Detailed explanation of spring boot configuration single sign-on case sharing-javaTutorial-php.cn

Home

Java

javaTutorial

Detailed explanation of spring boot configuration single sign-on case sharing

黄舟

Mar 24, 2017 am 10:36 AM

This article mainly introduces the detailed explanation of spring boot configuration single sign-on, commonly used Security FrameworkThere are spring security and apache shiro. The configuration and use of shiro are relatively simple. This article uses shrio to connect CAS services.

Overview

Enterprise. There is generally a single sign-on system internally (a commonly used implementation is apereo cas), and all internal system login authentications are connected to it. This article introduces how the spring boot program connects to CAS services.

Commonly used. The security frameworks include spring security and apache shiro. The configuration and use of shiro are relatively simple. This article uses shrio to connect to the CAS service.

Configuration

##New dependencies.

pom.

xmlNew:

<properties>
  <shiro.version>1.2.4</shiro.version>
 </properties>
<dependencies>
<!--Apache Shiro -->
  <dependency>
   <groupId>org.apache.shiro</groupId>
   <artifactId>shiro-spring</artifactId>
   <version>${shiro.version}</version>
  </dependency>
  <dependency>
   <groupId>org.apache.shiro</groupId>
   <artifactId>shiro-ehcache</artifactId>
   <version>${shiro.version}</version>
  </dependency>
  <dependency>
   <groupId>org.apache.shiro</groupId>
   <artifactId>shiro-cas</artifactId>
   <version>${shiro.version}</version>
  </dependency>
</dependencies>

Copy after login

spring boot configuration

application.properties

shiro.cas=https://cas.xxx.com # 这是CAS服务的地址
shiro.server=http://127.0.0.1:8080 # 自己应用的地址，测试使用127即可

Copy after login

Application configuration

Initialize shiro bean, just put the file under any sub-package, such as xxx.config, spring boot will automatically scan and load

@Configuration
public class ShiroCasConfiguration {
 private static final String casFilterUrlPattern = "/shiro-cas";

 @Bean
 public FilterRegistrationBean filterRegistrationBean() {
  FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
  filterRegistration.setFilter(new DelegatingFilterProxy("shiroFilter"));
  filterRegistration.addInitParameter("targetFilterLifecycle", "true");
  filterRegistration.setEnabled(true);
  filterRegistration.addUrlPatterns("/*");
  return filterRegistration;
 }

 @Bean(name = "lifecycleBeanPostProcessor")
 public LifecycleBeanPostProcessor getLifecycleBeanPostProcessor() {
  return new LifecycleBeanPostProcessor();
 }

 @Bean(name = "securityManager")
 public DefaultWebSecurityManager getDefaultWebSecurityManager(@Value("${shiro.cas}") String casServerUrlPrefix,
                 @Value("${shiro.server}") String shiroServerUrlPrefix) {
  DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
  CasRealm casRealm = new CasRealm();
  casRealm.setDefaultRoles("ROLE_USER");
  casRealm.setCasServerUrlPrefix(casServerUrlPrefix);
  casRealm.setCasService(shiroServerUrlPrefix + casFilterUrlPattern);
  securityManager.setRealm(casRealm);
  securityManager.setCacheManager(new MemoryConstrainedCacheManager());
  securityManager.setSubjectFactory(new CasSubjectFactory());
  return securityManager;
 }

 private void loadShiroFilterChain(ShiroFilterFactoryBean shiroFilterFactoryBean) {
  Map<String, String> filterChainDefinitionMap = new LinkedHashMap<>();

  filterChainDefinitionMap.put(casFilterUrlPattern, "casFilter");
  filterChainDefinitionMap.put("/login", "anon");
  filterChainDefinitionMap.put("/bower_components/**", "anon");//可以将不需要拦截的静态文件目录加进去
  filterChainDefinitionMap.put("/logout","logout");
  filterChainDefinitionMap.put("/**", "authc");
  shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
 }

 /**
  * CAS Filter
  */
 @Bean(name = "casFilter")
 public CasFilter getCasFilter(@Value("${shiro.cas}") String casServerUrlPrefix,
         @Value("${shiro.server}") String shiroServerUrlPrefix) {
  CasFilter casFilter = new CasFilter();
  casFilter.setName("casFilter");
  casFilter.setEnabled(true);
  String loginUrl = casServerUrlPrefix + "/login?service=" + shiroServerUrlPrefix + casFilterUrlPattern;
  casFilter.setFailureUrl(loginUrl);
  return casFilter;
 }

 @Bean(name = "shiroFilter")
 public ShiroFilterFactoryBean getShiroFilterFactoryBean(DefaultWebSecurityManager securityManager,
               CasFilter casFilter,
               @Value("${shiro.cas}") String casServerUrlPrefix,
               @Value("${shiro.server}") String shiroServerUrlPrefix) {
  ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
  shiroFilterFactoryBean.setSecurityManager(securityManager);
  String loginUrl = casServerUrlPrefix + "/login?service=" + shiroServerUrlPrefix + casFilterUrlPattern;
  shiroFilterFactoryBean.setLoginUrl(loginUrl);
  shiroFilterFactoryBean.setSuccessUrl("/");
  Map<String, Filter> filters = new HashMap<>();
  filters.put("casFilter", casFilter);
  LogoutFilter logoutFilter = new LogoutFilter();
  logoutFilter.setRedirectUrl(casServerUrlPrefix + "/logout?service=" + shiroServerUrlPrefix);
  filters.put("logout",logoutFilter);
  shiroFilterFactoryBean.setFilters(filters);

  loadShiroFilterChain(shiroFilterFactoryBean);
  return shiroFilterFactoryBean;
 }
}

Copy after login

Get the login user name in the program

After the above configuration is completed, you can get the login user name in the program

public String getUsername() {
  Subject subject = SecurityUtils.getSubject();
  if (subject == null || subject.getPrincipals() == null) {
   return DEFAULTUSER;
  }
  return (String) subject.getPrincipals().getPrimaryPrincipal();
 }

Copy after login

Summary

Shiro is relatively simple to use. When using it, you only need to modify application.properties

The above is the detailed content of Detailed explanation of spring boot configuration single sign-on case sharing. For more information, please follow other related articles on the PHP Chinese website!

Statement of this Website

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Hot AI Tools

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress images for free

Clothoff.io

AI clothes remover

Video Face Swap

Swap faces in any video effortlessly with our completely free AI face swap tool!

Hot Article

Assassin's Creed Shadows: Seashell Riddle Solution

3 weeks ago By DDD

What's New in Windows 11 KB5054979 & How to Fix Update Issues

2 weeks ago By DDD

Where to find the Crane Control Keycard in Atomfall

3 weeks ago By DDD

Assassin's Creed Shadows - How To Find The Blacksmith And Unlock Weapon And Armour Customisation

4 weeks ago By DDD

Roblox: Dead Rails - How To Complete Every Challenge

3 weeks ago By DDD

Hot Tools

Notepad++7.3.1

Easy-to-use and free code editor

SublimeText3 Chinese version

Chinese version, very easy to use

Zend Studio 13.0.1

Powerful PHP integrated development environment

Dreamweaver CS6

Visual web development tools

SublimeText3 Mac version

God-level code editing software (SublimeText3)

Hot Topics

Where is the login entrance for gmail email?

7577

CakePHP Tutorial

1386

What is the format of the account name of steam

win11 activation key permanent

nyt connections hints and answers

111

Related knowledge

Windows ISO file too large BootCamp error [Fixed] Feb 19, 2024 pm 12:30 PM

If you get the error message "The Windows ISO file is too large" when using BootCampAssistant on a Mac computer, this may be because the ISO file size exceeds the limit supported by BootCampAssistant. The solution to this problem is to use other tools to compress the ISO file size to ensure that it can be processed in BootCamp Assistant. BootCampAssistant is a convenient tool provided by Apple for installing and running Windows operating system on Mac computers. It helps users set up a dual-boot system, allowing them to easily choose to use MacOS or Wind at startup

A new programming paradigm, when Spring Boot meets OpenAI Feb 01, 2024 pm 09:18 PM

In 2023, AI technology has become a hot topic and has a huge impact on various industries, especially in the programming field. People are increasingly aware of the importance of AI technology, and the Spring community is no exception. With the continuous advancement of GenAI (General Artificial Intelligence) technology, it has become crucial and urgent to simplify the creation of applications with AI functions. Against this background, "SpringAI" emerged, aiming to simplify the process of developing AI functional applications, making it simple and intuitive and avoiding unnecessary complexity. Through "SpringAI", developers can more easily build applications with AI functions, making them easier to use and operate.

Use Spring Boot and Spring AI to build generative artificial intelligence applications Apr 28, 2024 am 11:46 AM

As an industry leader, Spring+AI provides leading solutions for various industries through its powerful, flexible API and advanced functions. In this topic, we will delve into the application examples of Spring+AI in various fields. Each case will show how Spring+AI meets specific needs, achieves goals, and extends these LESSONSLEARNED to a wider range of applications. I hope this topic can inspire you to understand and utilize the infinite possibilities of Spring+AI more deeply. The Spring framework has a history of more than 20 years in the field of software development, and it has been 10 years since the Spring Boot 1.0 version was released. Now, no one can dispute that Spring

What are the implementation methods of spring programmatic transactions? Jan 08, 2024 am 10:23 AM

How to implement spring programmatic transactions: 1. Use TransactionTemplate; 2. Use TransactionCallback and TransactionCallbackWithoutResult; 3. Use Transactional annotations; 4. Use TransactionTemplate in combination with @Transactional; 5. Customize the transaction manager.

The differences and connections between Spring Boot and Spring Cloud Jun 22, 2023 pm 06:25 PM

SpringBoot and SpringCloud are both extensions of Spring Framework that help developers build and deploy microservice applications faster, but they each have different purposes and functions. SpringBoot is a framework for quickly building Java applications, allowing developers to create and deploy Spring-based applications faster. It provides a simple, easy-to-understand way to build stand-alone, executable Spring applications

The 7 most commonly used annotations in Spring, the most powerful organization in history! Jul 26, 2023 pm 04:38 PM

With the update and iteration of technology, Java5.0 began to support annotations. As the leading framework in Java, spring has slowly begun to abandon xml configuration since it was updated to version 2.5, and more annotations are used to control the spring framework.

How to set transaction isolation level in Spring Jan 26, 2024 pm 05:38 PM

How to set the transaction isolation level in Spring: 1. Use the @Transactional annotation; 2. Set it in the Spring configuration file; 3. Use PlatformTransactionManager; 4. Set it in the Java configuration class. Detailed introduction: 1. Use the @Transactional annotation, add the @Transactional annotation to the class or method that requires transaction management, and set the isolation level in the attribute; 2. In the Spring configuration file, etc.

How to use PHP to implement efficient and stable SSO single sign-on Oct 15, 2023 pm 02:49 PM

How to use PHP to achieve efficient and stable SSO single sign-on Introduction: With the popularity of Internet applications, users are faced with a large number of registration and login processes. In order to improve user experience and reduce user registration and login intervals, many websites and applications have begun to adopt single sign-on (Single Sign-On, referred to as SSO) technology. This article will introduce how to use PHP to implement efficient and stable SSO single sign-on and provide specific code examples. 1. SSO single sign-on principle SSO single sign-on is an identity authentication solution

See all articles