cas4.0單點登錄的配置

package com.rquest.riskmaster.config;


import org.jasig.cas.client.authentication.AuthenticationFilter;
import org.jasig.cas.client.session.SingleSignOutFilter;
import org.jasig.cas.client.session.SingleSignOutHttpSessionListener;
import org.jasig.cas.client.util.AssertionThreadLocalFilter;
import org.jasig.cas.client.util.HttpServletRequestWrapperFilter;
import org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.context.embedded.FilterRegistrationBean;
import org.springframework.boot.context.embedded.ServletListenerRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;


@Configuration
public class CasConfiguration {
private static final Logger logger = LoggerFactory.getLogger(CasConfiguration.class);


/**
     * CAS過濾器
     *
     * @return
     * @author SHANHY
     * @create  2016年1月17日
     */
@Value("${casServerLoginUrl}")    
private String casServerLoginUrl;
@Value("${clientServerName}")    
private String clientServerName;
@Value("${casServerUrlPrefix}")    
private String casServerUrlPrefix;

 private static boolean casEnabled = true; 
   
 
 /** 
  * 用於實現單點登出功能 
  */
 @Bean
 public ServletListenerRegistrationBean<SingleSignOutHttpSessionListener> singleSignOutHttpSessionListener() { 
   ServletListenerRegistrationBean<SingleSignOutHttpSessionListener> listener = new ServletListenerRegistrationBean<>(); 
   listener.setEnabled(casEnabled); 
   listener.setListener(new SingleSignOutHttpSessionListener()); 
   listener.setOrder(1); 
   return listener; 
 } 
 
 /** 
  * 該過濾器用於實現單點登出功能，單點退出配置，一定要放在其他filter之前 
  */
/*  @Bean
 public FilterRegistrationBean logOutFilter() { 
   FilterRegistrationBean filterRegistration = new FilterRegistrationBean(); 
   LogoutFilter logoutFilter = new LogoutFilter(casServerHostLoginUrl ,new SecurityContextLogoutHandler()); 
   filterRegistration.setFilter(logoutFilter); 
   filterRegistration.setEnabled(casEnabled); 
     filterRegistration.addUrlPatterns("/logout"); 
   filterRegistration.addInitParameter("casServerUrlPrefix", casServerUrlPrefix); 
   filterRegistration.addInitParameter("serverName", serverName); 
   filterRegistration.setOrder(2); 
   logger.info("logOutFilter===第二啓動");
   return filterRegistration; 
 } */
 
 /** 
  * 該過濾器用於實現單點登出功能，單點退出配置，一定要放在其他filter之前 
  */
 @Bean
 public FilterRegistrationBean singleSignOutFilter() { 
   FilterRegistrationBean filterRegistration = new FilterRegistrationBean(); 
   filterRegistration.setFilter(new SingleSignOutFilter()); 
   filterRegistration.setEnabled(casEnabled); 
     filterRegistration.addUrlPatterns("/*"); 
     filterRegistration.addUrlPatterns("/logout");
   filterRegistration.setOrder(3); 
   return filterRegistration; 
 } 
 
 
 /** 
  * 該過濾器負責用戶的認證工作 
  * cas.server.login.url=https://rquest.sso.cas:8443/cas/login
  * server.name=http://localhost:8080
  */
 @Bean
 public FilterRegistrationBean authenticationFilter() { 
   FilterRegistrationBean filterRegistration = new FilterRegistrationBean(); 
   filterRegistration.setFilter(new AuthenticationFilter()); 
   filterRegistration.setEnabled(casEnabled); 
     filterRegistration.addUrlPatterns("/*"); 
   //casServerLoginUrl:cas服務的登陸url 
   filterRegistration.addInitParameter("casServerLoginUrl", casServerLoginUrl); 
   //本項目登錄ip+port 
   filterRegistration.addInitParameter("serverName",clientServerName); 
//    filterRegistration.addInitParameter("useSession", "true"); 
   filterRegistration.addInitParameter("redirectAfterValidation","true"); 
   filterRegistration.setOrder(4); 
   return filterRegistration; 
 } 
 
 /** 
  * 該過濾器負責對Ticket的校驗工作 
  */
 @Bean
 public FilterRegistrationBean cas20ProxyReceivingTicketValidationFilter() { 
   FilterRegistrationBean filterRegistration = new FilterRegistrationBean(); 
   Cas20ProxyReceivingTicketValidationFilter cas20ProxyReceivingTicketValidationFilter = new Cas20ProxyReceivingTicketValidationFilter(); 
   //cas20ProxyReceivingTicketValidationFilter.setTicketValidator(cas20ServiceTicketValidator()); 
//    cas20ProxyReceivingTicketValidationFilter.setServerName(serverName); 
   filterRegistration.setFilter(cas20ProxyReceivingTicketValidationFilter); 
   filterRegistration.setEnabled(casEnabled); 
     filterRegistration.addUrlPatterns("/*"); 
   filterRegistration.addInitParameter("casServerUrlPrefix", casServerUrlPrefix); 
   filterRegistration.addInitParameter("serverName",clientServerName); 
   filterRegistration.setOrder(5); 
   return filterRegistration; 
 } 
 
 
 /** 
  * 該過濾器對HttpServletRequest請求包裝， 可通過HttpServletRequest的getRemoteUser()方法獲得登錄用戶的登錄名 
  */
 @Bean
 public FilterRegistrationBean httpServletRequestWrapperFilter() { 
   FilterRegistrationBean filterRegistration = new FilterRegistrationBean(); 
   filterRegistration.setFilter(new HttpServletRequestWrapperFilter()); 
   filterRegistration.setEnabled(true); 
     filterRegistration.addUrlPatterns("/*"); 
   filterRegistration.setOrder(6); 
   return filterRegistration; 
 } 
 
 /** 
  * 該過濾器使得可以通過org.jasig.cas.client.util.AssertionHolder來獲取用戶的登錄名。 
  比如AssertionHolder.getAssertion().getPrincipal().getName()。 
  這個類把Assertion信息放在ThreadLocal變量中，這樣應用程序不在web層也能夠獲取到當前登錄信息 
  */
 @Bean
 public FilterRegistrationBean assertionThreadLocalFilter() { 
   FilterRegistrationBean filterRegistration = new FilterRegistrationBean(); 
   filterRegistration.setFilter(new AssertionThreadLocalFilter()); 
   filterRegistration.setEnabled(true); 
     filterRegistration.addUrlPatterns("/*"); 
   filterRegistration.setOrder(7); 
   return filterRegistration; 
 } 


}