先列出版本號:
服務端版本:cas server 4.0.0
客戶端版本:cas client 3.3.3
cas server
step1:先將primaryPrincipalResolver bean屬性attributeRepository注釋,因為cas 默認是通過配置xml來獲取多用戶信息的。
<bean id="primaryPrincipalResolver" class="org.jasig.cas.authentication.principal.PersonDirectoryPrincipalResolver" > <!--<property name="attributeRepository" ref="attributeRepository" />--> </bean>
step2:自定義獲取多用戶信息類,此類繼承PrincipalResolver,重寫resolve和supports,另附代碼如下:
@Autowired private J1DBService dbService; @Override public Principal resolve(Credential credential) { // TODO Auto-generated method stub final UsernamePasswordCredential usernamePasswordCredentials = (UsernamePasswordCredential) credential; String userStr = ""; try { String username = usernamePasswordCredentials.getUsername(); String password = usernamePasswordCredentials.getPassword(); password = MD5.getMD5(password); User r = new User(); r.setUserName(username); r.setPassword(password); Map<String,Object> m = dbService.getUser(r); if (null!=m) { r.setUserId(Integer.parseInt(m.get("userId").toString())); r.setUserRealName(m.get("userRealName")==null?null:m.get("userRealName").toString()); } userStr = JSON.toJSONString(r); userStr = Base64.getBase64(userStr); } catch (Exception e) { e.printStackTrace(); } return new SimplePrincipal(userStr, null); } /** * @Description(功能描述) : 確定一個憑證類型支持這個解析器 * @author(作者) : hhl * @date (開發日期) : 2015年3月16日 下午15:17:25 * @param credentials : 確定一個憑證類型支持這個解析器 * @return boolean : 返回true,支持這些憑證,否則假。 */ @Override public boolean supports(Credential credential) { // TODO Auto-generated method stub return credential != null && UsernamePasswordCredential.class.isAssignableFrom(credential.getClass()); }
由於返回給客戶端用戶信息中存在中文,所以進行了Base64加密。
step3:將primaryPrincipalResolver bean映射的類路徑變更為你自定義的類。
<bean id="primaryPrincipalResolver" class="xx.xx.xx" > <!--<property name="attributeRepository" ref="attributeRepository" />--> </bean>
cas client
如在class中:
/** * 從中央授權服務器獲取得到用戶信息 * @param request */ @RequestMapping(value="/sysuser/saveUserIntoSession") @ResponseBody public String saveUserInfoIntoSession(HttpServletRequest request){ Assertion assertion = (Assertion)request.getSession().getAttribute(AbstractCasFilter.CONST_CAS_ASSERTION); String json=null; if (null!=assertion) { AttributePrincipal principal = assertion.getPrincipal(); String userStr=principal.getName(); userStr = Base64.getFromBase64(userStr); User u = JSON.parseObject(userStr, User.class); String tokenId = UUID.randomUUID().toString(); request.getSession().setAttribute("password",u.getPassword()); request.getSession().setAttribute("userName",u.getUserName()); request.getSession().setAttribute("realName",u.getUserRealName()); SysUser e = systemService.getUser(u.getUserName()); //取得用戶的角色id String roleId = getUserRoleById(e.getUserId()); request.getSession().setAttribute("userId",e.getUserId()); request.getSession().setAttribute("tokenId",tokenId); request.getSession().setAttribute("roleId",roleId); LoginBto b = new LoginBto(); b.setPassword(u.getPassword()); b.setRealName(u.getUserRealName()); b.setRoleId(roleId); b.setTokenId(tokenId); b.setUserId(e.getUserId()); b.setUserName(u.getUserName()); json = JSON.toJSONString(b); } return json; }
如在jsp中:
<%@ page import="org.jasig.cas.client.validation.Assertion" %> <%@ page import="org.jasig.cas.client.authentication.AttributePrincipal" %> <%@ page import="org.jasig.cas.client.util.AbstractCasFilter" %> <%@ page import="com.founder.ec.sso.model.User" %> <%@ page import="com.alibaba.fastjson.JSON" %> <%@ page import="com.founder.ec.sso.util.Base64" %> <%@ page import="java.util.UUID" %> <span style="float: right; padding-right: 20px; margin-top: 10px;" class="head"> <% Assertion assertion = (Assertion)request.getSession().getAttribute(AbstractCasFilter.CONST_CAS_ASSERTION); String userName = null; String realName = null; String flag = null; if(null!=assertion){ AttributePrincipal principal = assertion.getPrincipal(); String userStr=principal.getName(); userStr = Base64.getFromBase64(userStr); User u = JSON.parseObject(userStr, User.class); userName = u.getUserName(); realName = u.getUserRealName(); flag = "cas"; } %> <% if(null!=flag){ %> 歡迎 <%=realName %>(<%=userName %>) <% }%> <% if(null==flag){ %> 歡迎 ${sessionScope.realName}(${sessionScope.userName}) <% }%> <a href="javascript:void(0)" id="editpass" style="color: #000"> 修改密碼</a> <a href="http://192.168.2.11:8080/cas/logout?service=http://101.test.com/" style="color: #000">注銷登錄</a> <!-- <a href="javascript:void(0)" id="loginOut" style="color:#000 ">注銷登錄</a> --> <a href="javascript:void(0)" id="colNorth"><img border="0" style="margin-bottom: 0px" src="${ctx }/images/system/icon/detail-collapse.png" /></a> <a href="javascript:void(0)" id="newWindow"><img border="0" style="margin-bottom: 0px" src="${ctx }/images/common/fullscreen.gif" /></a> </span>