Changes for page CAS Java klient
Last modified by Petr Abrahamczik on 16.04.2024 10:22
From version 7.1
edited by Petr Abrahamczik
on 07.02.2019 10:56
on 07.02.2019 10:56
Change comment:
There is no comment for this version
To version 13.1
edited by Petr Abrahamczik
on 07.02.2019 13:43
on 07.02.2019 13:43
Change comment:
There is no comment for this version
Summary
-
Page properties (1 modified, 0 added, 0 removed)
Details
- Page properties
-
- Content
-
... ... @@ -1,93 +1,166 @@ 1 -V ukázkovém příkladu je popsán způsob konfigurace webové aplikace v Javě pomocí [[Java Apereo CAS Client>>https://github.com/apereo/java-cas-client]]. 1 +V ukázkovém příkladu je popsán základní způsob konfigurace webové aplikace v Javě pomocí [[Java Apereo CAS Client>>https://github.com/apereo/java-cas-client]]. Aplikace je schopna získat přihlášeného uživatele pomocí CAS v3 protokolu. 2 2 3 3 1. Do aplikace je potřeba přidat knihovny klienta https://mvnrepository.com/artifact/org.jasig.cas.client/cas-client-core buď přímo a nebo pomocí nějakého buildovacího nástroje např. Maven.((( 4 -{{code language="xml"}} }4 +{{code language="xml"}} 5 5 <dependency> 6 - 7 - 8 - 6 + <groupId>org.jasig.cas.client</groupId> 7 + <artifactId>cas-client-core</artifactId> 8 + <version>3.5.1</version> 9 9 </dependency> 10 10 {{/code}} 11 11 ))) 12 -1. Nakonfigurovat web.xml. V uvedené konfiguraci je nutné nahradit adresu klienta https://klient.vsb.cz s URL našeho serveru.((( 13 -{{code language="xml"}}} 14 - <filter> 15 - <filter-name>CAS Single Sign Out Filter</filter-name> 16 - <filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class> 17 - <init-param> 18 - <param-name>casServerUrlPrefix</param-name> 19 - <param-value>https://www.sso.vsb.cz</param-value> 20 - </init-param> 21 - </filter> 22 - 23 - <filter> 24 - <filter-name>CAS Authentication Filter</filter-name> 25 - <filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class> 26 - <init-param> 27 - <param-name>casServerUrlPrefix</param-name> 28 - <param-value>https://www.sso.vsb.cz</param-value> 29 - </init-param> 30 - <init-param> 31 - <param-name>serverName</param-name> 32 - <param-value>https://klient.vsb.cz</param-value> 33 - </init-param> 34 - </filter> 12 +1. Nakonfigurovat ##web.xml##. V uvedené konfiguraci je nutné nahradit adresu klienta https://klient.vsb.cz s URL našeho serveru. V mapování filtru ##CAS Authentication Filter## je možné uvést místo ##/*## kontext do chráněné zóny aplikace např.((( 13 +/private/* 14 + 15 +{{code language="xml"}} 16 +<filter> 17 + <filter-name>CAS Single Sign Out Filter</filter-name> 18 + <filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class> 19 + <init-param> 20 + <param-name>casServerUrlPrefix</param-name> 21 + <param-value>https://www.sso.vsb.cz</param-value> 22 + </init-param> 23 +</filter> 24 + 25 +<filter> 26 + <filter-name>CAS Authentication Filter</filter-name> 27 + <filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class> 28 + <init-param> 29 + <param-name>casServerUrlPrefix</param-name> 30 + <param-value>https://www.sso.vsb.cz</param-value> 31 + </init-param> 32 + <init-param> 33 + <param-name>serverName</param-name> 34 + <param-value>https://klient.vsb.cz</param-value> 35 + </init-param> 36 +</filter> 35 35 36 - 37 - 38 - 39 - 40 - 41 - 42 - 43 - 44 - 45 - 46 - 47 - 38 +<filter> 39 + <filter-name>CAS Validation Filter</filter-name> 40 + <filter-class>org.jasig.cas.client.validation.Cas30ProxyReceivingTicketValidationFilter</filter-class> 41 + <init-param> 42 + <param-name>casServerUrlPrefix</param-name> 43 + <param-value>https://www.sso.vsb.cz</param-value> 44 + </init-param> 45 + <init-param> 46 + <param-name>serverName</param-name> 47 + <param-value>https://klient.vsb.cz</param-value> 48 + </init-param> 49 +</filter> 48 48 49 - 50 - 51 - 52 - 53 - 54 - 55 - 56 - 57 - 51 +<filter> 52 + <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name> 53 + <filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class> 54 +</filter> 55 + 56 +<filter> 57 + <filter-name>CAS Assertion Thread Local Filter</filter-name> 58 + <filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class> 59 +</filter> 58 58 59 - 60 - 61 - 62 - 61 +<filter-mapping> 62 + <filter-name>CAS Single Sign Out Filter</filter-name> 63 + <url-pattern>/*</url-pattern> 64 +</filter-mapping> 63 63 64 - 65 - 66 - 67 - 66 +<filter-mapping> 67 + <filter-name>CAS Authentication Filter</filter-name> 68 + <url-pattern>/*</url-pattern> 69 +</filter-mapping> 68 68 69 - 70 - 71 - 72 - 71 +<filter-mapping> 72 + <filter-name>CAS Validation Filter</filter-name> 73 + <url-pattern>/*</url-pattern> 74 +</filter-mapping> 73 73 74 - 75 - 76 - 77 - 76 +<filter-mapping> 77 + <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name> 78 + <url-pattern>/*</url-pattern> 79 +</filter-mapping> 78 78 79 - 80 - 81 - 82 - 81 +<filter-mapping> 82 + <filter-name>CAS Assertion Thread Local Filter</filter-name> 83 + <url-pattern>/*</url-pattern> 84 +</filter-mapping> 83 83 84 - 85 - 86 - 86 +<listener> 87 + <listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class> 88 +</listener> 87 87 {{/code}} 90 + 91 +(% class="box" %) 92 +((( 93 +(% class="code" %) 94 +((( 95 +(% style="color:#008000; font-weight:bold" %)##**<filter>**##(%%)## 96 + (% style="color:#008000; font-weight:bold" %)**<filter-name>**(%%)CAS Single Sign Out Filter(% style="color:#008000; font-weight:bold" %)**</filter-name>**(%%) 97 + (% style="color:#008000; font-weight:bold" %)**<filter-class>**(%%)org.jasig.cas.client.session.SingleSignOutFilter(% style="color:#008000; font-weight:bold" %)**</filter-class>**(%%) 98 + (% style="color:#008000; font-weight:bold" %)**<init-param>**(%%) 99 + (% style="color:#008000; font-weight:bold" %)**<param-name>**(%%)casServerUrlPrefix(% style="color:#008000; font-weight:bold" %)**</param-name>**(%%) 100 + (% style="color:#008000; font-weight:bold" %)**<param-value>**(%%)https:~/~/www.sso.vsb.cz(% style="color:#008000; font-weight:bold" %)**</param-value>**(%%) 101 + (% style="color:#008000; font-weight:bold" %)**</init-param>**(%%) 102 +(% style="color:#008000; font-weight:bold" %)**</filter>**(%%) 103 +\\(% style="color:#008000; font-weight:bold" %)**<filter>**(%%) 104 + (% style="color:#008000; font-weight:bold" %)**<filter-name>**(%%)CAS Authentication Filter(% style="color:#008000; font-weight:bold" %)**</filter-name>**(%%) 105 + (% style="color:#008000; font-weight:bold" %)**<filter-class>**(%%)org.jasig.cas.client.authentication.AuthenticationFilter(% style="color:#008000; font-weight:bold" %)**</filter-class>**(%%) 106 + (% style="color:#008000; font-weight:bold" %)**<init-param>**(%%) 107 + (% style="color:#008000; font-weight:bold" %)**<param-name>**(%%)casServerUrlPrefix(% style="color:#008000; font-weight:bold" %)**</param-name>**(%%) 108 + (% style="color:#008000; font-weight:bold" %)**<param-value>**(%%)https:~/~/www.sso.vsb.cz(% style="color:#008000; font-weight:bold" %)**</param-value>**(%%) 109 + (% style="color:#008000; font-weight:bold" %)**</init-param>**(%%) 110 + (% style="color:#008000; font-weight:bold" %)**<init-param>**(%%) 111 + (% style="color:#008000; font-weight:bold" %)**<param-name>**(%%)serverName(% style="color:#008000; font-weight:bold" %)**</param-name>**(%%) 112 + (% style="color:#008000; font-weight:bold" %)**<param-value>**(%%)https:~/~/klient.vsb.cz(% style="color:#008000; font-weight:bold" %)**</param-value>**(%%) 113 + (% style="color:#008000; font-weight:bold" %)**</init-param>**(%%) 114 +(% style="color:#008000; font-weight:bold" %)**</filter>**(%%) 115 + 116 +(% style="color:#008000; font-weight:bold" %)**<filter>**(%%) 117 + (% style="color:#008000; font-weight:bold" %)**<filter-name>**(%%)CAS Validation Filter(% style="color:#008000; font-weight:bold" %)**</filter-name>**(%%) 118 + (% style="color:#008000; font-weight:bold" %)**<filter-class>**(%%)org.jasig.cas.client.validation.Cas30ProxyReceivingTicketValidationFilter(% style="color:#008000; font-weight:bold" %)**</filter-class>**(%%) 119 + (% style="color:#008000; font-weight:bold" %)**<init-param>**(%%) 120 + (% style="color:#008000; font-weight:bold" %)**<param-name>**(%%)casServerUrlPrefix(% style="color:#008000; font-weight:bold" %)**</param-name>**(%%) 121 + (% style="color:#008000; font-weight:bold" %)**<param-value>**(%%)https:~/~/www.sso.vsb.cz(% style="color:#008000; font-weight:bold" %)**</param-value>**(%%) 122 + (% style="color:#008000; font-weight:bold" %)**</init-param>**(%%) 123 + (% style="color:#008000; font-weight:bold" %)**<init-param>**(%%) 124 + (% style="color:#008000; font-weight:bold" %)**<param-name>**(%%)serverName(% style="color:#008000; font-weight:bold" %)**</param-name>**(%%) 125 + (% style="color:#008000; font-weight:bold" %)**<param-value>**(%%)https:~/~/klient.vsb.cz(% style="color:#008000; font-weight:bold" %)**</param-value>**(%%) 126 + (% style="color:#008000; font-weight:bold" %)**</init-param>**(%%) 127 +(% style="color:#008000; font-weight:bold" %)**</filter>**(%%) 128 +\\(% style="color:#008000; font-weight:bold" %)**<filter>**(%%) 129 + (% style="color:#008000; font-weight:bold" %)**<filter-name>**(%%)CAS HttpServletRequest Wrapper Filter(% style="color:#008000; font-weight:bold" %)**</filter-name>**(%%) 130 + (% style="color:#008000; font-weight:bold" %)**<filter-class>**(%%)org.jasig.cas.client.util.HttpServletRequestWrapperFilter(% style="color:#008000; font-weight:bold" %)**</filter-class>**(%%) 131 +(% style="color:#008000; font-weight:bold" %)**</filter>**(%%) 132 +\\(% style="color:#008000; font-weight:bold" %)**<filter>**(%%) 133 + (% style="color:#008000; font-weight:bold" %)**<filter-name>**(%%)CAS Assertion Thread Local Filter(% style="color:#008000; font-weight:bold" %)**</filter-name>**(%%) 134 + (% style="color:#008000; font-weight:bold" %)**<filter-class>**(%%)org.jasig.cas.client.util.AssertionThreadLocalFilter(% style="color:#008000; font-weight:bold" %)**</filter-class>**(%%) 135 +(% style="color:#008000; font-weight:bold" %)**</filter>**(%%) 136 +\\(% style="color:#008000; font-weight:bold" %)**<filter-mapping>**(%%) 137 + (% style="color:#008000; font-weight:bold" %)**<filter-name>**(%%)CAS Single Sign Out Filter(% style="color:#008000; font-weight:bold" %)**</filter-name>**(%%) 138 + (% style="color:#008000; font-weight:bold" %)**<url-pattern>**(%%)/*(% style="color:#008000; font-weight:bold" %)**</url-pattern>**(%%) 139 +(% style="color:#008000; font-weight:bold" %)**</filter-mapping>**(%%) 140 +\\(% style="color:#008000; font-weight:bold" %)**<filter-mapping>**(%%) 141 + (% style="color:#008000; font-weight:bold" %)**<filter-name>**(%%)CAS Authentication Filter(% style="color:#008000; font-weight:bold" %)**</filter-name>**(%%) 142 + (% style="color:#008000; font-weight:bold" %)**<url-pattern>**(%%)/*(% style="color:#008000; font-weight:bold" %)**</url-pattern>**(%%) 143 +(% style="color:#008000; font-weight:bold" %)**</filter-mapping>**(%%) 144 + 145 +(% style="color:#008000; font-weight:bold" %)**<filter-mapping>**(%%) 146 + (% style="color:#008000; font-weight:bold" %)**<filter-name>**(%%)CAS Validation Filter(% style="color:#008000; font-weight:bold" %)**</filter-name>**(%%) 147 + (% style="color:#008000; font-weight:bold" %)**<url-pattern>**(%%)/*(% style="color:#008000; font-weight:bold" %)**</url-pattern>**(%%) 148 +(% style="color:#008000; font-weight:bold" %)**</filter-mapping>**(%%) 149 + 150 +(% style="color:#008000; font-weight:bold" %)**<filter-mapping>**(%%) 151 + (% style="color:#008000; font-weight:bold" %)**<filter-name>**(%%)CAS HttpServletRequest Wrapper Filter(% style="color:#008000; font-weight:bold" %)**</filter-name>**(%%) 152 + (% style="color:#008000; font-weight:bold" %)**<url-pattern>**(%%)/*(% style="color:#008000; font-weight:bold" %)**</url-pattern>**(%%) 153 +(% style="color:#008000; font-weight:bold" %)**</filter-mapping>**(%%) 154 +\\(% style="color:#008000; font-weight:bold" %)**<filter-mapping>**(%%) 155 + (% style="color:#008000; font-weight:bold" %)**<filter-name>**(%%)CAS Assertion Thread Local Filter(% style="color:#008000; font-weight:bold" %)**</filter-name>**(%%) 156 + (% style="color:#008000; font-weight:bold" %)**<url-pattern>**(%%)/*(% style="color:#008000; font-weight:bold" %)**</url-pattern>**(%%) 157 +(% style="color:#008000; font-weight:bold" %)**</filter-mapping>**(%%) 158 +\\(% style="color:#008000; font-weight:bold" %)**<listener>**(%%) 159 + (% style="color:#008000; font-weight:bold" %)**<listener-class>**(%%)org.jasig.cas.client.session.SingleSignOutHttpSessionListener(% style="color:#008000; font-weight:bold" %)**</listener-class>**(%%) 160 +(% style="color:#008000; font-weight:bold" %)**</listener>**(%%)## 88 88 ))) 89 - 1. CAS server musí důvěřovat certifikátu klienta (může se stát, že bude potřeba přidat certifikát na CAS server)a zároveň90 - klient musí důvěřovat certifikátu serveru.162 +))) 163 +))) 91 91 1. Pro odhlášení uživatele z CAS je potřeba přistoupit na url ##https:~/~/www.sso.vsb.cz/logout##.((( 92 92 Před odhlášením z CAS je vhodné zrušit session v aplikaci klienta (zaleží to však na konkrétním klientu). 93 93 ... ... @@ -97,8 +97,8 @@ 97 97 např. ##https:~/~/www.sso.vsb.cz/logout?service=https%3A%2F%2Fklient.vsb.cz## 98 98 ))) 99 99 1. Přihlášenou osobu v aplikaci lze pak jednoduše zjistit pomoci((( 100 -{{code language="java"}} }101 - 173 +{{code language="java"}} 174 +request.getRemoteUser(); 102 102 {{/code}} 103 103 ))) 104 104