boy1886 2019-02-27 21:35 采纳率: 0%
浏览 485

cas + shiro 的问题 求大神解救~!!

我的项目地址为localhost:8090/admin

cas-server地址为 localhost:8080/cas
登入后localhost:8090/admin后网页出现 localhost 将您重定向的次数过多的提示。
然后浏览器地址栏上面显示

http://localhost:8090/admin/shiro-cas/?ticket=ST-138-v4C4tODiTvNFVmXwNCKz-cas01.example.org

然后我看后台 提示
WHO: kkk
WHAT: ST-136-WIcLSycjM9JasRLpionF-cas01.example.org for http://localhost:8090/admin/shiro-cas/
ACTION: SERVICE_TICKET_CREATED
APPLICATION: CAS
WHEN: Wed Feb 27 21:32:34 CST 2019
CLIENT IP ADDRESS: 0:0:0:0:0:0:0:1

SERVER IP ADDRESS: 0:0:0:0:0:0:0:1

2019-02-27 21:32:34,357 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] -

2019-02-27 21:32:34,357 INFO [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN

WHO: kkk
WHAT: ST-137-1neSWAn4taN2zY4Efgzd-cas01.example.org for http://localhost:8090/admin/shiro-cas/
ACTION: SERVICE_TICKET_CREATED
APPLICATION: CAS
WHEN: Wed Feb 27 21:32:34 CST 2019
CLIENT IP ADDRESS: 0:0:0:0:0:0:0:1

SERVER IP ADDRESS: 0:0:0:0:0:0:0:1

2019-02-27 21:32:34,362 INFO [org.jasig.cas.CentralAuthenticationServiceImpl] -

2019-02-27 21:32:34,362 INFO [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit trail record BEGIN

WHO: kkk
WHAT: ST-138-v4C4tODiTvNFVmXwNCKz-cas01.example.org for http://localhost:8090/admin/shiro-cas/
ACTION: SERVICE_TICKET_CREATED
APPLICATION: CAS
WHEN: Wed Feb 27 21:32:34 CST 2019
CLIENT IP ADDRESS: 0:0:0:0:0:0:0:1

SERVER IP ADDRESS: 0:0:0:0:0:0:0:1

貌似一直在创建票根,好像没有验证,这个怎么解决啊 求大神~!!

以下是我的shiro配置
<?xml version="1.0" encoding="UTF-8"?>
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.2.xsd"
default-lazy-init="true">

<description>Shiro安全配置</description>


<!-- Shiro Filter -->
<bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
    <property name="securityManager" ref="securityManager"/>
    <property name="loginUrl" value="http://localhost:8080/cas/login?service=http://localhost:8090/admin/shiro-cas/"/>
     <property name="successUrl" value="/" />
     <property name="filters">
        <map>
            <!-- 添加casFilter到shiroFilter -->
            <entry key="casFilter" value-ref="casFilter" />
            <entry key="logout" value-ref="logout" />
        </map>
    </property> 
    <property name="filterChainDefinitions">
        <value>
            <!-- 默认可以访问的 或者登陆可以访问的资源 -->
            /shiro-cas=casFilter
            /static/**= anon
            /manage=anon
            /getCode=anon
            /home=anon
            /error/**=anon
            /rest/**=anon
            /ssoReport/**=anon
            /logincheck=anon
            /logout = logout
            <!-- 日志文件查看 -->
            /logs/**=user
            <!-- 过滤条件 -->
            /**=authc
        </value>
    </property>
</bean>

<bean id="casFilter" class="org.apache.shiro.cas.CasFilter">
    <!-- 配置验证错误时的失败页面 ,这里配置为登录页面 -->
    <property name="failureUrl" value="http://localhost:8080/cas/login?service=http://localhost:8090/admin/index/" />
</bean>
<!-- 退出登录过滤器 -->
<bean id="logout" class="org.apache.shiro.web.filter.authc.LogoutFilter">
    <property name="redirectUrl" value="http://localhost:8080/cas/logout?service=http://localhost:8090/admin/index/" />
</bean>



 <bean id="casRealm" class="com.admin.shiro.ShiroDbRealm">
    <!-- <property name="defaultRoles" value="ROLE_USER" /> -->
    <!-- 配置cas服务器地址 -->
    <property name="casServerUrlPrefix" value="http://localhost:8080/cas/" />
    <!-- 客户端的回调地址设置,必须和上面的shiro-cas过滤器casFilter拦截的地址一致 -->
    <property name="casService" value="http://localhost:8090/admin/shiro-cas/" />

    <!-- <property name="credentialsMatcher">
      <bean class="org.apache.shiro.authc.credential.HashedCredentialsMatcher"> 
    <property name="hashAlgorithmName" value="md5"/>
    <property name="hashIterations" value="1"/>
    <property name="storedCredentialsHexEncoded" value="true"/>
    </bean>
</property> -->
</bean>

<bean id="cacheManager" class="org.apache.shiro.cache.ehcache.EhCacheManager">
    <property name="cacheManagerConfigFile" value="classpath:security/ehcache-shiro.xml" />
</bean> 

<bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
    <property name="realm" ref="casRealm" />
    <property name="subjectFactory" ref="casSubjectFactory" />
    <property name="cacheManager" ref="cacheManager" />
    <property name="sessionManager" ref="shiroSessionManager" />
</bean>

<!-- 如果要实现cas的remember me的功能,需要用到下面这个bean,并设置到securityManager的subjectFactory中 -->
<bean id="casSubjectFactory" class="org.apache.shiro.cas.CasSubjectFactory" />

<bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor" />

<bean class="org.springframework.beans.factory.config.MethodInvokingFactoryBean">
    <property name="staticMethod" value="org.apache.shiro.SecurityUtils.setSecurityManager" />
    <property name="arguments" ref="securityManager" />
</bean>
<bean id="sessionDAO"
    class="org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO">
</bean>
<bean id="shiroSessionManager"
    class="org.apache.shiro.web.session.mgt.DefaultWebSessionManager">
    <property name="sessionDAO" ref="sessionDAO" />
    <property name="sessionValidationInterval" value="10800000" />  <!-- 相隔多久检查一次session的有效性 -->
    <property name="globalSessionTimeout" value="10800000" />  <!-- session 有效时间为三个小时 (毫秒单位) -->
    <property name="sessionIdCookie.name" value="jsid" />
</bean>

  • 写回答

1条回答 默认 最新

  • CSDN-Ada助手 CSDN-AI 官方账号 2022-09-21 01:59
    关注
    不知道你这个问题是否已经解决, 如果还没有解决的话:

    如果你已经解决了该问题, 非常希望你能够分享一下解决方案, 写成博客, 将相关链接放在评论区, 以帮助更多的人 ^-^
    评论

报告相同问题?

悬赏问题

  • ¥15 运筹学中在线排序的时间在线排序的在线LPT算法
  • ¥30 求一段fortran代码用IVF编译运行的结果
  • ¥15 深度学习根据CNN网络模型,搭建BP模型并训练MNIST数据集
  • ¥15 lammps拉伸应力应变曲线分析
  • ¥15 C++ 头文件/宏冲突问题解决
  • ¥15 用comsol模拟大气湍流通过底部加热(温度不同)的腔体
  • ¥50 安卓adb backup备份子用户应用数据失败
  • ¥20 有人能用聚类分析帮我分析一下文本内容嘛
  • ¥15 请问Lammps做复合材料拉伸模拟,应力应变曲线问题
  • ¥30 python代码,帮调试,帮帮忙吧