此文爲記錄單點登陸實現過程,包括cas服務端和客戶端的定製擴展java
單點登陸服務端採用cas,以cas-server-webapp版本號爲3.5.2.1爲基礎進行定製擴展實現。web
定製實現的源碼功能以上傳至svn代碼庫,路徑爲:svn://192.168.9.16/minxin/Repositories/minxinloan/trunk/mxcas-server-webapp。spring
此版本的定製擴展實現採用http協議(關閉了https協議),下面對此版的定製擴展進行詳細的描述。sql
在deployerConfigContext.xml配置文件中將<bean class="org.jasig.cas.authentication.handler.support.SimpleTestUsernamePasswordAuthenticationHandler" />替換爲:數據庫
<bean class="org.jasig.cas.adaptors.jdbc.QueryDatabaseAuthenticationHandler">
<property name="dataSource" ref="dataSource"></property>
<property name="sql" value="select t.password from uc_employee t where t.login_name=? and t.status=1"></property>
<property name="passwordEncoder" ref="mxPasswordEncoder"></property>
</bean>cookie
<bean id="attributeRepository" class="org.jasig.services.persondir.support.StubPersonAttributeDao">
<property name="backingMap">
<map>
<entry key="uid" value="uid" />
<entry key="eduPersonAffiliation" value="eduPersonAffiliation" />
<entry key="groupMembership" value="groupMembership" />
</map>
</property>
</bean>session
替換爲:app
<bean id="attributeRepository" class="com.minxinloan.cas.server.MxloanPersonAttributeDao">
<property name="dataSource" ref="dataSource"/>
</bean>webapp
<listener>
<listener-class>
org.jasig.cas.client.session.SingleSignOutHttpSessionListener
</listener-class>
</listener>
<filter>
<filter-name>CasSingleSignOutFilter</filter-name>
<filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CasSingleSignOutFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>CASFilter</filter-name>
<filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>
<init-param>
<param-name>casServerLoginUrl</param-name>
<param-value>http://localhost:8088/cas/login</param-value> <!-- 此地址爲cas登陸url-->
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>http://localhost:8080</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CASFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>CasTicketFilter</filter-name>
<filter-class>
org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter
</filter-class>
<init-param>
<param-name>casServerUrlPrefix</param-name>
<param-value>http://localhost:8088/cas</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>http://localhost:8080</param-value>
</init-param>
<init-param>
<param-name>encoding</param-name>
<param-value>UTF-8</param-value> <!--處理中文亂碼問題-->
</init-param>
</filter>
<filter-mapping>
<filter-name>CasTicketFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>CasRequestWrapFilter</filter-name>
<filter-class>
org.jasig.cas.client.util.HttpServletRequestWrapperFilter
</filter-class>
</filter>
<filter-mapping>
<filter-name>CasRequestWrapFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>AssertionThreadLocalFilter</filter-name>
<filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>AssertionThreadLocalFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-name>CasSessionUserFilter</filter-name>
<filter-class>com.minxinloan.web.utils.CasSessionUserFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CasSessionUserFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>jsp