`
jacally
  • 浏览: 760995 次
  • 性别: Icon_minigender_1
  • 来自: 广州
社区版块
存档分类
最新评论

CAS 单点登录安装笔记3 -- 与acegi集成

    博客分类:
  • JAVA
AcegiSSOSecurity.netJSP 
阅读更多
CAS 单点登录安装笔记3
-- 与acegi集成

在我的项目中应用了acigi安全框架,以下是结合yale cas单点登录系统进行的相关配置 

 <!-- =========  Acegi as a CAS Client的配置============= --> 
	<bean id="authenticationProcessingFilter"
		class="org.acegisecurity.ui.cas.CasProcessingFilter">
		<property name="authenticationManager"
			ref="authenticationManager" />
		<property name="authenticationFailureUrl"
			value="/login.do?login_error=1" />
		<property name="defaultTargetUrl" value="/main.do" />
		
        <property name="filterProcessesUrl">
            <value>/j_acegi_cas_security_check</value>
        </property>		

		<property name="rememberMeServices" ref="rememberMeServices" />
		<property name="exceptionMappings">
            <value>
				org.acegisecurity.AuthenticationServiceException=/login.do?login_error=user_not_found_error
				org.acegisecurity.BadCredentialsException=/login.do?login_error=user_psw_error
				org.acegisecurity.concurrent.ConcurrentLoginException=/login.do?login_error=too_many_user_error
				org.acegisecurity.DisabledException=/login.do?login_error=disabled_user_error
            </value>
        </property> 		
	</bean>	
	 
    <bean id="exceptionTranslationFilter" class="org.acegisecurity.ui.ExceptionTranslationFilter">
        <property name="authenticationEntryPoint">
            <ref local="casProcessingFilterEntryPoint"/>
        </property>
		<property name="accessDeniedHandler">
			<bean
				class="org.acegisecurity.ui.AccessDeniedHandlerImpl">
				<property name="errorPage"
					value="/errors/accessDenied.jsp" />
			</bean>
		</property>        
    </bean>
    
   <!-- cas config -->
    <bean id="casProcessingFilterEntryPoint" class="org.acegisecurity.ui.cas.CasProcessingFilterEntryPoint">
        <property name="loginUrl"><value>https://sso.gzps.net:8443/cas/login</value></property>
        <property name="serviceProperties"><ref local="serviceProperties"/></property>
    </bean>
    
    <bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager">
        <property name="providers">
            <list>
                <ref local="casAuthenticationProvider"/>
            </list>
        </property>
    </bean>
    
    <bean id="casAuthenticationProvider" class="org.acegisecurity.providers.cas.CasAuthenticationProvider">
        <property name="casAuthoritiesPopulator"><ref bean="casAuthoritiesPopulator"/></property>
        <property name="casProxyDecider"><ref local="casProxyDecider"/></property>
        <property name="ticketValidator"><ref local="casProxyTicketValidator"/></property>
        <property name="statelessTicketCache"><ref local="statelessTicketCache"/></property>
        <property name="key"><value>my_password_for_this_auth_provider_only</value></property>
    </bean>
    <bean id="casProxyTicketValidator" class="org.acegisecurity.providers.cas.ticketvalidator.CasProxyTicketValidator">
        <property name="casValidate"><value>https://sso.gzps.net:8443/cas/proxyValidate</value></property>
        <property name="serviceProperties"><ref local="serviceProperties"/></property>
    </bean>
    <!-- 
    <bean id="casProxyDecider" class="org.acegisecurity.providers.cas.proxy.AcceptAnyCasProxy" />
    -->
    <bean id="casProxyDecider" class="org.acegisecurity.providers.cas.proxy.RejectProxyTickets" />
    
    <bean id="serviceProperties" class="org.acegisecurity.ui.cas.ServiceProperties">
        <property name="service">
            <value>http://localhost:8080/aio/j_acegi_cas_security_check</value>
        </property>
        <property name="sendRenew">
            <value>false</value>
        </property>
    </bean>
    
    <bean id="statelessTicketCache" class="org.acegisecurity.providers.cas.cache.EhCacheBasedTicketCache">
        <property name="cache">
            <bean class="org.springframework.cache.ehcache.EhCacheFactoryBean">
                <property name="cacheManager">
                    <bean class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean"/>
                </property>
                <property name="cacheName" value="userCache"/>
            </bean>
        </property>
    </bean>
    
    <bean id="casAuthoritiesPopulator" class="org.acegisecurity.providers.cas.populator.DaoCasAuthoritiesPopulator">
        <property name="userDetailsService"><ref local="userDetailsService"/></property>
    </bean>

    <bean id="casProcessingFilter" class="org.acegisecurity.ui.cas.CasProcessingFilter">
        <property name="authenticationManager"><ref local="authenticationManager"/></property>
        <property name="authenticationFailureUrl"><value>/casfailed.jsp</value></property>
        <property name="defaultTargetUrl"><value>/</value></property>
        <property name="filterProcessesUrl"><value>/j_acegi_cas_security_check</value></property>
    </bean>
    
    
    <!-- ======================================================= -->
分享到:
| CAS 单点登录安装笔记2 -- 配置CAS,访问自 ...
评论
1 楼 xutianle 2009-02-17  
谢谢了,学习中!
发表评论

您还没有登录,请您登录后再发表评论

相关推荐

Magicbox
Global site tag (gtag.js) - Google Analytics