本篇文章為大家展示了使用spring boot如何實現(xiàn)配置單點登錄���,內(nèi)容簡明扼要并且容易理解��,絕對能使你眼前一亮�,通過這篇文章的詳細介紹希望你能有所收獲�。
成都創(chuàng)新互聯(lián)網(wǎng)站建設(shè)公司,提供成都網(wǎng)站建設(shè)�、網(wǎng)站建設(shè),網(wǎng)頁設(shè)計���,建網(wǎng)站����,PHP網(wǎng)站建設(shè)等專業(yè)做網(wǎng)站服務(wù);可快速的進行網(wǎng)站開發(fā)網(wǎng)頁制作和功能擴展����;專業(yè)做搜索引擎喜愛的網(wǎng)站,是專業(yè)的做網(wǎng)站團隊����,希望更多企業(yè)前來合作!
概述
企業(yè)內(nèi)部一般都有一套單點登錄系統(tǒng)(常用的實現(xiàn)有apereo cas),所有的內(nèi)部系統(tǒng)的登錄認證都對接它�����。本文介紹spring boot的程序如何對接CAS服務(wù)。
常用的安全框架有spring security和apache shiro��。shiro的配置和使用相對簡單�����,本文使用shrio對接CAS服務(wù)�。
配置
新增依賴
pom.xml新增:
1.2.4
org.apache.shiro
shiro-spring
${shiro.version}
org.apache.shiro
shiro-ehcache
${shiro.version}
org.apache.shiro
shiro-cas
${shiro.version}
spring boot配置
application.properties
shiro.cas=https://cas.xxx.com # 這是CAS服務(wù)的地址
shiro.server=http://127.0.0.1:8080 # 自己應(yīng)用的地址,測試使用127即可
應(yīng)用配置
初始化shiro bean�,將文件放到任意子包下即可,比如xxx.config�����,spring boot會自動掃描加載
@Configuration
public class ShiroCasConfiguration {
private static final String casFilterUrlPattern = "/shiro-cas";
@Bean
public FilterRegistrationBean filterRegistrationBean() {
FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
filterRegistration.setFilter(new DelegatingFilterProxy("shiroFilter"));
filterRegistration.addInitParameter("targetFilterLifecycle", "true");
filterRegistration.setEnabled(true);
filterRegistration.addUrlPatterns("/*");
return filterRegistration;
}
@Bean(name = "lifecycleBeanPostProcessor")
public LifecycleBeanPostProcessor getLifecycleBeanPostProcessor() {
return new LifecycleBeanPostProcessor();
}
@Bean(name = "securityManager")
public DefaultWebSecurityManager getDefaultWebSecurityManager(@Value("${shiro.cas}") String casServerUrlPrefix,
@Value("${shiro.server}") String shiroServerUrlPrefix) {
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
CasRealm casRealm = new CasRealm();
casRealm.setDefaultRoles("ROLE_USER");
casRealm.setCasServerUrlPrefix(casServerUrlPrefix);
casRealm.setCasService(shiroServerUrlPrefix + casFilterUrlPattern);
securityManager.setRealm(casRealm);
securityManager.setCacheManager(new MemoryConstrainedCacheManager());
securityManager.setSubjectFactory(new CasSubjectFactory());
return securityManager;
}
private void loadShiroFilterChain(ShiroFilterFactoryBean shiroFilterFactoryBean) {
Map filterChainDefinitionMap = new LinkedHashMap<>();
filterChainDefinitionMap.put(casFilterUrlPattern, "casFilter");
filterChainDefinitionMap.put("/login", "anon");
filterChainDefinitionMap.put("/bower_components/**", "anon");//可以將不需要攔截的靜態(tài)文件目錄加進去
filterChainDefinitionMap.put("/logout","logout");
filterChainDefinitionMap.put("/**", "authc");
shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
}
/**
* CAS Filter
*/
@Bean(name = "casFilter")
public CasFilter getCasFilter(@Value("${shiro.cas}") String casServerUrlPrefix,
@Value("${shiro.server}") String shiroServerUrlPrefix) {
CasFilter casFilter = new CasFilter();
casFilter.setName("casFilter");
casFilter.setEnabled(true);
String loginUrl = casServerUrlPrefix + "/login?service=" + shiroServerUrlPrefix + casFilterUrlPattern;
casFilter.setFailureUrl(loginUrl);
return casFilter;
}
@Bean(name = "shiroFilter")
public ShiroFilterFactoryBean getShiroFilterFactoryBean(DefaultWebSecurityManager securityManager,
CasFilter casFilter,
@Value("${shiro.cas}") String casServerUrlPrefix,
@Value("${shiro.server}") String shiroServerUrlPrefix) {
ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
shiroFilterFactoryBean.setSecurityManager(securityManager);
String loginUrl = casServerUrlPrefix + "/login?service=" + shiroServerUrlPrefix + casFilterUrlPattern;
shiroFilterFactoryBean.setLoginUrl(loginUrl);
shiroFilterFactoryBean.setSuccessUrl("/");
Map filters = new HashMap<>();
filters.put("casFilter", casFilter);
LogoutFilter logoutFilter = new LogoutFilter();
logoutFilter.setRedirectUrl(casServerUrlPrefix + "/logout?service=" + shiroServerUrlPrefix);
filters.put("logout",logoutFilter);
shiroFilterFactoryBean.setFilters(filters);
loadShiroFilterChain(shiroFilterFactoryBean);
return shiroFilterFactoryBean;
}
}程序中獲取登錄的用戶名
上述配置完成后����,就可以找程序中獲取登錄用戶的名字了
public String getUsername() {
Subject subject = SecurityUtils.getSubject();
if (subject == null || subject.getPrincipals() == null) {
return DEFAULTUSER;
}
return (String) subject.getPrincipals().getPrimaryPrincipal();
}總結(jié)
shiro使用還是比較簡單的����,使用的時候只需要修改application.properties即可
上述內(nèi)容就是使用spring boot如何實現(xiàn)配置單點登錄,你們學(xué)到知識或技能了嗎�����?如果還想學(xué)到更多技能或者豐富自己的知識儲備,歡迎關(guān)注創(chuàng)新互聯(lián)行業(yè)資訊頻道���。
本文標(biāo)題:使用springboot如何實現(xiàn)配置單點登錄
文章地址:
http://weahome.cn/article/jcidid.html
重慶分公司
重慶分公司
