Recently,out project are going to using the CAS. My tutor,ask me to use the third-app cas system,and didn't tell me how to use it. Our System were using the Spring Boot & Spring Security. This is my testing code.
spring:
cas:
sign-out-filters: /logout
auth-filters: /*
validate-filters: /*
request-wrapper-filters: /*
assertion-filters: /*
cas-server-login-url: https://authserver.xx.cn/authserver/login
cas-server-url-prefix: https://authserver.xx.cn/authserver
redirect-after-validation: true
use-session: true
server-name: http://xx.natappfree.cc
@Configuration
public class CasConfig {
private static boolean casEnabled = true;
private SpringCasAutoConfig autoConfig;
@Bean
public ServletListenerRegistrationBean<SingleSignOutHttpSessionListener> singleSignOutHttpSessionListener() {
ServletListenerRegistrationBean<SingleSignOutHttpSessionListener> listener = new ServletListenerRegistrationBean<>();
listener.setEnabled(casEnabled);
listener.setListener(new SingleSignOutHttpSessionListener());
listener.setOrder(1);
return listener;
}
@SuppressWarnings({"rawtypes", "unchecked"})
@Bean
public FilterRegistrationBean logOutFilter() {
FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
LogoutFilter logoutFilter = new LogoutFilter(autoConfig.getCasServerUrlPrefix() + "/logout?service=" + autoConfig.getServerName(), new SecurityContextLogoutHandler());
filterRegistration.setFilter(logoutFilter);
filterRegistration.setEnabled(casEnabled);
if (autoConfig.getSignOutFilters().size() > 0)
filterRegistration.setUrlPatterns(autoConfig.getSignOutFilters());
else filterRegistration.addUrlPatterns("/logout");
filterRegistration.addInitParameter("casServerUrlPrefix", autoConfig.getCasServerUrlPrefix());
filterRegistration.addInitParameter("serverName", autoConfig.getServerName());
filterRegistration.setOrder(2);
return filterRegistration;
}
@SuppressWarnings({"rawtypes", "unchecked"})
@Bean
public FilterRegistrationBean singleSignOutFilter() {
FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
filterRegistration.setFilter(new SingleSignOutFilter());
filterRegistration.setEnabled(casEnabled);
if (autoConfig.getSignOutFilters().size() > 0)
filterRegistration.setUrlPatterns(autoConfig.getSignOutFilters());
else filterRegistration.addUrlPatterns("/*");
filterRegistration.addInitParameter("casServerUrlPrefix", autoConfig.getCasServerUrlPrefix());
filterRegistration.addInitParameter("serverName", autoConfig.getServerName());
filterRegistration.setOrder(3);
return filterRegistration;
}
@SuppressWarnings({"rawtypes", "unchecked"})
@Bean
public FilterRegistrationBean authenticationFilter() {
FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
filterRegistration.setFilter(new AuthenticationFilter());
filterRegistration.setEnabled(casEnabled);
if (autoConfig.getAuthFilters().size() > 0) filterRegistration.setUrlPatterns(autoConfig.getAuthFilters());
else filterRegistration.addUrlPatterns("/*");
filterRegistration.addInitParameter("casServerLoginUrl", autoConfig.getCasServerLoginUrl());
filterRegistration.addInitParameter("serverName", autoConfig.getServerName());
filterRegistration.addInitParameter("useSession", autoConfig.isUseSession() ? "true" : "false");
filterRegistration.addInitParameter("redirectAfterValidation", autoConfig.isRedirectAfterValidation() ? "true" : "false");
filterRegistration.setOrder(4);
return filterRegistration;
}
@SuppressWarnings({"rawtypes", "unchecked"})
@Bean
public FilterRegistrationBean cas20ProxyReceivingTicketValidationFilter() {
FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
Cas20ProxyReceivingTicketValidationFilter cas20ProxyReceivingTicketValidationFilter = new Cas20ProxyReceivingTicketValidationFilter();
cas20ProxyReceivingTicketValidationFilter.setServerName(autoConfig.getServerName());
filterRegistration.setFilter(cas20ProxyReceivingTicketValidationFilter);
filterRegistration.setEnabled(casEnabled);
if (autoConfig.getValidateFilters().size() > 0)
filterRegistration.setUrlPatterns(autoConfig.getValidateFilters());
else filterRegistration.addUrlPatterns("/*");
filterRegistration.addInitParameter("casServerUrlPrefix", autoConfig.getCasServerUrlPrefix());
filterRegistration.addInitParameter("serverName", autoConfig.getServerName());
filterRegistration.setOrder(5);
return filterRegistration;
}
@SuppressWarnings({"rawtypes", "unchecked"})
@Bean
public FilterRegistrationBean httpServletRequestWrapperFilter() {
FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
filterRegistration.setFilter(new HttpServletRequestWrapperFilter());
filterRegistration.setEnabled(true);
if (autoConfig.getRequestWrapperFilters().size() > 0)
filterRegistration.setUrlPatterns(autoConfig.getRequestWrapperFilters());
else filterRegistration.addUrlPatterns("/login");
filterRegistration.setOrder(6);
return filterRegistration;
}
@SuppressWarnings({"rawtypes", "unchecked"})
@Bean
public FilterRegistrationBean assertionThreadLocalFilter() {
FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
filterRegistration.setFilter(new AssertionThreadLocalFilter());
filterRegistration.setEnabled(true);
if (autoConfig.getAssertionFilters().size() > 0)
filterRegistration.setUrlPatterns(autoConfig.getAssertionFilters());
else filterRegistration.addUrlPatterns("/*");
filterRegistration.setOrder(7);
return filterRegistration;
}
}
And now,if i open localhost:8080,it will redirect to https://authserver.xx.cn/authserver/login?service=http://localhost:8080 But it shows
Application Not Authorized to Use IDS.
Its anybody under such circumstance?
Comments
Post a Comment