java - Apereo CAS 5.3.x : how to get logged user, 来自 CAS 服务器，在 java cas 客户端登录后-6ren

java - Apereo CAS 5.3.x : how to get logged user, 来自 CAS 服务器，在 java cas 客户端登录后

转载作者：塔克拉玛干更新时间：2023-11-02 19:45:43

遵循官方 Apereo CAS 文档。我无法理解(经过各种研究和指导)。

如何恢复认证后刚刚登录的用户。项目之间的身份验证和 SSO 正常工作。但是我无法获取有关已登录用户的信息。

这是我在 Application.properties 上的配置:

##
# CAS Server Context Configuration
#
server.context-path=/cas
server.port=8443
server.ssl.key-store=file:/etc/cas/thekeystore
server.ssl.key-store-password=changeit
server.ssl.key-password=changeit
server.max-http-header-size=2097152
server.use-forward-headers=true
server.connection-timeout=20000
server.error.include-stacktrace=ALWAYS
server.compression.enabled=true
server.compression.mime-types=application/javascript,application/json,application/xml,text/html,text/xml,text/plain
server.tomcat.max-http-post-size=2097152
server.tomcat.basedir=build/tomcat
server.tomcat.accesslog.enabled=true
server.tomcat.accesslog.pattern=%t %a "%r" %s (%D ms)
server.tomcat.accesslog.suffix=.log
server.tomcat.min-spare-threads=10
server.tomcat.max-threads=200
server.tomcat.port-header=X-Forwarded-Port
server.tomcat.protocol-header=X-Forwarded-Proto
server.tomcat.protocol-header-https-value=https
server.tomcat.remote-ip-header=X-FORWARDED-FOR
server.tomcat.uri-encoding=UTF-8
spring.http.encoding.charset=UTF-8
spring.http.encoding.enabled=true
spring.http.encoding.force=true

##
# CAS Cloud Bus Configuration
#
spring.cloud.bus.enabled=false

# Indicates that systemPropertiesOverride can be used.
# Set to false to prevent users from changing the default accidentally. Default true.
spring.cloud.config.allow-override=true

# External properties should override system properties.
spring.cloud.config.override-system-properties=false

# When allowOverride is true, external properties should take lowest priority, and not override any
# existing property sources (including local config files).
spring.cloud.config.override-none=false

# spring.cloud.bus.refresh.enabled=true
# spring.cloud.bus.env.enabled=true
# spring.cloud.bus.destination=CasCloudBus
# spring.cloud.bus.ack.enabled=true

endpoints.enabled=false
endpoints.sensitive=true

endpoints.restart.enabled=false
endpoints.shutdown.enabled=false

# Control the security of the management/actuator endpoints
# The 'enabled' flag below here controls the rendering of details for the health endpoint amongst other things.
management.security.enabled=true
management.security.roles=ACTUATOR,ADMIN
management.security.sessions=if_required
management.context-path=/status
management.add-application-context-header=false

# Define a CAS-specific "WARN" status code and its order
management.health.status.order=WARN, DOWN, OUT_OF_SERVICE, UNKNOWN, UP

# Control the security of the management/actuator endpoints
# With basic authentication, assuming Spring Security and/or relevant modules are on the classpath.
security.basic.authorize-mode=role
security.basic.path=/cas/status/**
# security.basic.enabled=true
# security.user.name=casuser
# security.user.password=

##
# CAS Web Application Session Configuration
#
server.session.timeout=300
server.session.cookie.http-only=true
server.session.tracking-modes=COOKIE

##
# CAS Thymeleaf View Configuration
#
spring.thymeleaf.encoding=UTF-8
spring.thymeleaf.cache=true
spring.thymeleaf.mode=HTML
spring.thymeleaf.template-resolver-order=100
##
# CAS Log4j Configuration
#
# logging.config=file:/etc/cas/log4j2.xml
server.context-parameters.isLog4jAutoInitializationDisabled=true

##
# CAS AspectJ Configuration
#
spring.aop.auto=true
spring.aop.proxy-target-class=true

##
# CAS Authentication Credentials
#
# cas.authn.accept.users=casuser::Mellon

cas.authn.accept.users=
logging.level.org.apereo=DEBUG

cas.authn.jdbc.query[0].sql=SELECT * FROM USERS WHERE uid=?
cas.authn.jdbc.query[0].url=jdbc:mysql://localhost:3306/casdatabase?useUnicode=true&useJDBCCompliantTimezoneShift=true&useLegacyDatetimeCode=false&serverTimezone=UTC
cas.authn.jdbc.query[0].dialect=org.hibernate.dialect.MySQLDialect
cas.authn.jdbc.query[0].user=cas
cas.authn.jdbc.query[0].password=cas
cas.authn.jdbc.query[0].driverClass=com.mysql.jdbc.Driver
cas.authn.jdbc.query[0].fieldPassword=psw

cas.authn.jdbc.query[0].passwordEncoder.type=DEFAULT
cas.authn.jdbc.query[0].passwordEncoder.encodingAlgorithm=MD5
cas.authn.jdbc.query[0].passwordEncoder.characterEncoding=UTF-8

# Services
 cas.serviceRegistry.watcherEnabled=true
 cas.serviceRegistry.schedule.repeatInterval=120000
 cas.serviceRegistry.schedule.startDelay=15000

# Auto-initialize the registry from default JSON service definitions
 cas.serviceRegistry.initFromJson=true

#cas.serviceRegistry.managementType=DEFAULT|DOMAIN
cas.serviceRegistry.managementType=DEFAULT
cas.serviceRegistry.json.location=WEB-INF/classes/services


cas.tgc.path=/
cas.tgc.maxAge=-1
cas.tgc.domain=www.myDomain.it
cas.tgc.name=TGC
cas.tgc.secure=true
cas.tgc.httpOnly=false
cas.tgc.rememberMeMaxAge=1209600

这是我在 CAS 服务器上以 JSON 格式注册的服务 (compA-10000003.json)

{
  "@class" : "org.apereo.cas.services.RegexRegisteredService",
  "serviceId" : "^https://www.myproject.com:8443/compA/servlet",
  "name" : "compA",
  "theme" : "apereo",
  "id" : 10000003,
  "description" : "descrizione servizio compA",
  "evaluationOrder" : 10000
}

这是我的 web.xml CAS 客户端 java 应用程序:

<?xml version="1.0" encoding="UTF-8"?>
<web-app version="3.1" xmlns="http://xmlns.jcp.org/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd">
    <servlet>
        <servlet-name>servlet</servlet-name>
        <servlet-class>it.seed.compa.servlet</servlet-class>
    </servlet>
    <servlet>
        <servlet-name>logout</servlet-name>
        <servlet-class>it.seed.compa.logout</servlet-class>
    </servlet>
    <servlet>
        <servlet-name>login</servlet-name>
        <servlet-class>it.seed.compa.login</servlet-class>
    </servlet>
    <servlet-mapping>
        <servlet-name>servlet</servlet-name>
        <url-pattern>/servlet</url-pattern>
    </servlet-mapping>
    <servlet-mapping>
        <servlet-name>logout</servlet-name>
        <url-pattern>/logout</url-pattern>
    </servlet-mapping>
    <servlet-mapping>
        <servlet-name>login</servlet-name>
        <url-pattern>/login</url-pattern>
    </servlet-mapping>
   <session-config>
        <session-timeout>
            30
        </session-timeout>
    </session-config>
    <!--filter>
        <filter-name>CAS Filter</filter-name>
        <filter-class>edu.yale.its.tp.cas.client.filter.CASFilter</filter-class>
        <init-param>
            <param-name>edu.yale.its.tp.cas.client.filter.loginUrl</param-name>
            <param-value>https://192.168.91.42:8443/apereoCAS/login</param-value>
        </init-param>
        <init-param>
            <param-name>edu.yale.its.tp.cas.client.filter.validateUrl</param-name>
            <param-value>https://192.168.91.42:8443/apereoCAS/serviceValidate</param-value>
        </init-param>
        <init-param>
            <param-name>edu.yale.its.tp.cas.client.filter.serverName</param-name>
            <param-value>192.168.91.98:8084</param-value>
        </init-param>
    </filter>

    <filter-mapping>
        <filter-name>CAS Filter</filter-name>
        <url-pattern>/servlet</url-pattern>
    </filter-mapping-->

    <filter>
        <filter-name>CAS Single Sign Out Filter</filter-name>
        <filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>
        <init-param>
            <param-name>casServerUrlPrefix</param-name>
            <param-value>https://www.cas.server.glauco.it:8443/apereoCAS</param-value>
        </init-param>
    </filter>
    <filter-mapping>
        <filter-name>CAS Single Sign Out Filter</filter-name>
        <url-pattern>/logout</url-pattern>
    </filter-mapping>


    <!-- Listener to clean sessions -->
    <listener>
        <listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener
        </listener-class>
    </listener>


    <!-- Define the protected urls of your application -->
    <!-- #### change with your own CAS server and your host name #### -->
    <filter>
        <filter-name>CAS Authentication Filter</filter-name>
        <filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>
        <init-param>
            <param-name>casServerLoginUrl</param-name>
            <param-value>https://www.cas.server.glauco.it:8443/apereoCAS/login
            </param-value>
        </init-param>
        <init-param>
            <param-name>serverName</param-name>
            <param-value>https://www.progetto2.glauco.it:8443</param-value>
        </init-param>
    </filter>
    <filter-mapping>
        <filter-name>CAS Authentication Filter</filter-name>
        <url-pattern>/servlet</url-pattern>
    </filter-mapping>




    <!-- Define the urls on which you can validate a service ticket -->
    <!-- #### change with your own CAS server and your host name #### -->
    <filter>
        <filter-name>CAS Validation Filter</filter-name>
        <filter-class>org.jasig.cas.client.validation.Cas30ProxyReceivingTicketValidationFilter</filter-class>
        <init-param>
            <param-name>casServerUrlPrefix</param-name>
            <param-value>https://www.cas.server.glauco.it:8443/apereoCAS</param-value>
        </init-param>



        <init-param>
            <param-name>redirectAfterValidation</param-name>
            <param-value>true</param-value>
        </init-param>
        <init-param>
            <param-name>useSession</param-name>
            <param-value>true</param-value>
        </init-param>



        <init-param>
            <param-name>serverName</param-name>
            <param-value>https://www.progetto2.glauco.it:8443</param-value>
        </init-param>
    </filter>
    <filter-mapping>
        <filter-name>CAS Validation Filter</filter-name>
        <url-pattern>/p</url-pattern>
    </filter-mapping>



    <!-- Put the CAS principal in the HTTP request -->
    <filter>
        <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
        <filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class>
    </filter>
    <filter-mapping>
        <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
        <url-pattern>/* </url-pattern>
    </filter-mapping>
</web-app>

最后是我尝试读取有关已登录用户的信息的 servlet:

package it.seed.compa;


import com.google.gson.Gson;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.Iterator;
import java.util.Map;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.jasig.cas.client.authentication.AttributePrincipal;
import org.jasig.cas.client.authentication.AttributePrincipalImpl;
import org.jasig.cas.client.authentication.SimplePrincipal;

public class servlet extends HttpServlet {


    protected void processRequest(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        response.setContentType("text/html;charset=UTF-8");
        try (PrintWriter out = response.getWriter()) {

            Gson g = new Gson();

            System.out.println(  g.toJson(request.getCookies())  );
            System.out.println("-----------getParameterMap-------------------");
            System.out.println(  g.toJson(request.getParameterMap() )  );
            System.out.println("----------------getParameterNames--------------");
            System.out.println(  g.toJson(request.getParameterNames() )  );
            System.out.println("---------------getQueryString---------------");
            System.out.println(  g.toJson(request.getQueryString() )  );
            System.out.println("------------getSession------------------");
            System.out.println(  g.toJson(request.getSession() )  );
            System.out.println("------------getRemoteUser------------------");
            System.out.println(  request.getRemoteUser()  );

            System.out.println("------------getParameter principal------------------");
            System.out.println(  request.getParameter("principal")  );

            System.out.println("------------getParameter id------------------");
            System.out.println(  request.getParameter("id")  );

            System.out.println("response");


            /* TODO output your page here. You may use following sample code. */
            out.println("<!DOCTYPE html>");
            out.println("<html>");
            out.println("<head>");
            out.println("<title>Servlet servlet</title>");            
            out.println("</head>");
            out.println("<body>");

            System.out.println(request.getParameter("ticket"));

            if(request.getUserPrincipal() != null) // this is always NULL
            {
                AttributePrincipal principal = (AttributePrincipal)request.getUserPrincipal();

                Map attributes = principal.getAttributes();

                Iterator attributeNames = attributes.keySet().iterator();

                out.println("<table>");

                for (; attributeNames.hasNext();) {
                out.println("<tr><th>");
                String attributeName = (String) attributeNames.next();
                      out.println(attributeName);
                      out.println("</th><td>");
                      Object attributeValue = attributes.get(attributeName);
                      out.println(attributeValue);
                      out.println("</td></tr>");
                }

                out.println("</table>");

            } else{
                System.out.println("nothing");
            }


            out.println("</body>");
            out.println("</html>");
        }
    }


    @Override
    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        processRequest(request, response);
    }

    @Override
    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        processRequest(request, response);
    }

    @Override
    public String getServletInfo() {
        return "Short description";
    }

}

谁能帮我找回登录的用户？

最佳答案

代码已经在您的 servlet 中。 CAS 成功验证其创建的服务票据后，用户信息将出现在“AttributePrincipal”对象中。

你已经拥有了

 AttributePrincipal principal = (AttributePrincipal)request.getUserPrincipal();

哪个会给你校长。然后可以使用

获取用于登录的名称

String userName = principal.getName();

关于java - Apereo CAS 5.3.x : how to get logged user, 来自 CAS 服务器，在 java cas 客户端登录后，我们在Stack Overflow上找到一个类似的问题： https://stackoverflow.com/questions/54146508/

文章推荐： Java NIO无法从JRT镜像中读取文件

文章推荐： java - 我如何计算在 java 中以 "im"结尾的人键入的条目？

JavaRMI遇到的ConnectionrefusedtoHost:127.x.x.x/192.x.x.x/10.x.x.x问题解决方法
问题故障解决记录 -- Java RMI Connection refused to host: x.x.x.x .... 在学习JavaRMI时，我遇到了以下情况问题原因：可
haskell - 为什么 `f x = x x` 和 `g x = x x x x x` 有相同的类型
我正在玩 Rank-N-type 并尝试输入 x x .但我发现这两个函数可以以相同的方式输入，这很不直观。 f :: (forall a b. a -> b) -> c f x = x x g ::
java - 比较两个版本字符串(4.x.x.x、5.x.x.x)
这个问题已经有答案了: How do you compare two version Strings in Java? (31 个回答) 已关闭 8 年前。有谁知道如何在Java中比较两个版本字符串
java - x=20;x=++x+++x + x++ ;java中x的最终值为65
这个问题已经有答案了: How do the post increment (i++) and pre increment (++i) operators work in Java? (14 个回答)
linux - 如何获取完整的目标IP地址(x.x.x.x/x)netstat命令？
下面是带有 -n 和 -r 选项的 netstat 命令的输出，其中目标字段显示压缩地址 (127.1/16)。我想知道 netstat 命令是否有任何方法或选项可以显示整个目标 IP (127.1.
logic - 我如何根据精益原则证明 (∀ x, ¬ A x) → ¬ ∃ x, A x？
我知道要证明 : (¬ ∀ x, p x) → (∃ x, ¬ p x) 证明是: theorem : (¬ ∀ x, p x) → (∃ x, ¬ p x) := begin intro n
c++ - x*x != x*x 在自动变量中？
x * x 如何通过将其存储在“auto 变量”中来更改？我认为它应该仍然是相同的，并且我的测试表明类型、大小和值显然都是相同的。但即使 x * x == (xx = x * x) 也是错误的。什么
c# - 如何将表达式 x=>!x 重写为 x=>x!=true 并将 x=>x 重写为 x=>x==true
假设，我们这样表达: someIQueryable.Where(x => x.SomeBoolProperty) someIQueryable.Where(x => !x.SomeBoolProper
regex - 为什么正则表达式引擎选择从 `..X` 匹配模式 `.X|..X|X.`？
我有一个字符串 1234X5678 我使用这个正则表达式来匹配模式 .X|..X|X. 我得到了 34X 问题是为什么我没有得到 4X 或 X5？为什么正则表达式选择执行第二种模式？最佳答案这里
javascript - 可以 (x++ !== x) && (x++ === x);返回真？
我的一个 friend 在面试时遇到了这个问题找到使该函数返回真值的 x 值 function f(x) { return (x++ !== x) && (x++ === x); } 面试官
java - 为什么通常 Map = new HashMap() 而不是 HashMap = new HashMap()？
这个问题在这里已经有了答案: 10年前关闭。 Possible Duplicate: Isn't it easier to work with foo when it is represented b
针对多个版本的 Android 应用程序开发，即 1.x、2.x.x、3.x.x、4.x.x
我是 android 的新手，我一直在练习开发一个针对 2.2 版本的应用程序，我需要帮助了解如何将我的应用程序扩展到其他版本，即 1.x、2.3.x、3 .x 和 4.x.x，以及一些针对屏幕分辨率
x = [x] && x.push(x) when var x; 之间的 javascript 数组混淆
为什么案例 1 给我们 :error: TypeError: x is undefined on line... //case 1 var x; x.push(x); console.log(x);
python - Python 列表中 x += x 和 x = x + x 的区别
代码优先: # CASE 01 def test1(x): x += x print x l = [100] test1(l) print l CASE01 输出: [100, 100
java - 如何确定看起来像这样的大 O : (x -1) + (x - 2) + (x - 3) . .. (x - x)
我正在努力温习我的大计算。如果我有将所有项目移至 'i' 2 个空格右侧的函数，我有一个如下所示的公式: (n -1) + (n - 2) + (n - 3) ... (n - n) 第一次迭代我必须
javascript - 从 IP 字符串计算 IP 范围等于 x.x.x.x/x
给定 IP 字符串(如 x.x.x.x/x)，我如何或将如何计算 IP 的范围最常见的情况可能是 198.162.1.1/24但可以是任何东西，因为法律允许的任何东西。我要带198.162.1.1/
javascript - 为什么 var x = x = x || {} 比 var x = x || 更彻底{}？
在我作为初学者努力编写干净的 Javascript 代码时，我最近阅读了 this article当我偶然发现这一段时，关于 JavaScript 中的命名空间: The code at the ve
javascript - var x = x || {}；与 x = window.x || {}；
我正在编写一个脚本，我希望避免污染 DOM 的其余部分，它将是一个用于收集一些基本访问者分析数据的第 3 方脚本。我通常使用以下内容创建一个伪“命名空间”: var x = x || {}; 我正在
docker - create_network():无法分配网关(x.x.x.x):该地址已在测试用例中使用
我尝试运行我的test_container_services.py套件，但遇到了以下问题： docker.errors.APIError：500服务器错误：内部服务器错误（“ b'{” message
c# - "x as X != null"和 "x is X"总是返回相同的结果吗？
是否存在这两个 if 语句会产生不同结果的情况？ if(x as X != null) { // Do something } if(x is X) { // Do something } 编

塔克拉玛干

个人简介

我是一名优秀的程序员,十分优秀！

作者热门文章

滴滴打车优惠券免费领取

全站热门文章

首页

博学

6Ren·AI

商城

java - Apereo CAS 5.3.x : how to get logged user, 来自 CAS 服务器，在 java cas 客户端登录后