我未能集成现有的自定义单点登录服务(用于验证我的spring mvc应用程序-aka。 myApp - )。
将spring DispatcherServlet 映射到&#34; /&#34;后,无论是否有会话,myApp都会针对SSO应用程序跳过身份验证过程。< / p>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/mvc-dispatcher-servlet.xml</param-value>
</context-param>
<!-- Spring MVC DispatcherServlet -->
<servlet>
<servlet-name>mvc-dispatcher</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>mvc-dispatcher</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
以下是我需要在myApp web.xml中集成的配置,以集成SSO身份验证:
<filter>
<filter-name>SSOAuthenticationFilter</filter-name>
<filter-class>custom.sso.SSOAuthenticationFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>SSOAuthenticationFilter</filter-name>
<url-pattern>/WEB-INF/views/*</url-pattern>
</filter-mapping>
<!-- Context Params -->
<context-param>
<param-name>myAppId</param-name>
<param-value>65asd5a4sd65asd65a4sd65asd4</param-value>
</context-param>
<context-param>
<param-name>loginPath</param-name>
<param-value>login.jsp</param-value>
</context-param>
<context-param>
<param-name>ssoAppPath</param-name>
<param-value>http://localhost:8080/SSO_AuthenticationApp</param-value>
</context-param>
<!-- SSO Login Servlet -->
<servlet>
<servlet-name>SSOloginServlet</servlet-name>
<servlet-class>custom.sso.SSOLoginServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>SSOloginServlet</servlet-name>
<url-pattern>/login</url-pattern>
</servlet-mapping>
<!-- SSO properties (myAppId, ssoAppPath, loginPath) -->
<listener>
<listener-class>custom.sso.SSOPropertiesRetriever</listener-class>
</listener>
如何配置spring以让SSO servlet执行身份验证过程?
我在考虑是否有一种方法可以在spring dispatcher-servlet-config.xml 中将customSSO servlet声明为bean?
或者可以在 @Controller 中实现它?
(我的手被束缚了sso,我被迫使用它进行身份验证,因为myApp将只是一个应用程序系列中的另一个通过这个自定义sso登录...我更愿意使用spring安全而不是)。
感谢。
编辑:
我最终选择迁移到Spring Boot,似乎更清楚地以这种方式配置项目。
答案 0 :(得分:0)
对于过滤器,您可以使用SpringFilter并在bean中实现逻辑:
<filter>
<filter-name>springFilter</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
<init-param>
<param-name>targetBeanName</param-name>
<param-value>authenticationFilter</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>springFilter</filter-name>
<url-pattern>/some-url</url-pattern>
</filter-mapping>
对于servlet,我猜你可能需要将映射更改为如下所示:
<servlet>
<servlet-name>loginServlet</servlet-name>
<servlet-class>my.package.LoginServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>loginServlet</servlet-name>
<url-pattern>/login</url-pattern>
</servlet-mapping>
<servlet>
<servlet-name>dispatcherServlet</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/mvc-config.xml</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>dispatcherServlet</servlet-name>
<url-pattern>/app/*</url-pattern>
</servlet-mapping>
我假设所有内容都在同一个WEB.xml文件中