cas-client 使用（6）

時間 2019-11-18

標籤 cas client 使用简体版

原文原文鏈接

1、隨便的建立一個客戶端的web項目，如casclient1html

編寫一個index.jsp以下：java

<%@ page language="java" contentType="text/html; charset=UTF-8"  
    pageEncoding="UTF-8"%>  
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">  
<html>  
<head>  
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">  
<title>CASClient1's index.jsp</title>  
</head>  
<body>  
<%   
/*獲取登陸用戶名*/  
	String username = request.getRemoteUser();  
%>
<h1>成功登陸===casClient1111===系統</h1>  
current user: <%=username %>  
<p><a href="https://localhost:8443/cas/logout">logout</a></p>  
</body>  
</html>

設置web.xml以下：web

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" id="WebApp_ID" version="3.0">
  <display-name>casclient1</display-name>
  
  
  <!-- 該過濾器用於實現單點登出功能，可選配置。 -->  
<!-- 登出地址 https://casserver:8443/cas/logout -->  
<filter>  
    <filter-name>CAS Single Sign Out Filter</filter-name>  
    <filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>  
</filter>  
<filter-mapping>  
    <filter-name>CAS Single Sign Out Filter</filter-name>  
    <url-pattern>/*</url-pattern>  
</filter-mapping>  

  
<!-- 該過濾器負責用戶的認證工做，必須啓用它 -->  
<filter>  
    <filter-name>CAS Authentication Filter</filter-name>  
    <filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>  
    <init-param>  
        <param-name>casServerLoginUrl</param-name>  
        <param-value>https://localhost:8443/cas/login</param-value>  
    </init-param>  
    <init-param>  
        <param-name>serverName</param-name>  
        <param-value>http://localhost:8088</param-value>  
    </init-param>  
</filter>  
  
<!-- 該過濾器負責對Ticket的校驗工做，必須啓用它 -->  
<filter>  
    <filter-name>CAS Validation Filter</filter-name>  
    <filter-class>org.jasig.cas.client.validation.Cas10TicketValidationFilter</filter-class>  
    <init-param>  
        <param-name>casServerUrlPrefix</param-name>  
        <param-value>https://localhost:8443/cas</param-value>  
    </init-param>  
    <init-param>  
        <param-name>serverName</param-name>  
        <param-value>http://localhost:8088</param-value>  
    </init-param>  
    <init-param>  
        <param-name>redirectAfterValidation</param-name>  
        <param-value>true</param-value>  
    </init-param>  
</filter>  
  
<!-- 該過濾器負責實現HttpServletRequest請求的包裝， 好比容許開發者經過HttpServletRequest的getRemoteUser()方法得到SSO登陸用戶的登陸名，可選配置。 -->  
<filter>  
    <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>  
    <filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class>  
</filter>  
  
<!-- 該過濾器使得開發者能夠經過org.jasig.cas.client.util.AssertionHolder來獲取用戶的登陸名。 好比AssertionHolder.getAssertion().getPrincipal().getName()。 -->  
<filter>  
    <filter-name>CAS Assertion Thread Local Filter</filter-name>  
    <filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class>  
</filter>  
  

<filter-mapping>  
    <filter-name>CAS Authentication Filter</filter-name>  
    <url-pattern>/*</url-pattern>  
</filter-mapping>  
<filter-mapping>  
    <filter-name>CAS Validation Filter</filter-name>  
    <url-pattern>/*</url-pattern>  
</filter-mapping>  
<filter-mapping>  
    <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>  
    <url-pattern>/*</url-pattern>  
</filter-mapping>  
<filter-mapping>  
    <filter-name>CAS Assertion Thread Local Filter</filter-name>  
    <url-pattern>/*</url-pattern>  
</filter-mapping>  
  
<listener>  
    <listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class>  
</listener>  
  
  <welcome-file-list>
    <welcome-file>index.html</welcome-file>
    <welcome-file>index.htm</welcome-file>
    <welcome-file>index.jsp</welcome-file>
    <welcome-file>default.html</welcome-file>
    <welcome-file>default.htm</welcome-file>
    <welcome-file>default.jsp</welcome-file>
  </welcome-file-list>
</web-app>

加入以下包:api

cas-client-core-3.3.3.jar
slf4j-api-1.7.1.jar服務器

按照上面，再建立一個項目如：casclient2 。作單點登陸的功能驗證。session

2、啓動一個這兩個項目，並訪問casclient1 的index.jsp頁面。你所看到的將是單點登陸服務器的登陸界面。正確的完成登陸後，服務器就會重定向到index.jsp頁面了。app

這裏你再訪問casclient2的index.jsp頁面時，就沒進入登陸界面了。完成了單點登陸的功能。jsp

注意：ide

你可能會碰到以下異常，在下節中咱們再提到：oop

java.lang.RuntimeException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	org.jasig.cas.client.util.CommonUtils.getResponseFromServer(CommonUtils.java:407)
	org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTicketValidator.retrieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:45)
	org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:200)
	org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:206)
	org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:161)
	org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:100)

sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:196)
	java.security.cert.CertPathBuilder.build(CertPathBuilder.java:268)
	sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:380)
	sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)
	sun.security.validator.Validator.validate(Validator.java:260)
	sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326)
	sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231)
	sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126)
	sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1428)
	sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:209)
	sun.security.ssl.Handshaker.processLoop(Handshaker.java:913)
	sun.security.ssl.Handshaker.process_record(Handshaker.java:849)
	sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1023)
	sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1332)
	sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1359)
	sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1343)
	sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559)
	sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
	sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1301)
	sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254)
	org.jasig.cas.client.util.CommonUtils.getResponseFromServer(CommonUtils.java:393)
	org.jasig.cas.client.validation.AbstractCasProtocolUrlBasedTicketValidator.retrieveResponseFromServer(AbstractCasProtocolUrlBasedTicketValidator.java:45)
	org.jasig.cas.client.validation.AbstractUrlBasedTicketValidator.validate(AbstractUrlBasedTicketValidator.java:200)
	org.jasig.cas.client.validation.AbstractTicketValidationFilter.doFilter(AbstractTicketValidationFilter.java:206)
	org.jasig.cas.client.authentication.AuthenticationFilter.doFilter(AuthenticationFilter.java:161)
	org.jasig.cas.client.session.SingleSignOutFilter.doFilter(SingleSignOutFilter.java:100)
note The full stack trace of the root cause is available in the Apache Tomcat/7.0.75 logs.

相關標籤/搜索

每日一句

每一个你不满意的现在，都有一个你没有努力的曾经。