|
|
@@ -1 +1,222 @@
|
|
|
-TODO
|
|
|
+<h2>CAS应用集成</h2>
|
|
|
+本文介绍CAS应用如何与MaxKey进行集成。
|
|
|
+
|
|
|
+<h2>应用注册</h2>
|
|
|
+
|
|
|
+应用在MaxKey管理系统进行注册,注册的配置信息如下
|
|
|
+
|
|
|
+<img src="{{ "/images/sso/sso_cas_conf.png" | prepend: site.baseurl }}?{{ site.time | date: "%Y%m%d%H%M" }}" alt=""/>
|
|
|
+
|
|
|
+
|
|
|
+<h2>CAS客户端配置</h2>
|
|
|
+
|
|
|
+本文使用JAVA WEB程序为例
|
|
|
+jar包依赖如下
|
|
|
+cas-client-core-3.2.1.jar
|
|
|
+
|
|
|
+commons-codec-1.4.jar
|
|
|
+
|
|
|
+commons-logging-1.1.1.jar
|
|
|
+
|
|
|
+slf4j-api-1.5.11.jar
|
|
|
+
|
|
|
+
|
|
|
+<pre><code class="xml hljs">
|
|
|
+<?xml version="1.0" encoding="UTF-8"?>
|
|
|
+<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
|
+ xmlns="http://java.sun.com/xml/ns/javaee"
|
|
|
+ xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
|
|
|
+ xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
|
|
|
+ version="2.5">
|
|
|
+ <display-name></display-name>
|
|
|
+ <listener>
|
|
|
+ <listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class>
|
|
|
+ </listener>
|
|
|
+ <filter>
|
|
|
+ <filter-name>CAS Single Sign Out Filter</filter-name>
|
|
|
+ <filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>
|
|
|
+ </filter>
|
|
|
+ <filter-mapping>
|
|
|
+ <filter-name>CAS Single Sign Out Filter</filter-name>
|
|
|
+ <url-pattern>/index.jsp</url-pattern>
|
|
|
+ </filter-mapping>
|
|
|
+ <filter>
|
|
|
+ <filter-name>CAS Filter</filter-name>
|
|
|
+ <filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>
|
|
|
+ <!-- cas server login url -->
|
|
|
+ <init-param>
|
|
|
+ <param-name>casServerLoginUrl</param-name>
|
|
|
+ <param-value>>https://sso.maxkey.org/maxkey/authz/cas/</param-value>
|
|
|
+ </init-param>
|
|
|
+ <!-- cas client url, in end of url / is required -->
|
|
|
+ <init-param>
|
|
|
+ <param-name>serverName</param-name>
|
|
|
+ <param-value>http://cas.demo.maxkey.org:8080/</param-value>
|
|
|
+ </init-param>
|
|
|
+ </filter>
|
|
|
+ <filter-mapping>
|
|
|
+ <filter-name>CAS Filter</filter-name>
|
|
|
+ <url-pattern>/index.jsp</url-pattern>
|
|
|
+ </filter-mapping>
|
|
|
+
|
|
|
+ <!-- Cas10TicketValidationFilter Cas20ProxyReceivingTicketValidationFilter -->
|
|
|
+ <filter>
|
|
|
+ <filter-name>CAS Validation Filter</filter-name>
|
|
|
+ <filter-class>org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</filter-class>
|
|
|
+ <!-- cas server login url -->
|
|
|
+ <init-param>
|
|
|
+ <param-name>casServerUrlPrefix</param-name>
|
|
|
+ <param-value>https://sso.maxkey.org/maxkey/authz/cas/</param-value>
|
|
|
+ </init-param>
|
|
|
+ <!-- cas client url -->
|
|
|
+ <init-param>
|
|
|
+ <param-name>serverName</param-name>
|
|
|
+ <param-value>http://cas.demo.maxkey.org:8080/</param-value>
|
|
|
+ </init-param>
|
|
|
+ </filter>
|
|
|
+ <filter-mapping>
|
|
|
+ <filter-name>CAS Validation Filter</filter-name>
|
|
|
+ <url-pattern>/index.jsp</url-pattern>
|
|
|
+ </filter-mapping>
|
|
|
+ <filter>
|
|
|
+ <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
|
|
|
+ <filter-class>
|
|
|
+ org.jasig.cas.client.util.HttpServletRequestWrapperFilter
|
|
|
+ </filter-class>
|
|
|
+ </filter>
|
|
|
+ <filter-mapping>
|
|
|
+ <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
|
|
|
+ <url-pattern>/index.jsp</url-pattern>
|
|
|
+ </filter-mapping>
|
|
|
+ <filter>
|
|
|
+ <filter-name>CAS Assertion Thread Local Filter</filter-name>
|
|
|
+ <filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class>
|
|
|
+ </filter>
|
|
|
+ <filter-mapping>
|
|
|
+ <filter-name>CAS Assertion Thread Local Filter</filter-name>
|
|
|
+ <url-pattern>/index.jsp</url-pattern>
|
|
|
+ </filter-mapping>
|
|
|
+ <welcome-file-list>
|
|
|
+ <welcome-file>index.jsp</welcome-file>
|
|
|
+ </welcome-file-list>
|
|
|
+</web-app>
|
|
|
+</code></pre>
|
|
|
+
|
|
|
+
|
|
|
+<pre><code class="jsp hljs">
|
|
|
+<%@ page language="java" import="java.util.*" pageEncoding="utf-8"%>
|
|
|
+<%@ page language="java" import="java.util.Map.Entry" %>
|
|
|
+<%@ page language="java" import="org.apache.commons.codec.binary.Base64" %>
|
|
|
+<%@ page language="java" import="org.jasig.cas.client.authentication.AttributePrincipal" %>
|
|
|
+<%@ page language="java" import="org.jasig.cas.client.validation.Assertion" %>
|
|
|
+<%@ page language="java" import="org.jasig.cas.client.util.AbstractCasFilter" %>
|
|
|
+<%
|
|
|
+ String path = request.getContextPath();
|
|
|
+ String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
|
|
|
+ System.out.println("CAS Assertion Success . ");
|
|
|
+ Assertion assertion = (Assertion) request.getSession().getAttribute(AbstractCasFilter.CONST_CAS_ASSERTION);
|
|
|
+
|
|
|
+
|
|
|
+ String username= assertion.getPrincipal().getName();
|
|
|
+%>
|
|
|
+
|
|
|
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
|
|
|
+<html>
|
|
|
+ <head>
|
|
|
+ <base href="<%=basePath%>">
|
|
|
+
|
|
|
+ <title>Demo CAS</title>
|
|
|
+ <meta http-equiv="pragma" content="no-cache">
|
|
|
+ <meta http-equiv="cache-control" content="no-cache">
|
|
|
+ <meta http-equiv="expires" content="0">
|
|
|
+ <meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
|
|
|
+ <meta http-equiv="description" content="CAS Demo">
|
|
|
+ <link rel="shortcut icon" type="image/x-icon" href="<%=basePath %>/images/favicon.ico"/>
|
|
|
+ <!--
|
|
|
+ <link rel="stylesheet" type="text/css" href="styles.css">
|
|
|
+ -->
|
|
|
+ <style type="text/css">
|
|
|
+ body{
|
|
|
+ margin: 0;
|
|
|
+ margin-top: 0px;
|
|
|
+ margin-left: auto;
|
|
|
+ margin-right: auto;
|
|
|
+ padding: 0 0 0 0px;
|
|
|
+ font-size: 12px;
|
|
|
+ text-align:center;
|
|
|
+ float:center;
|
|
|
+ font-family: "Arial", "Helvetica", "Verdana", "sans-serif";
|
|
|
+ }
|
|
|
+ .container {
|
|
|
+ width: 990px;
|
|
|
+ margin-left: auto;
|
|
|
+ margin-right: auto;
|
|
|
+ padding: 0 10px
|
|
|
+ }
|
|
|
+ table.datatable {
|
|
|
+ border: 1px solid #d8dcdf;
|
|
|
+ border-collapse:collapse;
|
|
|
+ border-spacing:0;
|
|
|
+ width: 100%;
|
|
|
+ }
|
|
|
+
|
|
|
+ table.datatable th{
|
|
|
+ border: 1px solid #d8dcdf;
|
|
|
+ border-collapse:collapse;
|
|
|
+ border-spacing:0;
|
|
|
+ height: 40px;
|
|
|
+ }
|
|
|
+
|
|
|
+
|
|
|
+ table.datatable td{
|
|
|
+ border: 1px solid #d8dcdf;
|
|
|
+ border-collapse:collapse;
|
|
|
+ border-spacing:0;
|
|
|
+ height: 40px;
|
|
|
+ }
|
|
|
+
|
|
|
+ table.datatable td.title{
|
|
|
+ text-align: center;
|
|
|
+ font-size: 20px;
|
|
|
+ font-weight: bold;
|
|
|
+ }
|
|
|
+ </style>
|
|
|
+ </head>
|
|
|
+
|
|
|
+ <body>
|
|
|
+ <div class="container">
|
|
|
+ <table class="datatable">
|
|
|
+ <tr>
|
|
|
+ <td colspan="2" class="title">CAS Demo for MaxKey</td>
|
|
|
+ </tr>
|
|
|
+ <tr>
|
|
|
+ <td>CAS Logo</td>
|
|
|
+ <td> <img src="<%=basePath %>/images/cas.png"/></td>
|
|
|
+ </tr>
|
|
|
+ <tr>
|
|
|
+ <td width="50%">CAS Assertion</td>
|
|
|
+ <td><%=username %></td>
|
|
|
+ </tr>
|
|
|
+ <tr>
|
|
|
+ <td>CAS Has Attributes </td>
|
|
|
+ <td><%=!assertion.getPrincipal().getAttributes().isEmpty() %> size : <%=assertion.getPrincipal().getAttributes().size() %></td>
|
|
|
+ </tr>
|
|
|
+ <%
|
|
|
+ Map<String, Object> attMap = assertion.getPrincipal().getAttributes();
|
|
|
+ for (Entry<String, Object> entry : attMap.entrySet()) {
|
|
|
+ String attributeValue=entry.getValue()==null?"":entry.getValue().toString();
|
|
|
+ System.out.println("attributeValue : "+attributeValue);
|
|
|
+ if(attributeValue.startsWith("base64:")){
|
|
|
+ attributeValue=new String(Base64.decodeBase64(attributeValue.substring("base64:".length())),"UTF-8");
|
|
|
+ }
|
|
|
+ %>
|
|
|
+ <tr>
|
|
|
+ <td>CAS <%=entry.getKey() %> </td>
|
|
|
+ <td><%=attributeValue %></td>
|
|
|
+ </tr>
|
|
|
+ <%}%>
|
|
|
+ </table>
|
|
|
+ </div>
|
|
|
+ </body>
|
|
|
+</html>
|
|
|
+</code></pre>
|
shimingxy
