1、今天在和客户联调时发现个问题,就是cas的不拦截失效,所有的方法都被拦截了,原因就是
web.xml配置如下:
如上可以看出,cas拦截了所有的路径,不拦截的配置并没有起到作用。
2、解决办法:这样的问题首先要搞懂原理,底层代码的编写,首先准备一个反编译工具Java Decompiler ,打开后可以看到:
如上图,这个是cas-client-3.1.3的jar包的子方法,它这个和3.2.1/3.4.1都有不同,本人也解决了很久,因为这个3.1.3版本在maven仓库是没有的,客户用这个版本,没办法。不然就会存在cas接收不到登出的信息。找到这个authentication方法,它主要就是cas的核心,拦截、请求解析等。
3、现在重写这个方法
Java代码如下:
package com.dossp.ods.common.util;
import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.logging.Log;
import org.jasig.cas.client.util.AbstractCasFilter;
import org.jasig.cas.client.util.CommonUtils;
import org.jasig.cas.client.validation.Assertion;
public class AuthenticationFilterWithExcludeUrl
extends AbstractCasFilter
{
private String[] excludePaths;//要排除的url路径
public static final String CONST_CAS_GATEWAY = "_const_cas_gateway_";
private String casServerLoginUrl;
private boolean renew = false;
private boolean gateway = false;
protected void initInternal(FilterConfig filterConfig)
throws ServletException
{
super.initInternal(filterConfig);
setCasServerLoginUrl(getPropertyFromInitParams(filterConfig, "casServerLoginUrl", null));
this.log.trace("Loaded CasServerLoginUrl parameter: " + this.casServerLoginUrl);
setRenew(Boolean.parseBoolean(getPropertyFromInitParams(filterConfig, "renew", "false")));
this.log.trace("Loaded renew parameter: " + this.renew);
setGateway(Boolean.parseBoolean(getPropertyFromInitParams(filterConfig, "gateway", "false")));
this.log.trace("Loaded gateway parameter: " + this.gateway);
super.initInternal(filterConfig);
//从web.xml中解析出init-param要排除的url配置
String _excludePaths = getPropertyFromInitParams(filterConfig, "exceptPaths", null);// filterConfig.getInitParameter("excludePaths");
System.out.println(_excludePaths+"---=-=");
if(CommonUtils.isNotBlank(_excludePaths)){
setExcludePaths(_excludePaths.trim().split(","));
}
}
public void init()
{
super.init();
CommonUtils.assertNotNull(this.casServerLoginUrl, "casServerLoginUrl cannot be null.");
}
public final void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain)
throws IOException, ServletException
{
HttpServletRequest request = (HttpServletRequest)servletRequest;
HttpServletResponse response = (HttpServletResponse)servletResponse;
HttpSession session = request.getSession(false);
String ticket = request.getParameter(getArtifactParameterName());
Assertion assertion = session != null ? (Assertion)session.getAttribute("_const_cas_assertion_") : null;
//拦截器过滤修改************begin********************
String uri = request.getRequestURI();
System.out.println(uri+"======");
boolean isInWhiteList = false;
if(excludePaths!=null && excludePaths.length>0 && uri!=null){
for(String path : excludePaths){
if(CommonUtils.isNotBlank(path)){
isInWhiteList = uri.indexOf(path.trim())>-1;
if(isInWhiteList){
break;
}
}
}
}
if(isInWhiteList){
filterChain.doFilter(request, response);
return;
}
//拦截器过滤修改************end********************************
boolean wasGatewayed = (session != null) && (session.getAttribute("_const_cas_gateway_") != null);
if ((CommonUtils.isBlank(ticket)) && (assertion == null) && (!wasGatewayed))
{
this.log.debug("no ticket and no assertion found");
if (this.gateway)
{
this.log.debug("setting gateway attribute in session");
request.getSession(true).setAttribute("_const_cas_gateway_", "yes");
}
String serviceUrl = constructServiceUrl(request, response);
if (this.log.isDebugEnabled()) {
this.log.debug("Constructed service url: " + serviceUrl);
}
String urlToRedirectTo = CommonUtils.constructRedirectUrl(this.casServerLoginUrl, getServiceParameterName(), serviceUrl, this.renew, this.gateway);
if (this.log.isDebugEnabled()) {
this.log.debug("redirecting to \"" + urlToRedirectTo + "\"");
}
response.sendRedirect(urlToRedirectTo);
return;
}
if (session != null)
{
this.log.debug("removing gateway attribute from session");
session.setAttribute("_const_cas_gateway_", null);
}
filterChain.doFilter(request, response);
}
public final void setRenew(boolean renew)
{
this.renew = renew;
}
public final void setGateway(boolean gateway)
{
this.gateway = gateway;
}
public final void setCasServerLoginUrl(String casServerLoginUrl)
{
this.casServerLoginUrl = casServerLoginUrl;
}
public String[] getExcludePaths() {
return excludePaths;
}
public void setExcludePaths(String[] excludePaths) {
this.excludePaths = excludePaths;
}
}
其中:
这个是对配置文件中配置的地址进行获取,
这个是对请求进行接收,验证、不拦截。
4、web.xml文件中要配置不拦截的地址(相对地址 request.getRequestURI()---绝对地址 request.getRequestURL()),根据自己项目的需要进行修改。
配置如下:
大功告成,问题解决。