碼上快樂

相關內容    簡體    繁體

cas與spring security整合配置參考

本文轉載自   查看原文   2019-08-05 08:24   651  
<!-- 匿名訪問放行資源 -->
<security:http pattern="/css/**" security="none"></security:http>
<security:http pattern="/js/**" security="none"></security:http>
<security:http pattern="/image/**" security="none"></security:http>
<security:http pattern="/plugins/**" security="none"></security:http>


<!--1. 入口點引用-->
<security:http use-expressions="false" entry-point-ref="casProcessingFilterEntryPoint" >
    <!-- 匿名登錄-->
    <security:intercept-url pattern="/seckillOrder/**.do" access="IS_AUTHENTICATED_ANONYMOUSLY" />
    <security:intercept-url pattern="/**" access="ROLE_USER"/>
    <security:csrf disabled="true"/>

    <!-- custom-filter為過濾器, position 表示將過濾器放在指定的位置上,before表示放在指定位置之前  ,after表示放在指定的位置之后  -->
    <security:custom-filter ref="casAuthenticationFilter"  position="CAS_FILTER" />
    <security:custom-filter ref="logoutFilter" before="LOGOUT_FILTER"/>
    <security:custom-filter ref="singleSignOutFilter" before="CAS_FILTER"/>
</security:http>

<!--cas 入口點-->
<bean class="org.springframework.security.cas.web.CasAuthenticationEntryPoint" id="casProcessingFilterEntryPoint">
    <property name="loginUrl" value="http://localhost:8090/cas/login" />

    <property name="serviceProperties" ref="serviceProperties" />
</bean>

<bean id="serviceProperties" class="org.springframework.security.cas.ServiceProperties" >
    <property name="service" value="http://localhost:8089/login/cas" />
 </bean>
<!--cas 入口結束-->

<!--. 認證過濾器開始-->
<bean class="org.springframework.security.cas.web.CasAuthenticationFilter" id="casAuthenticationFilter">
    <property name="authenticationManager" ref="authenticationManager" />
</bean>
<!--認證管理器-->
 <security:authentication-manager alias="authenticationManager">
     <security:authentication-provider ref="casAuthenticationProvider" />
 </security:authentication-manager>

<!--認證提供者-->
<bean id="casAuthenticationProvider" class="org.springframework.security.cas.authentication.CasAuthenticationProvider">
    <property name="authenticationUserDetailsService">
        <bean class="org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper">
            <constructor-arg ref="userDetailsService" />
        </bean>
    </property>
    <property name="serviceProperties" ref="serviceProperties"/>
    <property name="ticketValidator">
        <bean class="org.jasig.cas.client.validation.Cas20ServiceTicketValidator">
            <constructor-arg index="0" value="http://localhost:8090/cas" />

        </bean>
    </property>

    <property name="key" value="an_id_for_this_auth_provider_only" />
</bean>

<!--認證類-->

<bean id="userDetailsService" class="com.pinyougou.seckill.service.UserDetailServiceImpl"/>
<!--認證過濾器結束-->

<!--4. 單點登出過濾器-->
<bean class="org.jasig.cas.client.session.SingleSignOutFilter" id="singleSignOutFilter"/>

<bean class="org.springframework.security.web.authentication.logout.LogoutFilter" id="logoutFilter">
    <constructor-arg value="http://localhost:8090/cas/logout?service=http://localhost:8089"/>
    <constructor-arg>
        <bean class="org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler"/>
    </constructor-arg>
    <property name="filterProcessesUrl" value="/logout/cas" />
</bean>
</beans>


免責聲明!

本站轉載的文章為個人學習借鑒使用,本站對版權不負任何法律責任。如果侵犯了您的隱私權益,請聯系本站郵箱yoyou2525@163.com刪除。



猜您在找 spring security+cas(cas proxy配置) Spring Security 3整合CAS 實現SSO spring boot 和 cas 整合 Springboot security cas整合方案-實踐篇 springboot整合Spring Security SpringBoot整合Spring Security Spring Security 整合JWT(四) spring session 和 spring security整合 Spring Boot:整合Spring Security Spring Boot整合Spring Security
 
粵ICP備18138465號   © 2018-2025 CODEPRJ.COM