配置FR作为CAS客户端

编辑
文档创建者:文档助手1 (67727 )     浏览次数:9094次     编辑次数:31次     最近更新:jiangsr 于 2018-11-30     

目录:

1. 概述编辑

制作完上述步骤后,下面我们来看下如何将FR与CAS单点登录结合。

2. 实现过程编辑

2.1 拷贝jar
将cas两个client-jar包和%Java_HOME%\jdk\lib\tools.jar都拷贝到%TOMCAT_HOME%\webapps\WebReport\WEB-INF\lib下,如下图:
222
2.2 添加web.xml
%TOMCAT_HOME%\webapps\webroot\WEB-INF目录下新建web.xml文件,内容如下:
<?xml version="1.0" encoding="UTF-8"?> <web-app xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd" version="2.4"> <display-name>Template WebApp</display-name> <mime-mapping> <extension>msi</extension> <mime-type>application/x-msi</mime-type> </mime-mapping> <filter> <filter-name>CASFilter</filter-name> <filter-class>edu.yale.its.tp.cas.client.filter.CASFilter</filter-class> <init-param> <param-name>edu.yale.its.tp.cas.client.filter.loginUrl</param-name> <param-value>https://josie:8443/cas/login</param-value> <!--cas提供登陆页面的url--> </init-param> <init-param> <param-name>edu.yale.its.tp.cas.client.filter.validateUrl</param-name> <param-value>https://josie:8443/cas/proxyValidate</param-value> <!--cas提供service ticker或者proxy ticket验证服务的url--> </init-param> <init-param> <param-name>edu.yale.its.tp.cas.client.filter.serverName</param-name> <param-value>josie:8443</param-value> <!--客户端应用的域名和端口--> </init-param> </filter> <filter-mapping> <filter-name>CASFilter</filter-name> <url-pattern>/decision</url-pattern> <url-pattern>/decision/login</url-pattern> </filter-mapping> <filter> <filter-name>FrFilter</filter-name> <filter-class>com.fr.FrFilter</filter-class> </filter> <filter-mapping> <filter-name>FrFilter</filter-name> <url-pattern>/decision</url-pattern> </filter-mapping> </web-app>
222
注:其中josie为个人配置的域名,请按照个人设置进行修改。
添加过滤信息,java代码如下:
package com.fr; import com.fr.data.NetworkHelper; import com.fr.decision.mobile.terminal.TerminalHandler; import com.fr.decision.webservice.utils.DecisionServiceConstants; import com.fr.decision.webservice.v10.login.LoginService; import com.fr.log.FineLoggerFactory; import com.fr.stable.StringUtils; import com.fr.stable.web.Device; import org.jasig.cas.client.validation.Assertion; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import java.io.IOException; public class FrFilter implements Filter { public FrFilter() { } @Override public void init(FilterConfig filterConfig) throws ServletException { } @Override public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { FineLoggerFactory.getLogger().info("fr cas login"); HttpServletRequest req = (HttpServletRequest) servletRequest; HttpServletResponse res = (HttpServletResponse) servletResponse; HttpSession session = req.getSession(true); FineLoggerFactory.getLogger().info("URL:" + req.getRequestURI()); String username; //获取cas传递过来的username Object object = req.getSession().getAttribute("_const_cas_assertion_"); if (object != null) { Assertion assertion = (Assertion) object; username = assertion.getPrincipal().getName(); } else { username = (String) session.getAttribute("edu.yale.its.tp.cas.client.filter.user"); } try { //用户名为空,登录请求有问题,直接报错 if (StringUtils.isNotEmpty(username)) { FineLoggerFactory.getLogger().error("username:" + username); //获取请求携带的token Object oldToken = session.getAttribute(DecisionServiceConstants.FINE_AUTH_TOKEN_NAME); //token不存在,或者token过期了,走后台登录方法 if (oldToken == null || !checkTokenValid(req, (String) oldToken)) { login(req, res, session, username); filterChain.doFilter(req, res); } else { //放行 filterChain.doFilter(req, res); FineLoggerFactory.getLogger().info("no need"); } } else { throw new Exception("username is empty"); } } catch (Exception e) { FineLoggerFactory.getLogger().error(e.getMessage(), e); } } /** * 后台登录方法 */ private void login(HttpServletRequest req, HttpServletResponse res, HttpSession session, String username) throws Exception { String token = LoginService.getInstance().login(req, res, username); session.setAttribute(DecisionServiceConstants.FINE_AUTH_TOKEN_NAME, token); FineLoggerFactory.getLogger().info("fr FrFilter is over with username is ###" + username); } /** * 校验token是否有效 */ private boolean checkTokenValid(HttpServletRequest req, String token) { try { Device device = NetworkHelper.getDevice(req); LoginService.getInstance().loginStatusValid(token, TerminalHandler.getTerminal(req, device)); return true; } catch (Exception ignore) { } return false; } @Override public void destroy() { } }

FrFilter.java编译成class文件,并放在%TOMCAT_HOME%\webroot\WEB-INF\classes\com\fr目录下。

点击下载FrFilter.class

222

2.3 测试
最后启动tomcat服务器,在浏览器中输入:https://localhost:8443/webroot/decision即进入了cas登录界面,通过cas认证后,FRFilter会看用户名是否在fs的用户中,如果在,则登录成功,否则登录失败跳转hao123,如下图:
222


附件列表


主题: 部署集成
如果您认为本文档还有待完善,请编辑

文档内容仅供参考,如果你需要获取更多帮助,付费/准付费客户请咨询帆软技术支持
关于技术问题,您还可以前往帆软社区,点击顶部搜索框旁边的提问按钮
若您还有其他非技术类问题,可以联系帆软传说哥(qq:1745114201

此页面有帮助吗?只是浏览 [ 去社区提问 ]