标签:
Web.xml
<filter> <filter-name>CASFilter</filter-name> <filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class> <init-param> <param-name>casServerLoginUrl</param-name> <param-value>http://www.myCas.com:18080/login</param-value> </init-param> <init-param> <param-name>serverName</param-name> <param-value>http://ciat.padx.cn:8080</param-value> </init-param> <init-param> <param-name>exclusions</param-name> <param-value>/globle-login.action</param-value> </init-param> </filter>
客户端AuthenticationFilter.java
添加
private Set<String> exclusionSet = null; private String exclusions = null;
修改方法
protected void initInternal(final FilterConfig filterConfig) throws ServletException { if (!isIgnoreInitConfiguration()) { super.initInternal(filterConfig); setCasServerLoginUrl(getPropertyFromInitParams(filterConfig, "casServerLoginUrl", null)); log.trace("Loaded CasServerLoginUrl parameter: " + this.casServerLoginUrl); setRenew(parseBoolean(getPropertyFromInitParams(filterConfig, "renew", "false"))); log.trace("Loaded renew parameter: " + this.renew); setGateway(parseBoolean(getPropertyFromInitParams(filterConfig, "gateway", "false"))); log.trace("Loaded gateway parameter: " + this.gateway); //获取需要过滤拦截地址===================== setExclusions(getPropertyFromInitParams(filterConfig, "exclusions", null)); if((exclusions != null) && exclusions.trim().length() > 0) { String[] exclusionArray = exclusions.split(","); if(exclusionArray != null && exclusionArray.length > 0){ exclusionSet = new HashSet<String>(); for (String exclusionUrl : exclusionArray) { exclusionSet.add(exclusionUrl); } } } //================================== final String gatewayStorageClass = getPropertyFromInitParams(filterConfig, "gatewayStorageClass", null); if (gatewayStorageClass != null) { try { this.gatewayStorage = (GatewayResolver) Class.forName(gatewayStorageClass).newInstance(); } catch (final Exception e) { log.error(e,e); throw new ServletException(e); } } } }
添加
/** * 判断请求地址是否拦截 * @param request * @return * @throws IOException * @throws ServletException */ private boolean isExclusion(HttpServletRequest request) throws IOException, ServletException { String servletPath = request.getServletPath(); //返回true不需要拦截,返回false需要拦截 if(exclusionSet == null) { return false; } return exclusionSet.contains(servletPath); }
doFiler 添加
if(isExclusion(request)){ filterChain.doFilter(request, response); return; }
方法二、排除从文件读取
private void initNoNeedLoginHashSet() { try { URL url = AuthenticationFilter.class.getClassLoader().getResource("NoNeedLogin.txt"); File file = new File(url.getFile()); FileReader fReader = new FileReader(file); BufferedReader br = new BufferedReader(fReader); String line = null; exclusionSet = new HashSet<String>(); while ((line = br.readLine()) != null) { if (line.startsWith("--")) { continue; } exclusionSet.add(line); } System.out.println("成功加载系统非权限资源配置文件......"); } catch (FileNotFoundException e) { System.out.println("读取NoNeedLogin.txt文件错误"); e.printStackTrace(); } catch (IOException e) { System.out.println("读取NoNeedLogin.txt文件错误"); e.printStackTrace(); } }
【SSO单点系列】(9):CAS4.0 之客户端排除不需要过滤的路径
标签:
原文地址:http://www.cnblogs.com/hedgehog105/p/5417929.html
