Wiki source code of CAS Java klient

Version 13.2 by Petr Abrahamczik on 07.02.2019 13:44

Hide last authors
Petr Abrahamczik 13.1 1 V ukázkovém příkladu je popsán základní způsob konfigurace webové aplikace v Javě pomocí [[Java Apereo CAS Client>>https://github.com/apereo/java-cas-client]]. Aplikace je schopna získat přihlášeného uživatele pomocí CAS v3 protokolu.
Petr Abrahamczik 2.1 2
Petr Abrahamczik 13.2 3 1. Do webové aplikace je potřeba přidat knihovny klienta https://mvnrepository.com/artifact/org.jasig.cas.client/cas-client-core buď přímo a nebo pomocí nějakého buildovacího nástroje např. Maven.(((
Petr Abrahamczik 8.1 4 {{code language="xml"}}
Petr Abrahamczik 2.1 5 <dependency>
Petr Abrahamczik 9.1 6 <groupId>org.jasig.cas.client</groupId>
7 <artifactId>cas-client-core</artifactId>
8 <version>3.5.1</version>
Petr Abrahamczik 2.1 9 </dependency>
10 {{/code}}
11 )))
Petr Abrahamczik 13.1 12 1. Nakonfigurovat ##web.xml##. V uvedené konfiguraci je nutné nahradit adresu klienta https://klient.vsb.cz s URL našeho serveru. V mapování filtru ##CAS Authentication Filter## je možné uvést místo ##/*## kontext do chráněné zóny aplikace např.(((
13 /private/*
14
Petr Abrahamczik 9.1 15 {{code language="xml"}}
16 <filter>
17 <filter-name>CAS Single Sign Out Filter</filter-name>
18 <filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>
19 <init-param>
20 <param-name>casServerUrlPrefix</param-name>
21 <param-value>https://www.sso.vsb.cz</param-value>
22 </init-param>
Petr Abrahamczik 13.2 23 </filter>
Petr Abrahamczik 8.1 24
Petr Abrahamczik 9.1 25 <filter>
26 <filter-name>CAS Authentication Filter</filter-name>
27 <filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>
28 <init-param>
29 <param-name>casServerUrlPrefix</param-name>
30 <param-value>https://www.sso.vsb.cz</param-value>
31 </init-param>
32 <init-param>
33 <param-name>serverName</param-name>
34 <param-value>https://klient.vsb.cz</param-value>
35 </init-param>
36 </filter>
Petr Abrahamczik 2.1 37
Petr Abrahamczik 9.1 38 <filter>
39 <filter-name>CAS Validation Filter</filter-name>
40 <filter-class>org.jasig.cas.client.validation.Cas30ProxyReceivingTicketValidationFilter</filter-class>
41 <init-param>
42 <param-name>casServerUrlPrefix</param-name>
43 <param-value>https://www.sso.vsb.cz</param-value>
44 </init-param>
45 <init-param>
46 <param-name>serverName</param-name>
47 <param-value>https://klient.vsb.cz</param-value>
48 </init-param>
49 </filter>
Petr Abrahamczik 13.2 50
Petr Abrahamczik 9.1 51 <filter>
52 <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
53 <filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class>
54 </filter>
55
56 <filter>
57 <filter-name>CAS Assertion Thread Local Filter</filter-name>
58 <filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class>
Petr Abrahamczik 13.2 59 </filter>
60
Petr Abrahamczik 9.1 61 <filter-mapping>
62 <filter-name>CAS Single Sign Out Filter</filter-name>
63 <url-pattern>/*</url-pattern>
64 </filter-mapping>
Petr Abrahamczik 13.2 65
Petr Abrahamczik 9.1 66 <filter-mapping>
67 <filter-name>CAS Authentication Filter</filter-name>
68 <url-pattern>/*</url-pattern>
69 </filter-mapping>
Petr Abrahamczik 2.1 70
Petr Abrahamczik 9.1 71 <filter-mapping>
72 <filter-name>CAS Validation Filter</filter-name>
73 <url-pattern>/*</url-pattern>
74 </filter-mapping>
Petr Abrahamczik 2.1 75
Petr Abrahamczik 9.1 76 <filter-mapping>
77 <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
78 <url-pattern>/*</url-pattern>
79 </filter-mapping>
Petr Abrahamczik 13.2 80
Petr Abrahamczik 9.1 81 <filter-mapping>
82 <filter-name>CAS Assertion Thread Local Filter</filter-name>
83 <url-pattern>/*</url-pattern>
84 </filter-mapping>
Petr Abrahamczik 13.2 85
Petr Abrahamczik 9.1 86 <listener>
87 <listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class>
88 </listener>
Petr Abrahamczik 2.1 89 {{/code}}
Petr Abrahamczik 13.1 90
91 (% class="box" %)
92 (((
93 (% class="code" %)
94 (((
Petr Abrahamczik 13.2 95 (% style="color:#008000; font-weight:bold" %)##**<filter>**##(%%)
96 (% style="color:#008000; font-weight:bold" %)##**<filter-name>**##(%%)##CAS Single Sign Out Filter(% style="color:#008000; font-weight:bold" %)**</filter-name>**(%%)
97 (% style="color:#008000; font-weight:bold" %)**<filter-class>**(%%)org.jasig.cas.client.session.SingleSignOutFilter(% style="color:#008000; font-weight:bold" %)**</filter-class>**(%%)
98 (% style="color:#008000; font-weight:bold" %)**<init-param>**(%%)
99 (% style="color:#008000; font-weight:bold" %)**<param-name>**(%%)casServerUrlPrefix(% style="color:#008000; font-weight:bold" %)**</param-name>**(%%)
100 (% style="color:#008000; font-weight:bold" %)**<param-value>**(%%)https:~/~/www.sso.vsb.cz(% style="color:#008000; font-weight:bold" %)**</param-value>**(%%)
101 (% style="color:#008000; font-weight:bold" %)**</init-param>**(%%)
Petr Abrahamczik 13.1 102 (% style="color:#008000; font-weight:bold" %)**</filter>**(%%)
103 \\(% style="color:#008000; font-weight:bold" %)**<filter>**(%%)
Petr Abrahamczik 13.2 104 (% style="color:#008000; font-weight:bold" %)**<filter-name>**(%%)CAS Authentication Filter(% style="color:#008000; font-weight:bold" %)**</filter-name>**(%%)
105 (% style="color:#008000; font-weight:bold" %)**<filter-class>**(%%)org.jasig.cas.client.authentication.AuthenticationFilter(% style="color:#008000; font-weight:bold" %)**</filter-class>**(%%)
106 (% style="color:#008000; font-weight:bold" %)**<init-param>**(%%)
107 (% style="color:#008000; font-weight:bold" %)**<param-name>**(%%)casServerUrlPrefix(% style="color:#008000; font-weight:bold" %)**</param-name>**(%%)
108 (% style="color:#008000; font-weight:bold" %)**<param-value>**(%%)https:~/~/www.sso.vsb.cz(% style="color:#008000; font-weight:bold" %)**</param-value>**(%%)
109 (% style="color:#008000; font-weight:bold" %)**</init-param>**(%%)
110 (% style="color:#008000; font-weight:bold" %)**<init-param>**(%%)
111 (% style="color:#008000; font-weight:bold" %)**<param-name>**(%%)serverName(% style="color:#008000; font-weight:bold" %)**</param-name>**(%%)
112 (% style="color:#008000; font-weight:bold" %)**<param-value>**(%%)https:~/~/klient.vsb.cz(% style="color:#008000; font-weight:bold" %)**</param-value>**(%%)
113 (% style="color:#008000; font-weight:bold" %)**</init-param>**(%%)
Petr Abrahamczik 13.1 114 (% style="color:#008000; font-weight:bold" %)**</filter>**(%%)
Petr Abrahamczik 13.2 115
Petr Abrahamczik 13.1 116 (% style="color:#008000; font-weight:bold" %)**<filter>**(%%)
Petr Abrahamczik 13.2 117 (% style="color:#008000; font-weight:bold" %)**<filter-name>**(%%)CAS Validation Filter(% style="color:#008000; font-weight:bold" %)**</filter-name>**(%%)
118 (% style="color:#008000; font-weight:bold" %)**<filter-class>**(%%)org.jasig.cas.client.validation.Cas30ProxyReceivingTicketValidationFilter(% style="color:#008000; font-weight:bold" %)**</filter-class>**(%%)
119 (% style="color:#008000; font-weight:bold" %)**<init-param>**(%%)
120 (% style="color:#008000; font-weight:bold" %)**<param-name>**(%%)casServerUrlPrefix(% style="color:#008000; font-weight:bold" %)**</param-name>**(%%)
121 (% style="color:#008000; font-weight:bold" %)**<param-value>**(%%)https:~/~/www.sso.vsb.cz(% style="color:#008000; font-weight:bold" %)**</param-value>**(%%)
122 (% style="color:#008000; font-weight:bold" %)**</init-param>**(%%)
123 (% style="color:#008000; font-weight:bold" %)**<init-param>**(%%)
124 (% style="color:#008000; font-weight:bold" %)**<param-name>**(%%)serverName(% style="color:#008000; font-weight:bold" %)**</param-name>**(%%)
125 (% style="color:#008000; font-weight:bold" %)**<param-value>**(%%)https:~/~/klient.vsb.cz(% style="color:#008000; font-weight:bold" %)**</param-value>**(%%)
126 (% style="color:#008000; font-weight:bold" %)**</init-param>**(%%)
Petr Abrahamczik 13.1 127 (% style="color:#008000; font-weight:bold" %)**</filter>**(%%)
128 \\(% style="color:#008000; font-weight:bold" %)**<filter>**(%%)
Petr Abrahamczik 13.2 129 (% style="color:#008000; font-weight:bold" %)**<filter-name>**(%%)CAS HttpServletRequest Wrapper Filter(% style="color:#008000; font-weight:bold" %)**</filter-name>**(%%)
130 (% style="color:#008000; font-weight:bold" %)**<filter-class>**(%%)org.jasig.cas.client.util.HttpServletRequestWrapperFilter(% style="color:#008000; font-weight:bold" %)**</filter-class>**(%%)
Petr Abrahamczik 13.1 131 (% style="color:#008000; font-weight:bold" %)**</filter>**(%%)
132 \\(% style="color:#008000; font-weight:bold" %)**<filter>**(%%)
Petr Abrahamczik 13.2 133 (% style="color:#008000; font-weight:bold" %)**<filter-name>**(%%)CAS Assertion Thread Local Filter(% style="color:#008000; font-weight:bold" %)**</filter-name>**(%%)
134 (% style="color:#008000; font-weight:bold" %)**<filter-class>**(%%)org.jasig.cas.client.util.AssertionThreadLocalFilter(% style="color:#008000; font-weight:bold" %)**</filter-class>**(%%)
Petr Abrahamczik 13.1 135 (% style="color:#008000; font-weight:bold" %)**</filter>**(%%)
136 \\(% style="color:#008000; font-weight:bold" %)**<filter-mapping>**(%%)
Petr Abrahamczik 13.2 137 (% style="color:#008000; font-weight:bold" %)**<filter-name>**(%%)CAS Single Sign Out Filter(% style="color:#008000; font-weight:bold" %)**</filter-name>**(%%)
138 (% style="color:#008000; font-weight:bold" %)**<url-pattern>**(%%)/*(% style="color:#008000; font-weight:bold" %)**</url-pattern>**(%%)
Petr Abrahamczik 13.1 139 (% style="color:#008000; font-weight:bold" %)**</filter-mapping>**(%%)
140 \\(% style="color:#008000; font-weight:bold" %)**<filter-mapping>**(%%)
Petr Abrahamczik 13.2 141 (% style="color:#008000; font-weight:bold" %)**<filter-name>**(%%)CAS Authentication Filter(% style="color:#008000; font-weight:bold" %)**</filter-name>**(%%)
142 (% style="color:#008000; font-weight:bold" %)**<url-pattern>**(%%)/*(% style="color:#008000; font-weight:bold" %)**</url-pattern>**(%%)
Petr Abrahamczik 13.1 143 (% style="color:#008000; font-weight:bold" %)**</filter-mapping>**(%%)
Petr Abrahamczik 13.2 144
Petr Abrahamczik 13.1 145 (% style="color:#008000; font-weight:bold" %)**<filter-mapping>**(%%)
Petr Abrahamczik 13.2 146 (% style="color:#008000; font-weight:bold" %)**<filter-name>**(%%)CAS Validation Filter(% style="color:#008000; font-weight:bold" %)**</filter-name>**(%%)
147 (% style="color:#008000; font-weight:bold" %)**<url-pattern>**(%%)/*(% style="color:#008000; font-weight:bold" %)**</url-pattern>**(%%)
Petr Abrahamczik 13.1 148 (% style="color:#008000; font-weight:bold" %)**</filter-mapping>**(%%)
Petr Abrahamczik 13.2 149
Petr Abrahamczik 13.1 150 (% style="color:#008000; font-weight:bold" %)**<filter-mapping>**(%%)
Petr Abrahamczik 13.2 151 (% style="color:#008000; font-weight:bold" %)**<filter-name>**(%%)CAS HttpServletRequest Wrapper Filter(% style="color:#008000; font-weight:bold" %)**</filter-name>**(%%)
152 (% style="color:#008000; font-weight:bold" %)**<url-pattern>**(%%)/*(% style="color:#008000; font-weight:bold" %)**</url-pattern>**(%%)
Petr Abrahamczik 13.1 153 (% style="color:#008000; font-weight:bold" %)**</filter-mapping>**(%%)
154 \\(% style="color:#008000; font-weight:bold" %)**<filter-mapping>**(%%)
Petr Abrahamczik 13.2 155 (% style="color:#008000; font-weight:bold" %)**<filter-name>**(%%)CAS Assertion Thread Local Filter(% style="color:#008000; font-weight:bold" %)**</filter-name>**(%%)
156 (% style="color:#008000; font-weight:bold" %)**<url-pattern>**(%%)/*(% style="color:#008000; font-weight:bold" %)**</url-pattern>**(%%)
Petr Abrahamczik 13.1 157 (% style="color:#008000; font-weight:bold" %)**</filter-mapping>**(%%)
158 \\(% style="color:#008000; font-weight:bold" %)**<listener>**(%%)
Petr Abrahamczik 13.2 159 (% style="color:#008000; font-weight:bold" %)**<listener-class>**(%%)org.jasig.cas.client.session.SingleSignOutHttpSessionListener(% style="color:#008000; font-weight:bold" %)**</listener-class>**(%%)
Petr Abrahamczik 13.1 160 (% style="color:#008000; font-weight:bold" %)**</listener>**(%%)##
Petr Abrahamczik 2.1 161 )))
Petr Abrahamczik 13.1 162 )))
163 )))
Petr Abrahamczik 7.1 164 1. Pro odhlášení uživatele z CAS je potřeba přistoupit na url ##https:~/~/www.sso.vsb.cz/logout##.(((
Petr Abrahamczik 2.1 165 Před odhlášením z CAS je vhodné zrušit session v aplikaci klienta (zaleží to však na konkrétním klientu).
166
167 Pokud po odhlášení z CAS nechceme aby uživatel zůstal na odhlašovací stránce CASu, můžeme k odhlašovací url přidat parametr 'service', který
168 obsahuje url (nejlépe zakódovanou pomocí URL kódování) na kterou se má po odhlášení přesměrovat. Url musí obsahovat adresu, která je pro službu povolena.
Petr Abrahamczik 3.1 169
Petr Abrahamczik 7.1 170 např. ##https:~/~/www.sso.vsb.cz/logout?service=https%3A%2F%2Fklient.vsb.cz##
Petr Abrahamczik 2.1 171 )))
Petr Abrahamczik 3.1 172 1. Přihlášenou osobu v aplikaci lze pak jednoduše zjistit pomoci(((
Petr Abrahamczik 8.1 173 {{code language="java"}}
Petr Abrahamczik 13.2 174 request.getRemoteUser();
Petr Abrahamczik 3.1 175 {{/code}}
176 )))