我在jboss上有一个应用程序,我想用CAS登录。在我的应用程序中,我扩展了Cas20ProxyReceivingTicketValidationFilter,我试图覆盖onSuccessfulValidation方法来做某事(我需要在我的应用程序中知道谁登录,所以我需要从CAS获取用户名),但我注意到它从未被调用,这种方法。经过一些谷歌搜索后,我发现CAS在我的servlet发出的请求中使用了AttributePrincipal,但在从CAS返回后,在doGET方法的请求中,principal为null。有人能告诉我我做错了什么吗?为什么我无法从CAS获取servlet中的用户名? 谢谢。
更新1: 所以我开始调试所有内容,当它进入时我注意到了:
public final void doFilter(final ServletRequest servletRequest, final ServletResponse servletResponse, final FilterChain filterChain) throws IOException, ServletException {
票证为空(即使我在上次登录后访问该页面(因此它应该有票证))。更重要的是,我读到CAS应该在变量userPrincipal中添加一些东西,但在这个过滤器中,它是null。会话为空。我无法在任何变量中找到我在CAS中引入的用户名。为了清楚起见,我在Cas20ProxyReceivingTicketValidationFilter中调试,我认为我应该找到我的用户名。仍然希望得到一些帮助:)
更新2: 我不知道该怎么做了。如果有帮助,请点击我的servlet web.xml:
<!DOCTYPE web-app PUBLIC
"-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
"http://java.sun.com/dtd/web-app_2_3.dtd" >
<web-app>
<display-name>Archetype Created Web Application</display-name>
<!--**********Filter 1********** -->
<filter>
<filter-name>CAS Authentication Filter</filter-name>
<filter-class>org.jasig.cas.client.authentication.Saml11AuthenticationFilter</filter-class>
<init-param>
<param-name>casServerLoginUrl</param-name>
<param-value>https://135.243.36.205:8443/cas/login</param-value>
</init-param>
<init-param>
<param-name>service</param-name>
<param-value>http://localhost:8080/casuser</param-value>
</init-param>
</filter>
<!--**************************** -->
<!--**********Filter 2********** -->
<filter>
<filter-name>CAS Validation Filter</filter-name>
<filter-class>org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</filter-class>
<init-param>
<param-name>casServerUrlPrefix</param-name>
<param-value>https://135.243.36.205:8443/cas</param-value>
</init-param>
<init-param>
<param-name>service</param-name>
<param-value>http://localhost:8080/casuser</param-value>
</init-param>
</filter>
<!--**************************** -->
<!--**********Filter 3********** -->
<filter>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class>
</filter>
<!--**************************** -->
<!--**********Filter 4********** -->
<filter>
<filter-name>CAS Assertion Thread Local Filter</filter-name>
<filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class>
</filter>
<!--**************************** -->
<filter>
<filter-name>CAS Single Sign Out Filter</filter-name>
<filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CAS Single Sign Out Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS Authentication Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS Validation Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS Assertion Thread Local Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<security-constraint>
<web-resource-collection>
<web-resource-name>Java CAS Client Test Application</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<servlet>
<servlet-name>cas</servlet-name>
<servlet-class>soo.cas.Index</servlet-class>
<!--<init-param> <param-name>keystoreFile</param-name> <param-value>lib/security/GiaKeystore.jks</param-value>
</init-param> <init-param> <param-name>keystorePassword</param-name> <param-value>The.GIA.Keystore.Password</param-value>
</init-param> <init-param> <param-name>privateKeyAlias</param-name> <param-value>giakey</param-value>
</init-param> <init-param> <param-name>privateKeyPassword</param-name> <param-value>The.GIA.Private.Key.Password</param-value>
</init-param> <init-param> <param-name>cookiePath</param-name> <param-value>/</param-value>
</init-param> <init-param> <param-name>cookieDomain</param-name> <param-value></param-value>
</init-param> <init-param> <param-name>cookieDurationInSeconds</param-name>
<param-value>3600</param-value> </init-param> -->
<init-param>
<param-name>encodeServletRedirect</param-name>
<param-value>false</param-value>
</init-param>
</servlet>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
</web-app>
这是我的Index.java:
package soo.cas;
import java.io.*;
import java.security.GeneralSecurityException;
import java.util.*;
import javax.servlet.*;
import javax.servlet.http.*;
import org.apache.log4j.Logger;
import soo.util.*;
public class Index extends HttpServlet{
private Ticket myTicket = new Ticket();
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException
{
String username = request.getRemoteUser();
PrintWriter out = response.getWriter();
out.println("Test\n");
out.println(username);
}
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException
{
String username = request.getRemoteUser();
PrintWriter out = response.getWriter();
out.println("Test\n");
out.println(username);
}
}
Principal为null,ticket为null,request.getRemoteUser()为null ... 拜托,有人可以帮助我吗?
这可能是因为我的CAS服务器中有一些配置吗?或者因为我使用CAS协议进行验证? 另外,这可能是因为它总是在我的servlet中使用doGET方法而且我读到验证过滤器应该调用doPOST方法......?
答案 0 :(得分:1)
您的过滤器混合了两种协议...... SAML 1.1&amp; CAS 2.0。身份验证过滤器和验证过滤器成对出现。让它们保持一致:
org.jasig.cas.client.authentication.AuthenticationFilter
和org.jasig.cas.client.validation.Cas10TicketValidationFilter
(或org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter
)
如果需要用户属性,请使用
org.jasig.cas.client.authentication.Saml11AuthenticationFilter
和org.jasig.cas.client.validation.Saml11TicketValidationFilter
请参阅https://wiki.jasig.org/display/CASC/Configuring+the+Jasig+CAS+Client+for+Java+in+the+web.xml
上的过滤器详细信息