“This is the 8th day of my participation in the August Gwen Challenge.
Can refer to the official documentation: get apereo. Making. IO/cas / 4.2 x/I…
First the mysql driver jar package import project lib, and then find the cas in the tomcat configuration file: deployerConfigContext. XML, cas. The configurations of the properties.
Configuration deployerConfigContext. XML
Commented:
<alias name="acceptUsersAuthenticationHandler" alias="primaryAuthenticationHandler" />
Copy the code
Mysql > delete from curl: delete from curl: delete from curl: delete from curl: delete from curl: delete from curl: delete from curl: delete from curl: delete from curl: delete from curl: delete from curl: delete from curl: delete from curl: delete from curl: delete from curl: delete from curl: delete from curl: delete from curl: delete from curl: delete from curl: delete from curl: delete from curl: delete from curl A reference to the entity “characterEncoding” must end with a ‘;’ delimiter.
<bean id="dataSource" class="com.mchange.v2.c3p0.ComboPooledDataSource" p:driverClass="com.mysql.jdbc.Driver" P: jdbcUrl = "JDBC: mysql: / / 127.0.0.1:3306 / renren? useUnicode=true& characterEncoding=UTF-8& zeroDateTimeBehavior=convertToNull" p:user="root" p:password="root" p:initialPoolSize="6" p:minPoolSize="6" p:maxPoolSize="18" p:maxIdleTimeExcessConnections="120" p:checkoutTimeout="10000" p:acquireIncrement="6" p:acquireRetryAttempts="5" p:acquireRetryDelay="2000" p:idleConnectionTestPeriod="30" p:preferredTestQuery="select 1" />Copy the code
You can refer to the official website to write the parameters to the cas.properties configuration file
In deployerConfigContext. Join in XML:
<alias name="queryDatabaseAuthenticationHandler" alias="primaryAuthenticationHandler" />
<alias name="dataSource" alias="queryDatabaseDataSource" />
Copy the code
Mysql > select * from cas.properties; select * from cas.properties; select * from cas.properties; You need to change it yourself.
cas.jdbc.authn.query.sql=select password from users where username=?
Copy the code
All saved, restart Tomcat to do the experiment.
The default CAS user is casuser. It is configured in cas.properties
Shiro cas4.2. X configuration
The configuration of Shiro in the CAS client follows the practice of many great gods
Introduce the Shiro JAR package in the client pom.xml
Then configure shiro Filter in web.xml
<! -- Shiro Security filter --> <filter> <filter-name>shiroFilter</filter-name> <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> <init-param> <param-name>targetFilterLifecycle</param-name> <param-value>true</param-value> </init-param> </filter> <filter-mapping> <filter-name>shiroFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping>Copy the code
The key point is in shro.xml
<? The XML version = "1.0" encoding = "utf-8"? > <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:aop="http://www.springframework.org/schema/aop" xmlns:tx="http://www.springframework.org/schema/tx" xmlns:context="http://www.springframework.org/schema/context" xmlns:util="http://www.springframework.org/schema/util" xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-3.0.xsd "default - lazy - init =" true "> < bean id =" shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean"> <property name="securityManager" ref="securityManager" /> <! The role of setting the login link, here for cas login page links can be configured callback address - > < property name = "loginUrl" value = "http://192.168.7.116:9000/cas/login? Service = http://127.0.0.1:8081/BF/shiro-cas "/ > < property name =" successUrl "value ="/login "> < / property > < property name="filters"> <util:map> <entry key="casFilter" value-ref="casFilter" /> <entry key="logout" value-ref="logout" /> </util:map> </property> <property name="filterChainDefinitions"> <value> /shiro-cas* = casFilter /images/** = anon /css/** = anon /js/** = anon /static/** =anon /logout = logout /** =authc </value> </property> </bean> <! - shiro - cas login filters - > < bean id = "casFilter" class = ". Org. Apache shiro. Cas. CasFilter "> <! - configuration validation errors when the failure of the page, here is configured to the login page - > < property name = "failureUrl" value = "http://192.168.7.116:9000/cas/login? Service = http://127.0.0.1:8081/BF/shiro-cas "/ > < / bean > <! - log out filter - > < bean id = "logout" class = ". Org. Apache shiro. Web. Filter. Authc. LogoutFilter "> < property name =" redirectUrl" Value = "HTTP: / / http://192.168.7.116:9000/cas/logout? Service = http://127.0.0.1:8081/BF/shiro-cas "/ > < / bean > <! <bean id="casRealm" class=" com.fca.shro.myCasrealm "> <! -- <property name="defaultRoles" value="ROLE_USER" /> --> <! - configure cas server address - > < property name = "casServerUrlPrefix" value = "http://192.168.7.116:9000/cas" / > <! -- Client callback address setting, Need to be intercepted and above shiro - cas filter casFilter address consistent - > < property name = "casService" value = "http://127.0.0.1:8081/BF/shiro-cas" / > < / bean > <! - caching mechanism -- -- > < bean id = "cacheManager" class = ". Org. Apache shiro. Cache. Ehcache. EhCacheManager "> < property name="cacheManagerConfigFile" value="classpath:ehcache.xml" /> </bean> <bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager"> <property name="realm" ref="casRealm" /> <property name="subjectFactory" ref="casSubjectFactory" /> <property name="cacheManager" ref="cacheManager" /> </bean> <! To implement cas remember me, use the following bean And set to the securityManager subjectFactory - > < bean id = "casSubjectFactory" class = ". Org. Apache shiro. Cas. CasSubjectFactory "/ > <bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor" /> <bean class="org.springframework.beans.factory.config.MethodInvokingFactoryBean"> <property name="staticMethod" value="org.apache.shiro.SecurityUtils.setSecurityManager" /> <property name="arguments" ref="securityManager" /> </bean> </beans>Copy the code
Here I have also posted ehcache.xml for easy pasting
<? The XML version = "1.0" encoding = "utf-8"? > <ehcache name="shirocache"> <diskStore path="java.io.tmpdir"/> <defaultCache maxElementsInMemory="2000" eternal="false" timeToIdleSeconds="120" timeToLiveSeconds="120" overflowToDisk="true" /> <! -- <cache name="diskCache" maxEntriesLocalHeap="2000" eternal="false" timeToIdleSeconds="300" timeToLiveSeconds="0" overflowToDisk="false" statistics="true"> </cache> --> <cache name="passwordRetryCache" maxElementsInMemory="2000" eternal="false" timeToIdleSeconds="300" timeToLiveSeconds="0" overflowToDisk="false" > </cache> <cache name="authorizationCache" maxElementsInMemory="2000" eternal="false" timeToIdleSeconds="1800" timeToLiveSeconds="0" overflowToDisk="false" > </cache> <cache name="authenticationCache" maxElementsInMemory="2000" eternal="false" timeToIdleSeconds="1800" timeToLiveSeconds="0" overflowToDisk="false" > </cache> <cache name="shiro-activeSessionCache" maxElementsInMemory="2000" eternal="false" timeToIdleSeconds="1800" timeToLiveSeconds="0" overflowToDisk="false" > </cache> </ehcache>Copy the code
And finally, the custom MyCasRealm class,
package com.fca.shiro; import org.apache.shiro.authz.AuthorizationInfo; import org.apache.shiro.authz.SimpleAuthorizationInfo; import org.apache.shiro.cas.CasRealm; import org.apache.shiro.subject.PrincipalCollection; public class MyCasRealm extends CasRealm { @Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) { String username = (String) principals.getPrimaryPrincipal(); Subject = securityutils.getSubject (); Subject = securityutils.getSubject (); // return (String)subject.getPrincipals().asList().get(0); Get in, Shiro -cas /* PermissionService service = (PermissionService)SpringContextUtil.getBean("PermissionService"); List<String> codes = service.findPermissionCodeByUsername(username); if(codes ! = null && codes.size() > 0){ SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo(); for (String str : codes) { authorizationInfo.addStringPermission(str); // info.addRole(role); } return authorizationInfo; }*/ System.out.println(username); SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo(); /* authorizationInfo.setRoles(userService.findRoles(username)); authorizationInfo.setStringPermissions(userService.findPermissions(username)); */ return authorizationInfo; }}Copy the code
\
Take a look at the results: