详解spring boot配置单点登录

概述

企业内部一般都有一套单点登录系统（常用的实现有apereo cas），所有的内部系统的登录认证都对接它。本文介绍spring boot的程序如何对接CAS服务。

常用的安全框架有spring security和apache shiro。shiro的配置和使用相对简单，本文使用shrio对接CAS服务。

配置

新增依赖

pom.xml新增：

  1.2.4
 


  
   org.apache.shiro
   shiro-spring
   ${shiro.version}
  
  
   org.apache.shiro
   shiro-ehcache
   ${shiro.version}
  
  
   org.apache.shiro
   shiro-cas
   ${shiro.version}
  

spring boot配置

application.properties

shiro.cas=https://cas.xxx.com # 这是CAS服务的地址
shiro.server=http://127.0.0.1:8080 # 自己应用的地址，测试使用127即可

应用配置

初始化shiro bean，将文件放到任意子包下即可，比如xxx.config，spring boot会自动扫描加载

@Configuration
public class ShiroCasConfiguration {
 private static final String casFilterUrlPattern = "/shiro-cas";

 @Bean
 public FilterRegistrationBean filterRegistrationBean() {
  FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
  filterRegistration.setFilter(new DelegatingFilterProxy("shiroFilter"));
  filterRegistration.addInitParameter("targetFilterLifecycle", "true");
  filterRegistration.setEnabled(true);
  filterRegistration.addUrlPatterns("
 @Bean(name = "casFilter")
 public CasFilter getCasFilter(@Value("${shiro.cas}") String casServerUrlPrefix,
  @Value("${shiro.server}") String shiroServerUrlPrefix) {
  CasFilter casFilter = new CasFilter();
  casFilter.setName("casFilter");
  casFilter.setEnabled(true);
  String loginUrl = casServerUrlPrefix + "/login?service=" + shiroServerUrlPrefix + casFilterUrlPattern;
  casFilter.setFailureUrl(loginUrl);
  return casFilter;
 }

 @Bean(name = "shiroFilter")
 public ShiroFilterFactoryBean getShiroFilterFactoryBean(DefaultWebSecurityManager securityManager,
 CasFilter casFilter,
 @Value("${shiro.cas}") String casServerUrlPrefix,
 @Value("${shiro.server}") String shiroServerUrlPrefix) {
  ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
  shiroFilterFactoryBean.setSecurityManager(securityManager);
  String loginUrl = casServerUrlPrefix + "/login?service=" + shiroServerUrlPrefix + casFilterUrlPattern;
  shiroFilterFactoryBean.setLoginUrl(loginUrl);
  shiroFilterFactoryBean.setSuccessUrl("/");
  Map filters = new HashMap<>();
  filters.put("casFilter", casFilter);
  LogoutFilter logoutFilter = new LogoutFilter();
  logoutFilter.setRedirectUrl(casServerUrlPrefix + "/logout?service=" + shiroServerUrlPrefix);
  filters.put("logout",logoutFilter);
  shiroFilterFactoryBean.setFilters(filters);

  loadShiroFilterChain(shiroFilterFactoryBean);
  return shiroFilterFactoryBean;
 }
}

程序中获取登录的用户名

上述配置完成后，就可以找程序中获取登录用户的名字了

public String getUsername() {
  Subject subject = SecurityUtils.getSubject();
  if (subject == null || subject.getPrincipals() == null) {
   return DEFAULTUSER;
  }
  return (String) subject.getPrincipals().getPrimaryPrincipal();
 }

总结

shiro使用还是比较简单的，使用的时候只需要修改application.properties即可

以上就是本文的全部内容，希望对大家的学习有所帮助，也希望大家多多支持考高分网。