Wiki source code of CAS Java klient
Version 13.2 by Petr Abrahamczik on 07.02.2019 13:44
Hide last authors
author | version | line-number | content |
---|---|---|---|
13.1 | 1 | V ukázkovém příkladu je popsán základní způsob konfigurace webové aplikace v Javě pomocí [[Java Apereo CAS Client>>https://github.com/apereo/java-cas-client]]. Aplikace je schopna získat přihlášeného uživatele pomocí CAS v3 protokolu. | |
2.1 | 2 | ||
13.2 | 3 | 1. Do webové aplikace je potřeba přidat knihovny klienta https://mvnrepository.com/artifact/org.jasig.cas.client/cas-client-core buď přímo a nebo pomocí nějakého buildovacího nástroje např. Maven.((( | |
8.1 | 4 | {{code language="xml"}} | |
2.1 | 5 | <dependency> | |
9.1 | 6 | <groupId>org.jasig.cas.client</groupId> | |
7 | <artifactId>cas-client-core</artifactId> | ||
8 | <version>3.5.1</version> | ||
2.1 | 9 | </dependency> | |
10 | {{/code}} | ||
11 | ))) | ||
13.1 | 12 | 1. Nakonfigurovat ##web.xml##. V uvedené konfiguraci je nutné nahradit adresu klienta https://klient.vsb.cz s URL našeho serveru. V mapování filtru ##CAS Authentication Filter## je možné uvést místo ##/*## kontext do chráněné zóny aplikace např.((( | |
13 | /private/* | ||
14 | |||
9.1 | 15 | {{code language="xml"}} | |
16 | <filter> | ||
17 | <filter-name>CAS Single Sign Out Filter</filter-name> | ||
18 | <filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class> | ||
19 | <init-param> | ||
20 | <param-name>casServerUrlPrefix</param-name> | ||
21 | <param-value>https://www.sso.vsb.cz</param-value> | ||
22 | </init-param> | ||
13.2 | 23 | </filter> | |
8.1 | 24 | ||
9.1 | 25 | <filter> | |
26 | <filter-name>CAS Authentication Filter</filter-name> | ||
27 | <filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class> | ||
28 | <init-param> | ||
29 | <param-name>casServerUrlPrefix</param-name> | ||
30 | <param-value>https://www.sso.vsb.cz</param-value> | ||
31 | </init-param> | ||
32 | <init-param> | ||
33 | <param-name>serverName</param-name> | ||
34 | <param-value>https://klient.vsb.cz</param-value> | ||
35 | </init-param> | ||
36 | </filter> | ||
2.1 | 37 | ||
9.1 | 38 | <filter> | |
39 | <filter-name>CAS Validation Filter</filter-name> | ||
40 | <filter-class>org.jasig.cas.client.validation.Cas30ProxyReceivingTicketValidationFilter</filter-class> | ||
41 | <init-param> | ||
42 | <param-name>casServerUrlPrefix</param-name> | ||
43 | <param-value>https://www.sso.vsb.cz</param-value> | ||
44 | </init-param> | ||
45 | <init-param> | ||
46 | <param-name>serverName</param-name> | ||
47 | <param-value>https://klient.vsb.cz</param-value> | ||
48 | </init-param> | ||
49 | </filter> | ||
13.2 | 50 | ||
9.1 | 51 | <filter> | |
52 | <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name> | ||
53 | <filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class> | ||
54 | </filter> | ||
55 | |||
56 | <filter> | ||
57 | <filter-name>CAS Assertion Thread Local Filter</filter-name> | ||
58 | <filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class> | ||
13.2 | 59 | </filter> | |
60 | |||
9.1 | 61 | <filter-mapping> | |
62 | <filter-name>CAS Single Sign Out Filter</filter-name> | ||
63 | <url-pattern>/*</url-pattern> | ||
64 | </filter-mapping> | ||
13.2 | 65 | ||
9.1 | 66 | <filter-mapping> | |
67 | <filter-name>CAS Authentication Filter</filter-name> | ||
68 | <url-pattern>/*</url-pattern> | ||
69 | </filter-mapping> | ||
2.1 | 70 | ||
9.1 | 71 | <filter-mapping> | |
72 | <filter-name>CAS Validation Filter</filter-name> | ||
73 | <url-pattern>/*</url-pattern> | ||
74 | </filter-mapping> | ||
2.1 | 75 | ||
9.1 | 76 | <filter-mapping> | |
77 | <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name> | ||
78 | <url-pattern>/*</url-pattern> | ||
79 | </filter-mapping> | ||
13.2 | 80 | ||
9.1 | 81 | <filter-mapping> | |
82 | <filter-name>CAS Assertion Thread Local Filter</filter-name> | ||
83 | <url-pattern>/*</url-pattern> | ||
84 | </filter-mapping> | ||
13.2 | 85 | ||
9.1 | 86 | <listener> | |
87 | <listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class> | ||
88 | </listener> | ||
2.1 | 89 | {{/code}} | |
13.1 | 90 | ||
91 | (% class="box" %) | ||
92 | ((( | ||
93 | (% class="code" %) | ||
94 | ((( | ||
13.2 | 95 | (% style="color:#008000; font-weight:bold" %)##**<filter>**##(%%) | |
96 | (% style="color:#008000; font-weight:bold" %)##**<filter-name>**##(%%)##CAS Single Sign Out Filter(% style="color:#008000; font-weight:bold" %)**</filter-name>**(%%) | ||
97 | (% style="color:#008000; font-weight:bold" %)**<filter-class>**(%%)org.jasig.cas.client.session.SingleSignOutFilter(% style="color:#008000; font-weight:bold" %)**</filter-class>**(%%) | ||
98 | (% style="color:#008000; font-weight:bold" %)**<init-param>**(%%) | ||
99 | (% style="color:#008000; font-weight:bold" %)**<param-name>**(%%)casServerUrlPrefix(% style="color:#008000; font-weight:bold" %)**</param-name>**(%%) | ||
100 | (% style="color:#008000; font-weight:bold" %)**<param-value>**(%%)https:~/~/www.sso.vsb.cz(% style="color:#008000; font-weight:bold" %)**</param-value>**(%%) | ||
101 | (% style="color:#008000; font-weight:bold" %)**</init-param>**(%%) | ||
13.1 | 102 | (% style="color:#008000; font-weight:bold" %)**</filter>**(%%) | |
103 | \\(% style="color:#008000; font-weight:bold" %)**<filter>**(%%) | ||
13.2 | 104 | (% style="color:#008000; font-weight:bold" %)**<filter-name>**(%%)CAS Authentication Filter(% style="color:#008000; font-weight:bold" %)**</filter-name>**(%%) | |
105 | (% style="color:#008000; font-weight:bold" %)**<filter-class>**(%%)org.jasig.cas.client.authentication.AuthenticationFilter(% style="color:#008000; font-weight:bold" %)**</filter-class>**(%%) | ||
106 | (% style="color:#008000; font-weight:bold" %)**<init-param>**(%%) | ||
107 | (% style="color:#008000; font-weight:bold" %)**<param-name>**(%%)casServerUrlPrefix(% style="color:#008000; font-weight:bold" %)**</param-name>**(%%) | ||
108 | (% style="color:#008000; font-weight:bold" %)**<param-value>**(%%)https:~/~/www.sso.vsb.cz(% style="color:#008000; font-weight:bold" %)**</param-value>**(%%) | ||
109 | (% style="color:#008000; font-weight:bold" %)**</init-param>**(%%) | ||
110 | (% style="color:#008000; font-weight:bold" %)**<init-param>**(%%) | ||
111 | (% style="color:#008000; font-weight:bold" %)**<param-name>**(%%)serverName(% style="color:#008000; font-weight:bold" %)**</param-name>**(%%) | ||
112 | (% style="color:#008000; font-weight:bold" %)**<param-value>**(%%)https:~/~/klient.vsb.cz(% style="color:#008000; font-weight:bold" %)**</param-value>**(%%) | ||
113 | (% style="color:#008000; font-weight:bold" %)**</init-param>**(%%) | ||
13.1 | 114 | (% style="color:#008000; font-weight:bold" %)**</filter>**(%%) | |
13.2 | 115 | ||
13.1 | 116 | (% style="color:#008000; font-weight:bold" %)**<filter>**(%%) | |
13.2 | 117 | (% style="color:#008000; font-weight:bold" %)**<filter-name>**(%%)CAS Validation Filter(% style="color:#008000; font-weight:bold" %)**</filter-name>**(%%) | |
118 | (% style="color:#008000; font-weight:bold" %)**<filter-class>**(%%)org.jasig.cas.client.validation.Cas30ProxyReceivingTicketValidationFilter(% style="color:#008000; font-weight:bold" %)**</filter-class>**(%%) | ||
119 | (% style="color:#008000; font-weight:bold" %)**<init-param>**(%%) | ||
120 | (% style="color:#008000; font-weight:bold" %)**<param-name>**(%%)casServerUrlPrefix(% style="color:#008000; font-weight:bold" %)**</param-name>**(%%) | ||
121 | (% style="color:#008000; font-weight:bold" %)**<param-value>**(%%)https:~/~/www.sso.vsb.cz(% style="color:#008000; font-weight:bold" %)**</param-value>**(%%) | ||
122 | (% style="color:#008000; font-weight:bold" %)**</init-param>**(%%) | ||
123 | (% style="color:#008000; font-weight:bold" %)**<init-param>**(%%) | ||
124 | (% style="color:#008000; font-weight:bold" %)**<param-name>**(%%)serverName(% style="color:#008000; font-weight:bold" %)**</param-name>**(%%) | ||
125 | (% style="color:#008000; font-weight:bold" %)**<param-value>**(%%)https:~/~/klient.vsb.cz(% style="color:#008000; font-weight:bold" %)**</param-value>**(%%) | ||
126 | (% style="color:#008000; font-weight:bold" %)**</init-param>**(%%) | ||
13.1 | 127 | (% style="color:#008000; font-weight:bold" %)**</filter>**(%%) | |
128 | \\(% style="color:#008000; font-weight:bold" %)**<filter>**(%%) | ||
13.2 | 129 | (% style="color:#008000; font-weight:bold" %)**<filter-name>**(%%)CAS HttpServletRequest Wrapper Filter(% style="color:#008000; font-weight:bold" %)**</filter-name>**(%%) | |
130 | (% style="color:#008000; font-weight:bold" %)**<filter-class>**(%%)org.jasig.cas.client.util.HttpServletRequestWrapperFilter(% style="color:#008000; font-weight:bold" %)**</filter-class>**(%%) | ||
13.1 | 131 | (% style="color:#008000; font-weight:bold" %)**</filter>**(%%) | |
132 | \\(% style="color:#008000; font-weight:bold" %)**<filter>**(%%) | ||
13.2 | 133 | (% style="color:#008000; font-weight:bold" %)**<filter-name>**(%%)CAS Assertion Thread Local Filter(% style="color:#008000; font-weight:bold" %)**</filter-name>**(%%) | |
134 | (% style="color:#008000; font-weight:bold" %)**<filter-class>**(%%)org.jasig.cas.client.util.AssertionThreadLocalFilter(% style="color:#008000; font-weight:bold" %)**</filter-class>**(%%) | ||
13.1 | 135 | (% style="color:#008000; font-weight:bold" %)**</filter>**(%%) | |
136 | \\(% style="color:#008000; font-weight:bold" %)**<filter-mapping>**(%%) | ||
13.2 | 137 | (% style="color:#008000; font-weight:bold" %)**<filter-name>**(%%)CAS Single Sign Out Filter(% style="color:#008000; font-weight:bold" %)**</filter-name>**(%%) | |
138 | (% style="color:#008000; font-weight:bold" %)**<url-pattern>**(%%)/*(% style="color:#008000; font-weight:bold" %)**</url-pattern>**(%%) | ||
13.1 | 139 | (% style="color:#008000; font-weight:bold" %)**</filter-mapping>**(%%) | |
140 | \\(% style="color:#008000; font-weight:bold" %)**<filter-mapping>**(%%) | ||
13.2 | 141 | (% style="color:#008000; font-weight:bold" %)**<filter-name>**(%%)CAS Authentication Filter(% style="color:#008000; font-weight:bold" %)**</filter-name>**(%%) | |
142 | (% style="color:#008000; font-weight:bold" %)**<url-pattern>**(%%)/*(% style="color:#008000; font-weight:bold" %)**</url-pattern>**(%%) | ||
13.1 | 143 | (% style="color:#008000; font-weight:bold" %)**</filter-mapping>**(%%) | |
13.2 | 144 | ||
13.1 | 145 | (% style="color:#008000; font-weight:bold" %)**<filter-mapping>**(%%) | |
13.2 | 146 | (% style="color:#008000; font-weight:bold" %)**<filter-name>**(%%)CAS Validation Filter(% style="color:#008000; font-weight:bold" %)**</filter-name>**(%%) | |
147 | (% style="color:#008000; font-weight:bold" %)**<url-pattern>**(%%)/*(% style="color:#008000; font-weight:bold" %)**</url-pattern>**(%%) | ||
13.1 | 148 | (% style="color:#008000; font-weight:bold" %)**</filter-mapping>**(%%) | |
13.2 | 149 | ||
13.1 | 150 | (% style="color:#008000; font-weight:bold" %)**<filter-mapping>**(%%) | |
13.2 | 151 | (% style="color:#008000; font-weight:bold" %)**<filter-name>**(%%)CAS HttpServletRequest Wrapper Filter(% style="color:#008000; font-weight:bold" %)**</filter-name>**(%%) | |
152 | (% style="color:#008000; font-weight:bold" %)**<url-pattern>**(%%)/*(% style="color:#008000; font-weight:bold" %)**</url-pattern>**(%%) | ||
13.1 | 153 | (% style="color:#008000; font-weight:bold" %)**</filter-mapping>**(%%) | |
154 | \\(% style="color:#008000; font-weight:bold" %)**<filter-mapping>**(%%) | ||
13.2 | 155 | (% style="color:#008000; font-weight:bold" %)**<filter-name>**(%%)CAS Assertion Thread Local Filter(% style="color:#008000; font-weight:bold" %)**</filter-name>**(%%) | |
156 | (% style="color:#008000; font-weight:bold" %)**<url-pattern>**(%%)/*(% style="color:#008000; font-weight:bold" %)**</url-pattern>**(%%) | ||
13.1 | 157 | (% style="color:#008000; font-weight:bold" %)**</filter-mapping>**(%%) | |
158 | \\(% style="color:#008000; font-weight:bold" %)**<listener>**(%%) | ||
13.2 | 159 | (% style="color:#008000; font-weight:bold" %)**<listener-class>**(%%)org.jasig.cas.client.session.SingleSignOutHttpSessionListener(% style="color:#008000; font-weight:bold" %)**</listener-class>**(%%) | |
13.1 | 160 | (% style="color:#008000; font-weight:bold" %)**</listener>**(%%)## | |
2.1 | 161 | ))) | |
13.1 | 162 | ))) | |
163 | ))) | ||
7.1 | 164 | 1. Pro odhlášení uživatele z CAS je potřeba přistoupit na url ##https:~/~/www.sso.vsb.cz/logout##.((( | |
2.1 | 165 | Před odhlášením z CAS je vhodné zrušit session v aplikaci klienta (zaleží to však na konkrétním klientu). | |
166 | |||
167 | Pokud po odhlášení z CAS nechceme aby uživatel zůstal na odhlašovací stránce CASu, můžeme k odhlašovací url přidat parametr 'service', který | ||
168 | obsahuje url (nejlépe zakódovanou pomocí URL kódování) na kterou se má po odhlášení přesměrovat. Url musí obsahovat adresu, která je pro službu povolena. | ||
3.1 | 169 | ||
7.1 | 170 | např. ##https:~/~/www.sso.vsb.cz/logout?service=https%3A%2F%2Fklient.vsb.cz## | |
2.1 | 171 | ))) | |
3.1 | 172 | 1. Přihlášenou osobu v aplikaci lze pak jednoduše zjistit pomoci((( | |
8.1 | 173 | {{code language="java"}} | |
13.2 | 174 | request.getRemoteUser(); | |
3.1 | 175 | {{/code}} | |
176 | ))) |