CAS服务端配置了mysql 用户名密码验证,去掉了https校验。
客户端端通过配置web.xml相关filter。其中注意,我配置了
Cas20ProxyReceivingTicketValidationFilter
客户端是通过
cas-client-core-3.4.1.jar!CommonUtils的
getResponseFromServer(URL constructedUrl, HttpURLConnectionFactory factory, String encoding)
方法获取服务端返回的流信息,但是问题是始终返回不了其他用户属性信息。
我也是抱着试一试的态度,把
Cas20ProxyReceivingTicketValidationFilter
换成了
Cas30ProxyReceivingTicketValidationFilter
,测试成功,返回了相关用户信息。
这里记录一下,目前
Cas20ProxyReceivingTicketValidationFilter为什么没有获取到额外用户信息,没有找到原因。先用着,没有时间去一行行找问题了。
后面看源码发现,
protected void prepareMergedOutputModel(Map<String, Object> model, HttpServletRequest request, HttpServletResponse response) throws Exception { super.prepareMergedOutputModel(model, request, response); Service service = super.getServiceFrom(model); RegisteredService registeredService = this.servicesManager.findServiceBy(service); Map<String, Object> attributes = new HashMap(this.getPrincipalAttributesAsMultiValuedAttributes(model)); attributes.put("authenticationDate", Collections.singleton(this.getAuthenticationDate(model))); attributes.put("isFromNewLogin", Collections.singleton(Boolean.valueOf(this.isAssertionBackedByNewLogin(model)))); attributes.put("longTermAuthenticationRequestTokenUsed", Collections.singleton(Boolean.valueOf(this.isRememberMeAuthentication(model)))); this.decideIfCredentialPasswordShouldBeReleasedAsAttribute(attributes, model, registeredService); this.decideIfProxyGrantingTicketShouldBeReleasedAsAttribute(attributes, model, registeredService); super.putIntoModel(model, "attributes", this.casAttributeEncoder.encodeAttributes(attributes, this.getServiceFrom(model))); }
大概问题就在这里了。