我在cas客户端也就是子系统中写了几个对外使用的servlet接口!但是在我在别的系统调用这些接口时 却被Cas的过滤器给拦截了,跳转到了cas登录的界面!请问怎么样可以设置有些请求路径不需要cas单点登录过滤器拦截!
业务系统web应用在使用单点登录组件时,有些请求路径不需要单点登录过滤器拦截,比如公共开放的路径,不需要认证都可以自由访问的路径,单点登录过滤器配置的映射路径一般以通配符匹配路径,但要把这些路径单独提取出来,让过滤器不拦截做单点登录处理,就需要对原有过滤器进行扩展改造,才能实现这个功能。
扩展实现代码如下:
public class CASFilter implements Filter {
public static enum ResponseType {
BREAK, GOON, RETURN
}
...
public void doFilter(
ServletRequest request,
ServletResponse response,
FilterChain fc){
。。。
CASReceipt receipt = (CASReceipt) session.getAttribute(CAS_FILTER_RECEIPT);
if (receipt != null && isReceiptAcceptable(receipt)) {
log.trace("CAS_FILTER_RECEIPT attribute was present and acceptable - passing request through filter..");
fc.doFilter(request, response);
return;
}else{
responeType = beforeDoSSOFilter(request, response);
if(ResponseType.RETURN==responeType){
return ;
}else if(ResponseType.BREAK==responeType) {
fc.doFilter(request, response);
return;
} //else go on
}
}
//过滤器的前置处理
public ResponseType beforeDoSSOFilter(ServletRequest request,
ServletResponse response) {
return ResponseType.GOON;
}
}
注:主要看原CASFilter 类红字部分扩展代码。
扩展实现类BMCASFilter
package com.sitechasia.sso.bmext;
public class BMCASFilter extends CASFilter {
private final Log log = LogFactory.getLog(this.getClass());
private static String ssoclient_passedPathSet;//设置不被sso过滤器拦截的请求路径,需要符合url路径通配符,多个路径可以","分割
public static final String PASSEDPATHSET_INIT_PARAM="passedPathSet";//web.xml配置文件中的参数
@Override
public void init(FilterConfig config) throws ServletException {
super.init(config);
ssoclient_passedPathSet = SSOClientPropertiesSingleton.getInstance().getProperty(ClientConstants.SSOCLIENT_PASSEDPATHSET)==null?config.getInitParameter(PASSEDPATHSET_INIT_PARAM):SSOClientPropertiesSingleton.getInstance().getProperty(ClientConstants.SSOCLIENT_PASSEDPATHSET);
}
@Override
public ResponseType beforeDoSSOFilter(ServletRequest request,
ServletResponse response) {
if (ssoclient_passedPathSet != null) {//路径过滤
HttpServletRequest httpRequest =(HttpServletRequest)request;
String requestPath = httpRequest.getRequestURI();
// String ls_requestPath = UrlUtils.buildFullRequestUrl(httpRequest.getScheme(), httpRequest.getServerName(), httpRequest.getServerPort(), requestPath, null);
PathMatcher matcher = new AntPathMatcher();
String passedPaths[]=null;
passedPaths =ssoclient_passedPathSet.split(",");
if(passedPaths!=null){
boolean flag;
for (String passedPath : passedPaths) {
flag = matcher.match(passedPath, requestPath);//ls_requestPath
if(flag){
log.info("sso client request path '"+requestPath+"'is matched,filter chain will be continued.");
return ResponseType.BREAK;
}
}
}
}
return ResponseType.GOON;
}
}
web.xml文件中配置修改如下:
<filter>
<description>单点登陆请求过滤器</description>
<filter-name>CASFilter</filter-name>
<filter-class>com.sitechasia.sso.dmext.filter.DMCASFilter</filter-class>
...
<init-param>
<description>排除路径</description>
<param-name>passedPathSet</param-name>
<param-value>
/**/restful/userLogin/findPassword,
/**/restful/userLogin/findIllegalLoginCount,
/**/restful/tenantManager/**,
/**/restful/lock/**,
/**/restful/export/**
</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CASFilter</filter-name>
<url-pattern>/index.jsp</url-pattern>
< /filter-mapping>
。。。
注:红字部分为相应配置内容扩展部分
经过上述这样扩展,配置的排除路径作为请求时,单点登录过滤拦截就会忽略处理,实现了目标功能要求。
扩展实现代码如下:
public class CASFilter implements Filter {
public static enum ResponseType {
BREAK, GOON, RETURN
}
...
public void doFilter(
ServletRequest request,
ServletResponse response,
FilterChain fc){
。。。
CASReceipt receipt = (CASReceipt) session.getAttribute(CAS_FILTER_RECEIPT);
if (receipt != null && isReceiptAcceptable(receipt)) {
log.trace("CAS_FILTER_RECEIPT attribute was present and acceptable - passing request through filter..");
fc.doFilter(request, response);
return;
}else{
responeType = beforeDoSSOFilter(request, response);
if(ResponseType.RETURN==responeType){
return ;
}else if(ResponseType.BREAK==responeType) {
fc.doFilter(request, response);
return;
} //else go on
}
}
//过滤器的前置处理
public ResponseType beforeDoSSOFilter(ServletRequest request,
ServletResponse response) {
return ResponseType.GOON;
}
}
注:主要看原CASFilter 类红字部分扩展代码。
扩展实现类BMCASFilter
package com.sitechasia.sso.bmext;
public class BMCASFilter extends CASFilter {
private final Log log = LogFactory.getLog(this.getClass());
private static String ssoclient_passedPathSet;//设置不被sso过滤器拦截的请求路径,需要符合url路径通配符,多个路径可以","分割
public static final String PASSEDPATHSET_INIT_PARAM="passedPathSet";//web.xml配置文件中的参数
@Override
public void init(FilterConfig config) throws ServletException {
super.init(config);
ssoclient_passedPathSet = SSOClientPropertiesSingleton.getInstance().getProperty(ClientConstants.SSOCLIENT_PASSEDPATHSET)==null?config.getInitParameter(PASSEDPATHSET_INIT_PARAM):SSOClientPropertiesSingleton.getInstance().getProperty(ClientConstants.SSOCLIENT_PASSEDPATHSET);
}
@Override
public ResponseType beforeDoSSOFilter(ServletRequest request,
ServletResponse response) {
if (ssoclient_passedPathSet != null) {//路径过滤
HttpServletRequest httpRequest =(HttpServletRequest)request;
String requestPath = httpRequest.getRequestURI();
// String ls_requestPath = UrlUtils.buildFullRequestUrl(httpRequest.getScheme(), httpRequest.getServerName(), httpRequest.getServerPort(), requestPath, null);
PathMatcher matcher = new AntPathMatcher();
String passedPaths[]=null;
passedPaths =ssoclient_passedPathSet.split(",");
if(passedPaths!=null){
boolean flag;
for (String passedPath : passedPaths) {
flag = matcher.match(passedPath, requestPath);//ls_requestPath
if(flag){
log.info("sso client request path '"+requestPath+"'is matched,filter chain will be continued.");
return ResponseType.BREAK;
}
}
}
}
return ResponseType.GOON;
}
}
web.xml文件中配置修改如下:
<filter>
<description>单点登陆请求过滤器</description>
<filter-name>CASFilter</filter-name>
<filter-class>com.sitechasia.sso.dmext.filter.DMCASFilter</filter-class>
...
<init-param>
<description>排除路径</description>
<param-name>passedPathSet</param-name>
<param-value>
/**/restful/userLogin/findPassword,
/**/restful/userLogin/findIllegalLoginCount,
/**/restful/tenantManager/**,
/**/restful/lock/**,
/**/restful/export/**
</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CASFilter</filter-name>
<url-pattern>/index.jsp</url-pattern>
< /filter-mapping>
。。。
注:红字部分为相应配置内容扩展部分
经过上述这样扩展,配置的排除路径作为请求时,单点登录过滤拦截就会忽略处理,实现了目标功能要求。
温馨提示:答案为网友推荐,仅供参考
第1个回答 2017-08-25
只需要在cas的登录验证过滤器中加一个参数即可,具体怎么操作CSDN的eguid大神已经整理了一篇文章出来:,应该对你有帮助
