SpringBoot+CAS整合服务端和客户端实现SSO单点登录与登出快速入门上手
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.authentication.logout.LogoutFilter;
import org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler;
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.anyRequest().authenticated()
.and()
.logout()
.logoutUrl("/logout")
.addLogoutHandler(new SecurityContextLogoutHandler())
.clearAuthentication(true)
.invalidateHttpSession(true)
.deleteCookies("JSESSIONID")
.logoutSuccessUrl("/login?logout")
.and()
.apply(new CasSecurityConfigurer(casServerUrlPrefix, casServiceProperties))
.and()
.csrf().disable();
}
}
这段代码演示了如何在Spring Boot应用中使用CAS(Central Authentication Service)进行单点登录和登出。首先,我们创建了一个SecurityConfig
类,继承自WebSecurityConfigurerAdapter
。在configure
方法中,我们配置了登录和登出的相关设置,包括CAS的服务地址和服务参数。我们也禁用了CSRF保护,以便可以进行正常的登录和登出操作。
评论已关闭