mvnForum同CAS整合实现单点登录

1 mvnForum数据迁移

1.1 配置数据源

在Tomcat的server.xml中添加如下内容

<Resource

name="PostgreSQLDataSource"

auth="Container"

type="javax.sql.DataSource" driverClassName="org.postgresql.Driver"

url="jdbc:postgresql://192.168.0.180:5432/mvnforum?useUnicode=true&amp;characterEncoding=utf-8&amp;uSEOldUTF8Behavior=true"

username="pgsql" password="javac"

maxActive="5" maxIdle="2"

maxWait="-1"/>

1.2 修改mvnForum配置文件

在将mvnForum的Web项目中WEB-INF/classes目录下的mvnforum.xml文件中关于数据库配置部分删除，即将如下片断删除

<use_datasource>false</use_datasource>

<driver_class_name>com.mysql.jdbc.Driver</driver_class_name>

<database_url>jdbc:mysql://localhost/mvnforum?useUnicode=true&amp;characterEncoding=utf-8&amp;uSEOldUTF8Behavior=true</database_url>

<database_user>root</database_user>

<database_password/>

<max_connection>20</max_connection>

<max_time_to_wait>2000</max_time_to_wait>

<minutes_between_refresh>30</minutes_between_refresh>

添加如下内容

<use_datasource>true</use_datasource>

<datasource_name>java:comp/env/PostgreSQLDataSource</datasource_name>

1.3 创建数据库

在下载的mvnforum-1.1-bin目录下，找到sql目录下的mvnForum_postgresql.sql文件。在postgresql数据库执行该文件，创建数据库。

2 建立CAS Server

同CAS学习笔记中建立

3 配置CAS Client

3.1 将CAS SSL证书导入到mvnForum所在的JDK中

（1）复制CAS服务器上tomcatsso.crt 文件到%JAVA_HOME%/jre/lib/security。

（2）然后用下面命令将证书tomcatsso.crt 文件导入到cacerts文件中。

Cd %JAVA_HOME%/jre/lib/security

keytool -import -alias tomcatsso -file tomcatsso.crt -keystore cacerts -storepass changeit

3.2 插入CAS CLIENT库文件

复制cas-client-core- 3.1.3 .jar和spring.jar这2个文件到mvnForum的Web项目中的WEB-INF/lib目录文件夹下

3.3 修改web.xml文件

在web.xml中添加CAS Filter

<context-param>

<param-name>contextConfigLocation</param-name>

<param-value>/WEB-INF/spring-appContext.xml</param-value>

</context-param>

<filter>

<filter-name>CAS Single Sign Out Filter</filter-name>

<filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>

</filter>

<filter-mapping>

<filter-name>CAS Single Sign Out Filter</filter-name>

<url-pattern>/*</url-pattern>

</filter-mapping>

<listener>

<listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class>

</listener>

<filter-name>CAS Authentication Filter</filter-name>

<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>

<init-param>

<param-name>targetBeanName</param-name>

<param-value>casAuthenticationFilter</param-value>

</init-param>

<filter-name>CAS Validation Filter</filter-name>

<param-value>casValidationFilter</param-value>

</init-param>

<filter-name>CAS HttpServletRequestWrapperFilter</filter-name>

<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>

<init-param>

<param-name>targetBeanName</param-name>

<param-value>casHttpServletRequestWrapperFilter</param-value>

<url-pattern>/mvnforum/login</url-pattern>

<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>

</listener>

3.4 插入spring-appContext.xml文件

在WEB-INF目录下添加spring-appContext.xml文件

<?xml version="1.0" encoding="UTF-8"?>

<beans xmlns="http://www.springframework.org/schema/beans"

xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

xsi:schemaLocation="http://www.springframework.org/schema/beans

http://www.springframework.org/schema/beans/spring-beans-2.0.xsd">

<bean id="casAuthenticationFilter"

class="org.jasig.cas.client.authentication.AuthenticationFilter">

<property name ="casServerLoginUrl" value="https://www.test.com:443/cas-server/login"/>

<property name ="serverName" value="http://192.168.0.116:8080"/>

</bean>

<bean id="casValidationFilter"

class="org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter">

<property name="ticketValidator">

<ref bean="Cas20ProxyTicketValidator"/>

</property>

<property name="useSession" value="true"/>

<property name="serverName" value="http://192.168.0.116:8080"/>

<property name="redirectAfterValidation" value="false"/>

<bean id="Cas20ProxyTicketValidator"

class="org.jasig.cas.client.validation.Cas20ProxyTicketValidator">

<constructor-arg index="0" value="https://www.test.com:443/cas-server" />

<bean id="casHttpServletRequestWrapperFilter"

class="org.jasig.cas.client.util.HttpServletRequestWrapperFilter"/>

</beans>

3.5 修改mvnForum Java项目中的代码

3.5.1 项目导入到Eclipse

首先将该Web工程导入到Eclipse中，然后删除原Web项目中/WEB-INF/lib目录下的mvnforum.jar文件并将下载的mvnForum原文件导入到改项目中。

3.5.2 Java代码修改

com.mvnforum.auth.OnlineUserFactoryImpl的validatePassword函数中（334行左右）

return encodedPassword.equals(DAOFactory.getMemberDAO().getPassword(memberId));

修改为

//return encodedPassword.equals(DAOFactory.getMemberDAO().getPassword(memberId));

return true;

com.mvnforum.user.UserModuleProcessor的process函数中（130行左右）中

onlineUser = onlineUserManager.getOnlineUser(genericRequest);

onlineUser.updateNewMessageCount(false);

后面添加一行代码（在随后的try模块之前）

if(onlineUser.getMemberID() == 0 && !requestURI.equals("/login") && !requestURI.equals("/loginprocess"))

throw new AuthenticationException(AuthenticationException.NOT_LOGIN);

3.6 修改mvnForum Web项目中的代码

3.6.1 复制mvnForum库文件

删除mvnForum Web项目中/WEB-INF/lib目录下的mvnforum.jar文件，并将上述Eclipse中编译生成的类文件复制到/WEB-INF目录中，即将com目录文件夹复制到/WEB-INF/classes目录文件夹下。

3.6.2 修改JSP文件

在mvnForum的Web项目中/mvnplugin/mvnforum/user目录下，删除login.jsp，创建自己的login.jsp文件，内容如下：

<%@ page contentType="text/html;charset=utf-8" %>

<%@ page errorPage="fatalerror.jsp"%>

<%@ include file="inc_common.jsp"%>

<%@ include file="inc_doctype.jsp"%>

<%@ page import="net.myvietnam.mvncore.util.ParamUtil" %>

<%@ page import="net.myvietnam.mvncore.util.DateUtil" %>

<%@ page import="net.myvietnam.mvncore.filter.DisableHtmlTagFilter" %>

<%@ page import="javax.servlet.http.HttpServletRequestWrapper "%>

<!DOCTYPE html PUBLIC "-//W 3C //DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>

<body>

<%

String errorMessage = ParamUtil.getAttribute(request,"Reason");

if(errorMessage.length() > 0){

session.invalidate();

response.sendRedirect("https://www.test.com/cas-server/logout");

}else{

java.util.Map params = request.getParameterMap();

params.put("MemberName",request.getRemoteUser());

params.put("password","ISMvKXpXpadDiUoOSoAfww==");

params.put("FromLoginPage","true");

params.put("md5pw",160) none repeat scroll 0% 0%; text-align: left; -moz-background-clip: -moz-initial; -moz-background-origin: -moz-initial; -moz-background-inline-policy: -moz-initial;" align="left"> params.put("url",DisableHtmlTagFilter.filter(ParamUtil.getParameter(request,"url")));

HttpServletRequestWrapper httpServletRequestWrapper = new HttpServletRequestWrapper(request){

public String getMethod(){

return "POST";

}

};

RequestDispatcher dispatcher=getServletContext().getRequestDispatcher("/mvnforum/" + urlResolver.encodeURL(request,response,"loginprocess",URLResolverService.ACTION_URL));

dispatcher.forward(httpServletRequestWrapper,response);

}

%>

</body>

</html>

（编辑：李大同）

【声明】本站内容均来自网络，其相关言论仅代表作者个人观点，不代表本站立场。若无意侵犯到您的权利，请及时与联系站长删除相关内容!