CAS實戰
本文目錄:html
- 1、概述
- 2、演示環境
- 3、JDK安裝配置
- 4、安全證書配置
- 5、部署CAS-Server相關的Tomcat
- 6、部署CAS-Client相關的Tomcat
- 7、 測試驗證SSO
1、概述java
此文的目的就是爲了幫助初步接觸SSO和CAS 的人員提供一個入門指南,一步一步演示如何實現基於CAS的單點登陸。web
CAS的官網:http://www.jasig.org/casapache
2、演示環境windows
本文演示過程在同一個機器上的(也能夠在三臺實體機器或者三個的虛擬機上),環境以下:瀏覽器
- windows7 64位,主機名稱:michael-pc
- JDK 1.6.0_18
- Tomcat 6.0.29
- CAS-server-3.4.十一、CAS-client-3.2.1
根據演示需求,
用修改hosts 文件的方法添加域名最簡單方便(這個很是重要),在文件 C:\Windows\System32\drivers\etc\hosts 文件中添加三條
127.0.0.1 demo.micmiu.com 127.0.0.1 app1.micmiu.com 127.0.0.1 app2.micmiu.com
- demo.micmiu.com =>> 對應部署cas server的tomcat,這個虛擬域名還用於證書生成
- app1.micmiu.com =>> 對應部署app1 的tomcat
- app2.micmiu.com =>> 對應部署app2 的tomcat
3、JDK安裝配置tomcat
這個詳細過程就不在描述,若是是免安裝版的,確保環境變量配置正確。安全
本機環境變量:JAVA_HOME=D:\jdk,若是看到如下信息則表示安裝成功:session
4、安全證書配置app
有關keytool工具的詳細運用見:http://www.micmiu.com/lang/java/keytool-start-guide/
4.1. 生成證書:
1 |
keytool -genkey -alias ssodemo -keyalg RSA -keysize 1024 -keypass michaelpwd -validity 365 -keystore g:\sso\ssodemo.keystore -storepass michaelpwd |
ps:
- 截圖中須要輸入的姓名和上面hosts文件中配置的一致;
- keypass 和 storepass 兩個密碼要一致,不然下面tomcat 配置https 訪問失敗;
4.2.導出證書:
1 |
keytool -export -alias ssodemo -keystore g:\sso\ssodemo.keystore -fileg:\sso\ssodemo.crt -storepass michaelpwd |
4.3.客戶端導入證書:
1 |
keytool -import -keystore %JAVA_HOME%\jre\lib\security\cacerts -fileg:\sso\ssodemo.crt -alias ssodemo |
ps:該命令中輸入的密碼和上面輸入的不是同一個密碼;若是是多臺機器演示,須要在每一臺客戶端導入該證書。
5、部署CAS-Server相關的Tomcat
5.1. 配置HTTPS
解壓apache-tomcat-6.0.29.tar.gz並重命名後的路徑爲 G:\sso\tomcat-cas,在文件 conf/server.xml文件找到:
1 |
<!-- |
2 |
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" |
3 |
maxThreads="150" scheme="https" secure="true" |
4 |
clientAuth="false" sslProtocol="TLS" /> |
5 |
--> |
修改爲以下:
1 |
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" |
2 |
maxThreads="150" scheme="https" secure="true" |
3 |
keystoreFile="g:/sso/ssodemo.keystore" keystorePass="michaelpwd" |
4 |
clientAuth="false" sslProtocol="TLS" URIEncoding="UTF-8" |
參數說明:
- keystoreFile 就是4.1中建立證書的路徑
- keystorePass 就是4.1中建立證書的密碼
5.2. 驗證HTTPS配置
其餘按照默認配置不做修改,雙擊%TOMCAT_HOME%\bin\startup.bat 啓動tomcat-cas 驗證https訪問配置:
若是看到上述界面表示https 訪問配置成功。
5.3 部署CAS-Server
CAS-Server 下載地址:http://www.jasig.org/cas/download
本文以cas-server-3.4.11-release.zip 爲例,解壓提取cas-server-3.4.11/modules/cas-server-webapp-3.4.11.war文件,把改文件copy到 G:\sso\tomcat-cas\webapps\ 目下,並重命名爲:cas.war.
啓動tomcat-cas,在瀏覽器地址欄輸入:https://demo.micmiu.com:8443/cas/login ,回車
CAS-server的默認驗證規則:只要用戶名和密碼相同就認證經過(僅僅用於測試,生成環境須要根據實際狀況修改),輸入admin/admin 點擊登陸,就能夠看到登陸成功的頁面:
看到上述頁面表示CAS-Server已經部署成功。
6、部署CAS-Client相關的Tomcat
6.1Cas-Client 下載
CAS-Client 下載地址:http://downloads.jasig.org/cas-clients/
以cas-client-3.2.1-release.zip 爲例,解壓提取cas-client-3.2.1/modules/cas-client-core-3.2.1.jar
藉以tomcat默認自帶的 webapps\examples 做爲演示的簡單web項目
6.2 安裝配置 tomcat-app1
解壓apache-tomcat-6.0.29.tar.gz並重命名後的路徑爲 G:\sso\tomcat-app1,修改tomcat的啓動端口,在文件conf/server.xml文件找到以下內容:
1 |
<Connector port="8080" protocol="HTTP/1.1" |
2 |
connectionTimeout="20000" |
3 |
redirectPort="8443" /> |
4 |
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" /> |
修改爲以下:
1 |
<Connector port="18080" protocol="HTTP/1.1" |
2 |
connectionTimeout="20000" |
3 |
redirectPort="18443" /> |
4 |
<Connector port="18009" protocol="AJP/1.3" redirectPort="18443" /> |
啓動tomcat-app1,瀏覽器輸入 http://app1.micmiu.com:18080/examples/servlets/ 回車:
看到上述界面表示tomcat-app1的基本安裝配置已經成功。
接下來複制 client的lib包cas-client-core-3.2.1.jar到 tomcat-app1\webapps\examples\WEB-INF\lib\目錄下, 在tomcat-app1\webapps\examples\WEB-INF\web.xml 文件中增長以下內容:
<!--======================== 單點登陸開始 ======================== -->
<!--用於單點退出,該過濾器用於實現單點登出功能,可選配置-->
<listener>
<listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class>
</listener>
<!--該過濾器用於實現單點登出功能,可選配置。 -->
<filter>
<filter-name>CAS Single Sign Out Filter</filter-name>
<filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CAS Single Sign Out Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>CAS Filter</filter-name>
<filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>
<init-param>
<param-name>casServerLoginUrl</param-name>
<param-value>https://demo.cas.com:8443/cas/login</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>http://app1.cas.com:18080</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CAS Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!--該過濾器負責對Ticket的校驗工做,必須啓用它 -->
<filter>
<filter-name>CAS Validation Filter</filter-name>
<filter-class>org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</filter-class>
<init-param>
<param-name>casServerUrlPrefix</param-name>
<param-value>https://demo.cas.com:8443/cas</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>http://app1.cas.com:18080</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CAS Validation Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!--該過濾器負責實現HttpServletRequest請求的包裹,好比容許開發者經過HttpServletRequest的getRemoteUser()方法得到SSO登陸用戶的登陸名,可選 -->
<filter>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!--該過濾器使得開發者能夠經過org.jasig.cas.client.util.AssertionHolder來獲取用戶的登陸名。好比AssertionHolder.getAssertion().getPrincipal().getName()。 -->
<filter>
<filter-name>CAS Assertion Thread Local Filter</filter-name>
<filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CAS Assertion Thread Local Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!--======================== 單點登陸結束 ======================== -->
<!--用於單點退出,該過濾器用於實現單點登出功能,可選配置-->
<listener>
<listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class>
</listener>
<!--該過濾器用於實現單點登出功能,可選配置。 -->
<filter>
<filter-name>CAS Single Sign Out Filter</filter-name>
<filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CAS Single Sign Out Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>CAS Filter</filter-name>
<filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>
<init-param>
<param-name>casServerLoginUrl</param-name>
<param-value>https://demo.cas.com:8443/cas/login</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>http://app1.cas.com:18080</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CAS Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!--該過濾器負責對Ticket的校驗工做,必須啓用它 -->
<filter>
<filter-name>CAS Validation Filter</filter-name>
<filter-class>org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</filter-class>
<init-param>
<param-name>casServerUrlPrefix</param-name>
<param-value>https://demo.cas.com:8443/cas</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>http://app1.cas.com:18080</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CAS Validation Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!--該過濾器負責實現HttpServletRequest請求的包裹,好比容許開發者經過HttpServletRequest的getRemoteUser()方法得到SSO登陸用戶的登陸名,可選 -->
<filter>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!--該過濾器使得開發者能夠經過org.jasig.cas.client.util.AssertionHolder來獲取用戶的登陸名。好比AssertionHolder.getAssertion().getPrincipal().getName()。 -->
<filter>
<filter-name>CAS Assertion Thread Local Filter</filter-name>
<filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CAS Assertion Thread Local Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!--======================== 單點登陸結束 ======================== -->
<!--======================== 單點登陸開始 ======================== -->
<!--用於單點退出,該過濾器用於實現單點登出功能,可選配置-->
<listener>
<listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class>
</listener>
<!--該過濾器用於實現單點登出功能,可選配置。 -->
<filter>
<filter-name>CAS Single Sign Out Filter</filter-name>
<filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CAS Single Sign Out Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>CAS Filter</filter-name>
<filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>
<init-param>
<param-name>casServerLoginUrl</param-name>
<param-value>https://demo.<span style="font-size: 13px; line-height: 19.5px; white-space: pre-wrap; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace;">micmiu</span><span style="white-space: pre-wrap; line-height: 1.8em; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace;">.com:8443/cas/login</param-value></span>
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>http://app1.<span style="font-size: 13px; line-height: 19.5px; white-space: pre-wrap; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace;">micmiu</span><span style="white-space: pre-wrap; line-height: 1.8em; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace;">.com:18080</param-value></span>
</init-param>
</filter>
<filter-mapping>
<filter-name>CAS Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!--該過濾器負責對Ticket的校驗工做,必須啓用它 -->
<filter>
<filter-name>CAS Validation Filter</filter-name>
<filter-class>org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</filter-class>
<init-param>
<param-name>casServerUrlPrefix</param-name>
<param-value>https://demo.<span style="font-size: 13px; line-height: 19.5px; white-space: pre-wrap; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace;">micmiu</span><span style="white-space: pre-wrap; line-height: 1.8em; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace;">.com:8443/cas</param-value></span>
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>http://app1.<span style="font-size: 13px; line-height: 19.5px; white-space: pre-wrap; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace;">micmiu</span><span style="white-space: pre-wrap; line-height: 1.8em; font-family: Consolas, 'Bitstream Vera Sans Mono', 'Courier New', Courier, monospace;">.com:18080</param-value></span>
</init-param>
</filter>
<filter-mapping>
<filter-name>CAS Validation Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!--該過濾器負責實現HttpServletRequest請求的包裹,好比容許開發者經過HttpServletRequest的getRemoteUser()方法得到SSO登陸用戶的登陸名,可選 -->
<filter>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!--該過濾器使得開發者能夠經過org.jasig.cas.client.util.AssertionHolder來獲取用戶的登陸名。好比AssertionHolder.getAssertion().getPrincipal().getName()。 -->
<filter>
<filter-name>CAS Assertion Thread Local Filter</filter-name>
<filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CAS Assertion Thread Local Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!--======================== 單點登陸結束 ======================== -->
啓動tomcat-app2,瀏覽器輸入 http://app2.micmiu.com:28080/examples/servlets/ 回車,按照上述6.2中的方法驗證是否成功。
同6.2中的複製 client的lib包cas-client-core-3.2.1.jar到 tomcat-app2\webapps\examples\WEB-INF\lib\目錄下, 在tomcat-app2\webapps\examples\WEB-INF\web.xml 文件中增長以下內容:
1 |
<!-- ======================== 單點登陸開始 ======================== --> |
2 |
<!-- 用於單點退出,該過濾器用於實現單點登出功能,可選配置--> |
3 |
<listener> |
4 |
<listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class> |
5 |
</listener> |
6 |
7 |
<!-- 該過濾器用於實現單點登出功能,可選配置。 --> |
8 |
<filter> |
9 |
<filter-name>CAS Single Sign Out Filter</filter-name> |
10 |
<filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class> |
11 |
</filter> |
12 |
<filter-mapping> |
13 |
<filter-name>CAS Single Sign Out Filter</filter-name> |
14 |
<url-pattern>/*</url-pattern> |
15 |
</filter-mapping> |
16 |
17 |
<filter> |
18 |
<filter-name>CAS Filter</filter-name> |
19 |
<filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class> |
20 |
<init-param> |
21 |
<param-name>casServerLoginUrl</param-name> |
22 |
<param-value>https://demo.micmiu.com:8443/cas/login</param-value> |
23 |
</init-param> |
24 |
<init-param> |
25 |
<param-name>serverName</param-name> |
26 |
<param-value>http://app2.micmiu.com:28080</param-value> |
27 |
</init-param> |
28 |
</filter> |
29 |
<filter-mapping> |
30 |
<filter-name>CAS Filter</filter-name> |
31 |
<url-pattern>/*</url-pattern> |
32 |
</filter-mapping> |
33 |
<!-- 該過濾器負責對Ticket的校驗工做,必須啓用它 --> |
34 |
<filter> |
35 |
<filter-name>CAS Validation Filter</filter-name> |
36 |
<filter-class> |
37 |
org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</filter-class> |
38 |
<init-param> |
39 |
<param-name>casServerUrlPrefix</param-name> |
40 |
<param-value>https://demo.micmiu.com:8443/cas</param-value> |
41 |
</init-param> |
42 |
<init-param> |
43 |
<param-name>serverName</param-name> |
44 |
<param-value>http://app2.micmiu.com:28080</param-value> |
45 |
</init-param> |
46 |
</filter> |
47 |
<filter-mapping> |
48 |
<filter-name>CAS Validation Filter</filter-name> |
49 |
<url-pattern>/*</url-pattern> |
50 |
</filter-mapping> |
51 |
52 |
<!-- |
53 |
該過濾器負責實現HttpServletRequest請求的包裹, |
54 |
好比容許開發者經過HttpServletRequest的getRemoteUser()方法得到SSO登陸用戶的登陸名,可選配置。 |
55 |
--> |
56 |
<filter> |
57 |
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name> |
58 |
<filter-class> |
59 |
org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class> |
60 |
</filter> |
61 |
<filter-mapping> |
62 |
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name> |
63 |
<url-pattern>/*</url-pattern> |
64 |
</filter-mapping> |
65 |
66 |
<!-- |
67 |
該過濾器使得開發者能夠經過org.jasig.cas.client.util.AssertionHolder來獲取用戶的登陸名。 |
68 |
好比AssertionHolder.getAssertion().getPrincipal().getName()。 |
69 |
--> |
70 |
<filter> |
71 |
<filter-name>CAS Assertion Thread Local Filter</filter-name> |
72 |
<filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class> |
73 |
</filter> |
74 |
<filter-mapping> |
75 |
<filter-name>CAS Assertion Thread Local Filter</filter-name> |
76 |
<url-pattern>/*</url-pattern> |
77 |
</filter-mapping> |
78 |
79 |
<!-- ======================== 單點登陸結束 ======================== --> |
7、 測試驗證SSO
啓動以前配置好的三個tomcat分別爲:tomcat-cas、tomcat-app一、tomcat-app2.
7.1 基本的測試
預期流程: 打開app1 url —-> 跳轉cas server 驗證 —-> 顯示app1的應用 —-> 打開app2 url —-> 顯示app2應用 —-> 註銷cas server —-> 打開app1/app2 url —-> 從新跳轉到cas server 驗證.
打開瀏覽器地址欄中輸入:http://app1.micmiu.com:18080/examples/servlets/servlet/HelloWorldExample,回車:
跳轉到驗證頁面:
驗證經過後顯示以下:
此時訪問app2就再也不須要驗證:
地址欄中輸入:https://demo.micmiu.com:8443/cas/logout,回車顯示:
上述表示 認證註銷成功,此時若是再訪問 : http://app1.micmiu.com:18080/examples/servlets/servlet/HelloWorldExample 或 http://app2.micmiu.com:28080/examples/servlets/servlet/HelloWorldExample 須要從新進行認證。
7.2 獲取登陸用戶的信息
修改HelloWorldExample.java,從新編譯替換webapps\examples\WEB-INF\classes\HelloWorldExample.class文件,修改後的HelloWorldExample.java代碼以下:
1 |
import java.io.*; |
2 |
import java.util.*; |
3 |
import java.util.Map.Entry; |
4 |
5 |
import javax.servlet.*; |
6 |
import javax.servlet.http.*; |
7 |
8 |
import org.jasig.cas.client.authentication.AttributePrincipal; |
9 |
import org.jasig.cas.client.util.AbstractCasFilter; |
10 |
import org.jasig.cas.client.validation.Assertion; |
11 |
12 |
/** |
13 |
* The simplest possible servlet. |
14 |
* |
15 |
* @author James Duncan Davidson |
16 |
*/ |
17 |
18 |
public class HelloWorldExample extends HttpServlet { |
19 |
20 |
public void doGet(HttpServletRequest request, HttpServletResponse response) |
21 |
throws IOException, ServletException { |
22 |
ResourceBundle rb = ResourceBundle.getBundle("LocalStrings", request |
23 |
.getLocale()); |
24 |
response.setContentType("text/html"); |
25 |
PrintWriter out = response.getWriter(); |
26 |
27 |
out.println("<html>"); |
28 |
out.println("<head>"); |
29 |
30 |
String title = rb.getString("helloworld.title"); |
31 |
32 |
out.println("<title>" + title + "</title>"); |
33 |
out.println("</head>"); |
34 |
out.println("<body bgcolor=\"white\">"); |
35 |
36 |
out.println("<a href=\"../helloworld.html\">"); |
37 |
out.println("<img src=\"../images/code.gif\" height=24 " |
38 |
+ "width=24 align=right border=0 alt=\"view code\"></a>"); |
39 |
out.println("<a href=\"../index.html\">"); |
40 |
out.println("<img src=\"../images/return.gif\" height=24 " |
41 |
+ "width=24 align=right border=0 alt=\"return\"></a>"); |
42 |
out.println("<h1>" + title + "</h1>"); |
43 |
44 |
Assertion assertion = (Assertion) request.getSession().getAttribute( |
45 |
AbstractCasFilter.CONST_CAS_ASSERTION); |
46 |
47 |
if (null != assertion) { |
48 |
out.println(" Log | ValidFromDate =:" |
49 |
+ assertion.getValidFromDate() + "<br>"); |
50 |
out.println(" Log | ValidUntilDate =:" |
51 |
+ assertion.getValidUntilDate() + "<br>"); |
52 |
Map<Object, Object> attMap = assertion.getAttributes(); |
53 |
out.println(" Log | getAttributes Map size = " + attMap.size() |
54 |
+ "<br>"); |
55 |
for (Entry<Object, Object> entry : attMap.entrySet()) { |
56 |
out.println(" | " + entry.getKey() + "=:" |
57 |
+ entry.getValue() + "<br>"); |
58 |
} |
59 |
60 |
} |
61 |
AttributePrincipal principal = assertion.getPrincipal(); |
62 |
63 |
// AttributePrincipal principal = (AttributePrincipal) request |
64 |
// .getUserPrincipal(); |
65 |
66 |
String username = null; |
67 |
out.print(" Log | UserName:"); |
68 |
if (null != principal) { |
69 |
username = principal.getName(); |
70 |
out.println("<span style='color:red;'>" + username + "</span><br>"); |
71 |
} |
72 |
73 |
out.println("</body>"); |
74 |
out.println("</html>"); |
75 |
} |
76 |
} |
再進行上述測試顯示結果以下:
http://app1.micmiu.com:18080/examples/servlets/servlet/HelloWorldExample :
http://app2.micmiu.com:28080/examples/servlets/servlet/HelloWorldExample
從上述頁面能夠看到經過認證的用戶名。
到此已經所有完成了CAS單點登陸實例演示。
原文出處:http://www.cnblogs.com/adolfmc/archive/2012/07/16/2593291.html
相關文章
- 1. 實戰:CAS搭建
- 2. cas 4.X單點登錄實戰
- 3. cas 4.X單點登陸實戰
- 4. CAS單點登錄實戰和簡介
- 5. 視頻教程-CAS實戰教程-Java
- 6. cas 實現
- 7. Django實現CAS+OAuth2
- 8. CAS實現原理
- 9. cas 單點登陸實戰-sso-config篇(三)
- 10. 單點登錄(三)-----實戰-----cas server 源碼下載和部署
- 更多相關文章...
- • XML DOM 實例 - XML DOM 教程
- • XML 實例 - XML 教程
- • Docker容器實戰(一) - 封神Server端技術
- • Docker容器實戰(八) - 漫談 Kubernetes 的本質
相關標籤/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
歡迎關注本站公眾號,獲取更多信息
相關文章
- 1. 實戰:CAS搭建
- 2. cas 4.X單點登錄實戰
- 3. cas 4.X單點登陸實戰
- 4. CAS單點登錄實戰和簡介
- 5. 視頻教程-CAS實戰教程-Java
- 6. cas 實現
- 7. Django實現CAS+OAuth2
- 8. CAS實現原理
- 9. cas 單點登陸實戰-sso-config篇(三)
- 10. 單點登錄(三)-----實戰-----cas server 源碼下載和部署