当前位置: 首页 > 工具软件 > buji-pac4j > 使用案例 >

关于pac4j整合cas shiro

薛滨海
2023-12-01

引入依赖

<dependencies>
    <!-- shiro-spring -->
    <dependency>
        <groupId>org.apache.shiro</groupId>
        <artifactId>shiro-spring</artifactId>
    </dependency>
    <!-- buji-pac4j -->
    <dependency>
        <groupId>io.buji</groupId>
        <artifactId>buji-pac4j</artifactId>
        <version>4.1.0</version>
    </dependency>
    <!-- shiro-cas -->
    <dependency>
        <groupId>org.pac4j</groupId>
        <artifactId>pac4j-cas</artifactId>
        <version>3.6.1</version>
    </dependency>
</dependencies>

配置web.xml文件

 <?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
		 xmlns="http://java.sun.com/xml/ns/javaee"
		 xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
       http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
		 version="3.0">

	<!-- 配置单点退出过滤器 -->
	<filter>
		<filter-name>ssoutFilter</filter-name>
		<filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>
		<!-- 配置CAS服务URL前缀 -->
		<init-param>
			<param-name>casServerUrlPrefix</param-name>
			<param-value>http://sso.pinyougou.com</param-value>
		</init-param>
	</filter>
	<filter-mapping>
		<filter-name>ssoutFilter</filter-name>
		<url-pattern>/*</url-pattern>
	</filter-mapping>

	<!-- 配置Spring核心监听器 -->
	<context-param>
		<param-name>contextConfigLocation</param-name>
		<param-value>classpath:applicationContext-*.xml</param-value>
	</context-param>
	<listener>
		<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
	</listener>

	<!-- 配置Spring委派过滤器代理(要求Spring容器中有了个bean的id为shiroFilter) -->
	<filter>
		<filter-name>shiroFilter</filter-name>
		<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
	</filter>
	<filter-mapping>
		<filter-name>shiroFilter</filter-name>
		<url-pattern>/*</url-pattern>
	</filter-mapping>

	<!-- 配置Spring MVC前端控制器(核心控制器) -->
	<servlet>
		<servlet-name>pinyougou</servlet-name>
		<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
		<init-param>
			<param-name>contextConfigLocation</param-name>
			<param-value>classpath:springmvc.xml</param-value>
		</init-param>
		<load-on-startup>1</load-on-startup>
	</servlet>
	<servlet-mapping>
		<servlet-name>pinyougou</servlet-name>
		<url-pattern>/</url-pattern>
	</servlet-mapping>

	<!-- 配置全局编码过滤器 -->
	<filter>
		<filter-name>characterEncodingFilter</filter-name>
		<filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>
		<init-param>
			<param-name>encoding</param-name>
			<param-value>UTF-8</param-value>
		</init-param>
	</filter>
	<filter-mapping>
		<filter-name>characterEncodingFilter</filter-name>
		<url-pattern>/*</url-pattern>
	</filter-mapping>

	<welcome-file-list>
		<welcome-file>home-index.html</welcome-file>
	</welcome-file-list>
</web-app>

shiro.xml

<?xml version="1.0" encoding="utf-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xsi:schemaLocation="http://www.springframework.org/schema/beans
       http://www.springframework.org/schema/beans/spring-beans.xsd">

    <!-- 配置shiro过滤器工厂 -->
    <bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
        <!-- 配置注入安全管理对象 -->
        <property name="securityManager" ref="securityManager"/>
        <!-- 配置过滤器 -->
        <property name="filters">
            <map>
                <!-- 1. 安全过滤器,拦截需要登录的URL -->
                <entry key="security">
                    <bean class="io.buji.pac4j.filter.SecurityFilter">
                        <property name="config" ref="config"/>
                    </bean>
                </entry>
                <!-- 2. 回调过滤器,完成ticket验证 -->
                <entry key="callback">
                    <bean class="io.buji.pac4j.filter.CallbackFilter">
                        <property name="config" ref="config"/>
                        <!-- 验证通过后默认重定向URL -->
                        <property name="defaultUrl" value="http://user.pinyougou.com"/>
                    </bean>
                </entry>
                <!-- 3. 退出过滤器,拦截需要退出的URL -->
                <entry key="logout">
                    <bean class="io.buji.pac4j.filter.LogoutFilter">
                        <property name="config" ref="config"/>
                        <!-- 中央退出 -->
                        <property name="centralLogout" value="true"/>
                        <!-- 本地退出 -->
                        <property name="localLogout" value="true"/>
                        <!-- 退出成功后默认重定向URL -->
                        <property name="defaultUrl" value="http://www.pinyougou.com"/>
                    </bean>
                </entry>
            </map>
        </property>
        <!--  配置URL过滤器链(配置顺序为自上而下) -->
        <property name="filterChainDefinitions">
            <value>
                /css/** = anon
                /img/** = anon
                /js/** = anon
                /plugins/** = anon
                /register.html = anon
                /user/save = anon
                /user/sendCode = anon

                /callback = callback
                /logout = logout
                /** = security
            </value>
        </property>
    </bean>
    <!-- pac4j配置 -->
    <bean id="config" class="org.pac4j.core.config.Config">
        <constructor-arg name="client" ref="casClient"/>
    </bean>
    <!-- 配置CAS客户端 -->
    <bean id="casClient" class="org.pac4j.cas.client.CasClient">
        <!-- 设置cas服务端信息 -->
        <property name="configuration" ref="casConfiguration"/>
        <!-- 登录成功后重定向回来的请求URL -->
        <property name="callbackUrl" value="http://user.pinyougou.com/callback"/>
        <!-- 设置客户端名称(client_name=CasClient)默认 -->
        <property name="name" value="CasClient"/>
    </bean>
    <!-- 配置cas服务端信息 -->
    <bean id="casConfiguration" class="org.pac4j.cas.config.CasConfiguration">
        <!-- CAS服务端登录请求URL -->
        <property name="loginUrl" value="http://sso.pinyougou.com/login/"/>
        <!-- CAS服务端请求URL前缀-->
        <property name="prefixUrl" value="http://sso.pinyougou.com/"/>
    </bean>

    <!-- 配置安全管理器 -->
    <bean id="securityManager"
          class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
        <!-- 配置自定义身份认证域-->
        <property name="realm" ref="pac4jRealm"/>
    </bean>
    <!-- 自定义身份认证域 -->
    <bean id="pac4jRealm" class="com.pinyougou.user.realm.CasPac4jRealm"/>
</beans>

自定义认证域

/** 自定义身份认证域 */
public class CasPac4jRealm extends Pac4jRealm{
    // 验证用户身份(Cas已认证)
    @Override
    protected AuthenticationInfo 
       doGetAuthenticationInfo(AuthenticationToken token) {
        // 调用Pac4jRealm实现的认证方法
        AuthenticationInfo authc = super.doGetAuthenticationInfo(token);
        // 获取登录用户名
        String username = ((Pac4jPrincipal) authc.getPrincipals()
                .getPrimaryPrincipal()).getName();
        System.out.println("username = " + username);
        return authc;
    }
    // 设置角色和权限
    @Override
    protected AuthorizationInfo 
       doGetAuthorizationInfo(PrincipalCollection principals) {
        // 获取登录用户名
        String username = ((Pac4jPrincipal)principals
                .getPrimaryPrincipal()).getName();
        System.out.println("username = " + username);
        return null;
    }
}

获取用户名

1.String goodsName = (String) SecurityUtils.getSubject().getPrincipal();
                                     
2.Pac4jPrincipal principal = (Pac4jPrincipal) SecurityUtils.getSubject().getPrincipal();
   String goodsName = principal.getName()

3.使用HttpServletRequest作为参数,String goodsName =request.getRemoteUser();

三种获取用户名的方式

第一种是shiro的写法
第二种是pic4j整合了shiro和cas后的写法
第三种是cas的写法
 类似资料: