Spring Security整合CAS的示例代码

<filter> <filter-name>casFilterChain</filter-name> <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class></filter><filter-mapping> <filter-name>casFilterChain</filter-name> <url-pattern>/*</url-pattern></filter-mapping><listener> <listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class></listener>

<?xml version="1.0" encoding="UTF-8"?><beans xmlns="http://www.springframework.org/schema/beans"  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"  xmlns:security="http://www.springframework.org/schema/security"  xmlns:util="http://www.springframework.org/schema/util"  xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd  http://www.springframework.org/schema/security  http://www.springframework.org/schema/security/spring-security-3.2.xsd http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd"> <bean id="casFilterChain" class="org.springframework.security.web.FilterChainProxy">  <constructor-arg>   <util:list>    <security:filter-chain pattern="/**" filters="singleSignOutFilter, cas20ProxyReceivingTicketValidationFilter, authenticationFilter, httpServletRequestWrapperFilter, assertionThreadLocalFilter"/>   </util:list>  </constructor-arg> </bean> <bean id="singleSignOutFilter" class="org.jasig.cas.client.session.SingleSignOutFilter"/> <bean id="cas20ProxyReceivingTicketValidationFilter"   class="org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter">  <property name="serverName" value="${client.url}"/>  <property name="ticketValidator" ref="cas20ServiceTicketValidator"/> </bean> <bean id="cas20ServiceTicketValidator" class="org.jasig.cas.client.validation.Cas20ServiceTicketValidator">  <constructor-arg value="${cas.url}"/>  <property name="renew" value="false"/> </bean> <bean id="authenticationFilter" class="org.jasig.cas.client.authentication.AuthenticationFilter">  <property name="renew" value="false"/>  <property name="casServerLoginUrl" value="${cas.url}"/>  <property name="serverName" value="${client.url}"/> </bean> <bean id="httpServletRequestWrapperFilter" class="org.jasig.cas.client.util.HttpServletRequestWrapperFilter"/> <bean id="assertionThreadLocalFilter" class="org.jasig.cas.client.util.AssertionThreadLocalFilter"/></beans>

#CAS服务地址cas.url=https://cas.example.com:8443#CAS客户端地址，就是本应用的地址client.url=http://localhost:8080

private CasAuthenticationToken authenticateNow(final Authentication authentication) throws AuthenticationException { try {  final Assertion assertion = this.ticketValidator.validate(authentication.getCredentials().toString(), getServiceUrl(authentication));  ...

private String getServiceUrl(Authentication authentication) { String serviceUrl; if(authentication.getDetails() instanceof ServiceAuthenticationDetails) {  serviceUrl = ((ServiceAuthenticationDetails)authentication.getDetails()).getServiceUrl(); }else if(serviceProperties == null){  throw new IllegalStateException("serviceProperties cannot be null unless Authentication.getDetails() implements ServiceAuthenticationDetails."); }else if(serviceProperties.getService() == null){  throw new IllegalStateException("serviceProperties.getService() cannot be null unless Authentication.getDetails() implements ServiceAuthenticationDetails."); }else {  serviceUrl = serviceProperties.getService(); } if(logger.isDebugEnabled()) {  logger.debug("serviceUrl = "+serviceUrl); } return serviceUrl;}