最近做webide项目,需要用到单点登录和单点登出,经推荐选择了CAS。相关的文章比较多,这里主要整理了下:
CAS架构:
http://jasig.github.io/cas/4.1.x/planning/Architecture.html
CAS认证原理(SSO):
https://idms.rutgers.edu/cas/how_does_it_work.shtml
主要是需要配置一个AuthenticationFilter判断是否认证并跳转到CAS页面认证和TicketValidationFilter来从CAS服务器获取用户信息并创建Session
CAS登出原理(SLO):
http://jasig.github.io/cas/development/installation/Logout-Single-Signout.html
http://www.blogjava.net/conans/articles/214078.html
需要配置SingleSignOutFilter和SingleSignOutHttpSessionListener处理CAS发来的消息,销毁Session
CAS使用与配置:
http://www.kafeitu.me/sso/2010/11/05/sso-cas-full-course.html
https://wiki.jasig.org/display/casc/cas+client+for+java+3.1
CAS客户端代码(里面有相关fliter参数的配置介绍):
https://github.com/Jasig/java-cas-client
