koproblem
koproblem
采纳率0%
2015-10-09 15:14 阅读 3.4k

spring mvc+shiro+cas 实现cas client功能 跳转回来404

1

http://securitycenter.com:8080/gtsys/cas?ticket=ST-14-HEDhc1GVQt0UYdiZpi7R-cas

返回这个地址 404
图片说明


<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:context="http://www.springframework.org/schema/context"
    xmlns:tx="http://www.springframework.org/schema/tx" xmlns:task="http://www.springframework.org/schema/task"
    xmlns:aop="http://www.springframework.org/schema/aop"
    xsi:schemaLocation="http://www.springframework.org/schema/beans  
    http://www.springframework.org/schema/beans/spring-beans-4.1.xsd   
    http://www.springframework.org/schema/context   
    http://www.springframework.org/schema/context/spring-context-4.1.xsd  
    http://www.springframework.org/schema/tx
    http://www.springframework.org/schema/tx/spring-tx-4.1.xsd
    http://www.springframework.org/schema/task 
    http://www.springframework.org/schema/task/spring-task-4.1.xsd     
    http://www.springframework.org/schema/aop 
     http://www.springframework.org/schema/aop/spring-aop-4.1.xsd"
     > 


<!-- 定时器开关 开始 -->
    <task:annotation-driven />
    <!-- 标注类型 的事务配置 如果使用注解事务。就放开
    <tx:annotation-driven />-->

    <!-- 统一异常处理方式 -->
    <bean id="exceptionHandler" class="com.lanyuan.exception.MyExceptionHandler"/>
    <!-- 初始化数据 -->

<bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer" >
       <property name ="locations">
           <list>
            <value>classpath:jdbc.properties</value>
           </list>
       </property>
       <property name="ignoreUnresolvablePlaceholders" value="true" />
</bean>
<bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource">
        <property name="url" value="${jdbc.url}" />
        <property name="username" value="${jdbc.username}" />
        <property name="password" value="${jdbc.password}" />
        <property name="driverClassName" value="${jdbc.driverClass}" />
    </bean>

    <bean id="pagePlugin" class="com.lanyuan.plugin.PagePlugin">
        <property name="properties">
            <props>
                <prop key="dialect">mysql</prop>
                <prop key="pageSqlId">.*query.*</prop>
            </props>
        </property>
    </bean>
    <bean id="sqlSessionFactory" class="org.mybatis.spring.SqlSessionFactoryBean">
        <property name="dataSource" ref="dataSource" />
        <!-- 自动匹配Mapper映射文件 -->
        <property name="mapperLocations" value="classpath:mappings/*-mapper.xml"/>
        <property name="typeAliasesPackage" value="com.lanyuan.entity"/>
        <property name="plugins">
            <array>
                <ref bean="pagePlugin" />
            </array>
        </property>
    </bean>
    <!-- 通过扫描的模式,扫描目录在com.lanyuan.mapper目录下,所有的mapper都继承SqlMapper接口的接口, 这样一个bean就可以了 -->
    <bean class="org.mybatis.spring.mapper.MapperScannerConfigurer">
        <property name="basePackage" value="com.lanyuan.mapper" />
    </bean>
    <!-- 事务配置 -->
    <bean id="transactionManager"
        class="org.springframework.jdbc.datasource.DataSourceTransactionManager">
        <property name="dataSource" ref="dataSource" />
    </bean>
    <!-- <aop:config>
        <aop:pointcut
            expression="execution(public * com.lanyuan.controller.*(..))"
            id="pointcut" />
        <aop:advisor advice-ref="txAdvice" pointcut-ref="pointcut" />
    </aop:config>
    <tx:advice id="txAdvice" transaction-manager="transactionManager">
        <tx:attributes>
            <tx:method name="query*" propagation="REQUIRED" read-only="true" />
            <tx:method name="find*" propagation="REQUIRED" read-only="true" />
            <tx:method name="save*" propagation="REQUIRED" />
            <tx:method name="delete*" propagation="REQUIRED" />
            <tx:method name="add*" propagation="REQUIRED" />
            <tx:method name="modify*" propagation="REQUIRED" />
            <tx:method name="logicDelById" propagation="REQUIRED" />
        </tx:attributes>
    </tx:advice> -->
    <!-- <aop:aspectj-autoproxy proxy-target-class="true"/> 
     <bean id="log4jHandlerAOP" class="com.lanyuan.logAop.LogAopAction"></bean> 
        <aop:config proxy-target-class="true">
            <aop:aspect id="logAspect" ref="log4jHandlerAOP"> 
            <aop:pointcut id="logPointCut" expression="execution(* org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(..))" /> 
            <aop:around method="logAll" pointcut-ref="logPointCut" /> </aop:aspect> 
        </aop:config> -->
    <!-- 使用Spring组件扫描的方式来实现自动注入bean -->
    <context:component-scan base-package="com.lanyuan.task" />
    <!-- 隐式地向 Spring 容器注册 -->
    <context:annotation-config />
</beans>
spring-application.xml

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:context="http://www.springframework.org/schema/context"
    xmlns:mvc="http://www.springframework.org/schema/mvc" xmlns:tx="http://www.springframework.org/schema/tx"
    xmlns:aop="http://www.springframework.org/schema/aop"
    xsi:schemaLocation="http://www.springframework.org/schema/beans
        http://www.springframework.org/schema/beans/spring-beans.xsd
        http://www.springframework.org/schema/context
        http://www.springframework.org/schema/context/spring-context.xsd
    http://www.springframework.org/schema/tx
    http://www.springframework.org/schema/tx/spring-tx-4.1.xsd
        http://www.springframework.org/schema/mvc 
        http://www.springframework.org/schema/mvc/spring-mvc.xsd   
    http://www.springframework.org/schema/aop 
     http://www.springframework.org/schema/aop/spring-aop-4.1.xsd"
    >
    <tx:annotation-driven />
    <context:component-scan base-package="com.lanyuan.controller" />
    <context:component-scan base-package="com.lanyuan.logAop" />
    <!-- 启动对@AspectJ注解的支持 -->
    <!--通知spring使用cglib而不是jdk的来生成代理方法 AOP可以拦截到Controller-->  
<aop:aspectj-autoproxy proxy-target-class="true"/>
    <!-- 注解支持 -->  
<context:annotation-config/> 
    <!--避免IE执行AJAX时,返回JSON出现下载文件 -->
    <bean id="mappingJackson2HttpMessageConverter"
        class="org.springframework.http.converter.json.MappingJackson2HttpMessageConverter">
        <property name="supportedMediaTypes">
            <list>
                <value>text/html;charset=UTF-8</value>
                <value>text/json;charset=UTF-8</value>
                <value>application/json;charset=UTF-8</value>
            </list>
        </property>
    </bean>
    <!-- 采用SpringMVC自带的JSON转换工具,支持@ResponseBody注解 -->
    <bean
        class="org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter">
        <property name="messageConverters">
            <list>
                <ref bean="mappingJackson2HttpMessageConverter" />    <!-- JSON转换器 -->
            </list>
        </property>
    </bean>
    <!-- 对模型视图名称的解析,即在模型视图名称添加前后缀 -->
    <bean
        class="org.springframework.web.servlet.view.InternalResourceViewResolver">
        <property name="viewClass"
            value="org.springframework.web.servlet.view.JstlView" />
        <property name="prefix" value="/"></property>
        <property name="suffix" value=".jsp"></property>
    </bean>
    <mvc:annotation-driven>
        <!-- 处理responseBody 里面日期类型 -->
        <mvc:message-converters>
            <bean
                class="org.springframework.http.converter.json.MappingJackson2HttpMessageConverter">
                <property name="objectMapper">
                    <bean class="com.fasterxml.jackson.databind.ObjectMapper">
                        <property name="dateFormat">
                            <bean class="java.text.SimpleDateFormat">
                                <constructor-arg type="java.lang.String" value="yyyy-MM-dd HH:mm:ss" />
                            </bean>
                        </property>
                    </bean>
                </property>
            </bean>
        </mvc:message-converters>
    </mvc:annotation-driven>
    <!-- 配置文件上传,如果没有使用文件上传可以不用配置,当然如果不配,那么配置文件中也不必引入上传组件包 -->
    <bean id="multipartResolver"
        class="org.springframework.web.multipart.commons.CommonsMultipartResolver">
        <!-- 默认编码 -->
        <property name="defaultEncoding" value="utf-8" />
        <!-- 文件大小最大值 -->
        <property name="maxUploadSize" value="10485760000" />
        <!-- 内存中的最大值 -->
        <property name="maxInMemorySize" value="40960" />
    </bean>
    <import resource="spring-mvc-shiro.xml"/>
</beans>
spring-mvc.xml

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:context="http://www.springframework.org/schema/context"
    xmlns:util="http://www.springframework.org/schema/util"
    xsi:schemaLocation="http://www.springframework.org/schema/beans  
    http://www.springframework.org/schema/beans/spring-beans-3.0.xsd   
    http://www.springframework.org/schema/context   
    http://www.springframework.org/schema/context/spring-context-3.0.xsd
        http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd"
    >

    <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer" >
       <property name ="locations">
           <list>
            <value>classpath:jdbc.properties</value>
           </list>
       </property>
       <property name="ignoreUnresolvablePlaceholders" value="true" />
</bean>



    <bean id="credentialsMatcher"
        class="com.lanyuan.shiro.credentials.RetryLimitHashedCredentialsMatcher">
        <!-- hashAlgorithmName必须的,没有默认值。可以有MD5或者SHA-1,如果对密码安全有更高要求可以用SHA-256或者更高。
        这里使用MD5 storedCredentialsHexEncoded默认是true,此时用的是密码加密用的是Hex编码;false时用Base64编码 
        hashIterations迭代次数,默认值是1。 -->
        <constructor-arg ref="cacheManager" />
        <property name="hashAlgorithmName" value="md5" />
        <!--<property name="hashIterations" value="2" />-->
        <!--<property name="storedCredentialsHexEncoded" value="true" />-->

    </bean>

     <!-- 会话Cookie模板 -->
    <bean id="sessionIdCookie" class="org.apache.shiro.web.servlet.SimpleCookie">
    <!-- sid如果改为JSESSIONID会导致重定向循环 -->
        <constructor-arg value="sid"/>
        <property name="httpOnly" value="true"/>
        <property name="maxAge" value="-1"/>
    </bean>

       <bean id="rememberMeCookie" class="org.apache.shiro.web.servlet.SimpleCookie">
        <constructor-arg value="rememberMe"/>
        <property name="httpOnly" value="true"/>
        <property name="maxAge" value="2592000"/><!-- 30天 -->
    </bean>
       <!-- rememberMe管理器 -->
    <bean id="rememberMeManager" class="org.apache.shiro.web.mgt.CookieRememberMeManager">
        <!-- rememberMe cookie加密的密钥 建议每个项目都不一样 默认AES算法 密钥长度(128 256 512 位)-->
        <property name="cipherKey"
                  value="#{T(org.apache.shiro.codec.Base64).decode('4AvVhmFLUs0KTA3Kprsdag==')}"/>
        <property name="cookie" ref="rememberMeCookie"/>
    </bean>

     <bean id="casSubjectFactory" class="org.apache.shiro.cas.CasSubjectFactory"/>
    <!-- 凭证匹配器 -->
    <bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
        <property name="realm" ref="casRealm" />
        <property name="sessionManager" ref="sessionManager"/>
        <!-- 使用下面配置的缓存管理器 -->
        <property name="cacheManager" ref="cacheManager" />
        <property name="rememberMeManager" ref="rememberMeManager"/>
        <property name="subjectFactory" ref="casSubjectFactory"/>
    </bean>

        <!-- 相当于调用SecurityUtils.setSecurityManager(securityManager) -->
    <bean class="org.springframework.beans.factory.config.MethodInvokingFactoryBean">
        <property name="staticMethod" value="org.apache.shiro.SecurityUtils.setSecurityManager"/>
        <property name="arguments" ref="securityManager"/>
    </bean>


    <!--自定义Realm -->

    <!-- 
    <bean id="myRealm" class="com.lanyuan.shiro.MyRealm">
        <property name="credentialsMatcher" ref="credentialsMatcher" />
        <property name="cachingEnabled" value="false" />  -->
        <!-- 如需要自定义缓存时间放开以下.修改 ehcache.xml-->
         <!--<property name="authenticationCachingEnabled" value="true"/>-->
        <!--<property name="authenticationCacheName" value="authenticationCache"/>-->
        <!--<property name="authorizationCachingEnabled" value="true"/>-->
        <!--<property name="authorizationCacheName" value="authorizationCache"/>-->
<!--    </bean> -->

    <!-- <property name="userService" ref="userService"/> -->
     <bean id="casRealm" class="com.lanyuan.shiro.MyCasRealm">
        <property name="cachingEnabled" value="true"/>
        <property name="authenticationCachingEnabled" value="true"/>
        <property name="authenticationCacheName" value="authenticationCache"/>
        <property name="authorizationCachingEnabled" value="true"/>
        <property name="authorizationCacheName" value="authorizationCache"/>
        <!--该地址为cas server地址 -->
        <property name="casServerUrlPrefix" value="${shiro.casServer.url}"/>
       <!-- 该地址为是当前应用 CAS 服务 URL,即用于接收并处理登录成功后的 Ticket 的,
        必须和loginUrl中的service参数保持一致,否则服务器会判断service不匹配-->  
        <property name="casService" value="${shiro.client.cas}"/>
    </bean>


     <bean id="sysUserFilter" class="com.lanyuan.shiro.filter.SysUserFilter"/>


     <bean id="kickoutSessionControlFilter" class="com.lanyuan.shiro.filter.KickoutSessionControlFilter">
        <property name="cacheManager" ref="cacheManager"/>
        <property name="sessionManager" ref="sessionManager"/>

        <property name="kickoutAfter" value="false"/>
        <property name="maxSession" value="1"/>
        <property name="kickoutUrl" value="/login.shtml"/>
    </bean>

      <bean id="casFilter" class="org.apache.shiro.cas.CasFilter">
        <!--配置验证错误时的失败页面(Ticket 校验不通过时展示的错误页面) -->
        <property name="failureUrl" value="${shiro.failureUrl}"/>
    </bean>
    <bean id="casLogoutFilter" class="io.github.howiefh.cas.session.CasLogoutFilter">
        <property name="sessionManager" ref="sessionManager"/>
    </bean>
    <bean id="logoutFilter" class="org.apache.shiro.web.filter.authc.LogoutFilter">
        <property name="redirectUrl" value="${shiro.logout.url}"/>
    </bean>


    <!-- 配置shiro的过滤器工厂类,id- shiroFilter要和我们在web.xml中配置的过滤器一致 -->
    <bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
        <property name="securityManager" ref="securityManager" />
        <!-- 
        <property name="loginUrl" value="/login.shtml" />
        <property name="successUrl" value="/index.shtml" />
         -->
          <property name="loginUrl" value="${shiro.login.url}"/>
        <property name="successUrl" value="${shiro.login.success.url}"/>
        <property name="unauthorizedUrl" value="/denied.jsp" />
        <!-- 自定义权限配置 -->

        <property name="filterChainDefinitionMap" ref="chainDefinitionSectionMetaSource" />
        <property name="filters">
            <util:map>
                <entry key="cas" value-ref="casFilter"/>
                <entry key="logout" value-ref="logoutFilter" />
                <entry key="casLogout" value-ref="casLogoutFilter" />

                <entry key="sysUser" value-ref="sysUserFilter"/>
                <entry key="kickout" value-ref="kickoutSessionControlFilter"/>

            </util:map>
        </property>

    </bean>
    <!--自定义filterChainDefinitionMap -->
      <bean id="chainDefinitionSectionMetaSource" class="com.lanyuan.shiro.ChainDefinitionSectionMetaSource">
        <property name="filterChainDefinitions">
            <value>
            /casFailure.jsp = anon
            /cas = casLogout,cas
            /logout = logout


            /favicon.ico = anon
            /admin_files/** = anon
            /fonts/** = anon
            /404/** = anon
            /error.jsp = anon
            /js/** = anon
            /layer-v1.9.2/** = anon
            /notebook/** = anon
            /login.shtml = anon
            /denied.jsp = anon
            /install.shtml = anon
            /lanyuan.shtml = anon

            /** = casLogout,user
            </value>
        </property>
</bean>

    <bean id="sessionIdGenerator" class="org.apache.shiro.session.mgt.eis.JavaUuidSessionIdGenerator"/>

     <!-- 会话DAO -->
    <bean id="sessionDAO" class="org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO">
        <property name="activeSessionsCacheName" value="shiro-activeSessionCache"/>
        <property name="sessionIdGenerator" ref="sessionIdGenerator"/>
    </bean>

    <!-- 会话验证调度器 -->
     <!-- 全局的会话信息检测扫描信息间隔30分钟-->
    <bean id="sessionValidationScheduler" class="org.apache.shiro.session.mgt.quartz.QuartzSessionValidationScheduler">
        <property name="sessionValidationInterval" value="1800000"/>
        <property name="sessionManager" ref="sessionManager"/>
    </bean>

     <!-- 会话管理器 -->
      <!-- 全局的会话信息设置成30分钟,sessionValidationSchedulerEnabled参数就是是否开启扫描  -->
    <bean id="sessionManager" class="org.apache.shiro.web.session.mgt.DefaultWebSessionManager">
        <property name="globalSessionTimeout" value="1800000"/>
        <property name="deleteInvalidSessions" value="true"/>
        <property name="sessionValidationSchedulerEnabled" value="true"/>
        <property name="sessionValidationScheduler" ref="sessionValidationScheduler"/>
        <property name="sessionDAO" ref="sessionDAO"/>
        <property name="sessionIdCookieEnabled" value="true"/>
        <property name="sessionIdCookie" ref="sessionIdCookie"/>
    </bean>


    <!--shiro缓存管理器 -->
    <bean id="cacheManager" class="com.lanyuan.shiro.spring.SpringCacheManagerWrapper" >
    <property name="cacheManager" ref="springCacheManager"/>
    </bean>

     <bean id="springCacheManager" class="org.springframework.cache.ehcache.EhCacheCacheManager">
        <property name="cacheManager" ref="ehcacheManager"/>
    </bean>

    <!--ehcache-->
    <bean id="ehcacheManager" class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean">
        <property name="configLocation" value="classpath:ehcache.xml"/>
    </bean>

    <bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor" />
</beans>
spring-shiro.xml

<web-app
        xmlns="http://java.sun.com/xml/ns/javaee"
        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
        xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
        version="3.0"
        metadata-complete="false">

<display-name>gtsys</display-name>
 <!-- 单点登出 -->
 <!--  
  <listener>
    <listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class>
  </listener>
  <filter>
    <filter-name>CAS Single Sign Out Filter</filter-name>
    <filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>
  </filter>
  <filter-mapping>
    <filter-name>CAS Single Sign Out Filter</filter-name>
    <url-pattern>/*</url-pattern>
  </filter-mapping>
  -->



  <context-param>
    <param-name>contextConfigLocation</param-name>
    <param-value>classpath:spring-shiro.xml,classpath:spring-application.xml</param-value>
  </context-param>
  <listener>
    <listener-class>
            org.springframework.web.context.ContextLoaderListener
        </listener-class>
  </listener>


  <listener> 
    <listener-class>  
                org.springframework.web.context.request.RequestContextListener  
            </listener-class>
  </listener>



   <filter>
    <filter-name>shiroFilter</filter-name>
    <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
    <async-supported>true</async-supported>
        <init-param>
            <param-name>targetFilterLifecycle</param-name>
            <param-value>true</param-value>
        </init-param>
  </filter>
  <filter-mapping>
    <filter-name>shiroFilter</filter-name>
    <url-pattern>/*</url-pattern>
  </filter-mapping>




  <servlet>
    <servlet-name>springmvc</servlet-name>
    <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
    <init-param>
      <param-name>contextConfigLocation</param-name>
      <param-value>classpath:spring-mvc.xml</param-value>
    </init-param>
    <load-on-startup>1</load-on-startup>
  </servlet>
  <servlet-mapping>
    <servlet-name>springmvc</servlet-name>
    <url-pattern>*.shtml</url-pattern>
  </servlet-mapping>





  <filter>
    <filter-name>encoding</filter-name>
    <filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>
    <init-param>
      <param-name>encoding</param-name>
      <param-value>UTF-8</param-value>
    </init-param>
  </filter>
  <filter-mapping>
    <filter-name>encoding</filter-name>
    <url-pattern>/*</url-pattern>
  </filter-mapping>


  <!--   <servlet-mapping>
    <servlet-name>default</servlet-name>
    <url-pattern>*.html</url-pattern>
  </servlet-mapping> -->
  <servlet-mapping>
    <servlet-name>jsp</servlet-name>
    <url-pattern>*.html</url-pattern>
</servlet-mapping>
  <servlet-mapping>
    <servlet-name>default</servlet-name>
    <url-pattern>*.eot</url-pattern>
  </servlet-mapping>
  <servlet-mapping>
    <servlet-name>default</servlet-name>
    <url-pattern>*.ttf</url-pattern>
  </servlet-mapping>
  <servlet-mapping>
    <servlet-name>default</servlet-name>
    <url-pattern>*.css</url-pattern>
  </servlet-mapping>
  <servlet-mapping>
    <servlet-name>default</servlet-name>
    <url-pattern>*.xml</url-pattern>
  </servlet-mapping>
  <servlet-mapping>
    <servlet-name>default</servlet-name>
    <url-pattern>*.swf</url-pattern>
  </servlet-mapping>
  <servlet-mapping>
    <servlet-name>default</servlet-name>
    <url-pattern>*.zip</url-pattern>
  </servlet-mapping>
  <servlet-mapping>
    <servlet-name>default</servlet-name>
    <url-pattern>*.gif</url-pattern>
  </servlet-mapping>
  <servlet-mapping>
    <servlet-name>default</servlet-name>
    <url-pattern>*.jpg</url-pattern>
  </servlet-mapping>
  <servlet-mapping>
    <servlet-name>default</servlet-name>
    <url-pattern>*.png</url-pattern>
  </servlet-mapping>
  <servlet-mapping>
    <servlet-name>default</servlet-name>
    <url-pattern>*.js</url-pattern>
  </servlet-mapping>

  <servlet-mapping>
    <servlet-name>default</servlet-name>
    <url-pattern>*.woff</url-pattern>
  </servlet-mapping>
  <welcome-file-list>
    <welcome-file>login.shtml</welcome-file>
  </welcome-file-list>
</web-app>
web.xml

## shiro
shiro.session.timeout=1800000
shiro.session.validate.timespan=1800000
# cas\u767B\u5F55URL
shiro.login.url=https://localhost:8443/cas-server/login?service=http://securitycenter.com:8080/gtsys/cas
# cas logout
shiro.logout.url=https://localhost:8443/cas-server/logout?service=http://securitycenter.com:8080/gtsys
# cas\u767B\u5F55\u6210\u529F\u8DF3\u8F6CURL
shiro.login.success.url=http://securitycenter.com:8080/gtsys/index.shtml
# cas\u670D\u52A1\u5668URL
shiro.casServer.url=https://localhost:8443/cas-server
# \u5BA2\u6237\u7AEFCAS\u767B\u5F55URL
shiro.client.cas=http://securitycenter.com:8080/gtsys/cas
# \u5BA2\u6237\u7AEFCAS\u9A8C\u8BC1\u5931\u8D25\u8DF3\u8F6CURL
shiro.failureUrl=/casFailure.jsp

## dataSource
dataSource.driver=com.mysql.jdbc.Driver
dataSource.url=jdbc:mysql://localhost:3306/test?useUnicode=true&characterEncoding=utf-8
dataSource.username=root
dataSource.password=1234

properties文件

<?xml version="1.0" encoding="UTF-8"?>
<ehcache xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"  
         xsi:noNamespaceSchemaLocation="ehcache.xsd"  
         updateCheck="true" monitoring="autodetect"  
         dynamicConfig="true">  
    <diskStore path="java.io.tmpdir"/>
<!-- <diskStore>==========当内存缓存中对象数量超过maxElementsInMemory时,将缓存对象写到磁盘缓存中(需对象实现序列化接口)  
    * <diskStore path="">==用来配置磁盘缓存使用的物理路径,Ehcache磁盘缓存使用的文件后缀名是*.data和*.index  
    * name=================缓存名称,cache的唯一标识(ehcache会把这个cache放到HashMap里)  
    * maxElementsOnDisk====磁盘缓存中最多可以存放的元素数量,0表示无穷大  
    * maxElementsInMemory==内存缓存中最多可以存放的元素数量,若放入Cache中的元素超过这个数值,则有以下两种情况  
    *                      1)若overflowToDisk=true,则会将Cache中多出的元素放入磁盘文件中  
    *                      2)若overflowToDisk=false,则根据memoryStoreEvictionPolicy策略替换Cache中原有的元素  
    * eternal==============缓存中对象是否永久有效,即是否永驻内存,true时将忽略timeToIdleSeconds和timeToLiveSeconds  
    * timeToIdleSeconds====缓存数据在失效前的允许闲置时间(单位:秒),仅当eternal=false时使用,默认值是0表示可闲置时间无穷大,此为可选属性  
    *                      即访问这个cache中元素的最大间隔时间,若超过这个时间没有访问此Cache中的某个元素,那么此元素将被从Cache中清除  
    * timeToLiveSeconds====缓存数据在失效前的允许存活时间(单位:秒),仅当eternal=false时使用,默认值是0表示可存活时间无穷大  
    *                      即Cache中的某元素从创建到清楚的生存时间,也就是说从创建开始计时,当超过这个时间时,此元素将从Cache中清除  
    * overflowToDisk=======内存不足时,是否启用磁盘缓存(即内存中对象数量达到maxElementsInMemory时,Ehcache会将对象写到磁盘中)  
    *                      会根据标签中path值查找对应的属性值,写入磁盘的文件会放在path文件夹下,文件的名称是cache的名称,后缀名是data  
    * diskPersistent=======是否持久化磁盘缓存,当这个属性的值为true时,系统在初始化时会在磁盘中查找文件名为cache名称,后缀名为index的文件  
    *                      这个文件中存放了已经持久化在磁盘中的cache的index,找到后会把cache加载到内存  
    *                      要想把cache真正持久化到磁盘,写程序时注意执行net.sf.ehcache.Cache.put(Element element)后要调用flush()方法  
    * diskExpiryThreadIntervalSeconds==磁盘缓存的清理线程运行间隔,默认是120秒  
    * diskSpoolBufferSizeMB============设置DiskStore(磁盘缓存)的缓存区大小,默认是30MB  
    * memoryStoreEvictionPolicy========内存存储与释放策略,即达到maxElementsInMemory限制时,Ehcache会根据指定策略清理内存  
    *                                  共有三种策略,分别为LRU(最近最少使用)、LFU(最常用的)、FIFO(先进先出) -->

  <!-- 注意,以下缓存是永久有效,是系统初始化数据到缓存中,如果不需要永久有效,请另写,或在 -->
    <cache name="cache"  
           maxEntriesLocalHeap="10000"  
           maxEntriesLocalDisk="1000"  
           eternal="true"  
           diskSpoolBufferSizeMB="20"  
           timeToIdleSeconds="0"  
           timeToLiveSeconds="0"  
           memoryStoreEvictionPolicy="LFU"  
           transactionalMode="off">  
    </cache>  


    <!-- 登录记录缓存 锁定10分钟 -->
    <cache name="passwordRetryCache"
           maxEntriesLocalHeap="2000"
           eternal="false"
           timeToIdleSeconds="600"
           timeToLiveSeconds="0"
           overflowToDisk="false"
           statistics="true">
    </cache>
<!-- 
    <cache name="authorizationCache"
           maxEntriesLocalHeap="2000"
           eternal="false"
           timeToIdleSeconds="3600"
           timeToLiveSeconds="0"
           overflowToDisk="false"
           statistics="true">
    </cache>

    <cache name="authenticationCache"
           maxEntriesLocalHeap="2000"
           eternal="false"
           timeToIdleSeconds="3600"
           timeToLiveSeconds="0"
           overflowToDisk="false"
           statistics="true">
    </cache>
-->
    <cache name="shiro-activeSessionCache"
           maxEntriesLocalHeap="2000"
           eternal="false"
           timeToIdleSeconds="3600"
           timeToLiveSeconds="0"
           overflowToDisk="false"
           statistics="true">
    </cache> 
<cache name="shiro-kickout-session"
           maxEntriesLocalHeap="2000"
           eternal="false"
           timeToIdleSeconds="3600"
           timeToLiveSeconds="0"
           overflowToDisk="false"
           statistics="true">
    </cache>
</ehcache>
ehcache.xml


package com.lanyuan.shiro;

//import com.github.zhangkaitao.shiro.chapter15.service.UserService;
import java.util.List;


import javax.inject.Inject;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.cas.CasRealm;
import org.apache.shiro.subject.PrincipalCollection;

import com.lanyuan.entity.ResFormMap;
import com.lanyuan.mapper.ResourcesMapper;
import com.lanyuan.mapper.UserMapper;

/**
 * <p>User: Zhang Kaitao
 * <p>Date: 14-2-13
 * <p>Version: 1.0
 */
public class MyCasRealm extends CasRealm {

//    private UserService userService;
//
//    public void setUserService(UserService userService) {
//        this.userService = userService;
//    }

    @Inject
    private ResourcesMapper resourcesMapper;

    @Inject
    private UserMapper userMapper;


    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
        String username = (String)principals.getPrimaryPrincipal();
       // PathMatchingFilterChainResolver
        SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
        //authorizationInfo.setRoles(userService.findRoles(username));
       // authorizationInfo.setStringPermissions(userService.findPermissions(username));
        String userId = SecurityUtils.getSubject().getSession().getAttribute("userSessionId").toString();
        List<ResFormMap> rs = resourcesMapper.findUserResourcess(userId);
        for (ResFormMap resources : rs) {
            authorizationInfo.addStringPermission(resources.get("resKey").toString());
        }
        return authorizationInfo;
    }
}
MyCasRealm.java

 <?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:util="http://www.springframework.org/schema/util"
       xmlns:aop="http://www.springframework.org/schema/aop"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xsi:schemaLocation="
       http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
       http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd
       http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop.xsd">

    <aop:config proxy-target-class="true"></aop:config>
    <bean class="org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor">
        <property name="securityManager" ref="securityManager"/>
    </bean>

</beans>

spring-mvc-shiro.xml

这个是更改 网上的蓝缘系统的
cas server 和cas client参考的 http://howiefh.github.io/2015/05/19/shiro-cas-single-sign-on/?utm_source=tuicool

不知道为什么会返回404

  • 点赞
  • 写回答
  • 关注问题
  • 收藏
  • 复制链接分享

1条回答 默认 最新

  • qq_37721412 wbzhongsy 2020-06-01 15:28

    建议重写 onLoginSuccess方法 /**
    * If login has been successful, redirect user to the original protected url.
    *
    * @param token the token representing the current authentication
    * @param subject the current authenticated subjet
    * @param request the incoming request
    * @param response the outgoing response
    * @throws Exception if there is an error processing the request.
    */
    @Override
    protected boolean onLoginSuccess(AuthenticationToken token, Subject subject, ServletRequest request,
    ServletResponse response) throws Exception {
    String successUrl = null;
    boolean contextRelative = true;
    SavedRequest savedRequest = WebUtils.getSavedRequest(request);
    if (savedRequest != null && savedRequest.getMethod().equalsIgnoreCase(AccessControlFilter.GET_METHOD)) {
    successUrl = savedRequest.getRequestUrl();
    }

        if (successUrl == null) {
            successUrl =  getSuccessUrl();
        }
    
        if (successUrl == null) {
            throw new IllegalStateException("Success URL not available via saved request or via the " +
                    "successUrlFallback method parameter. One of these must be non-null for " +
                    "issueSuccessRedirect() to work.");
        }
    
        WebUtils.issueRedirect(request, response, successUrl, null, contextRelative);
        return false;
    }
    
    点赞 评论 复制链接分享

相关推荐