SSO之返回多個值

在做SSO時，有時不一定返回客戶端的不僅僅是用戶名，有時還會要求返回用戶ID等。


一、準備工作


cas官方網站

http://www.jasig.org/cas


下載最新的服務端 CAS Server 3.3.3 Final


cas官方網站上面的客戶端下載地址比較隱祕，沒有完全公開，具體地址爲

http://www.ja-sig.org/downloads/cas-clients/

下載最新的cas-client-3.1.6-release.zip


下載附件中的所有JAR包。


二、數據庫設置

create database userinfo
go
use userinfo

create table tb_userinfo(
	id int identity primary key,
	username varchar(20) NOT NULL,
	password varchar(50) NOT NULL
)


insert into tb_userinfo values('arix04','123456')

 

三、服務器設置


1、將服務器端解壓，將modules下面的cas-server-webapp-3.3.3.war部署到web服務器，重命名爲CAS.war，作爲單點的服務器。


2、導入modules中的cas-server-support-jdbc-3.3.3.jar包


3、導入數據庫驅動


4、導入附件中的所有文件


修改WEB-INF中的deployerConfigContext.xml文件


5、添加數據源

	<bean id="casDataSource" class="org.apache.commons.dbcp.BasicDataSource">
		<property name="driverClassName">
			<value>com.microsoft.sqlserver.jdbc.SQLServerDriver</value>
		</property>
		<property name="url">
			<value>jdbc:sqlserver://localhost:1433;databaseName=userinfo</value>
		</property>
		<property name="username">
			<value>sa</value>
		</property>
		<property name="password">
			<value>123456</value>
		</property>
	</bean>

 


6、配置authenticationManager下面的authenticationHandlers屬性


CAS原有的認證方式爲用戶名和密碼一樣，現在我們修改成通過數據庫查找


先將以下配置註釋掉

<bean
	class="org.jasig.cas.authentication.handler.support.SimpleTestUsernamePasswordAuthenticationHandler" />
					

 


在註釋掉的相應的位置加入以下配置

<bean class="org.jasig.cas.adaptors.jdbc.QueryDatabaseAuthenticationHandler">
                    <property name="dataSource" ref="casDataSource" />
                    <property name="sql" value="select password from tb_userinfo where username =  ?" />
</bean>

 


7、定義attributeRepository，通過jdbc查詢用戶的詳細信息，可以把用戶表的信息查詢出來。

<bean id="attributeRepository" class="org.jasig.services.persondir.support.jdbc.SingleRowJdbcPersonAttributeDao">   
	<constructor-arg index="0" ref="casDataSource" />   
	<constructor-arg index="1" >   
		<list>   
			<value>username</value>   
		</list>   
	</constructor-arg>   
	<constructor-arg index="2">   
		<value>   
			 select id,username,password from tb_userinfo where username = ?
		</value>   
	</constructor-arg>   
	<property name="columnsToAttributes">   
		<map>   
			<entry key="id" value="id" />   
			<entry key="userName" value="userName" />   
			<entry key="password" value="password" />   
		</map>   
	</property>   
</bean>   

 



8、配置authenticationManager中credentialsToPrincipalResolvers屬性

<bean
	class="org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver" >
	<property name="attributeRepository" ref="attributeRepository"/>

 




9、默認cas登錄服務器沒有把用戶信息傳到客戶端中，所以要修改WEB-INF\view\jsp\protocol\2.0\casServiceValidationSuccess.jsp文件，增加以下代碼：

<c:if test="${fn:length(assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.attributes) > 0}">   
<cas:attributes>   
<c:forEach var="attr" items="${assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.attributes}">   
                          
                                        <cas:${fn:escapeXml(attr.key)}>${fn:escapeXml(attr.value)}</cas:${fn:escapeXml(attr.key)}>   
   
                           
</c:forEach>     
</cas:attributes>   
</c:if>   

 


四、配置客戶端


1、解壓後把modules下面的包放到我們的web應用中。導入相慶的SPRING.JAR包


2.配置web.xml,注意encodingFilter要提前配置，不然會出現數據插入數據庫的時候有亂碼。

serverName是我們web應用的地址和端口

	<context-param>   
        <param-name>serverName</param-name>   
   
   
        <param-value>www.test.com:9080</param-value>   
   
    </context-param>   
        
        
    <filter>   
        <filter-name>encodingFilter</filter-name>   
        <filter-class>   
            org.springframework.web.filter.CharacterEncodingFilter    
        </filter-class>   
        <init-param>   
            <param-name>encoding</param-name>   
            <param-value>UTF-8</param-value>   
        </init-param>   
        <init-param>   
            <param-name>forceEncoding</param-name>   
            <param-value>true</param-value>   
        </init-param>   
    </filter>   
        
        
        
    <filter-mapping>   
        <filter-name>encodingFilter</filter-name>   
        <url-pattern>*.htm</url-pattern>   
    </filter-mapping>   
   
    <filter-mapping>   
        <filter-name>encodingFilter</filter-name>   
        <url-pattern>*.ftl</url-pattern>   
    </filter-mapping>   
   
    <filter-mapping>   
        <filter-name>encodingFilter</filter-name>   
        <url-pattern>*.xhtml</url-pattern>   
    </filter-mapping>   
    <filter-mapping>   
        <filter-name>encodingFilter</filter-name>   
        <url-pattern>*.html</url-pattern>   
    </filter-mapping>   
    <filter-mapping>   
        <filter-name>encodingFilter</filter-name>   
        <url-pattern>*.shtml</url-pattern>   
    </filter-mapping>   
   
   
    <filter-mapping>   
        <filter-name>encodingFilter</filter-name>   
        <url-pattern>*.jsp</url-pattern>   
    </filter-mapping>   
    <filter-mapping>   
        <filter-name>encodingFilter</filter-name>   
        <url-pattern>*.do</url-pattern>   
    </filter-mapping>   
    <filter-mapping>   
        <filter-name>encodingFilter</filter-name>   
        <url-pattern>*.vm</url-pattern>   
    </filter-mapping>   
        
        
        
        
        
    <filter>   
        <filter-name>CAS Single Sign Out Filter</filter-name>   
        <filter-class>   
            org.jasig.cas.client.session.SingleSignOutFilter    
        </filter-class>   
    </filter>   
    <filter-mapping>   
        <filter-name>CAS Single Sign Out Filter</filter-name>   
        <url-pattern>/*</url-pattern>   
    </filter-mapping>   
    <listener>   
        <listener-class>   
            org.jasig.cas.client.session.SingleSignOutHttpSessionListener    
        </listener-class>   
    </listener>   
    <filter>   
        <filter-name>CAS Authentication Filter</filter-name>   
        <filter-class>   
            org.jasig.cas.client.authentication.AuthenticationFilter    
        </filter-class>   
        <init-param>   
            <param-name>casServerLoginUrl</param-name>   
            <param-value>https://www.test.com:8443/cas/login</param-value>   
        </init-param>   
    </filter>   
    <filter>   
        <filter-name>CAS Validation Filter</filter-name>   
        <filter-class>   
            org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter    
        </filter-class>   
        <init-param>   
            <param-name>casServerUrlPrefix</param-name>   
            <param-value>https://www.test.com:8443/cas</param-value>   
        </init-param>   
    </filter>   
   
    <filter>   
        <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>   
        <filter-class>   
            org.jasig.cas.client.util.HttpServletRequestWrapperFilter    
        </filter-class>   
    </filter>   
    <filter>   
        <filter-name>CAS Assertion Thread Local Filter</filter-name>   
        <filter-class>   
            org.jasig.cas.client.util.AssertionThreadLocalFilter    
        </filter-class>   
    </filter>   
    <filter-mapping>   
        <filter-name>CAS Authentication Filter</filter-name>   
        <url-pattern>/*</url-pattern>   
    </filter-mapping>   
    <filter-mapping>   
        <filter-name>CAS Validation Filter</filter-name>   
        <url-pattern>/*</url-pattern>   
    </filter-mapping>   
    <filter-mapping>   
        <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>   
        <url-pattern>/*</url-pattern>   
    </filter-mapping>   
    <filter-mapping>   
        <filter-name>CAS Assertion Thread Local Filter</filter-name>   
        <url-pattern>/*</url-pattern>   
    </filter-mapping>   

3、得到相應的返回參數

		AttributePrincipal principal = (AttributePrincipal)request.getUserPrincipal();    
		String username = principal.getName();    
		Long id = Long.parseLong(principal.getAttributes().get("id").toString());  
		
		String password = principal.getAttributes().get("password").toString();
		out.println(username);
		out.println(id);
		out.println(password);