历史版本35 :配置 FineReport 作为 CAS 客户端 返回文档
编辑时间: 内容长度:图片数:目录数: 修改原因:

目录:

1. 描述编辑

制作完上述步骤后,下面我们来看下如何将FR与CAS单点登录结合。

2. 实现过程编辑

2.1 拷贝jar
将cas两个client-jar包和%Java_HOME%\jdk\lib\tools.jar都拷贝到%TOMCAT_HOME%\webapps\webroot\WEB-INF\lib下,如下图:
222
2.2 添加web.xml
%TOMCAT_HOME%\webapps\webroot\WEB-INF目录下新建web.xml文件,内容如下:
<?xml version="1.0" encoding="UTF-8"?> <web-app xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd" version="2.4"> <display-name>Template WebApp</display-name> <mime-mapping> <extension>msi</extension> <mime-type>application/x-msi</mime-type> </mime-mapping> <filter> <filter-name>CASFilter</filter-name> <filter-class>edu.yale.its.tp.cas.client.filter.CASFilter</filter-class> <init-param> <param-name>edu.yale.its.tp.cas.client.filter.loginUrl</param-name> <param-value>https://josie:8443/cas/login</param-value> <!--cas提供登陆页面的url--> </init-param> <init-param> <param-name>edu.yale.its.tp.cas.client.filter.validateUrl</param-name> <param-value>https://josie:8443/cas/proxyValidate</param-value> <!--cas提供service ticker或者proxy ticket验证服务的url--> </init-param> <init-param> <param-name>edu.yale.its.tp.cas.client.filter.serverName</param-name> <param-value>josie:8443</param-value> <!--客户端应用的域名和端口--> </init-param> </filter> <filter-mapping> <filter-name>CASFilter</filter-name> <url-pattern>/decision</url-pattern> <url-pattern>/decision/login</url-pattern> </filter-mapping> <filter> <filter-name>FrFilter</filter-name> <filter-class>com.fr.FrFilter</filter-class> </filter> <filter-mapping> <filter-name>FrFilter</filter-name> <url-pattern>/decision</url-pattern> </filter-mapping> </web-app>
222
注:其中josie为个人配置的域名,请按照个人设置进行修改。
添加过滤信息,java代码如下:
package com.fr; import com.fr.data.NetworkHelper; import com.fr.decision.mobile.terminal.TerminalHandler; import com.fr.decision.webservice.utils.DecisionServiceConstants; import com.fr.decision.webservice.v10.login.LoginService; import com.fr.general.ComparatorUtils; import com.fr.log.FineLoggerFactory; import com.fr.security.JwtUtils; import com.fr.stable.StringUtils; import com.fr.stable.web.Device; import org.jasig.cas.client.validation.Assertion; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import java.io.IOException; /** * Created by Zed on 2018/9/11. */ public class FrFilter implements Filter { public FrFilter() { } @Override public void init(FilterConfig filterConfig) throws ServletException { } @Override public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { FineLoggerFactory.getLogger().info("fr cas login"); HttpServletRequest req = (HttpServletRequest) servletRequest; HttpServletResponse res = (HttpServletResponse) servletResponse; HttpSession session = req.getSession(true); FineLoggerFactory.getLogger().info("URL:" + req.getRequestURI()); String username; //获取cas传递过来的username Object object = req.getSession().getAttribute("_const_cas_assertion_"); if (object != null) { Assertion assertion = (Assertion) object; username = assertion.getPrincipal().getName(); } else { username = (String) session.getAttribute("edu.yale.its.tp.cas.client.filter.user"); } try { //用户名为空,登录请求有问题,直接报错 if (StringUtils.isNotEmpty(username)) { FineLoggerFactory.getLogger().error("username:" + username); //获取请求携带的token Object oldToken = session.getAttribute(DecisionServiceConstants.FINE_AUTH_TOKEN_NAME); //token不存在,或者token过期了,走后台登录方法 if (oldToken == null || !checkTokenValid(req, (String) oldToken, username)) { login(req, res, session, username); filterChain.doFilter(req, res); } else { //放行 filterChain.doFilter(req, res); FineLoggerFactory.getLogger().info("no need"); } } else { throw new Exception("username is empty"); } } catch (Exception e) { FineLoggerFactory.getLogger().error(e.getMessage(), e); } } /** * 后台登录方法 */ private void login(HttpServletRequest req, HttpServletResponse res, HttpSession session, String username) throws Exception { String token = LoginService.getInstance().login(req, res, username); session.setAttribute(DecisionServiceConstants.FINE_AUTH_TOKEN_NAME, token); FineLoggerFactory.getLogger().info("fr FrFilter is over with username is ###" + username); } /** * 校验token是否有效 */ private boolean checkTokenValid(HttpServletRequest req, String token, String currentUserName) { try { //当前登录用户和token对应的用户名不同,需要重新生成token if (!ComparatorUtils.equals(currentUserName, JwtUtils.parseJWT(token).getSubject())) { FineLoggerFactory.getLogger().info("username changed:" + currentUserName); return false; } Device device = NetworkHelper.getDevice(req); LoginService.getInstance().loginStatusValid(token, TerminalHandler.getTerminal(req, device)); return true; } catch (Exception ignore) { } return false; } @Override public void destroy() { } }

FrFilter.java编译成class文件,并放在%TOMCAT_HOME%\webroot\WEB-INF\classes\com\fr目录下。

点击下载FrFilter.class

222

2.3 测试
最后启动tomcat服务器,在浏览器中输入:https://localhost:8443/webroot/decision即进入了cas登录界面,通过cas认证后,FRFilter会看用户名是否在fs的用户中,如果在,则登录成功,否则提示凭证有误,如下图:
222