50,530
社区成员
发帖
与我相关
我的任务
分享acegi-cas 的问题
我的acegi-cas的服务器端的上下文路径是:/casserver
我的acegi-cas的客户端的上下文路径是:/two
我的目的如下:
在web根目录下,有个secure目录,我想当访问这个目录下的任何资源时,要进行身份验证
身份验证采用CAS,从数据库中查询表。
当我执行到登录CAS Server这步的时候,控制台输出如下信息:
<AuthenticationHandler: org.jasig.cas.adaptors.jdbc.QueryDatabaseAuthenticationHandler successfully authenticated the user which provided the following credentials: cwb>
<Granted service ticket [ST-3-j53tNUb1CpP41z6OajFT6jTc7eSqeRZeZHX-20] for service [https://localhost:8443/two/j_acegi_cas_security_check] for user [cwb]>
这说明我已经登录成功。
可非常遗憾的是,之后浏览器转向authenticationFailureUrl的值了
到底是什么地方配置不对?该怎样才能配置成功?我想了几天也没想出来,还请各位指教。
配置文件如下:
<?xml version="1.0" encoding="gb2312"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
<beans>
<!--过滤器代理者-->
<bean id="filterChainProxy" class="org.acegisecurity.util.FilterChainProxy">
<property name="filterInvocationDefinitionSource">
<value>
PATTERN_TYPE_APACHE_ANT
/**=httpSessionContextIntegrationFilter,authenticationProcessingFilter,securityContextHolderAwareRequestFilter,rememberMeProcessingFilter,anonymousProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor</value>
</property>
</bean>
<bean id="httpSessionContextIntegrationFilter" class="org.acegisecurity.context.HttpSessionContextIntegrationFilter"/>
<bean id="authenticationProcessingFilter" class="org.acegisecurity.ui.cas.CasProcessingFilter">
<property name="authenticationManager">
<ref local="authenticationManager"/>
</property>
<property name="authenticationFailureUrl">
<value>/error.htm</value>
</property>
<property name="defaultTargetUrl">
<value>/</value>
</property>
<property name="filterProcessesUrl">
<value>/j_acegi_cas_security_check</value>
</property>
<property name="rememberMeServices" ref="rememberMeServices"/>
</bean>
<bean id="securityContextHolderAwareRequestFilter" class="org.acegisecurity.wrapper.SecurityContextHolderAwareRequestFilter"/>
<bean id="rememberMeProcessingFilter" class="org.acegisecurity.ui.rememberme.RememberMeProcessingFilter">
<property name="authenticationManager" ref="authenticationManager" />
<property name="rememberMeServices" ref="rememberMeServices"/>
</bean>
<bean id="anonymousProcessingFilter" class="org.acegisecurity.providers.anonymous.AnonymousProcessingFilter">
<property name="key" value="anonymous"/>
<property name="userAttribute" value="anonymousUser,ROLE_ANONYMOUS"/>
</bean>
<bean id="exceptionTranslationFilter" class="org.acegisecurity.ui.ExceptionTranslationFilter">
<property name="authenticationEntryPoint">
<ref local="casProcessingFilterEntryPoint"/>
</property>
</bean>
<bean id="filterInvocationInterceptor" class="org.acegisecurity.intercept.web.FilterSecurityInterceptor">
<property name="authenticationManager" ref="authenticationManager"/>
<property name="accessDecisionManager" ref="accessDecisionManager"/>
<property name="objectDefinitionSource">
<value>
PATTERN_TYPE_APACHE_ANT
/secure/**=ROLE_SUPERVISOR
/secure/**=IS_AUTHENTICATED_REMEMBERED
/**=IS_AUTHENTICATED_ANONYMOUSLY</value>
</property>
</bean>
<!--认证管理器-->
<bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager">
<property name="providers">
<list>
<ref local="casAuthenticationProvider"/>
</list>
</property>
</bean>
<!--访问决策管理器:当至少有一个投票者投允许访问票时允许访问-->
<bean id="accessDecisionManager" class="org.acegisecurity.vote.AffirmativeBased">
<!--当所有投票者都投弃权票时则允许访问-->
<property name="allowIfAllAbstainDecisions" value="true"/>
<!--投票者集合-->
<property name="decisionVoters">
<list>
<bean class="org.acegisecurity.vote.RoleVoter"/>
<bean class="org.acegisecurity.vote.AuthenticatedVoter"/>
</list>
</property>
</bean>
<bean id="rememberMeServices" class="org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices">
<property name="userDetailsService" ref="userDetailsService"/>
<property name="key" value="anonymous"/>
</bean>
<!--认证管理器的提供者--中心认证服务-->
<bean id="casAuthenticationProvider" class="org.acegisecurity.providers.cas.CasAuthenticationProvider">
<property name="ticketValidator">
<ref local="casProxyTicketValidator"/>
</property>
<property name="casProxyDecider">
<ref local="casProxyDecider"/>
</property>
<property name="statelessTicketCache">
<ref local="statelessTicketCache"/>
</property>
<property name="casAuthoritiesPopulator">
<ref local="casAuthoritiesPopulator"/>
</property>
<property name="key">
<value>anonymous</value>
</property>
</bean>
<!--票据验证器-->
<bean id="casProxyTicketValidator" class="org.acegisecurity.providers.cas.ticketvalidator.CasProxyTicketValidator">
<property name="casValidate">
<value>https://localhost:8443/casserver/proxyValidate</value>
</property>
<property name="serviceProperties">
<ref local="serviceProperties"/>
</property>
</bean>
<!--票据代理服务-->
<bean id="casProxyDecider" class="org.acegisecurity.providers.cas.proxy.RejectProxyTickets"/>
<!--票据缓存器-->
<bean id="statelessTicketCache" class="org.acegisecurity.providers.cas.cache.EhCacheBasedTicketCache">
<property name="cache">
<bean class="org.springframework.cache.ehcache.EhCacheFactoryBean">
<property name="cacheManager">
<bean class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean"/>
</property>
<property name="cacheName" value="userCache"/>
</bean>
</property>
</bean>
<!--用户的权限分配-->
<bean id="casAuthoritiesPopulator" class="org.acegisecurity.providers.cas.populator.DaoCasAuthoritiesPopulator">
<property name="userDetailsService">
<ref bean="userDetailsService"/>
</property>
</bean>
<bean id="userDetailsService" class="com.ruiteng.secure.UserServiceImpl"/>
<!--验证身份的入口点-->
<bean id="casProcessingFilterEntryPoint" class="org.acegisecurity.ui.cas.CasProcessingFilterEntryPoint">
<property name="loginUrl">
<value>https://localhost:8443/casserver/login</value>
</property>
<property name="serviceProperties">
<ref local="serviceProperties"/>
</property>
</bean>
<!--验证成功后重定向的页面-->
<bean id="serviceProperties" class="org.acegisecurity.ui.cas.ServiceProperties">
<property name="service">
<value>https://localhost:8443/two/j_acegi_cas_security_check</value>
</property>
<property name="sendRenew">
<value>false</value>
</property>
</bean>
</beans>
我的acegi-cas的客户端的上下文路径是:/two
我的目的如下:
在web根目录下,有个secure目录,我想当访问这个目录下的任何资源时,要进行身份验证
身份验证采用CAS,从数据库中查询表。
当我执行到登录CAS Server这步的时候,控制台输出如下信息:
<AuthenticationHandler: org.jasig.cas.adaptors.jdbc.QueryDatabaseAuthenticationHandler successfully authenticated the user which provided the following credentials: cwb>
<Granted service ticket [ST-3-j53tNUb1CpP41z6OajFT6jTc7eSqeRZeZHX-20] for service [https://localhost:8443/two/j_acegi_cas_security_check] for user [cwb]>
这说明我已经登录成功。
可非常遗憾的是,之后浏览器转向authenticationFailureUrl的值了
到底是什么地方配置不对?该怎样才能配置成功?我想了几天也没想出来,还请各位指教。
配置文件如下:
<?xml version="1.0" encoding="gb2312"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
<beans>
<!--过滤器代理者-->
<bean id="filterChainProxy" class="org.acegisecurity.util.FilterChainProxy">
<property name="filterInvocationDefinitionSource">
<value>
PATTERN_TYPE_APACHE_ANT
/**=httpSessionContextIntegrationFilter,authenticationProcessingFilter,securityContextHolderAwareRequestFilter,rememberMeProcessingFilter,anonymousProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor</value>
</property>
</bean>
<bean id="httpSessionContextIntegrationFilter" class="org.acegisecurity.context.HttpSessionContextIntegrationFilter"/>
<bean id="authenticationProcessingFilter" class="org.acegisecurity.ui.cas.CasProcessingFilter">
<property name="authenticationManager">
<ref local="authenticationManager"/>
</property>
<property name="authenticationFailureUrl">
<value>/error.htm</value>
</property>
<property name="defaultTargetUrl">
<value>/</value>
</property>
<property name="filterProcessesUrl">
<value>/j_acegi_cas_security_check</value>
</property>
<property name="rememberMeServices" ref="rememberMeServices"/>
</bean>
<bean id="securityContextHolderAwareRequestFilter" class="org.acegisecurity.wrapper.SecurityContextHolderAwareRequestFilter"/>
<bean id="rememberMeProcessingFilter" class="org.acegisecurity.ui.rememberme.RememberMeProcessingFilter">
<property name="authenticationManager" ref="authenticationManager" />
<property name="rememberMeServices" ref="rememberMeServices"/>
</bean>
<bean id="anonymousProcessingFilter" class="org.acegisecurity.providers.anonymous.AnonymousProcessingFilter">
<property name="key" value="anonymous"/>
<property name="userAttribute" value="anonymousUser,ROLE_ANONYMOUS"/>
</bean>
<bean id="exceptionTranslationFilter" class="org.acegisecurity.ui.ExceptionTranslationFilter">
<property name="authenticationEntryPoint">
<ref local="casProcessingFilterEntryPoint"/>
</property>
</bean>
<bean id="filterInvocationInterceptor" class="org.acegisecurity.intercept.web.FilterSecurityInterceptor">
<property name="authenticationManager" ref="authenticationManager"/>
<property name="accessDecisionManager" ref="accessDecisionManager"/>
<property name="objectDefinitionSource">
<value>
PATTERN_TYPE_APACHE_ANT
/secure/**=ROLE_SUPERVISOR
/secure/**=IS_AUTHENTICATED_REMEMBERED
/**=IS_AUTHENTICATED_ANONYMOUSLY</value>
</property>
</bean>
<!--认证管理器-->
<bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager">
<property name="providers">
<list>
<ref local="casAuthenticationProvider"/>
</list>
</property>
</bean>
<!--访问决策管理器:当至少有一个投票者投允许访问票时允许访问-->
<bean id="accessDecisionManager" class="org.acegisecurity.vote.AffirmativeBased">
<!--当所有投票者都投弃权票时则允许访问-->
<property name="allowIfAllAbstainDecisions" value="true"/>
<!--投票者集合-->
<property name="decisionVoters">
<list>
<bean class="org.acegisecurity.vote.RoleVoter"/>
<bean class="org.acegisecurity.vote.AuthenticatedVoter"/>
</list>
</property>
</bean>
<bean id="rememberMeServices" class="org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices">
<property name="userDetailsService" ref="userDetailsService"/>
<property name="key" value="anonymous"/>
</bean>
<!--认证管理器的提供者--中心认证服务-->
<bean id="casAuthenticationProvider" class="org.acegisecurity.providers.cas.CasAuthenticationProvider">
<property name="ticketValidator">
<ref local="casProxyTicketValidator"/>
</property>
<property name="casProxyDecider">
<ref local="casProxyDecider"/>
</property>
<property name="statelessTicketCache">
<ref local="statelessTicketCache"/>
</property>
<property name="casAuthoritiesPopulator">
<ref local="casAuthoritiesPopulator"/>
</property>
<property name="key">
<value>anonymous</value>
</property>
</bean>
<!--票据验证器-->
<bean id="casProxyTicketValidator" class="org.acegisecurity.providers.cas.ticketvalidator.CasProxyTicketValidator">
<property name="casValidate">
<value>https://localhost:8443/casserver/proxyValidate</value>
</property>
<property name="serviceProperties">
<ref local="serviceProperties"/>
</property>
</bean>
<!--票据代理服务-->
<bean id="casProxyDecider" class="org.acegisecurity.providers.cas.proxy.RejectProxyTickets"/>
<!--票据缓存器-->
<bean id="statelessTicketCache" class="org.acegisecurity.providers.cas.cache.EhCacheBasedTicketCache">
<property name="cache">
<bean class="org.springframework.cache.ehcache.EhCacheFactoryBean">
<property name="cacheManager">
<bean class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean"/>
</property>
<property name="cacheName" value="userCache"/>
</bean>
</property>
</bean>
<!--用户的权限分配-->
<bean id="casAuthoritiesPopulator" class="org.acegisecurity.providers.cas.populator.DaoCasAuthoritiesPopulator">
<property name="userDetailsService">
<ref bean="userDetailsService"/>
</property>
</bean>
<bean id="userDetailsService" class="com.ruiteng.secure.UserServiceImpl"/>
<!--验证身份的入口点-->
<bean id="casProcessingFilterEntryPoint" class="org.acegisecurity.ui.cas.CasProcessingFilterEntryPoint">
<property name="loginUrl">
<value>https://localhost:8443/casserver/login</value>
</property>
<property name="serviceProperties">
<ref local="serviceProperties"/>
</property>
</bean>
<!--验证成功后重定向的页面-->
<bean id="serviceProperties" class="org.acegisecurity.ui.cas.ServiceProperties">
<property name="service">
<value>https://localhost:8443/two/j_acegi_cas_security_check</value>
</property>
<property name="sendRenew">
<value>false</value>
</property>
</bean>
</beans>
...全文
请发表友善的回复…
发表回复
SINCE1978 2007-11-29
- 打赏
- 举报
关注
不会
友情
帮顶
不会
友情
帮顶
