Question

Spring security 3.0和CAS的新手。客户端Web应用程序是一个Spring 3.0 mvc，它使用Spring安全过滤器（DelegatingFilterProxy）和CAS对用户进行身份验证，并且工作正常。每个页面顶部的登录链接将用户重定向到远程CAS服务器，并在成功登录CAS远程服务器后将网页发送回Spring Web应用程序，没有任何错误。问题是，我不知道如何从CAS获取用户的数据？

security.xml文件：

<http entry-point-ref="casEntryPoint"  auto-config="true">
          <intercept-url pattern="/*.html" filters="none"/>
          <intercept-url pattern="/login.jsp" filters="none"/>     
          <custom-filter ref="casFilter" position="CAS_FILTER" />
              <logout logout-success-url="https://CAS_server.com/cas/logout"/>
     </http>  


      <user-service id="userService">
        <user name="myApp_auto" authorities="ROLE_USER"/>
       </user-service>

    <authentication-manager alias="authManager">
        <authentication-provider ref="casAuthProvider" />
    </authentication-manager>


  <bean id="serviceProperties"   class="org.springframework.security.cas.ServiceProperties">
          <property name="service"   value="https://myIpAddrress/myapps/homePage.htm"/>
          <property name="sendRenew" value="false"/>          

   </bean> 


 <bean id="casEntryPoint"    class="org.springframework.security.cas.web.CasAuthenticationEntryPoint">
  <property name="loginUrl" value="https://CAS_server.com/cas/login"/>
  <property name="serviceProperties" ref="serviceProperties"/>
</bean> 

    <bean id="casFilter"      class="org.springframework.security.cas.web.CasAuthenticationFilter">
      <property name="authenticationManager" ref="authManager"/>
     <property name="authenticationSuccessHandler">
       <bean class="org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler">
        <property name="defaultTargetUrl" value="/myapps/homePage.html" />
        </bean>
    </property>
    </bean>   

     <bean id="ticketValidator" class="org.jasig.cas.client.validation.Cas20ServiceTicketValidator">
     <constructor-arg value="https://CAS_server.com/cas/login" />            
     </bean>



    <bean id="casAuthProvider" class="org.springframework.security.cas.authentication.CasAuthenticationProvider">
     <property name="ticketValidator" ref="ticketValidator"/>
     <property name="serviceProperties" ref="serviceProperties"/>
      <property name="authenticationUserDetailsService">
           <bean   class="org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper">
               <constructor-arg ref="userService" />
           </bean>
         </property> 
         <property name="key" value="empNumber"></property>  
      </bean>

Answer 1

在身份验证期间，CAS服务器通常会检索用户ID，但也会检索其属性。所以你可以在应用程序方面跳过这样做。将这些属性从CAS服务器发送到应用程序的方法是在正确配置CAS服务后使用SAML服务票证验证以允许发送这些属性： http://jasig.github.io/cas/current/integration/Attribute-Release.html https://github.com/Jasig/java-cas-client/blob/master/cas-client-core/src/main/java/org/jasig/cas/client/validation/Saml11TicketValidator.java

使用Spring Security从CAS Server成功登录后获取用户数据

1 个答案: