VIP文章 H阿布 于 2018-02-01 18:22:35 发布

在pac4j探索的上一篇文章大致讲述了一下buji-pac4j+CAS的认证流程。这里记录一下本人实现的最简单的单点登录,仅作为笔记、学习交流之用,戳这里获取本文源码

一、项目框架
1、 buji-pac4j(v.3.0.0)
2、shiro (v.1.4.0)
3、springmvc (v.4.3.2)
4、CAS (v.4.2.6)
5、pac4j-cas(v.2.2.1)

在maven项目的pom.xml里配置以上相关依赖,具体依赖配置可以查看我的项目,这里不再赘述。

二、目录结构
客户端项目(pac4jtest1)目录结构如下:
这里写图片描述
1、java文件目录中,Redirect2CasLoginFilter是测试用的,可以不管,MyCasClient类是继承自CasClient的自定义客户端,ShiroCasLogoutHandler类是单点登出时对shiro的一些操作,Controller类是请求控制器,util包里的是单点登出相关的类;

2、配置文件目录中,log4j.properties是日志管理文件,url.properties配置了项目中用到的各种url,spring-comm.xml配置了shiro集成pac4j的配置,spring-mvc.xml是springmvc的相关配置;

3、另外还有个index.jsp,就是受保护的页面,请求访问前需要先认证。

二、springMvc配置
这里springmvc作最简单的配置:

    <span>&lt;!-- 自动扫描的包名 --&gt;</span>  
    <span>&lt;<span>context:component-scan</span> <span>base-package</span>=<span>"com.pac4j.rest"</span>/&gt;</span>  

    <span>&lt;!-- 默认的注解映射的支持,自动注册DefaultAnnotationHandlerMapping和AnnotationMethodHandlerAdapter --&gt;</span>  
    <span>&lt;<span>mvc:annotation-driven</span> /&gt;</span>  

    <span>&lt;!-- 视图解释类 --&gt;</span>  
    <span>&lt;<span>bean</span> <span>class</span>=<span>"org.springframework.web.servlet.view.InternalResourceViewResolver"</span>&gt;</span>  
        <span>&lt;<span>property</span> <span>name</span>=<span>"prefix"</span> <span>value</span>=<span>"/WEB-INF/jsp/"</span>/&gt;</span>  
        <span>&lt;<span>property</span> <span>name</span>=<span>"suffix"</span> <span>value</span>=<span>".jsp"</span>/&gt;</span>  
        <span>&lt;<span>property</span> <span>name</span>=<span>"viewClass"</span> <span>value</span>=<span>"org.springframework.web.servlet.view.JstlView"</span> /&gt;</span>  
    <span>&lt;/<span>bean</span>&gt;</span>  

      <span>&lt;!-- 对静态资源文件的访问--&gt;</span>  
    <span>&lt;<span>mvc:resources</span> <span>mapping</span>=<span>"/images/**"</span> <span>location</span>=<span>"/WEB-INF/images/"</span>/&gt;</span>  
    <span>&lt;<span>mvc:resources</span> <span>mapping</span>=<span>"/js/**"</span> <span>location</span>=<span>"/WEB-INF/js/"</span> /&gt;</span>  
    <span>&lt;<span>mvc:resources</span> <span>mapping</span>=<span>"/css/**"</span> <span>location</span>=<span>"/WEB-INF/css/"</span>/&gt;</span> 

三、pac4j配置
spring-comm.xml是shiro整合pac4j的配置,具体配置如下:

<span>&lt;!-- 地址配置 --&gt;</span>
     <span>&lt;<span>bean</span> <span>id</span>=<span>"propertyConfigurer"</span> <span>class</span>=<span>"org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"</span>&gt;</span>
        <span>&lt;<span>property</span> <span>name</span>=<span>"locations"</span>&gt;</span>
            <span>&lt;<span>list</span>&gt;</span>
                <span>&lt;<span>value</span>&gt;</span>/WEB-INF/classes/url.properties<span>&lt;/<span>value</span>&gt;</span>
            <span>&lt;/<span>list</span>&gt;</span>
        <span>&lt;/<span>property</span>&gt;</span>
    <span>&lt;/<span>bean</span>&gt;</span>

    <span>&lt;!-- pac4j configurations --&gt;</span>
    <span>&lt;!-- 请求cas服务端配置 --&gt;</span>
    <span>&lt;<span>bean</span> <span>id</span>=<span>"casConfig"</span> <span>class</span>=<span>"org.pac4j.cas.config.CasConfiguration"</span>&gt;</span>
        <span>&lt;!-- CAS server登录链接 --&gt;</span>
       <span>&lt;<span>property</span> <span>name</span>=<span>"loginUrl"</span> <span>value</span>=<span>"${sso.cas.server.loginUrl}"</span>&gt;</span><span>&lt;/<span>property</span>&gt;</span>
        <span>&lt;!-- CAS server服务前缀 --&gt;</span>
       <span>&lt;<span>property</span> <span>name</span>=<span>"prefixUrl"</span> <span>value</span>=<span>"${sso.cas.server.prefixUrl}"</span>&gt;</span><span>&lt;/<span>property</span>&gt;</span>
        <span>&lt;!-- 登出处理器,单点登出时所需要的操作在这里实现--&gt;</span>
        <span>&lt;<span>property</span> <span>name</span>=<span>"logoutHandler"</span> <span>ref</span>=<span>"casLogoutHandler"</span>&gt;</span><span>&lt;/<span>property</span>&gt;</span>
    <span>&lt;/<span>bean</span>&gt;</span>

    <span>&lt;!-- cas客户端配置 --&gt;</span>
    <span>&lt;<span>bean</span> <span>id</span>=<span>"casClient"</span> <span>class</span>=<span>"com.pac4j.client.MyCasClient"</span>&gt;</span>
        <span>&lt;<span>constructor-arg</span> <span>ref</span>=<span>"casConfig"</span> /&gt;</span>
        <span>&lt;<span>property</span> <span>name</span>=<span>"includeClientNameInCallbackUrl"</span> <span>value</span>=<span>"false"</span>&gt;</span><span>&lt;/<span>property</span>&gt;</span>
        <span>&lt;!-- 客户端回调地址 --&gt;</span>
        <span>&lt;<span>property</span> <span>name</span>=<span>"callbackUrl"</span> <span>value</span>=<span>"${sso.cas.client.callbackUrl}"</span>&gt;</span><span>&lt;/<span>property</span>&gt;</span>
    <span>&lt;/<span>bean</span>&gt;</span>

    <span>&lt;!-- shiro登出处理器,销毁session及登录状态等--&gt;</span>
    <span>&lt;<span>bean</span> <span>id</span>=<span>"casLogoutHandler"</span> <span>class</span>=<span>"com.pac4j.handler.ShiroCasLogoutHandler"</span>&gt;</span>
       <span>&lt;<span>property</span> <span>name</span>=<span>"destroySession"</span> <span>value</span>=<span>"true"</span>&gt;</span><span>&lt;/<span>property</span>&gt;</span>
    <span>&lt;/<span>bean</span>&gt;</span>

    <span>&lt;<span>bean</span> <span>id</span>=<span>"sessionStore"</span> <span>class</span>=<span>"com.pac4j.util.MyShiroSessionStore"</span>&gt;</span><span>&lt;/<span>bean</span>&gt;</span>

    <span>&lt;!-- pac4j配置 --&gt;</span>
    <span>&lt;<span>bean</span> <span>id</span>=<span>"authcConfig"</span> <span>class</span>=<span>"org.pac4j.core.config.Config"</span>&gt;</span>
        <span>&lt;<span>constructor-arg</span> <span>ref</span>=<span>"casClient"</span>&gt;</span><span>&lt;/<span>constructor-arg</span>&gt;</span>
        <span>&lt;<span>property</span> <span>name</span>=<span>&amp;</span></span>