.services.persondir.support.jdbc.SingleRowJdbcPersonAttributeDao"> <constructor-arg index="0" ref="dataSource" /> <constructor-arg index="1" value="select id,email,name from t_admin_user where {0} " /> <property name="queryAttributeMapping"> <map> <entry key="username" value="login_name" /> </map> </property> <!-- 要获取的属性在这里配置 --> <property name="resultAttributeMapping"> <map> <entry key="email" value="email" /> <entry key="name" value="name" /> </map> </property> </bean>
3、另外由于我用的是http协议,所以还需要配置serviceRegistryDao,让attributeRepository返回信息
<bean id="serviceRegistryDao" class="org.jasig.cas.services.InMemoryServiceRegistryDaoImpl"> <property name="registeredServices"> <list> <bean class="org.jasig.cas.services.RegexRegisteredService"> <property name="id" value="0" /> <property name="name" value="HTTP" /> <property name="description" value="Only Allows HTTP Urls" /> <property name="serviceId" value="^http://.*" /> <property name="evaluationOrder" value="10000001" /> <property name="ignoreAttributes" value="true" /> </bean> </property> //... </bean>
4、最后在/WEB-INF/view/jsp/protocol/2.0/casServiceValidationSuccess.jsp的<cas:user></cas:user>后里加入
<c:if test="${fn:length(assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.attributes) > 0}"> <cas:attributes> <c:forEach var="attr" items="${assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.attributes}" varStatus="loopStatus" begin="0" end="${fn:length(assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.attributes)}" step="1"> <cas:attribute> <cas:${fn:escapeXml(attr.key)}>${fn:escapeXml(attr.value)}</cas:${fn:escapeXml(attr.key)}> </cas:attribute> </c:forEach> </cas:attributes> </c:if>
下面是服务端的配置,主要是web.xml
<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd" > <web-app> <display-name>Archetype Created Web Application</display-name> <filter> <filter-name>CAS Authentication Filter</filter-name> <filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class> <init-param> <param-name>casServerLoginUrl</param-name> <param-value>http://sso.nbrc.com.cn:8080/cas/login</param-value> </init-param> <init-param> <param-name>serverName</param-name> <param-value>http://localhost:8080</param-value> </init-param> </filter> <filter> <filter-name>CAS Validation Filter</filter-name> <filter-class>org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</filter-class> <init-param> <param-name>casServerUrlPrefix</param-name> <param-value>http://sso.nbrc.com.cn:8080/cas</param-value> </init-param> <init-param> <param-name>serverName</param-name> <param-value>http://localhost:8080</param-value> </init-param> <init-param> <param-name>proxyReceptorUrl</param-name> <param-value>/proxyCallback</param-value> </init-param> <init-param> <param-name>proxyCallbackUrl</param-name> <param-value>http://localhost:8080/client/proxyCallback</param-value> </init-param> </filter> <filter> <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name> <filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class> </filter> <filter> <filter-name>CAS Assertion Thread Local Filter</filter-name> <filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class> </filter> <filter-mapping> <filter-name>CAS Validation Filter</filter-name> <url-pattern>/proxyCallback</url-pattern> </filter-mapping> <filter-mapping> <filter-name>CAS Authentication Filter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <filter-mapping> <filter-name>CAS Validation Filter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <filter-mapping> <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <filter-mapping> <filter-name>CAS Assertion Thread Local Filter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <listener> <listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class> </listener> </web-app>
获取信息的代码
<% AttributePrincipal pr = (AttributePrincipal) request.getUserPrincipal(); out.println(pr.getName()); out.println(pr.getAttributes().get("email")); out.println("<hr/>"); out.println(AssertionHolder.getAssertion().getPrincipal().getName()); Map<String,Object> attrs = AssertionHolder.getAssertion().getPrincipal().getAttributes(); for(Map.Entry<String,Object> keyset:attrs.entrySet()){ out.print(keyset.getKey() + ":" + keyset.getValue() + "<br/>"); } %>
上一篇: [转]NIO Client程序片断