一、服务端修改
deployerConfigContext.xml
<!--注释掉原有的-->
<!--<bean id="attributeRepository" class="org.jasig.services.persondir.support.StubPersonAttributeDao"
p:backingMap-ref="attrRepoBackingMap" />
<util:map id="attrRepoBackingMap">
<entry key="uid" value="uid" />
<entry key="eduPersonAffiliation" value="eduPersonAffiliation" />
<entry key="groupMembership" value="groupMembership" />
</util:map>-->
这是我们新建的
<bean id="attributeRepository" class="com.mac.sso.authentication.UserStubPersonAttributeDao"/>
UserStubPersonAttributeDao
package com.mac.sso.authentication;
import com.mac.sso.bean.UserInfo;
import com.mac.sso.service.UserInfoService;
import org.jasig.services.persondir.IPersonAttributes;
import org.jasig.services.persondir.support.AttributeNamedPersonImpl;
import org.jasig.services.persondir.support.StubPersonAttributeDao;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
/**
* @author: byy
* @date : 2017年12月5日 下午2:55:48
* @Description:自定义的返回给客户端相关信息
*/
@Component(value = "attributeRepository")
public class UserStubPersonAttributeDao extends StubPersonAttributeDao {
@Autowired
private UserInfoService userInfoService;
public IPersonAttributes getPerson(String uid) {
Map<String, List<Object>> attributes = new HashMap<String, List<Object>>();
try {
UserInfo userInfo=userInfoService.findByUsername(uid);
//新增一个真实姓名
attributes.put("realname", Collections.singletonList((Object)URLEncoder.encode(userInfo.getRealname()!=null?userInfo.getRealname():"", "UTF-8")));
//可新增更多信息,注意汉字传输和获取都需要转码
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
}
return new AttributeNamedPersonImpl(attributes);
}
}
casServiceValidationSuccess.jsp
<%@ page session="false" contentType="application/xml; charset=UTF-8" %>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<%@ taglib uri="http://java.sun.com/jsp/jstl/functions" prefix="fn" %>
<cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
<cas:authenticationSuccess>
<cas:user>${fn:escapeXml(assertion.primaryAuthentication.principal.id)}</cas:user>
<c:if test="${not empty pgtIou}">
<cas:proxyGrantingTicket>${pgtIou}</cas:proxyGrantingTicket>
</c:if>
<c:if test="${fn:length(assertion.chainedAuthentications) > 1}">
<cas:proxies>
<c:forEach var="proxy" items="${assertion.chainedAuthentications}" varStatus="loopStatus" begin="0" end="${fn:length(assertion.chainedAuthentications)-2}" step="1">
<cas:proxy>${fn:escapeXml(proxy.principal.id)}</cas:proxy>
</c:forEach>
</cas:proxies>
</c:if>
<%--新增部分如下:CASServer验证成功后,该页面负责生成与客户端交互的XML信息,默认的casServiceValidationSuccess.jsp中只包括用户名,并不提供其他的属性信息,因此需要对该页面进行扩展--%>
<c:if test="${fn:length(assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.attributes) > 0}">
<cas:attributes>
<c:forEach var="attr" items="${assertion.chainedAuthentications[fn:length(assertion.chainedAuthentications)-1].principal.attributes}">
<cas:${fn:escapeXml(attr.key)}>${fn:escapeXml(attr.value)}</cas:${fn:escapeXml(attr.key)}>
</c:forEach>
</cas:attributes>
</c:if>
</cas:authenticationSuccess>
</cas:serviceResponse>
二、客户端修改
CasFilter
package com.cas.test.casdemo.filter;
import com.cas.test.casdemo.bean.User;
import org.jasig.cas.client.authentication.AttributePrincipal;
import org.springframework.core.annotation.Order;
import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.util.Map;
/**
* Created by admin on 2019/6/10.
* 单点获取用户信息后自定义业务实现
*/
@Order(6)
//单点配置拦截顺序6
@WebFilter(filterName = "casFilter", urlPatterns = "*.do")
public class CasFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse,FilterChain filterChain) throws IOException, ServletException {
HttpServletRequest request= (HttpServletRequest) servletRequest;
HttpSession session = request.getSession();
User user = session.getAttribute("USER")==null?null:(User)session.getAttribute("USER") ;
if(user==null){
AttributePrincipal principal = (AttributePrincipal)request.getUserPrincipal();
String username = principal.getName();
Map<String, Object> maps=principal.getAttributes();
//获取真实姓名
String realName=maps.get("realname")!=null?maps.get("realname").toString():"佚名";
user=new User();
user.setLoginName(username);
user.setRealName(realName);
session.setAttribute("USER",user);
}
filterChain.doFilter(servletRequest,servletResponse);
}
@Override
public void destroy() {
}
}
效果演示