无法从 CAS 获取 servlet 中的用户名
Can't get username in servlet from CAS
我在 jboss 上有一个应用程序,我想使用 CAS 登录。在我的应用程序中,我扩展了 Cas20ProxyReceivingTicketValidationFilter 并且我试图覆盖 onSuccessfulValidation 方法来做一些事情(我需要在我的应用程序中知道谁登录,所以我需要从 CAS 获取用户名),但我注意到它从未被调用过,这个方法。经过一些 google 搜索,我发现 CAS 在从我的 servlet 发送的请求中使用了 AttributePrincipal,但是在它从 CAS returns 之后,在来自 doGET 方法的请求中,principal 为空。有人可以告诉我我做错了什么吗?为什么我无法从 CAS 获取我的 servlet 中的用户名?
谢谢。
更新 1:
所以我开始调试一切,我注意到当它进入:
public final void doFilter(final ServletRequest servletRequest, final ServletResponse servletResponse, final FilterChain filterChain) throws IOException, ServletException {
票为空(即使我在上次登录后访问该页面(所以它应该有票))。更重要的是,我读到 CAS 应该在变量 userPrincipal 中放置一些东西,但在这个过滤器中,它是空的。会话为空。我在任何变量中都找不到我在 CAS 中引入的用户名。需要说明的是,我正在 Cas20ProxyReceivingTicketValidationFilter 中进行调试,我认为我应该在其中找到我的用户名。仍然希望得到一些帮助:)
更新 2:
我不知道该怎么办了。如果有帮助,这是我的 servlet web.xml:
<!DOCTYPE web-app PUBLIC
"-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
"http://java.sun.com/dtd/web-app_2_3.dtd" >
<web-app>
<display-name>Archetype Created Web Application</display-name>
<!--**********Filter 1********** -->
<filter>
<filter-name>CAS Authentication Filter</filter-name>
<filter-class>org.jasig.cas.client.authentication.Saml11AuthenticationFilter</filter-class>
<init-param>
<param-name>casServerLoginUrl</param-name>
<param-value>https://135.243.36.205:8443/cas/login</param-value>
</init-param>
<init-param>
<param-name>service</param-name>
<param-value>http://localhost:8080/casuser</param-value>
</init-param>
</filter>
<!--**************************** -->
<!--**********Filter 2********** -->
<filter>
<filter-name>CAS Validation Filter</filter-name>
<filter-class>org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</filter-class>
<init-param>
<param-name>casServerUrlPrefix</param-name>
<param-value>https://135.243.36.205:8443/cas</param-value>
</init-param>
<init-param>
<param-name>service</param-name>
<param-value>http://localhost:8080/casuser</param-value>
</init-param>
</filter>
<!--**************************** -->
<!--**********Filter 3********** -->
<filter>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class>
</filter>
<!--**************************** -->
<!--**********Filter 4********** -->
<filter>
<filter-name>CAS Assertion Thread Local Filter</filter-name>
<filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class>
</filter>
<!--**************************** -->
<filter>
<filter-name>CAS Single Sign Out Filter</filter-name>
<filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CAS Single Sign Out Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS Authentication Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS Validation Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS Assertion Thread Local Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<security-constraint>
<web-resource-collection>
<web-resource-name>Java CAS Client Test Application</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<servlet>
<servlet-name>cas</servlet-name>
<servlet-class>soo.cas.Index</servlet-class>
<!--<init-param> <param-name>keystoreFile</param-name> <param-value>lib/security/GiaKeystore.jks</param-value>
</init-param> <init-param> <param-name>keystorePassword</param-name> <param-value>The.GIA.Keystore.Password</param-value>
</init-param> <init-param> <param-name>privateKeyAlias</param-name> <param-value>giakey</param-value>
</init-param> <init-param> <param-name>privateKeyPassword</param-name> <param-value>The.GIA.Private.Key.Password</param-value>
</init-param> <init-param> <param-name>cookiePath</param-name> <param-value>/</param-value>
</init-param> <init-param> <param-name>cookieDomain</param-name> <param-value></param-value>
</init-param> <init-param> <param-name>cookieDurationInSeconds</param-name>
<param-value>3600</param-value> </init-param> -->
<init-param>
<param-name>encodeServletRedirect</param-name>
<param-value>false</param-value>
</init-param>
</servlet>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
</web-app>
这是我的 Index.java:
package soo.cas;
import java.io.*;
import java.security.GeneralSecurityException;
import java.util.*;
import javax.servlet.*;
import javax.servlet.http.*;
import org.apache.log4j.Logger;
import soo.util.*;
public class Index extends HttpServlet{
private Ticket myTicket = new Ticket();
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException
{
String username = request.getRemoteUser();
PrintWriter out = response.getWriter();
out.println("Test\n");
out.println(username);
}
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException
{
String username = request.getRemoteUser();
PrintWriter out = response.getWriter();
out.println("Test\n");
out.println(username);
}
}
委托人为空,票证为空,request.getRemoteUser()为空...
拜托,有人可以帮助我吗?
这可能是因为我的 CAS 服务器中的某些配置?或者因为我使用 CAS 协议进行验证?
此外,这可能是因为不知何故它总是转到我的 servlet 中的 doGET 方法,我读到验证过滤器应该调用 doPOST 方法...?!
您的过滤器混合了两种协议...SAML 1.1 和 CAS 2.0。身份验证过滤器和验证过滤器成对出现。让它们保持一致:
CAS 协议
org.jasig.cas.client.authentication.AuthenticationFilter 和 org.jasig.cas.client.validation.Cas10TicketValidationFilter(或 org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter)
SAML 协议
Use if user attributes are needed
org.jasig.cas.client.authentication.Saml11AuthenticationFilter
和 org.jasig.cas.client.validation.Saml11TicketValidationFilter
在 https://wiki.jasig.org/display/CASC/Configuring+the+Jasig+CAS+Client+for+Java+in+the+web.xml
查看过滤器详情
我在 jboss 上有一个应用程序,我想使用 CAS 登录。在我的应用程序中,我扩展了 Cas20ProxyReceivingTicketValidationFilter 并且我试图覆盖 onSuccessfulValidation 方法来做一些事情(我需要在我的应用程序中知道谁登录,所以我需要从 CAS 获取用户名),但我注意到它从未被调用过,这个方法。经过一些 google 搜索,我发现 CAS 在从我的 servlet 发送的请求中使用了 AttributePrincipal,但是在它从 CAS returns 之后,在来自 doGET 方法的请求中,principal 为空。有人可以告诉我我做错了什么吗?为什么我无法从 CAS 获取我的 servlet 中的用户名? 谢谢。
更新 1: 所以我开始调试一切,我注意到当它进入:
public final void doFilter(final ServletRequest servletRequest, final ServletResponse servletResponse, final FilterChain filterChain) throws IOException, ServletException {
票为空(即使我在上次登录后访问该页面(所以它应该有票))。更重要的是,我读到 CAS 应该在变量 userPrincipal 中放置一些东西,但在这个过滤器中,它是空的。会话为空。我在任何变量中都找不到我在 CAS 中引入的用户名。需要说明的是,我正在 Cas20ProxyReceivingTicketValidationFilter 中进行调试,我认为我应该在其中找到我的用户名。仍然希望得到一些帮助:)
更新 2: 我不知道该怎么办了。如果有帮助,这是我的 servlet web.xml:
<!DOCTYPE web-app PUBLIC
"-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
"http://java.sun.com/dtd/web-app_2_3.dtd" >
<web-app>
<display-name>Archetype Created Web Application</display-name>
<!--**********Filter 1********** -->
<filter>
<filter-name>CAS Authentication Filter</filter-name>
<filter-class>org.jasig.cas.client.authentication.Saml11AuthenticationFilter</filter-class>
<init-param>
<param-name>casServerLoginUrl</param-name>
<param-value>https://135.243.36.205:8443/cas/login</param-value>
</init-param>
<init-param>
<param-name>service</param-name>
<param-value>http://localhost:8080/casuser</param-value>
</init-param>
</filter>
<!--**************************** -->
<!--**********Filter 2********** -->
<filter>
<filter-name>CAS Validation Filter</filter-name>
<filter-class>org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</filter-class>
<init-param>
<param-name>casServerUrlPrefix</param-name>
<param-value>https://135.243.36.205:8443/cas</param-value>
</init-param>
<init-param>
<param-name>service</param-name>
<param-value>http://localhost:8080/casuser</param-value>
</init-param>
</filter>
<!--**************************** -->
<!--**********Filter 3********** -->
<filter>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class>
</filter>
<!--**************************** -->
<!--**********Filter 4********** -->
<filter>
<filter-name>CAS Assertion Thread Local Filter</filter-name>
<filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class>
</filter>
<!--**************************** -->
<filter>
<filter-name>CAS Single Sign Out Filter</filter-name>
<filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CAS Single Sign Out Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS Authentication Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS Validation Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS Assertion Thread Local Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<security-constraint>
<web-resource-collection>
<web-resource-name>Java CAS Client Test Application</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<servlet>
<servlet-name>cas</servlet-name>
<servlet-class>soo.cas.Index</servlet-class>
<!--<init-param> <param-name>keystoreFile</param-name> <param-value>lib/security/GiaKeystore.jks</param-value>
</init-param> <init-param> <param-name>keystorePassword</param-name> <param-value>The.GIA.Keystore.Password</param-value>
</init-param> <init-param> <param-name>privateKeyAlias</param-name> <param-value>giakey</param-value>
</init-param> <init-param> <param-name>privateKeyPassword</param-name> <param-value>The.GIA.Private.Key.Password</param-value>
</init-param> <init-param> <param-name>cookiePath</param-name> <param-value>/</param-value>
</init-param> <init-param> <param-name>cookieDomain</param-name> <param-value></param-value>
</init-param> <init-param> <param-name>cookieDurationInSeconds</param-name>
<param-value>3600</param-value> </init-param> -->
<init-param>
<param-name>encodeServletRedirect</param-name>
<param-value>false</param-value>
</init-param>
</servlet>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
</web-app>
这是我的 Index.java:
package soo.cas;
import java.io.*;
import java.security.GeneralSecurityException;
import java.util.*;
import javax.servlet.*;
import javax.servlet.http.*;
import org.apache.log4j.Logger;
import soo.util.*;
public class Index extends HttpServlet{
private Ticket myTicket = new Ticket();
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException
{
String username = request.getRemoteUser();
PrintWriter out = response.getWriter();
out.println("Test\n");
out.println(username);
}
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException
{
String username = request.getRemoteUser();
PrintWriter out = response.getWriter();
out.println("Test\n");
out.println(username);
}
}
委托人为空,票证为空,request.getRemoteUser()为空... 拜托,有人可以帮助我吗?
这可能是因为我的 CAS 服务器中的某些配置?或者因为我使用 CAS 协议进行验证? 此外,这可能是因为不知何故它总是转到我的 servlet 中的 doGET 方法,我读到验证过滤器应该调用 doPOST 方法...?!
您的过滤器混合了两种协议...SAML 1.1 和 CAS 2.0。身份验证过滤器和验证过滤器成对出现。让它们保持一致:
CAS 协议
org.jasig.cas.client.authentication.AuthenticationFilter 和 org.jasig.cas.client.validation.Cas10TicketValidationFilter(或 org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter)
SAML 协议
Use if user attributes are needed
org.jasig.cas.client.authentication.Saml11AuthenticationFilter
和 org.jasig.cas.client.validation.Saml11TicketValidationFilter
在 https://wiki.jasig.org/display/CASC/Configuring+the+Jasig+CAS+Client+for+Java+in+the+web.xml
查看过滤器详情