问答首页 Java企业应用
0 0

Spring Security 3+CAS验证问题请教15

最近在做单点登录,采用的是CAS+Spring Security3.2来做的,按照网上找的一些例子做了,发现了一个问题,就是跳转到CAS服务器登录之后,再跳转回我的项目的时候就会报404,打断点跟了一下发现AbstractAuthenticationProcessingFilter的doFilter方法
if (!requiresAuthentication(request, response)) {
    chain.doFilter(request, response);
    return;
}

直接就return了,然后就是一个404页面,搞不懂是什么问题
从CAS跳转回来的地址是http://localhost:8088/xtask/j_spring_cas_security_check?ticket=ST-10-PAQN0mcApmeNXgZuFxpv-cas01.example.org
我的web.xml配置如下 
<?xml version="1.0" encoding="UTF-8"?>
<web-app id="WebApp_ID" version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
	<display-name>XTask</display-name>
	<welcome-file-list>
		<welcome-file>index.jsp</welcome-file>
	</welcome-file-list>
	
	<!-- Spring Security -->
	<context-param>
		<param-name>contextConfigLocation</param-name>
		<param-value>
		/WEB-INF/applicationContext*.xml
		</param-value>
	</context-param>
	
	<filter>
		<filter-name>encodingFilter</filter-name>
		    <filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>
			<init-param>
				<param-name>encoding</param-name>
				<param-value>utf-8</param-value>
			</init-param>
			<init-param>
				<param-name>forceEncoding</param-name>
				<param-value>true</param-value>
			</init-param>
	</filter>

	<filter-mapping>
		<filter-name>encodingFilter</filter-name>
		<url-pattern>/*</url-pattern>
	</filter-mapping>
	
	<listener>
		<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
	</listener>
	<listener>
		<listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class>
	</listener>
	
	<filter>
		<filter-name>springSecurityFilterChain</filter-name>
		<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
	</filter>
	<filter-mapping>
		<filter-name>springSecurityFilterChain</filter-name>
		<url-pattern>/*</url-pattern>
	</filter-mapping>
</web-app>

applicationContext-security.xml 
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns:beans="http://www.springframework.org/schema/beans"
	xmlns="http://www.springframework.org/schema/security"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.2.xsd">
	<http auto-config="false" entry-point-ref="casAuthEntryPoint" servlet-api-provision="true" access-denied-page="/403.jsp">
		<intercept-url pattern="/index.jsp" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
		<intercept-url pattern="/login.jsp" access="ROLE_USER"/>      
		<intercept-url pattern="/**" access="ROLE_USER,ROLE_ADMIN"/>  
		<custom-filter position="CAS_FILTER" ref="casAuthenticationFilter"/>
		<custom-filter ref="requestSingleLogoutFilter" before="LOGOUT_FILTER" />
		<custom-filter ref="singleLogoutFilter" before="CAS_FILTER" />
		<session-management>  
			<concurrency-control max-sessions="1"  
				expired-url="/index.jsp" error-if-maximum-exceeded="false" />  
		</session-management>
		
		<!-- 
		
		<custom-filter position="FORM_LOGIN_FILTER" ref="casAuthenticationFilter"/>
		   -->
	</http> 
	<!-- 在认证管理器中注册cas认证提供器 -->  
	<authentication-manager alias="authenticationManager">
		<authentication-provider ref="casAuthenticationProvider" />
	</authentication-manager>

</beans:beans>

applicationContext.xml 
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd">
<!--  -->
	<!-- cas 认证过滤器 -->
    <bean id="casAuthenticationFilter" class="org.springframework.security.cas.web.CasAuthenticationFilter">
		<property name="authenticationManager" ref="authenticationManager" />
		<property name="authenticationFailureHandler" ref="authenticationFailureHandler" />  
		<property name="authenticationSuccessHandler" ref="authenticationSuccessHandler" />
		<property name="filterProcessesUrl" value="/j_spring_cas_security_check" /> 
	</bean>
	<!-- cas 认证失败控制器 -->
	<bean id="authenticationFailureHandler"
		class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler">
		<property name="defaultFailureUrl" value="/403.jsp" />
	</bean>
	<!-- cas 认证成功控制器 -->
	<bean id="authenticationSuccessHandler"
		class="org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler">
		<property name="alwaysUseDefaultTargetUrl" value="true" />
		<property name="defaultTargetUrl" value="/frame.do" />
	</bean>  
	<!-- CAS认证切入点,声明cas服务器端登录的地址 --> 
	<bean id="casAuthEntryPoint" class="org.springframework.security.cas.web.CasAuthenticationEntryPoint">
		<property name="loginUrl" value="http://localhost:8089/cas/login" />
		<property name="serviceProperties" ref="casService" />
	</bean>
	
	<!-- 登录成功后的返回地址 --> 
	<bean id="casService" class="org.springframework.security.cas.ServiceProperties">
		<property name="service" value="http://localhost:8088/xtask/j_spring_cas_security_check"/>
		<property name="sendRenew" value="false"/> 
	</bean>
	<!-- cas认证提供器,定义客户端的验证方式 -->
	<bean id="casAuthenticationProvider" class="org.springframework.security.cas.authentication.CasAuthenticationProvider">
		<property name="ticketValidator" ref="casTicketValidator" />
		<property name="serviceProperties" ref="casService" />
		<property name="key" value="epcpass-cas" />
		<property name="authenticationUserDetailsService" ref="authenticationUserDetailsService" />
	</bean>
	<bean id="casTicketValidator" class="org.jasig.cas.client.validation.Cas20ServiceTicketValidator">
		<constructor-arg index="0" value="http://localhost:8089/cas/" />
	</bean>
	<!-- 客户端只验证用户名是否合法 -->
	<bean id="authenticationUserDetailsService"
		class="org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper">
		<property name="userDetailsService" ref="userDetailImpl"/>
	</bean>
	<!-- 获取客户端用户 -->  
	<bean id="userDetailImpl" class="com.epc.xtask.UserDetailServiceImpl"></bean> 
	
	<!-- 注销客户端 -->
	<bean id="singleLogoutFilter" class="org.jasig.cas.client.session.SingleSignOutFilter" />
	<!-- 注销服务器端 -->
	<bean id="requestSingleLogoutFilter" class="org.springframework.security.web.authentication.logout.LogoutFilter">
		<constructor-arg value="http://localhost:8089/cas/logout" />
		<constructor-arg>
			<bean class="org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler"/>
		</constructor-arg>
		<property name="filterProcessesUrl" value="/j_spring_cas_security_logout" />
	</bean> 
</beans>

程序的代码我已经上传了,请帮忙看看,谢谢了
问题补充:后台DEBUG信息
org.springframework.security.web.context.HttpSessionSecurityContextRepository - No HttpSession currently exists
No SecurityContext was available from the HttpSession: null. A new one will be created.
JavaCASSpring Securitycas client 
2013年7月31日 14:35

1个答案 按时间排序 按投票排序

0 0

懒的去跑程序,浏览器里直接输入http://localhost:8088/xtask/j_spring_cas_security_check?ticket=ST-10-PAQN0mcApmeNXgZuFxpv-cas01.example.org回车是什么结果

2013年7月31日 16:11

相关推荐

Magicbox
Ask-but
我的问答 FAQ | 勋章

相关推荐

已解决问题

未解决问题

排行榜

Global site tag (gtag.js) - Google Analytics