入门2

客户端配置

cas官方网站上面的客户端下载地址比较隐秘，没有完全公开，具体地址为

http://www.ja-sig.org/downloads/cas-clients/

下载最新的cas-client-3.1.6-release.zip

1.解压后把modules下面的包放到我们的web应用中

2.配置web.xml,注意encodingFilter要提前配置，不然会出现数据插入数据库的时候有乱码。

serverName是我们web应用的地址和端口

XML/HTML代码

<context-param>

        <param-name>serverName</param-name>



        <param-value>192.168.1.145:81</param-value>


    </context-param>



    <filter>

        <filter-name>encodingFilter</filter-name>

        <filter-class>

            org.springframework.web.filter.CharacterEncodingFilter

        </filter-class>

        <init-param>

            <param-name>encoding</param-name>

            <param-value>UTF-8</param-value>

        </init-param>

        <init-param>

            <param-name>forceEncoding</param-name>

            <param-value>true</param-value>

        </init-param>

    </filter>




    <filter-mapping>

        <filter-name>encodingFilter</filter-name>

        <url-pattern>*.htm</url-pattern>

    </filter-mapping>


    <filter-mapping>

        <filter-name>encodingFilter</filter-name>

        <url-pattern>*.ftl</url-pattern>

    </filter-mapping>


    <filter-mapping>

        <filter-name>encodingFilter</filter-name>

        <url-pattern>*.xhtml</url-pattern>

    </filter-mapping>

    <filter-mapping>

        <filter-name>encodingFilter</filter-name>

        <url-pattern>*.html</url-pattern>

    </filter-mapping>

    <filter-mapping>

        <filter-name>encodingFilter</filter-name>

        <url-pattern>*.shtml</url-pattern>

    </filter-mapping>



    <filter-mapping>

        <filter-name>encodingFilter</filter-name>

        <url-pattern>*.jsp</url-pattern>

    </filter-mapping>

    <filter-mapping>

        <filter-name>encodingFilter</filter-name>

        <url-pattern>*.do</url-pattern>

    </filter-mapping>

    <filter-mapping>

        <filter-name>encodingFilter</filter-name>

        <url-pattern>*.vm</url-pattern>

    </filter-mapping>






    <filter>

        <filter-name>CAS Single Sign Out Filter</filter-name>

        <filter-class>

            org.jasig.cas.client.session.SingleSignOutFilter

        </filter-class>

    </filter>

    <filter-mapping>

        <filter-name>CAS Single Sign Out Filter</filter-name>

        <url-pattern>/*</url-pattern>

    </filter-mapping>

    <listener>

        <listener-class>

            org.jasig.cas.client.session.SingleSignOutHttpSessionListener

        </listener-class>

    </listener>

    <filter>

        <filter-name>CAS Authentication Filter</filter-name>

        <filter-class>

            org.jasig.cas.client.authentication.AuthenticationFilter

        </filter-class>

        <init-param>

            <param-name>casServerLoginUrl</param-name>

            <param-value>http://192.168.1.100/cas/login</param-value>

        </init-param>

    </filter>

    <filter>

        <filter-name>CAS Validation Filter</filter-name>

        <filter-class>

            org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter

        </filter-class>

        <init-param>

            <param-name>casServerUrlPrefix</param-name>

            <param-value>http://192.168.1.100/cas</param-value>

        </init-param>

    </filter>


    <filter>

        <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>

        <filter-class>

            org.jasig.cas.client.util.HttpServletRequestWrapperFilter

        </filter-class>

    </filter>

    <filter>

        <filter-name>CAS Assertion Thread Local Filter</filter-name>

        <filter-class>

            org.jasig.cas.client.util.AssertionThreadLocalFilter

        </filter-class>

    </filter>

    <filter-mapping>

        <filter-name>CAS Authentication Filter</filter-name>

        <url-pattern>/*</url-pattern>

    </filter-mapping>

    <filter-mapping>

        <filter-name>CAS Validation Filter</filter-name>

        <url-pattern>/*</url-pattern>

    </filter-mapping>

    <filter-mapping>

        <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>

        <url-pattern>/*</url-pattern>

    </filter-mapping>

    <filter-mapping>

        <filter-name>CAS Assertion Thread Local Filter</filter-name>

        <url-pattern>/*</url-pattern>

    </filter-mapping>

 

3.导入证书，如果不用https的话，这步可以跳过，把tomcatsso.crt证书拷贝到c盘下面，在jdk的bin目录下面运行下面的语句。

 

JavaScript代码

rem （注释： 清除系统中可能存在的名字为tomcatsso 的同名证书）

keytool -delete -alias tomcatsso -keystore "%JAVA_HOME%/jre/lib/security/cacerts" -storepass changeit

keytool -delete -alias tomcatsso -storepass changeit


rem 在客户端的 JVM 里导入信任的 SERVER 的证书 ( 根据情况有可能需要管理员权限 )

keytool -import -alias tomcatsso -file "c:/tomcatsso.crt" -keystore "%java_home%/jre/lib/security/cacerts" -storepass changeit

 

 客户端获取登录用户名和用户信息实例

Java代码

HttpServletRequest request = ServletActionContext.getRequest();

AttributePrincipal principal = (AttributePrincipal)request.getUserPrincipal();

String username = principal.getName();

Long orgnId = Long.parseLong(principal.getAttributes().get("orgnId").toString());