我正在将CAS服务器与Saml11TicketValidator结合使用以保护Spring Boot应用程序,并且我对ServiceProperty和SamlServiceProperties之间的区别以及每个配置的外观感到困惑。
让我以此作为开头,我知道ServiceProperties和SamlServiceProperties会将artifactParameter和serviceParameter设置为不同的值,这反映在重定向中使用的URL中。
public class ServiceProperties implements InitializingBean {
public static final String DEFAULT_CAS_ARTIFACT_PARAMETER = "ticket";
public static final String DEFAULT_CAS_SERVICE_PARAMETER = "service";
...
}
public final class SamlServiceProperties extends ServiceProperties {
public static final String DEFAULT_SAML_ARTIFACT_PARAMETER = "SAMLart";
public static final String DEFAULT_SAML_SERVICE_PARAMETER = "TARGET";
...
}
我发现,在配置我的应用程序时,我可以使用这两个类中的任何一个,并使其与以下两个配置以及基本配置一起正常工作。
ServiceProperties配置:
@Bean
public ServiceProperties casServiceProperties() {
final ServiceProperties serviceProperties = new ServiceProperties();
serviceProperties.setService(serviceUrl);
serviceProperties.setSendRenew(false);
return serviceProperties;
}
@Bean
public CasAuthenticationFilter casAuthenticationFilter() throws Exception {
final CasAuthenticationFilter casAuthenticationFilter = new CasAuthenticationFilter();
casAuthenticationFilter.setFilterProcessesUrl(loginFilterProcessesUrl);
casAuthenticationFilter.setAuthenticationManager(authenticationManager());
return casAuthenticationFilter;
}
SamlServiceProperties配置:
此CasAuthenticationFilter和以前的配置之间的唯一区别是我必须使用setServiceProperties方法。
@Bean
public SamlServiceProperties casServiceProperties(){
final SamlServiceProperties serviceProperties = new SamlServiceProperties();
serviceProperties.setService(serviceUrl);
serviceProperties.setSendRenew(false);
return serviceProperties;
}
@Bean
public CasAuthenticationFilter casAuthenticationFilter() throws Exception {
final CasAuthenticationFilter casAuthenticationFilter = new CasAuthenticationFilter();
casAuthenticationFilter.setFilterProcessesUrl(loginFilterProcessesUrl);
casAuthenticationFilter.setAuthenticationManager(authenticationManager());
casAuthenticationFilter.setServiceProperties(casServiceProperties()); // Had to set this for SamlServiceProperties to work
return casAuthenticationFilter;
}
基本配置(与配置1或2结合使用):
@Bean
public CasAuthenticationEntryPoint casAuthenticationEntryPoint() {
final CasAuthenticationEntryPoint casAuthenticationEntryPoint = new CasAuthenticationEntryPoint();
casAuthenticationEntryPoint.setLoginUrl(loginUrl);
casAuthenticationEntryPoint.setServiceProperties(casServiceProperties());
return casAuthenticationEntryPoint;
}
@Bean
public CasAuthenticationProvider casAuthenticationProvider() {
final CasAuthenticationProvider casAuthenticationProvider = new CasAuthenticationProvider();
casAuthenticationProvider.setAuthenticationUserDetailsService(casAuthenticationUserDetailsService);
casAuthenticationProvider.setServiceProperties(casServiceProperties());
casAuthenticationProvider.setTicketValidator(casTicketValidator());
casAuthenticationProvider.setKey(key);
return casAuthenticationProvider;
}
@Bean
public TicketValidator casTicketValidator() {
final Saml11TicketValidator ticketValidator = new Saml11TicketValidator(loginUrl);
return ticketValidator;
}
@Bean
public SingleSignOutFilter singleSignOutFilter() {
SingleSignOutFilter singleSignOutFilter = new SingleSignOutFilter();
singleSignOutFilter.setCasServerUrlPrefix(loginUrl);
singleSignOutFilter.setIgnoreInitConfiguration(true);
return singleSignOutFilter;
}
@EventListener
public SingleSignOutHttpSessionListener singleSignOutHttpSessionListener(HttpSessionEvent event) {
return new SingleSignOutHttpSessionListener();
}
问题1:
使用“机票”和“服务”与“ SAMLart”和“ TARGET”有什么区别?
问题2:
在配置2中,是否正确配置了SamlServiceProperties bean和CasAuthenticationFilter?配置1和配置2之间的唯一区别是,在配置2中,我必须使用setServiceProperties方法,否则它将失败。我在Javadoc之外找不到有关SamlServiceProperties类的任何文档。