spring security 集成cas ，設定首頁和login/cas允許匿名通過過濾鏈，首頁可進，login/cas 報401錯誤-有解無憂

spring security 集成cas ，設定首頁和login/cas允許匿名通過過濾鏈，首頁可進，login/cas 報401錯誤
security配置如下
http
                //僅針對/oauth/authorize,/login進行配置，其他按默認配置
                .requestMatchers()
                //這邊若配置上，則會自動跳轉授權登錄頁面
                .antMatchers("/**")
                .and()
                .authorizeRequests()
//                .antMatchers("/user/**")
//                .hasRole("user")
//                .antMatchers("/login/cas")
                .antMatchers("/*","login/cas","/document/**","/category/**")
                .permitAll()
                .anyRequest().authenticated()
                .and()
                .exceptionHandling()
                .authenticationEntryPoint(authenticationEntryPoint)
                .and()
                .addFilter(casAuthenticationFilter)
                .addFilterBefore(singleSignOutFilter, CasAuthenticationFilter.class)
                .addFilterBefore(logoutFilter, LogoutFilter.class);

cas 配置如下

@Configuration
public class CasSecurityConfig {
    @Autowired
    CASClientProperties casClientProperties;
    @Autowired
    CASServerProperties casServerProperties;
    @Autowired
    UserDetailsService userDetailService;

    @Bean
    ServiceProperties serviceProperties() {
        ServiceProperties serviceProperties = new ServiceProperties();
        serviceProperties.setService(casClientProperties.getLogin());
        return serviceProperties;
    }

    @Bean
    @Primary
    AuthenticationEntryPoint authenticationEntryPoint() {
        CasAuthenticationEntryPoint entryPoint = new CasAuthenticationEntryPoint();
        entryPoint.setLoginUrl(casServerProperties.getLogin());
        entryPoint.setServiceProperties(serviceProperties());
        return entryPoint;
    }

    @Bean
    TicketValidator ticketValidator() {
        return new Cas20ProxyTicketValidator(casServerProperties.getPrefix());
    }

    @Bean
    @Primary
    CasAuthenticationProvider casAuthenticationProvider() {
        CasAuthenticationProvider provider = new CasAuthenticationProvider();
        provider.setServiceProperties(serviceProperties());
        provider.setTicketValidator(ticketValidator());
        provider.setUserDetailsService(userDetailService);
        provider.setKey("dddd");
        return provider;
    }
    @Bean
    CasAuthenticationFilter casAuthenticationFilter(AuthenticationProvider authenticationProvider) {
        CasAuthenticationFilter filter = new CasAuthenticationFilter();
        filter.setServiceProperties(serviceProperties());
        List<AuthenticationProvider> dd= Arrays.asList(authenticationProvider);
        filter.setAuthenticationManager(new ProviderManager(dd));
        return filter;
    }

    @Bean
    SingleSignOutFilter singleSignOutFilter() {
        SingleSignOutFilter sign = new SingleSignOutFilter();
        sign.setIgnoreInitConfiguration(true);
        return sign;
    }
    @Bean
    LogoutFilter logoutFilter() {
        LogoutFilter filter = new LogoutFilter(casServerProperties.getLogout(), new SecurityContextLogoutHandler());
        filter.setFilterProcessesUrl(casClientProperties.getLogoutRelative());
        return filter;
    }

}

轉載請註明出處，本文鏈接：https://www.uj5u.com/houduan/169751.html

標籤：Java SE

上一篇：求教一個關于誰在使用系統的問題。

下一篇：小米10青春版和紅米k30 5g版哪個好？