Cas没有属性传给客户端 [英] Cas no attributes come to client

查看:102
本文介绍了Cas没有属性传给客户端的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我正在用CAS构建SSO应用程序.在春季客户端中, CasAssertionAuthenticationToken 没有属性.

网上有很多样本,它们似乎没有问题(明显缺少某些东西吗?)

对于cas服务器,其所有默认配置,但我更改了注册服务的默认设置,以确保这不是问题.这部分看起来像这样:

 < bean class ="org.jasig.cas.services.RegexRegisteredService"><属性名称="id"值="1"/><属性名称=名称" value ="HTTP和IMAP"/><属性名称=说明" value =允许HTTP(S)和IMAP(S)"/><属性名称="serviceId"值="^(https?| imaps?)://.*"/><属性名称="evaluationOrder"值="0"/><属性名称="ignoreAttributes"值="true"/><属性名称="attributeFilter">< bean class ="org.jasig.cas.services.support.RegisteredServiceDefaultAttributeFilter"/></property></bean>

调试结果时,将释放3个预定义的属性!

在春季,验证票证时服务器的响应是这样的:

 < cas:serviceResponse xmlns:cas ='http://www.yale.edu/tp/cas'>< cas:authenticationSuccess>< cas:user> casuser</cas:user></cas:authenticationSuccess></cas:serviceResponse>

它根本不包含任何属性.无法弄清楚丢失了什么.考虑到cas config几乎是默认配置,这是我的spring config(我使用spring boot来配置客户端):

  @Configuration@Order(SecurityProperties.ACCESS_OVERRIDE_ORDER)公共类安全性扩展WebSecurityConfigurerAdapter {@豆角,扁豆public ServiceProperties serviceProperties(){ServiceProperties属性=新的ServiceProperties();prop.setService("http://localhost:8180/j_spring_cas_security_check");prop.setSendRenew(true);返回道具}@豆角,扁豆public AuthenticationProvider casAuthenticationProvider(){CasAuthenticationProvider casAuthenticationProvider = new CasAuthenticationProvider();casAuthenticationProvider.setAuthenticationUserDetailsS​​ervice(authenticationUserDetailsS​​ervice());casAuthenticationProvider.setServiceProperties(serviceProperties());casAuthenticationProvider.setTicketValidator(ticketValidator());casAuthenticationProvider.setKey("test_app_key");返回casAuthenticationProvider;}@豆角,扁豆公共AuthenticationUserDetailsS​​ervice< CasAssertionAuthenticationToken>authenticationUserDetailsS​​ervice(){返回新的TestCasAuthenticationUserDetailsS​​ervice();}@豆角,扁豆公开TicketValidator ticketValidator(){返回新的Cas20ServiceTicketValidator("https://localhost:8443/cas");}@豆角,扁豆公共CasAuthenticationEntryPoint casAuthenticationEntryPoint(){CasAuthenticationEntryPoint casAuthenticationEntryPoint = new CasAuthenticationEntryPoint();casAuthenticationEntryPoint.setLoginUrl("https://localhost:8443/cas/login");casAuthenticationEntryPoint.setServiceProperties(serviceProperties());返回casAuthenticationEntryPoint;}@豆角,扁豆公共CasAuthenticationFilter casAuthenticationFilter()引发异常{CasAuthenticationFilter casAuthenticationFilter = new CasAuthenticationFilter();casAuthenticationFilter.setAuthenticationManager(authenticationManager());返回casAuthenticationFilter;}@Override受保护的void configure(HttpSecurity http)抛出异常{http.addFilter(casAuthenticationFilter());http.异常处理().authenticationEntryPoint(casAuthenticationEntryPoint());http.authorizeRequests().anyRequest().authenticated();}@Override受保护的void configure(AuthenticationManagerBuilder auth)引发异常{认证.authenticationProvider(casAuthenticationProvider());}}

谁能告诉我我缺少的明显部分是什么?

解决方案

哇.我不相信.所有这些时间仅是一个p3 !!! TicketValidator 网址必须以/p3 结尾,以便使用cas 3.0协议并返回值.这是更改:

  @Bean公开TicketValidator ticketValidator(){返回新的Cas20ServiceTicketValidator("https://localhost:8443/cas/p3");}

文档可能对此更加清晰(现在我知道答案似乎很明显了).希望这可以帮助需要使用cas配置spring security的人.

i am building SSO application with CAS. in spring client, no attributes came with CasAssertionAuthenticationToken.

there are lots of samples on net, they seems to have no problem with this ( is something obvious missing?)

for cas server, its all default configuration except i changed registered service default to make sure that is not the problem. this part look like this:

    <bean class="org.jasig.cas.services.RegexRegisteredService">
        <property name="id" value="1"/>
        <property name="name" value="HTTP and IMAP"/>
        <property name="description" value="Allows HTTP(S) and IMAP(S)"/>
        <property name="serviceId" value="^(https?|imaps?)://.*"/>
        <property name="evaluationOrder" value="0"/>
        <property name="ignoreAttributes" value="true"/>
        <property name="attributeFilter">
            <bean class="org.jasig.cas.services.support.RegisteredServiceDefaultAttributeFilter"/>
        </property>
    </bean>

when debugging results there are 3 predefined attributes that are going to get released!!

in the spring, the server response when verifying ticket is like this:

<cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
<cas:authenticationSuccess>
    <cas:user>casuser</cas:user>        
</cas:authenticationSuccess>
</cas:serviceResponse>

it contains no attributes at all. can not figure out what is missing. considering cas config is almost default configurations, this is my spring config (i used spring boot for configuring client):

@Configuration
@Order(SecurityProperties.ACCESS_OVERRIDE_ORDER)
public class Security extends WebSecurityConfigurerAdapter {

    @Bean
    public ServiceProperties serviceProperties() {
        ServiceProperties prop = new ServiceProperties();
        prop.setService("http://localhost:8180/j_spring_cas_security_check");
        prop.setSendRenew(true);
        return prop;
    }


    @Bean
    public AuthenticationProvider casAuthenticationProvider() {
        CasAuthenticationProvider casAuthenticationProvider = new CasAuthenticationProvider();
        casAuthenticationProvider.setAuthenticationUserDetailsService(authenticationUserDetailsService());
        casAuthenticationProvider.setServiceProperties(serviceProperties());
        casAuthenticationProvider.setTicketValidator(ticketValidator());
        casAuthenticationProvider.setKey("test_app_key");
        return casAuthenticationProvider;
    }

    @Bean
    public AuthenticationUserDetailsService<CasAssertionAuthenticationToken> authenticationUserDetailsService() {
        return new TestCasAuthenticationUserDetailsService();
    }

    @Bean
    public TicketValidator ticketValidator() {
        return new Cas20ServiceTicketValidator("https://localhost:8443/cas");
    }

    @Bean
    public CasAuthenticationEntryPoint casAuthenticationEntryPoint() {
        CasAuthenticationEntryPoint casAuthenticationEntryPoint = new CasAuthenticationEntryPoint();
        casAuthenticationEntryPoint.setLoginUrl("https://localhost:8443/cas/login");
        casAuthenticationEntryPoint.setServiceProperties(serviceProperties());
        return casAuthenticationEntryPoint;
    }

    @Bean
    public CasAuthenticationFilter casAuthenticationFilter() throws Exception {
        CasAuthenticationFilter casAuthenticationFilter = new CasAuthenticationFilter();
        casAuthenticationFilter.setAuthenticationManager(authenticationManager());
        return casAuthenticationFilter;
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
                .addFilter(casAuthenticationFilter());
        http
                .exceptionHandling()
                .authenticationEntryPoint(casAuthenticationEntryPoint());
        http.authorizeRequests()
                .anyRequest().authenticated();
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth
                .authenticationProvider(casAuthenticationProvider());
    }
}

can anyone tell me what is that obvious part that i am missing?

解决方案

wow. I can not believe it. All this time for just a p3!!! The TicketValidator url must end with /p3 so that it use cas 3.0 protocol and return values. This is the change:

    @Bean
    public TicketValidator ticketValidator() {
        return new Cas20ServiceTicketValidator("https://localhost:8443/cas/p3");
    }

The documentation could be a bit more clear about it (Now that i know the answer it seems really obvious though). Hope this can help someone who need to config spring security with cas.

这篇关于Cas没有属性传给客户端的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
Java开发最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆