我已成功设置 CAS 服务器。我想验证用户的安全服务(在 Spring 应用程序中),所以使用 RESTful API 来获取用户的票证。我可以通过两步调用 cas/v1/tickets 和 cas/v1/tickets/{TGT} 来获得票证以获取安全服务,但是当我尝试使用生成的票证调用该服务时,例如
localhost:8080/secure1?ticket?ST-ttyyy..." 返回 cas 登录页面的响应内容。
我想,我的配置中也缺少一些要点
我的 spring 应用程序或 cas 配置中的“services.xml”。
春季应用程序设置.xml
<bean id="pgtStorage" class="org.jasig.cas.client.proxy.ProxyGrantingTicketStorageImpl"/>
<bean id="serviceProperties" class="org.springframework.security.cas.ServiceProperties">
<property name="service" value="http://localhost:8080/EFormRestServer/business/user/10000007" />
<property name="sendRenew" value="false" />
<property name="artifactParameter" value="ticket"/>
</bean>
<security:http create-session="stateless" use-expressions="true" entry-point-ref="casEntryPoint">
<security:anonymous enabled="true" />
<security:custom-filter position="CAS_FILTER" ref="casFilter" />
</security:http>
<bean id="casFilter"
class="org.springframework.security.cas.web.CasAuthenticationFilter">
<property name="authenticationManager" ref="authenticationManager" />
<property name="proxyGrantingTicketStorage" ref="pgtStorage"/>
<property name="proxyReceptorUrl" value="/business/test"/>
<property name="serviceProperties" ref="serviceProperties"/>
<property name="authenticationDetailsSource">
<bean class=
"org.springframework.security.cas.web.authentication.ServiceAuthenticationDetailsSource"/>
</property>
</bean>
<bean id="casEntryPoint"
class="org.springframework.security.cas.web.CasAuthenticationEntryPoint">
<property name="loginUrl"
value="http://localhost:8080/cas/login" />
<property name="serviceProperties" ref="serviceProperties" />
</bean>
<!-- To delegate authorization to method calls rather than to urls -->
<!-- (Thus, we don't need to set any url-interceptor in this conf) -->
<security:global-method-security pre-post-annotations="enabled" />
<bean id="restAuthenticationEntryPoint" class="com.eform.rest.service.RESTAuthenticationEntryPoint" />
<bean id="myFilter" class="org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter">
<property name="authenticationManager" ref="authenticationManager" />
</bean>
<bean id="casAuthenticationProvider"
class="org.springframework.security.cas.authentication.CasAuthenticationProvider">
<property name="userDetailsService" ref="userService" />
<property name="serviceProperties" ref="serviceProperties" />
<property name="ticketValidator">
<bean class="org.jasig.cas.client.validation.Cas20ProxyTicketValidator">
<constructor-arg value="https://localhost:8443/cas"/>
<property name="proxyCallbackUrl"
value="localhost:8080/EFormRestServer/business"/>
<property name="proxyGrantingTicketStorage" ref="pgtStorage"/>
</bean>
</property>
<property name="statelessTicketCache">
<bean class="org.springframework.security.cas.authentication.EhCacheBasedTicketCache">
<property name="cache">
<bean class="net.sf.ehcache.Cache"
init-method="initialise" destroy-method="dispose">
<constructor-arg value="casTickets"/>
<constructor-arg value="50"/>
<constructor-arg value="true"/>
<constructor-arg value="false"/>
<constructor-arg value="3600"/>
<constructor-arg value="900"/>
</bean>
</property>
</bean>
</property>
<property name="key" value="an_id_for_this_auth_provider_only" />
</bean>
<bean name="http403ForbiddenEntryPoint"
class="org.springframework.security.web.authentication.Http403ForbiddenEntryPoint" />
<security:authentication-manager alias="authenticationManager">
<security:authentication-provider
ref="casAuthenticationProvider" />
</security:authentication-manager>
<security:jdbc-user-service id="userService"
data-source-ref="dataSource"
users-by-username-query="select user_name, password, true from user where user_name = ?"
authorities-by-username-query="select u.user_name, r.role from user u,user_role r where u.role_id=r.role and user_name = ?" />
请帮我解决这个问题。
谢谢