CAS解决单点登录SSO
- - CSDN博客推荐文章关于CAS很多的原理和基础的配置启动,网上是很多的,我更多是结合我的实践和心得. 需要了解CAS的原理,认证协议,认证流程,可以参考以下文章. 让CAS支持客户端自定义登陆页面——客户端篇. CAS原理与配置-基于CAS的单点登陆的研究(上). 单点登录(SSO)是企业开发的重要问题,在我的毕设项目中,由于要和系统其他开发模块共用用户认证模块,方便共享用户资源,所以需要一个好的SSO解决方案.
自己动手写SSO(单点登录)
标签:
sso
单点登录
| 发表时间:2014-03-02 23:01 | 作者:
出处:http://www.iteye.com
SSO在我们的应用中非常常见,例如我们在OA系统登录了,我们就可以直接进入采购系统,不需要再登录了,这样使我们非常方便。现在网上也有很多实现方法,于是乎我也想写一个看看。我主要用到的是cookie的机制。在此,分享给大家, 同时提供源代码下载。
进入主题:
工程说明
SSO的实现一般是会有一个SSO Server,也会叫认证中心,同时也会有被认证的系统,如OA系统、采购系统等,他们就相当于SSO Server的client。
为了更形象体现SSO,我写的SSO是有三个工程:一个SSO Server端口为8081,一个OA系统端口为8082,一个采购系统端口为8083。如图:
流程介绍
在整个SSO流程当,有两个流程非常重要,第一个是用户没有登录系统到登录系统的过程;第二是用户在一个系统当中已经登录(例如在OA系统中登录 了),但又想进入另一个系统(例如进入PRO系统)的过程,如果把这两个过程搞定了,那么SSO也就搞定了。我画了两幅图来说明这两个过程。
先看用户没有登录系统到登录系统的过程,如图:
1:用户通过URL访问OA系统。
2:在OA系统中的filter发现这个URL没有ticket(你暂且就把ticket看做是门票),此时就会跳转到SSO Server。
3:SSO Server中的filter发现该客户端中的cookie中没有相应信息,也即是一个没有登录的用户,那么会跳转到登录页面。
4:用户在登录页面填写相应信息,然后通过post方式提交到SSO Server中。
5:SSO Server会校验用户信息(我为了快,我的校验方式就是要用户名为:cloud,同时密码为:cloud),同时在cookie中放username。
6:将生成ticket和username放到JVMCache中,在实际项目应该放到Memcached中,它的用处等下分析。
7,8:就是在用户访问OA系统的URL基础上加上了一个ticket参数,这样跳转到OA系统。
(此时进入OA系统时,filter发现URL是带ticket的,则filter会根据带过来的ticket并通过HttpClient的形式去调用SSO Server中的TicektServlet,这样就会返回用户名,其实这个用户名就是从JVMCache拿到的,同时马上将这个ticket从JVMCache中移除,这样保证一个ticket只会用一次,然后把返回的用户名放到session中)
9:session中有了用户名,说明用户登录成功了,则会去本应该返问的servlet。
10,11:将OA系统返回的视图给用户。
第二过程,用户已经登录成功了,但要访问另一个系统,如图:
1:用户通过URL访问PRO系统。
2:在PRO系统中的filter发现这个URL没有ticket,此时就会跳转到SSO Server。此时,由于用户登录了,所以cookie中有相应的信息(例如用户名),此时SSO Server中的filter会生成一个ticket。
3:将生成的ticket和username放到JVMCache中。
4:就是在用户访问PRO系统的URL基础上加上了一个ticket参数,这样跳转到PRO系统。
(此时进入PRO系统时,filter发现URL是带ticket的,则filter会根据带过来的ticket并通过HttpClient的形式去调用SSO Server中的TicektServlet,这样就会返回用户名,其实这个用户名就是从JVMCache拿到的,同时马上将这个ticket从JVMCache中移除,这样保证一个ticket只会用一次,然后把返回的用户名放到session中)
5:session中有了用户名,说明用户登录成功了,则会去本应该返问的servlet。
5,7:将PRO系统返回的视图给用户。
关键代码
先看SSO Server工程中的代码:
pom.xml
(注意:端口为8081)
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>com.cloud.sso.server</groupId>
<artifactId>sso-server</artifactId>
<packaging>war</packaging>
<version>0.0.1-SNAPSHOT</version>
<name>sso-server Maven Webapp</name>
<url>http://maven.apache.org</url>
<dependencies>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>servlet-api</artifactId>
<version>2.5</version>
<scope>provided</scope>
</dependency>
</dependencies>
<build>
<finalName>sso-server</finalName>
<plugins>
<plugin>
<groupId>org.mortbay.jetty</groupId>
<artifactId>jetty-maven-plugin</artifactId>
<version>8.1.9.v20130131</version>
<configuration>
<stopKey>stop</stopKey>
<stopPort>6000</stopPort>
<webAppConfig>
<contextPath>/sso</contextPath>
</webAppConfig>
<scanIntervalSeconds>4</scanIntervalSeconds>
<connectors>
<connector implementation="org.eclipse.jetty.server.nio.SelectChannelConnector">
<port>8081</port>
<maxIdleTime>60000</maxIdleTime>
</connector>
</connectors>
</configuration>
</plugin>
</plugins>
</build>
</project>
SSO Server中的filter
SSOServerFilter.java
package com.cloud.sso.server.filter;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import com.cloud.sso.server.JVMCache;
public class SSOServerFilter implements Filter {
@Override
public void destroy() {
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) servletRequest;
HttpServletResponse response = (HttpServletResponse) servletResponse;
String service = request.getParameter("service");
String ticket = request.getParameter("ticket");
Cookie[] cookies = request.getCookies();
String username = "";
if (null != cookies) {
for (Cookie cookie : cookies) {
if ("sso".equals(cookie.getName())) {
username = cookie.getValue();
break;
}
}
}
if (null == service && null != ticket) {
filterChain.doFilter(servletRequest, servletResponse);
return;
}
if (null != username && !"".equals(username)) {
long time = System.currentTimeMillis();
String timeString = username + time;
JVMCache.TICKET_AND_NAME.put(timeString, username);
StringBuilder url = new StringBuilder();
url.append(service);
if (0 <= service.indexOf("?")) {
url.append("&");
} else {
url.append("?");
}
url.append("ticket=").append(timeString);
response.sendRedirect(url.toString());
} else {
filterChain.doFilter(servletRequest, servletResponse);
}
}
@Override
public void init(FilterConfig arg0) throws ServletException {
}
}
两个servlet:
LoginServlet.java
package com.cloud.sso.server.servlet;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import com.cloud.sso.server.JVMCache;
public class LoginServlet extends HttpServlet {
private static final long serialVersionUID = -3170191388656385924L;
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
this.doPost(request, response);
}
@Override
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
String username = request.getParameter("username");
String password = request.getParameter("password");
String service = request.getParameter("service");
if ("cloud".equals(username) && "cloud".equals(password)) {
Cookie cookie = new Cookie("sso", username);
cookie.setPath("/");
response.addCookie(cookie);
long time = System.currentTimeMillis();
String timeString = username + time;
JVMCache.TICKET_AND_NAME.put(timeString, username);
if (null != service) {
StringBuilder url = new StringBuilder();
url.append(service);
if (0 <= service.indexOf("?")) {
url.append("&");
} else {
url.append("?");
}
url.append("ticket=").append(timeString);
response.sendRedirect(url.toString());
} else {
response.sendRedirect("/sso/index.jsp");
}
} else {
response.sendRedirect("/sso/index.jsp?service=" + service);
}
}
}
TicketServlet.java
package com.cloud.sso.server.servlet;
import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import com.cloud.sso.server.JVMCache;
public class TicketServlet extends HttpServlet {
private static final long serialVersionUID = 5964206637772848290L;
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
super.doGet(request, response);
}
@Override
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
String ticket = request.getParameter("ticket");
String username = JVMCache.TICKET_AND_NAME.get(ticket);
JVMCache.TICKET_AND_NAME.remove(ticket);
PrintWriter writer = response.getWriter();
writer.write(username);
}
}
JVMCache.java
package com.cloud.sso.server;
import java.util.HashMap;
import java.util.Map;
public class JVMCache {
public static Map<String, String> TICKET_AND_NAME = new HashMap<String, String>();
}
web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:jsp="http://java.sun.com/xml/ns/javaee/jsp" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID" version="2.5">
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
<filter>
<filter-name>ssoServerFilter</filter-name>
<filter-class>com.cloud.sso.server.filter.SSOServerFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>ssoServerFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<servlet>
<servlet-name>login</servlet-name>
<servlet-class>com.cloud.sso.server.servlet.LoginServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>login</servlet-name>
<url-pattern>/user/login</url-pattern>
</servlet-mapping>
<servlet>
<servlet-name>ticket</servlet-name>
<servlet-class>com.cloud.sso.server.servlet.TicketServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>ticket</servlet-name>
<url-pattern>/ticket</url-pattern>
</servlet-mapping>
</web-app>
下面是OA系统中的代码:
pom.xml
(注意:端口为8082)
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>com.cloud.sso.oa</groupId>
<artifactId>sso-oa</artifactId>
<packaging>war</packaging>
<version>0.0.1-SNAPSHOT</version>
<name>sso-oa Maven Webapp</name>
<url>http://maven.apache.org</url>
<dependencies>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>servlet-api</artifactId>
<version>2.5</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>commons-httpclient</groupId>
<artifactId>commons-httpclient</artifactId>
<version>3.1</version>
</dependency>
</dependencies>
<build>
<finalName>sso-oa</finalName>
<plugins>
<plugin>
<groupId>org.mortbay.jetty</groupId>
<artifactId>jetty-maven-plugin</artifactId>
<version>8.1.9.v20130131</version>
<configuration>
<stopKey>stop</stopKey>
<stopPort>6000</stopPort>
<webAppConfig>
<contextPath>/oa</contextPath>
</webAppConfig>
<scanIntervalSeconds>4</scanIntervalSeconds>
<connectors>
<connector implementation="org.eclipse.jetty.server.nio.SelectChannelConnector">
<port>8082</port>
<maxIdleTime>60000</maxIdleTime>
</connector>
</connectors>
</configuration>
</plugin>
</plugins>
</build>
</project>
OA系统中的filter:
SSOClientFilter.java
package com.cloud.sso.oa.filter;
import java.io.IOException;
import java.net.URLEncoder;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.httpclient.HttpClient;
import org.apache.commons.httpclient.methods.PostMethod;
public class SSOClientFilter implements Filter {
@Override
public void destroy() {
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) servletRequest;
HttpServletResponse response = (HttpServletResponse) servletResponse;
HttpSession session = request.getSession();
String username = (String) session.getAttribute("username");
String ticket = request.getParameter("ticket");
String url = URLEncoder.encode(request.getRequestURL().toString(), "UTF-8");
if (null == username) {
if (null != ticket && !"".equals(ticket)) {
PostMethod postMethod = new PostMethod("http://localhost:8081/sso/ticket");
postMethod.addParameter("ticket", ticket);
HttpClient httpClient = new HttpClient();
try {
httpClient.executeMethod(postMethod);
username = postMethod.getResponseBodyAsString();
postMethod.releaseConnection();
} catch (Exception e) {
e.printStackTrace();
}
if (null != username && !"".equals(username)) {
session.setAttribute("username", username);
filterChain.doFilter(request, response);
} else {
response.sendRedirect("http://localhost:8081/sso/index.jsp?service=" + url);
}
} else {
response.sendRedirect("http://localhost:8081/sso/index.jsp?service=" + url);
}
} else {
filterChain.doFilter(request, response);
}
}
@Override
public void init(FilterConfig arg0) throws ServletException {
}
}
OAServlet.java
package com.cloud.sso.oa.servlet;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class OAServlet extends HttpServlet {
private static final long serialVersionUID = 3615122544373006252L;
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
request.getRequestDispatcher("/WEB-INF/jsp/welcome.jsp").forward(request, response);
}
@Override
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
this.doGet(request, response);
}
}
web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:jsp="http://java.sun.com/xml/ns/javaee/jsp" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID" version="2.5">
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
<filter>
<filter-name>ssoClientFilter</filter-name>
<filter-class>com.cloud.sso.oa.filter.SSOClientFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>ssoClientFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<servlet>
<servlet-name>list</servlet-name>
<servlet-class>com.cloud.sso.oa.servlet.OAServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>list</servlet-name>
<url-pattern>/list</url-pattern>
</servlet-mapping>
</web-app>
下面是PRO系统的代码:
pom.xml
(注意:端口为8083)
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>com.cloud.sso.pro</groupId>
<artifactId>sso-pro</artifactId>
<packaging>war</packaging>
<version>0.0.1-SNAPSHOT</version>
<name>sso-pro Maven Webapp</name>
<url>http://maven.apache.org</url>
<dependencies>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>servlet-api</artifactId>
<version>2.5</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>commons-httpclient</groupId>
<artifactId>commons-httpclient</artifactId>
<version>3.1</version>
</dependency>
</dependencies>
<build>
<finalName>sso-pro</finalName>
<plugins>
<plugin>
<groupId>org.mortbay.jetty</groupId>
<artifactId>jetty-maven-plugin</artifactId>
<version>8.1.9.v20130131</version>
<configuration>
<stopKey>stop</stopKey>
<stopPort>6000</stopPort>
<webAppConfig>
<contextPath>/pro</contextPath>
</webAppConfig>
<scanIntervalSeconds>4</scanIntervalSeconds>
<connectors>
<connector implementation="org.eclipse.jetty.server.nio.SelectChannelConnector">
<port>8083</port>
<maxIdleTime>60000</maxIdleTime>
</connector>
</connectors>
</configuration>
</plugin>
</plugins>
</build>
</project>
PRO系统中的filter
SSOClientFilter.java
package com.cloud.sso.pro.filter;
import java.io.IOException;
import java.net.URLEncoder;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.httpclient.HttpClient;
import org.apache.commons.httpclient.methods.PostMethod;
public class SSOClientFilter implements Filter {
@Override
public void destroy() {
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) servletRequest;
HttpServletResponse response = (HttpServletResponse) servletResponse;
HttpSession session = request.getSession();
String username = (String) session.getAttribute("username");
String ticket = request.getParameter("ticket");
String url = URLEncoder.encode(request.getRequestURL().toString(), "UTF-8");
if (null == username) {
if (null != ticket && !"".equals(ticket)) {
PostMethod postMethod = new PostMethod("http://localhost:8081/sso/ticket");
postMethod.addParameter("ticket", ticket);
HttpClient httpClient = new HttpClient();
try {
httpClient.executeMethod(postMethod);
username = postMethod.getResponseBodyAsString();
postMethod.releaseConnection();
} catch (Exception e) {
e.printStackTrace();
}
if (null != username && !"".equals(username)) {
session.setAttribute("username", username);
filterChain.doFilter(request, response);
} else {
response.sendRedirect("http://localhost:8081/sso/index.jsp?service=" + url);
}
} else {
response.sendRedirect("http://localhost:8081/sso/index.jsp?service=" + url);
}
} else {
filterChain.doFilter(request, response);
}
}
@Override
public void init(FilterConfig arg0) throws ServletException {
}
}
ProServlet.java
package com.cloud.sso.pro.servlet;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class ProServlet extends HttpServlet {
private static final long serialVersionUID = -1334093914490423930L;
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
request.getRequestDispatcher("/WEB-INF/jsp/welcome.jsp").forward(request, response);
}
@Override
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
super.doPost(request, response);
}
}
web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:jsp="http://java.sun.com/xml/ns/javaee/jsp" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID" version="2.5">
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
<filter>
<filter-name>ssoClientFilter</filter-name>
<filter-class>com.cloud.sso.pro.filter.SSOClientFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>ssoClientFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<servlet>
<servlet-name>list</servlet-name>
<servlet-class>com.cloud.sso.pro.servlet.ProServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>list</servlet-name>
<url-pattern>/list</url-pattern>
</servlet-mapping>
</web-app>
运行结果:
1:分别启动这三个工程。
2:访问OA系统,URL:http://localhost:8082/oa/list
3:这样到登录页面,如图:
4:用户名为:cloud,密码为:cloud,点击登录则会显示,如图:
5:然后去进入PRO系统,URL:http://localhost:8083/pro/list,则就不需要登录了,直接进入,如图:
工程源代码供下载:
-
本文附件下载:
- sso-source.zip (62.1 KB)
已有 0 人发表留言,猛击->> 这里<<-参与讨论
ITeye推荐
相关 [sso 单点登录] 推荐:
自己动手写SSO(单点登录)
- - ITeye博客SSO在我们的应用中非常常见,例如我们在OA系统登录了,我们就可以直接进入采购系统,不需要再登录了,这样使我们非常方便. 现在网上也有很多实现方法,于是乎我也想写一个看看. 我主要用到的是cookie的机制. 在此,分享给大家, 同时提供源代码下载. SSO的实现一般是会有一个SSO Server,也会叫认证中心,同时也会有被认证的系统,如OA系统、采购系统等,他们就相当于SSO Server的client.
CAS实现SSO单点登录原理
- - 非技术 - ITeye博客CAS实现SSO单点登录原理. CAS ( Central Authentication Service ) 是 Yale 大学发起的一个企业级的、开源的项目,旨在为 Web 应用系统提供一种可靠的单点登录解决方法(属于 Web SSO ). CAS 开始于 2001 年, 并在 2004 年 12 月正式成为 JA-SIG 的一个项目.
单点登录SSO的实现原理
- - 非技术 - ITeye博客单点登录SSO(Single Sign On)说得简单点就是在一个多系统共存的环境下,用户在一处登录后,就不用在其他系统中登录,也就是用户的一次登录能得到其他所有系统的信任. 单点登录在大型网站里使用得非常频繁,例如像阿里巴巴这样的网站,在网站的背后是成百上千的子系统,用户一次操作或交易可能涉及到几十个子系统的协作,如果每个子系统都需要用户认证,不仅用户会疯掉,各子系统也会为这种重复认证授权的逻辑搞疯掉.
CAS单点登录(SSO)完整教程
- - 互联网 - ITeye博客CAS单点登录(SSO)完整教程(2012-02-01更新). 教程目的:从头到尾细细道来单点登录服务器及客户端应用的每个步骤. 单点登录(SSO):请看百科解释. 本教程使用的SSO服务器是Yelu大学研发的CAS(Central Authentication Server),. CAS Server版本:cas-server-3.4.3.1、cas-server-3.4.10.
漫谈单点登录(SSO) - EzrealLiu - 博客园
- -SSO这一概念由来已久,网络上对应不同场景的成熟SSO解决方案比比皆是,从简单到复杂,各式各样应有尽有. 开源的有OpenSSO、CAS ,微软的AD SSO,及基于kerberos 的SSO等等……这些优秀的解决方案尽显开发及使用者的逼格,当然需求所致无谓好坏高低,满足实际之需才是王道. 本文并不讨论上述提到的方案的整合使用、或者复杂场景如:安全、防火墙、N 多个系统层叠调用这种"巨型项目"里SSO的实现与使用,也并不涉及 C/S 、C/S+B/S 的SSO解决方案,仅关注B/S 上的SSO实现.
基于CAS实现单点登录(SSO):cas client端的退出问题
- - CSDN博客架构设计推荐文章自从CAS 3.4就很好的支持了单点注销功能,配置也很简单. 之前版本因为在CAS服务器通过HttpClient发送消息时并未指定为POST方式,所以在CAS客户端的注销Filter中没有收到POST请求(要知道Filter只对Post请求起作用),也就没有做session销毁处理. 两个业务系统APP1和APP2.
SSO单点登录在互联网电商应用中的解决方案(基于CAS的改造)
- - CSDN博客互联网推荐文章电商平台中无论是前端还是后端会存在大量的业务应用,在整个交易的过程中请求是在各个业务应用中流转的,对于用户来讲只需要登录一次就可以访问所有的业务,这就是单点登录SSO. 单点登录开源有很多的解决方案,比如基于session的SSO和基于cookie的SSO. 业界使用比较多的基于session的SSO的开源解决方案比如CAS,流程示意图如下:.
基于jasig的sso
- - 企业架构 - ITeye博客整体的结构就是cas+shiro实现单点登录和权限管理. 怎么安装就不说了网上一大堆,在这总结一些问题的处理方法. 未能够识别目标'ST-2-jEo1qANhs9HgZ7VKC5Hf-cas'票根. 原因:是由于客户端应用web.xml配置中的casServerLoginUrl和casServerUrlPrefix两个URL属性的域名与证书中定义的不一致,或者你的地址配置的不对,配置serverUrl就到cas配置serviceUrl就到端口号.
SSO单点登陆
- - 行业应用 - ITeye博客单点登录(Single Sign On, SSO)是企业应用集成中最常见的需求. 异构系统间往往都有各自的用户管理和身份验证机制,为. 避免用户在进行系统切换时频繁输入用户名和密码,因此必须要实现单点登录. 说到SSO的原理,先得说一般Web应用的身份验证原理. Web身份验证之所以能成为问题主要在于HTTP协议的无状态性,这导.