OAM与spring的form方式SSO

1.修改org.springframework.security.ui.webapp.AuthenticationProcessingFilter类中的两个如下方法:
   protected String obtainPassword(HttpServletRequest request) {
    System.out.println("in my filter set password to BPS");
        return "BPS";
    }
protected String obtainUsername(HttpServletRequest request) {
        String userName=request.getHeader("EMPID");
    return userName;
    }
见修改文件AuthenticationProcessingFilter.java
2.扩展类org.springframework.security.providers.dao.DaoAuthenticationProvider覆盖方法additionalAuthenticationChecks:
protected void additionalAuthenticationChecks(UserDetails userDetails, UsernamePasswordAuthenticationToken authentication) throws AuthenticationException { }
3.配置spring
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:s="http://www.springframework.org/schema/security"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
                        http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.4.xsd"
default-autowire="byType" default-lazy-init="true">
<s:http auto-config='true'>
<s:intercept-url pattern="/*" access="ROLE_USER" /><!--拦截哪些URL-->
</s:http>
<bean id="bpsProcessingFilter" class="cn.com.bps.security.AuthenticationProcessingFilter">
<s:custom-filter before="AUTHENTICATION_PROCESSING_FILTER" />
<property name="defaultTargetUrl" value="/"></property>
</bean>
<bean id="oamAuthenticationProvider" class="cn.com.bps.security.OamDaoAuthenticationProvider">
<s:custom-authentication-provider />
<property name="userDetailsService" ref="userDetailsService" /><!--引用到spring-security.xml文件中定义的userService-->
</bean>
<s:user-service id="userDetailsService">
<s:user name="tim.doyle" password="abcd1234"
authorities="ROLE_USER" />
</s:user-service>
</beans>
4.配置OAM
OAM需要配置如附件所示的参数:
   我们是通过EMPID来获取用户名的.