HDC调试需求开发（15万预算）,能者速来！>>>


开发环境:cas 4.0+shiro 1.2 +spring 4
cas+shiro cas服务器登录成功了但是子系统无法进入初步判断是子系统收到用户登录信息,配置文件如下： <?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.2.xsd" default-lazy-init="true"> <description>Shiro安全配置</description> <!-- 会话管理器 --> <!-- 会话ID生成器 --> <bean id="sessionIdGenerator" class="org.apache.shiro.session.mgt.eis.JavaUuidSessionIdGenerator"/> <!-- 会话Cookie模板 --> <bean id="sessionIdCookie" class="org.apache.shiro.web.servlet.SimpleCookie"> <constructor-arg value="sid"/> <property name="httpOnly" value="true"/> <property name="maxAge" value="-1"/> </bean> <bean id="rememberMeCookie" class="org.apache.shiro.web.servlet.SimpleCookie"> <constructor-arg value="rememberMe"/> <property name="httpOnly" value="true"/> <property name="maxAge" value="2592000"/><!-- 30天 --> </bean> <!-- rememberMe管理器 --> <bean id="rememberMeManager" class="org.apache.shiro.web.mgt.CookieRememberMeManager"> <!-- rememberMe cookie加密的密钥 建议每个项目都不一样 默认AES算法 密钥长度（128 256 512 位）--> <property name="cipherKey" value="#{T(org.apache.shiro.codec.Base64).decode('4AvVhmFLUs0KTA3Kprsdag==')}"/> <property name="cookie" ref="rememberMeCookie"/> </bean> <!-- 会话DAO --> <bean id="sessionDAO" class="org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO"> <property name="activeSessionsCacheName" value="shiro-activeSessionCache"/> <property name="sessionIdGenerator" ref="sessionIdGenerator"/> </bean> <!-- 会话验证调度器 --> <!-- <bean id="sessionValidationScheduler" class="org.apache.shiro.session.mgt.quartz.QuartzSessionValidationScheduler"> <property name="sessionValidationInterval" value="1800000"/> <property name="sessionManager" ref="sessionManager"/> </bean> --> <!-- 会话管理器 --> <bean id="sessionManager" class="org.apache.shiro.web.session.mgt.DefaultWebSessionManager"> <property name="globalSessionTimeout" value="1800000"/> <property name="deleteInvalidSessions" value="true"/> <!-- <property name="sessionValidationSchedulerEnabled" value="true"/> --> <!-- <property name="sessionValidationScheduler" ref="sessionValidationScheduler"/> --> <property name="sessionDAO" ref="sessionDAO"/> <property name="sessionIdCookieEnabled" value="true"/> <property name="sessionIdCookie" ref="sessionIdCookie"/> </bean> <bean id="shiroDbRealm" class="net.hp.es.adm.healthcare.rphcp.shiro.ShiroDbCasRealm" depends-on="userDAO, userRoleDAO, organizationRoleDAO, roleDAO"> <property name="userService" ref="userServiceImpl" /> <property name="userRoleService" ref="userRoleServiceImpl" /> <property name="roleService" ref="roleServiceImpl" /> <property name="organizationRoleService" ref="organizationRoleServiceImpl" /> <property name="cachingEnabled" value="true" /> <property name="authenticationCachingEnabled" value="true" /> <property name="authenticationCacheName" value="authenticationCache" /> <property name="authorizationCachingEnabled" value="true" /> <property name="authorizationCacheName" value="authorizationCache" /> <property name="casServerUrlPrefix" value="https://sso.h-guiyang.com:8443/cas" /> <property name="casService" value="http://admin.h-guiyang.com:8081/admin/" /> <!-- 是否使用验证码 --> <property name="useCaptcha" value="false" /> <!-- 是否激活超级用户，生成环境建议关闭该功能 --> <property name="activeRoot" value="false" /> </bean> <!-- Shiro Filter --> <bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean"> <property name="securityManager" ref="securityManager" /> <property name="loginUrl" value="https://sso.h-guiyang.com:8443/cas/login?service=http://admin.h-guiyang.com:8081/admin/" /> <property name="successUrl" value="http://admin.h-guiyang.com:8081/admin/"></property> <!--当前应用CAS服务URL，即用于接收并处理登录成功后的Ticket --> <property name="filters"> <map> <entry key="authc" value-ref="formAuthenticationFilter"/> <entry key="authcUser" value-ref="authcUserFilter" /> <entry key="casFilter" value-ref="casFilter" /> <!-- 是否启用验证码检验 --> <!--<entry key="authc" value-ref="captchaFormAuthenticationFilter"/> --> <!--<entry key="user" value-ref="dWZUserFilter" />--> </map> </property> <property name="filterChainDefinitions"> <value> /admin* = casFilter <!-- /ehrLoginSSO/**= anon --> <!-- /unauthorized = anon --> <!-- /loginSSO/**= anon --> /Captcha.jpg = anon /styles/**= anon /ws/** = anon /resources/** = anon /styles/** = anon <!-- /** = anon --> <!-- /login/timeout = anon --> /login = authc <!-- /** = authc --> <!-- /logout = logout --> <!-- /** = user --> /**=anon,authcUser </value> </property> </bean> <bean id="casSubjectFactory" class="org.apache.shiro.cas.CasSubjectFactory" /> <!-- Shiro's main business-tier object for web-enabled applications --> <bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager"> <property name="realm" ref="shiroDbRealm" /> <property name="cacheManager" ref="shiroEhcacheManager" /> <property name="sessionManager" ref="sessionManager"/> <property name="rememberMeManager" ref="rememberMeManager"/> <property name="subjectFactory" ref="casSubjectFactory" /> </bean> <!-- 項目自定义的Realm --> <!-- <bean id="shiroDbRealm" class="net.hp.es.adm.healthcare.rphcp.shiro.ShiroDbRealm" depends-on="userDAO, userRoleDAO, organizationRoleDAO, roleDAO"> <property name="userService" ref="userServiceImpl"/> <property name="userRoleService" ref="userRoleServiceImpl"/> <property name="roleService" ref="roleServiceImpl"/> <property name="organizationRoleService" ref="organizationRoleServiceImpl"/> <property name="casServerUrlPrefix" value="https://localhost:8443/cas"/> <property name="casService" value="/management/index"/> 是否使用验证码 <property name="useCaptcha" value="false"/> 是否激活超级用户，生成环境建议关闭该功能 <property name="activeRoot" value="false"/> </bean> --> <!-- 单点登录过滤器 --> <bean id="casFilter" class="org.apache.shiro.cas.CasFilter"> <property name="failureUrl" value="/WEB-INF/views/error/500.jsp" /> </bean> <!-- 单点登录设置 --> <bean id="authcUserFilter" class="net.hp.es.adm.healthcare.rphcp.shiro.AuthcUserFilter"/> <!-- 用户授权信息Cache, 采用EhCache --> <bean id="shiroEhcacheManager" class="org.apache.shiro.cache.ehcache.EhCacheManager"> <property name="cacheManagerConfigFile" value="classpath:ehcache/ehcache-shiro.xml" /> </bean> <bean id="formAuthenticationFilter" class="net.hp.es.adm.healthcare.rphcp.shiro.BaseFormAuthenticationFilter" /> <!-- <bean id="captchaFormAuthenticationFilter" class="net.hp.es.adm.healthcare.rphcp.shiro.CaptchaFormAuthenticationFilter"/> --> <!--<bean id="dWZUserFilter" class="net.hp.es.adm.healthcare.rphcp.shiro.DWZUserFilter" /> --> <!-- 保证实现了Shiro内部lifecycle函数的bean执行 --> <bean class="org.springframework.beans.factory.config.MethodInvokingFactoryBean"> <property name="staticMethod" value="org.apache.shiro.SecurityUtils.setSecurityManager"/> <property name="arguments" ref="securityManager"/> </bean> </beans>
spring 配置文件如下:
<?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:context="http://www.springframework.org/schema/context" xmlns:mvc="http://www.springframework.org/schema/mvc" xmlns:aop="http://www.springframework.org/schema/aop" xsi:schemaLocation="http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-3.2.xsd http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.2.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.2.xsd http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.2.xsd"> <!-- 自动扫描且只扫描@Controller --> <!-- 加入定制化包实体路径com.sample --> <context:component-scan base-package="net.hp.es.adm.healthcare" use-default-filters="false"> <context:include-filter type="annotation" expression="org.springframework.stereotype.Controller"/> <context:include-filter type="annotation" expression="org.springframework.web.bind.annotation.ControllerAdvice"/> </context:component-scan> <!-- 系统日志跟踪功能 --> <bean id="log4JDBCImpl" class="net.hp.es.adm.healthcare.rphcp.log.impl.Log4JDBCImpl" > <property name="logInfoService" ref="logInfoServiceImpl"/> <property name="rootLogLevel" value="ERROR"/> <property name="customLogLevel"> <map> <entry key="net.hp.es.adm.healthcare.rphcp" value="TRACE" /> </map> </property> </bean> <mvc:interceptors> <!-- 监控运行时间 --> <!-- <mvc:interceptor> <mvc:mapping path="/**" /> <bean class="net.hp.es.adm.healthcare.rphcp.spring.ExecuteTimeInterceptor" /> </mvc:interceptor> --> <!-- 日志拦截记录 --> <mvc:interceptor> <mvc:mapping path="/management/**" /> <mvc:mapping path="/login/timeout/success"/> <bean class="net.hp.es.adm.healthcare.rphcp.log.spring.LogInterceptor" > <property name="logAPI" ref="log4JDBCImpl"/> </bean> </mvc:interceptor> <!-- 数据权限验证 --> <mvc:interceptor> <mvc:mapping path="/**" /> <bean class="net.hp.es.adm.healthcare.rphcp.spring.DataControlInterceptor" /> </mvc:interceptor> </mvc:interceptors> <mvc:annotation-driven> <mvc:message-converters register-defaults="true"> <bean class="org.springframework.http.converter.StringHttpMessageConverter"> <constructor-arg value="UTF-8" /> </bean> </mvc:message-converters> </mvc:annotation-driven> <bean id="multipartResolver" class="org.springframework.web.multipart.commons.CommonsMultipartResolver"> <property name="defaultEncoding"> <value>UTF-8</value> </property> <property name="maxUploadSize"> <value>1048576</value><!-- 上传文件大小限制为1M，1*1024*1024 --> </property> <property name="maxInMemorySize"> <value>4096</value> </property> </bean> <!-- 容器默认的DefaultServletHandler处理 所有静态内容与无RequestMapping处理的URL--> <mvc:default-servlet-handler/> <!-- 定义JSP文件的位置 --> <bean class="org.springframework.web.servlet.view.InternalResourceViewResolver"> <property name="prefix" value="/WEB-INF/views/"/> <property name="suffix" value=".jsp"/> </bean> <!-- 定义无Controller的path<->view直接映射 --> <mvc:view-controller path="/" view-name="redirect:/management/index"/> <!-- 全局异常配置 start --> <bean id="exceptionResolver" class="org.springframework.web.servlet.handler.SimpleMappingExceptionResolver"> <property name="exceptionMappings"> <props> <prop key="org.apache.shiro.authz.UnauthorizedException">error/403</prop> <prop key="java.lang.Throwable">error/500</prop> </props> </property> <property name="statusCodes"> <props> <prop key="500">500</prop> <prop key="404">404</prop> <prop key="403">403</prop> </props> </property> <!-- 设置日志输出级别，不定义则默认不输出警告等错误日志信息 --> <property name="warnLogCategory" value="org.springframework.web.servlet.handler.SimpleMappingExceptionResolver"/> <!-- 默认错误页面，当找不到上面mappings中指定的异常对应视图时，使用本默认配置 --> <property name="defaultErrorView" value="error/500"/> <!-- 默认HTTP状态码 ，返回错误默认设置的状态码--> <property name="defaultStatusCode" value="200"/> </bean> <!-- 全局异常配置 end --> <bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor" /> <!-- 支持 Shiro对Controller的方法级AOP安全控制 begin--> <bean class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator" depends-on="lifecycleBeanPostProcessor"> <property name="proxyTargetClass" value="true" /> </bean> <bean class="org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor"> <property name="securityManager" ref="securityManager"/> </bean> <!-- 支持 Shiro对Controller的方法级AOP安全控制 end --> </beans>



在调试过程中发现单点认证成功以后没有进入relam 很奇怪，不知道是不是这里引起request.getUserPrical() 为空，相当于cas的用户信息shiro 没有接收到，麻烦各位大神帮帮忙！！！！！