前景提要
【围观】麒麟芯片遭打压成绝版,华为亿元投入又砸向了哪里?»>
Pac4j 简介
Pac4j与Shiro,Spring Security一样都是权限框架,并且提供了OAuth - SAML - CAS - OpenID Connect - HTTP - OpenID - Google App Engine - Kerberos (SPNEGO) 的认证集成。且可以和shiro,security等权限框架集成。
Pac4j CAS认证流程
代码 关键部分
说明: pac4j-cas与shiro的集成是通过过滤器完成cas认证,提供相应的Pac4jRealm来与shiro集成。代码过多就不一一列出了,详细的请下载附件,附件中代码屏蔽了公司相关代码。自身项目需要保持CAS与非CAS并存所以把CAS登录固定到指定路径了。
POM
JAVA配置 //Pac4jConfig.java 配置中 @Bean public CasConfiguration casConfig() { final CasConfiguration configuration = new CasConfiguration(); //CAS server登录地址 configuration.setLoginUrl(casServerUrl + “/login”); configuration.setAcceptAnyProxy(true); configuration.setPrefixUrl(casServerUrl + “/”); //监控CAS服务端登出,登出后销毁本地session实现双向登出 DefaultLogoutHandler logoutHandler = new DefaultLogoutHandler(); logoutHandler.setDestroySession(true); configuration.setLogoutHandler(logoutHandler); return configuration; } //ShiroConfig.java 中 //shiro 过滤器配置中增加SecurityFilter,CallbackFilter ,LogoutFilter @Bean(“shiroFilter”) public ShiroFilterFactoryBean shirFilter(SecurityManager securityManager) { ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean(); shiroFilterFactoryBean.setSecurityManager(securityManager); //获取filters Map<String, Filter> filters = shiroFilterFactoryBean.getFilters(); filters.put(“authc”, new MySystemFilter()); // cas 资源认证拦截器 SecurityFilter securityFilter = new SecurityFilter(); securityFilter.setConfig(exPac4jConfig); securityFilter.setClients(clientName); filters.put(“securityFilter”, securityFilter); //cas 认证后回调拦截器 CallbackFilter callbackFilter = new CallbackFilter(); callbackFilter.setConfig(exPac4jConfig); filters.put(“callbackFilter”, callbackFilter); shiroFilterFactoryBean.setFilters(filters); // 本地登出同步登出CAS服务器 LogoutFilter pac4jCentralLogout = new LogoutFilter(); pac4jCentralLogout.setConfig(exPac4jConfig); pac4jCentralLogout.setCentralLogout(true); pac4jCentralLogout.setLocalLogout(true); filters.put(“pac4jCentralLogout”, pac4jCentralLogout); //拦截器. Map<String, String> filterChainDefinitionMap = new LinkedHashMap<String, String>(); filterChainDefinitionMap.put("/logout", “logout”); filterChainDefinitionMap.put("/pac4jCentralLogout", “pac4jCentralLogout”); filterChainDefinitionMap.put("/cas", “securityFilter”); filterChainDefinitionMap.put("/callback", “callbackFilter”); filterChainDefinitionMap.put("/**", “authc”); shiroFilterFactoryBean.setLoginUrl("/login"); shiroFilterFactoryBean.setSuccessUrl(“index”); shiroFilterFactoryBean.setUnauthorizedUrl("/error/403"); shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap); return shiroFilterFactoryBean; } @Bean public SecurityManager securityManager() { DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager(); securityManager.setAuthenticator(exModularRealmAuthenticator()); List
问题 默认配置不支持CAS登出本地项目退出
重写ShiroSessionStore见ExShiroSessionStore.java
附件:链接: https://pan.baidu.com/s/1E-6uTYpOFn2ldAxd_k0XvQ 提取码: 8nhx
参考资料
https://www.cnblogs.com/suiyueqiannian/p/9359597.html
http://www.pac4j.org/docs/index.html
https://github.com/bujiio/buji-pac4j
https://github.com/gkaigk1987/shiro-pac4j-cas-demo
- 原文作者:知识铺
- 原文链接:https://index.zshipu.com/geek001/post/20240428/SpringBoot%E4%B8%ADShiro%E4%BD%BF%E7%94%A8Pac4j%E9%9B%86%E6%88%90CAS%E8%AE%A4%E8%AF%81_%E5%89%8D%E5%97%85%E5%A4%A7%E6%95%B0%E6%8D%AE/
- 版权声明:本作品采用知识共享署名-非商业性使用-禁止演绎 4.0 国际许可协议进行许可,非商业转载请注明出处(作者,原文链接),商业转载请联系作者获得授权。
- 免责声明:本页面内容均来源于站内编辑发布,部分信息来源互联网,并不意味着本站赞同其观点或者证实其内容的真实性,如涉及版权等问题,请立即联系客服进行更改或删除,保证您的合法权益。转载请注明来源,欢迎对文章中的引用来源进行考证,欢迎指出任何有错误或不够清晰的表达。也可以邮件至 sblig@126.com
