CAS 客户端验证成功获取更多用户信息

cas客户端需要获取更多的用户信息，需要对cas server做下修改，以支持返回更多属性信息

1.修改WEB-INF/deployerConfigContext.xml配置文件
找到id="authenticationManager" 的bean，为属性credentialsToPrincipalResolvers增加自定义bean，该bean需实现org.jasig.cas.authentication.principal.CredentialsToPrincipalResolver接口:
<property name="credentialsToPrincipalResolvers">
    <list>
        <!--add ,返回客户端更多认证信息， linym, 2014-06-10-->
        <bean id="userAttributeRepository" class="com.*.*.UserAttributeRepository" />

         ...

    </list>

</property>

public class UserAttributeRepository implements CredentialsToPrincipalResolver {
    public Principal resolvePrincipal(Credentials credentials) {
        String principalId = extractPrincipalId(credentials);
        final Map attributes = new HashMap();
        //这些属性通过 request 获取
        HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
        LoginLogBean logBean = new LoginLogBean(request);
        attributes.put("mac", logBean.getMac());
        attributes.put("ip", logBean.getIp());
        attributes.put("source", logBean.getSource());
        attributes.put("service", logBean.getService());
         
        attributes.put("field1", request.getAttribute("field1")); 

        return new SimplePrincipal(principalId, attributes);
    }

    public boolean supports(Credentials credentials) {
        return credentials != null;
    }
    protected String extractPrincipalId(final Credentials credentials) {
        final UsernamePasswordCredentials usernamePasswordCredentials = (UsernamePasswordCredentials) credentials;
        return usernamePasswordCredentials.getUsername();
    }

}

接下来需要修改WEB-INF/view/jsp/protocol/2.0/casServiceValidationSuccess.jsp增加返回客户端的属性内容
<%@ page session="false" %><%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %><%@ taglib uri="http://java.sun.com/jsp/jstl/functions" prefix="fn" %><cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
<cas:authenticationSuccess>
<cas:user>${fn:escapeXml(assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.id)}</cas:user>
         <c:if test="${fn:length(assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.attributes) > 0}">
            <cas:attributes>
                <c:forEach var="attr" items="${assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.attributes}">
                    <cas:${fn:escapeXml(attr.key)}>${fn:escapeXml(attr.value)}</cas:${fn:escapeXml(attr.key)}>
                </c:forEach>
            </cas:attributes>
        </c:if>
<c:if test="${not empty pgtIou}">
<cas:proxyGrantingTicket>${pgtIou}</cas:proxyGrantingTicket>
</c:if>
<c:if test="${fn:length(assertion.chainedAuthentications) > 1}">
<cas:proxies>
<c:forEach var="proxy" items="${assertion.chainedAuthentications}" varStatus="loopStatus" begin="0" end="${fn:length(assertion.chainedAuthentications)-2}" step="1">
<cas:proxy>${fn:escapeXml(proxy.principal.id)}</cas:proxy>
</c:forEach>
</cas:proxies>
</c:if>
</cas:authenticationSuccess>
</cas:serviceResponse>

以上红色字体为新增部分。


解下来客户端调用获取设置的属性信息：

 Map attrMap = ((AttributePrincipal) request.getUserPrincipal()).getAttributes();