springside3运用cas认证
springside3使用cas认证
最近刚开始接触springside3,使用它写一个小的web应用,这个框架写起来感觉是要比appfuse1.9.4好一些,感觉干净不少,写起来也很清晰。
因为是学校的应用,所以我要使用统一认证系统,我们学校的统一认证系统是基于CAS的,所以就涉及到CAS和Springside3的集成问题,其实就是和Spring Security2.0.4集成。
具体方法,修改applicationContext-security.xml文件,
将
<s:http auto-config=”true” access-decision-manager-ref=”accessDecisionManager”>
<s:form-login login-page=”/login.action” default-target-url=”/”
authentication-failure-url=”/login.action?error=true” />
<s:logout logout-success-url=”/” />
<s:remember-me key=”e37f4b31-0c45-11dd-bd0b-0800200c9a66″ />
</s:http>
替换为
<s:http entry-point-ref=”casProcessingFilterEntryPoint” access-decision-manager-ref=”accessDecisionManager”>
<s:logout logout-success-url=”/” />
</s:http>
注释掉
<s:authentication-provider user-service-ref=”userDetailsService”>–>
<!– 可设置hash使用sha1或md5散列密码后再存入数据库 –>
<!– <s:password-encoder hash=”plaintext” />
</s:authentication-provider>
增加以下定义
<bean id=”serviceProperties” class=”org.springframework.security.ui.cas.ServiceProperties”>
<property name=”service” value=”http://localhost:8080/neuspamer-1.0-SNAPSHOT/j_spring_cas_security_check”/>
<property name=”sendRenew” value=”false”/>
</bean>
<s:authentication-manager alias=”authenticationManager”/>
<bean id=”casProcessingFilter” class=”org.springframework.security.ui.cas.CasProcessingFilter”>
<s:custom-filter after=”CAS_PROCESSING_FILTER”/>
<property name=”authenticationManager” ref=”authenticationManager”/>
<property name=”authenticationFailureUrl” value=”/casfailed.jsp”/>
<property name=”defaultTargetUrl” value=”/”/>
</bean>
<bean id=”casProcessingFilterEntryPoint”
class=”org.springframework.security.ui.cas.CasProcessingFilterEntryPoint”>
<property name=”loginUrl” value=”https://sso.neu.edu.cn/cas/login”/>
<property name=”serviceProperties” ref=”serviceProperties”/>
</bean>
<bean id=”casAuthenticationProvider” class=”org.springframework.security.providers.cas.CasAuthenticationProvider”>
<s:custom-authentication-provider />
<property name=”userDetailsService” ref=”userDetailsService”/>
<property name=”serviceProperties” ref=”serviceProperties” />
<property name=”ticketValidator”>
<bean class=”org.jasig.cas.client.validation.Cas20ServiceTicketValidator”>
<constructor-arg index=”0″ value=”https://sso.neu.edu.cn/cas/” />
</bean>
</property>
<property name=”key” value=”1″/>
</bean>
配置的工作就完成了,然后还要加入依赖关系,修改项目根目录的pom.xml文件
找到<!– spring security –>节
增加如下依赖
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-cas-client</artifactId>
<version>2.0.4</version>
</dependency>
最近刚开始接触springside3,使用它写一个小的web应用,这个框架写起来感觉是要比appfuse1.9.4好一些,感觉干净不少,写起来也很清晰。
因为是学校的应用,所以我要使用统一认证系统,我们学校的统一认证系统是基于CAS的,所以就涉及到CAS和Springside3的集成问题,其实就是和Spring Security2.0.4集成。
具体方法,修改applicationContext-security.xml文件,
将
<s:http auto-config=”true” access-decision-manager-ref=”accessDecisionManager”>
<s:form-login login-page=”/login.action” default-target-url=”/”
authentication-failure-url=”/login.action?error=true” />
<s:logout logout-success-url=”/” />
<s:remember-me key=”e37f4b31-0c45-11dd-bd0b-0800200c9a66″ />
</s:http>
替换为
<s:http entry-point-ref=”casProcessingFilterEntryPoint” access-decision-manager-ref=”accessDecisionManager”>
<s:logout logout-success-url=”/” />
</s:http>
注释掉
<s:authentication-provider user-service-ref=”userDetailsService”>–>
<!– 可设置hash使用sha1或md5散列密码后再存入数据库 –>
<!– <s:password-encoder hash=”plaintext” />
</s:authentication-provider>
增加以下定义
<bean id=”serviceProperties” class=”org.springframework.security.ui.cas.ServiceProperties”>
<property name=”service” value=”http://localhost:8080/neuspamer-1.0-SNAPSHOT/j_spring_cas_security_check”/>
<property name=”sendRenew” value=”false”/>
</bean>
<s:authentication-manager alias=”authenticationManager”/>
<bean id=”casProcessingFilter” class=”org.springframework.security.ui.cas.CasProcessingFilter”>
<s:custom-filter after=”CAS_PROCESSING_FILTER”/>
<property name=”authenticationManager” ref=”authenticationManager”/>
<property name=”authenticationFailureUrl” value=”/casfailed.jsp”/>
<property name=”defaultTargetUrl” value=”/”/>
</bean>
<bean id=”casProcessingFilterEntryPoint”
class=”org.springframework.security.ui.cas.CasProcessingFilterEntryPoint”>
<property name=”loginUrl” value=”https://sso.neu.edu.cn/cas/login”/>
<property name=”serviceProperties” ref=”serviceProperties”/>
</bean>
<bean id=”casAuthenticationProvider” class=”org.springframework.security.providers.cas.CasAuthenticationProvider”>
<s:custom-authentication-provider />
<property name=”userDetailsService” ref=”userDetailsService”/>
<property name=”serviceProperties” ref=”serviceProperties” />
<property name=”ticketValidator”>
<bean class=”org.jasig.cas.client.validation.Cas20ServiceTicketValidator”>
<constructor-arg index=”0″ value=”https://sso.neu.edu.cn/cas/” />
</bean>
</property>
<property name=”key” value=”1″/>
</bean>
配置的工作就完成了,然后还要加入依赖关系,修改项目根目录的pom.xml文件
找到<!– spring security –>节
增加如下依赖
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-cas-client</artifactId>
<version>2.0.4</version>
</dependency>