package com.bofeng.shiro.config;
import io.buji.pac4j.filter.CallbackFilter;
import io.buji.pac4j.filter.SecurityFilter;
import io.buji.pac4j.subject.Pac4jSubjectFactory;
import org.apache.shiro.mgt.SubjectFactory;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.spring.web.config.AbstractShiroWebFilterConfiguration;
import org.apache.shiro.spring.web.config.DefaultShiroFilterChainDefinition;
import org.apache.shiro.spring.web.config.ShiroFilterChainDefinition;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.jasig.cas.client.session.SingleSignOutFilter;
import org.jasig.cas.client.session.SingleSignOutHttpSessionListener;
import org.pac4j.cas.client.CasClient;
import org.pac4j.cas.client.rest.CasRestFormClient;
import org.pac4j.cas.config.CasConfiguration;
import org.pac4j.cas.config.CasProtocol;
import org.pac4j.core.client.Clients;
import org.pac4j.core.config.Config;
import org.pac4j.core.matching.PathMatcher;
import org.pac4j.http.client.direct.ParameterClient;
import org.pac4j.jwt.config.encryption.SecretEncryptionConfiguration;
import org.pac4j.jwt.config.signature.SecretSignatureConfiguration;
import org.pac4j.jwt.credentials.authenticator.JwtAuthenticator;
import org.pac4j.jwt.profile.JwtGenerator;
import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.boot.web.servlet.ServletListenerRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.DependsOn;
import org.springframework.core.Ordered;
import org.springframework.core.annotation.Order;
import org.springframework.web.filter.DelegatingFilterProxy;
import javax.servlet.Filter;
import java.util.HashMap;
import java.util.Map;
@Configuration
public class ShiroConfiguration extends AbstractShiroWebFilterConfiguration {
@Value("#{ @environment['cas.prefixUrl'] ?: null }")
private String prefixUrl;
@Value("#{ @environment['cas.loginUrl'] ?: null }")
private String casLoginUrl;
@Value("#{ @environment['cas.callbackUrl'] ?: null }")
private String callbackUrl;
//jwt秘钥
@Value("${jwt.salt}")
private String salt;
/**
* JWT Token 生成器,对CommonProfile生成然后每次携带token访问
*
* @return
*/
@SuppressWarnings("rawtypes")
@Bean
protected JwtGenerator jwtGenerator() {
return new JwtGenerator(new SecretSignatureConfiguration(salt), new SecretEncryptionConfiguration(salt));
}
@Bean
protected JwtAuthenticator jwtAuthenticator() {
JwtAuthenticator jwtAuthenticator = new JwtAuthenticator();
jwtAuthenticator.addSignatureConfiguration(new SecretSignatureConfiguration(salt));
jwtAuthenticator.addEncryptionConfiguration(new SecretEncryptionConfiguration(salt));
return jwtAuthenticator;
}
/**
* cas的基本设置,包括或url等等,rest调用协议等
*
* @return
*/
@Bean
public CasConfiguration casConfiguration() {
CasConfiguration casConfiguration = new CasConfiguration(casLoginUrl);
casConfiguration.setProtocol(CasProtocol.CAS20);
casConfiguration.setPrefixUrl(prefixUrl);
return casConfiguration;
}
/**
* 不拦截的路径
*
* @return
*/
@Bean
public PathMatcher pathMatcher() {
PathMatcher pathMatcher = new PathMatcher();
pathMatcher.excludePath("/html/**");
return pathMatcher;
}
/**
* pac4jRealm
*
* @return
*/
@Bean(name = "pac4jRealm")
public Realm pac4jRealm() {
return new ShiroPac4jRealm();
}
/**
* 通过rest接口可以获取tgt,获取service ticket,甚至可以获取CasProfile
*
* @return
*/
@Bean
protected CasRestFormClient casRestFormClient(CasConfiguration casConfiguration) {
CasRestFormClient casRestFormClient = new CasRestFormClient();
casRestFormClient.setConfiguration(casConfiguration);
casRestFormClient.setName("rest");
return casRestFormClient;
}
/**
* casClient
*
* @return
*/
@Bean
public CasClient casClient(CasConfiguration casConfiguration) {
CasClient casClient = new CasClient();
casClient.setConfiguration(casConfiguration);
casClient.setCallbackUrl(callbackUrl);
casClient.setName("cas");
return casClient;
}
/**
* token校验相关
*
* @return
*/
@Bean
protected Clients clients(CasClient casClient, CasRestFormClient casRestFormClient) {
//可以设置默认client
Clients clients = new Clients();
//token校验器,可以用HeaderClient更安全
ParameterClient parameterClient = new ParameterClient("token", jwtAuthenticator());
parameterClient.setSupportGetRequest(true);
parameterClient.setName("jwt");
//支持的client全部设置进去
clients.setClients(casClient, casRestFormClient, parameterClient);
return clients;
}
@Bean
protected Config casConfig(Clients clients) {
Config config = new Config();
config.setClients(clients);
return config;
}
/**
* 由于cas代理了用户,所以必须通过cas进行创建对象
*
* @return
*/
@Bean(name = "subjectFactory")
protected SubjectFactory subjectFactory() {
return new Pac4jSubjectFactory();
}
/**
* 单点登出的listener
*
* @return
*/
@SuppressWarnings({"rawtypes", "unchecked"})
@Bean
public ServletListenerRegistrationBean<?> singleSignOutHttpSessionListener() {
ServletListenerRegistrationBean bean = new ServletListenerRegistrationBean();
bean.setListener(new SingleSignOutHttpSessionListener());
bean.setEnabled(true);
return bean;
}
/**
* 单点登出filter
*
* @return
*/
@Bean
@Order(Ordered.HIGHEST_PRECEDENCE)
public FilterRegistrationBean singleSignOutFilter() {
FilterRegistrationBean bean = new FilterRegistrationBean();
bean.setName("singleSignOutFilter");
SingleSignOutFilter singleSignOutFilter = new SingleSignOutFilter();
singleSignOutFilter.setCasServerUrlPrefix(prefixUrl);
singleSignOutFilter.setIgnoreInitConfiguration(true);
bean.setFilter(singleSignOutFilter);
bean.addUrlPatterns("/*");
bean.setEnabled(true);
return bean;
}
@Bean(name = "securityManager")
public DefaultWebSecurityManager securityManager(Realm pac4jRealm, SubjectFactory subjectFactory) {
DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager();
defaultWebSecurityManager.setRealm(pac4jRealm);
defaultWebSecurityManager.setSubjectFactory(subjectFactory);
return defaultWebSecurityManager;
}
@Bean
public FilterRegistrationBean filterRegistrationBean() {
FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean();
filterRegistrationBean.setFilter(new DelegatingFilterProxy("shiroFilter"));
filterRegistrationBean.addInitParameter("targetFilterLifecycle", "true");
filterRegistrationBean.setEnabled(true);
filterRegistrationBean.addUrlPatterns("/*");
return filterRegistrationBean;
}
没有合适的资源?快使用搜索试试~ 我知道了~
springboot+cas5.x+shiro+pac4j实现sso集成
共788个文件
jar:288个
xml:232个
html:88个
5星 · 超过95%的资源 需积分: 50 244 下载量 185 浏览量
2018-05-18
11:11:56
上传
评论 11
收藏 91.45MB ZIP 举报
温馨提示
springboot+cas5.x+shiro+pac4j实现sso集成,请先看我的博客,如果有问题再下载此源码学习,
资源推荐
资源详情
资源评论
收起资源包目录
springboot+cas5.x+shiro+pac4j实现sso集成 (788个子文件)
PropertiesLauncher.class 18KB
CasEmbeddedContainerTomcatConfiguration.class 12KB
JarFile.class 12KB
JarFileEntries.class 11KB
Handler.class 10KB
JarURLConnection.class 9KB
JarFileArchive.class 7KB
CentralDirectoryFileHeader.class 5KB
ExplodedArchive.class 5KB
SystemPropertyUtils.class 5KB
LaunchedURLClassLoader.class 5KB
CentralDirectoryParser.class 4KB
Launcher.class 4KB
AsciiBytes.class 4KB
ExplodedArchive$FileEntryIterator.class 4KB
JarURLConnection$JarEntryName.class 4KB
RandomAccessDataFile$DataInputStream.class 3KB
JarEntry.class 3KB
RandomAccessDataFile.class 3KB
ExecutableArchiveLauncher.class 3KB
CentralDirectoryEndRecord.class 3KB
CasEmbeddedContainerTomcatConfiguration$1.class 3KB
LaunchedURLClassLoader$1.class 2KB
Bytes.class 2KB
JarFile$1.class 2KB
JarFileEntries$EntryIterator.class 2KB
PropertiesLauncher$PrefixMatchingArchiveFilter.class 2KB
RandomAccessDataFile$FilePool.class 2KB
JarFileArchive$EntryIterator.class 2KB
WarLauncher.class 2KB
ZipInflaterInputStream.class 2KB
JarFileEntries$1.class 2KB
JarLauncher.class 1KB
ByteArrayRandomAccessData.class 1KB
MainMethodRunner.class 1KB
PropertiesLauncher$ArchiveEntryFilter.class 1KB
ExplodedArchive$FileEntryIterator$EntryComparator.class 1KB
JarFile$3.class 1KB
PropertiesLauncher$1.class 1KB
RandomAccessData$ResourceAccess.class 1KB
JarFile$JarFileType.class 1KB
JarFile$2.class 1KB
CasTomcatBanner.class 1KB
ExecutableArchiveLauncher$1.class 1KB
ExplodedArchive$FileEntry.class 1KB
JarFileArchive$JarFileEntry.class 1KB
Archive.class 906B
JarURLConnection$1.class 672B
RandomAccessData.class 551B
CentralDirectoryVisitor.class 430B
Archive$EntryFilter.class 399B
FileHeader.class 306B
Archive$Entry.class 302B
ExplodedArchive$1.class 273B
JarEntryFilter.class 262B
cas.css 55KB
admin.css 53KB
cas.css 47KB
ssosessions.css 7KB
consentReview.css 4KB
loggingDashboard.css 1KB
trustedDevices.css 279B
authnEvents.css 274B
spring.factories 130B
spring.factories 99B
error.gif 1KB
info.gif 980B
confirm.gif 958B
green.gif 43B
red.gif 43B
cas.groovy 798B
viewDashboard.html 11KB
viewStatistics.html 9KB
viewSsoSessions.html 8KB
casConsentView.html 8KB
casConsentReviewView.html 7KB
attrresolution.html 7KB
viewLoggingConfig.html 5KB
loginform.html 5KB
viewConfig.html 4KB
casPropagateLogoutView.html 3KB
pwdupdateform.html 2KB
casInterruptView.html 2KB
confirm.html 2KB
layout.html 2KB
loginProviders.html 2KB
viewAuthenticationEvents.html 2KB
serviceui.html 2KB
viewTrustedDevices.html 2KB
layout.html 2KB
casResetPasswordSendInstructionsView.html 2KB
casU2fRegistrationView.html 2KB
casU2fLoginView.html 2KB
casAzureAuthenticatorLoginView.html 2KB
cas-resources-list.html 2KB
casPac4jStopWebflow.html 2KB
casLoginMessageView.html 2KB
casSwivelLoginView.html 2KB
casYubiKeyLoginView.html 2KB
casGoogleAuthenticatorRegistrationView.html 2KB
共 788 条
- 1
- 2
- 3
- 4
- 5
- 6
- 8
四道街硬汉
- 粉丝: 58
- 资源: 8
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功
- 1
- 2
- 3
- 4
前往页