web.xml:

?

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns=" http://java.sun.com/xml/ns/j2ee "
?xmlns:xsi=" http://www.w3.org/2001/XMLSchema-instance " version="2.4"
?xsi:schemaLocation=" http://java.sun.com/xml/ns/j2ee ?? http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd ">
?<display-name>openjweb</display-name>
?<context-param>
??<param-name>contextConfigLocation</param-name>
??<param-value>
??? /WEB-INF/classes/applicationContext-security-cas.xml
???/WEB-INF/classes/core-service-demo.xml
???/WEB-INF/classes/system-config.xml
???/WEB-INF/classes/CasContext.xml
??</param-value>
?</context-param>

?<context-param>
??<param-name>log4jConfigLocation</param-name>
??<param-value>/WEB-INF/classes/log4j.properties</param-value>
?</context-param>
?
? ?<filter>
???????? <filter-name>Character Encoding</filter-name>
???????? <filter-class>org.openjweb.core.filter.CharacterEncodingFilter</filter-class>
???????? <init-param>
???????????? <param-name>encoding</param-name>
???????????? <param-value>UTF-8</param-value>
???????? </init-param>
???????? <init-param>
???????????? <param-name>ignore</param-name>
???????????? <param-value>false</param-value>
???????????? <!-- <param-value>true</param-value> -->
???????? </init-param>
??? </filter>
?
?<filter>
??<filter-name>struts2</filter-name>
??<filter-class>
???org.apache.struts2.dispatcher.FilterDispatcher
??</filter-class>
?</filter>
?
? <!--?
??? <filter>?
??????? <filter-name>CAS Authentication Filter</filter-name>?
??????? <filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>?
???????
??????? <init-param>?
??????????? <param-name>casServerLoginUrl</param-name>?
??????????? <param-value>https://casserver.haoyisheng.com:8443/cas/login</param-value>?
??????? </init-param>?
??????? <init-param>?
??????????? <param-name>renew</param-name>?
??????????? <param-value>false</param-value>?
??????? </init-param>?
??????? <init-param>?
??????????? <param-name>gateway</param-name>?
??????????? <param-value>false</param-value>?
??????? </init-param>?
????????
??????? <init-param>?
??????????? <param-name>serverName</param-name>?
??????????? <param-value>http://bzwang.haoyisheng.com:8088</param-value>?
??????? </init-param>?
??? </filter>?
??????
???
??? <filter>?
??????? <filter-name>CAS Validation Filter</filter-name>?
??????? <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>?
??????? <init-param>?
??????????? <param-name>targetBeanName</param-name>?
??????????? <param-value>cas.validationfilter</param-value>?
??????? </init-param>?
??? </filter>?
?
?<filter-mapping>?
??????? <filter-name>CAS Authentication Filter</filter-name>?
??????? <url-pattern>/comm/*</url-pattern>?
??? </filter-mapping>?
??????
??? <filter-mapping>?
??????? <filter-name>CAS Validation Filter</filter-name>?
??????? <url-pattern>/comm/*</url-pattern>?
??? </filter-mapping>?
?
?-->
?

????? <filter-mapping>
???????? <filter-name>Character Encoding</filter-name>
???????? <url-pattern>*.jsp</url-pattern>
??? </filter-mapping>?
???
???
????? <filter-mapping>
???????? <filter-name>Character Encoding</filter-name>
???????? <url-pattern>*.action</url-pattern>
??? </filter-mapping>?
??
??
? ?<filter>
??? <filter-name>CAS Single Sign Out Filter</filter-name>
??? <filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>
?</filter>
??
??? <filter>
??????? <filter-name>springSecurityFilterChain</filter-name>
??????? <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
??? </filter>

?
?<filter-mapping>
??? <filter-name>CAS Single Sign Out Filter</filter-name>
??? <url-pattern>/*</url-pattern>
?</filter-mapping>
???
??? <filter-mapping>
????? <filter-name>springSecurityFilterChain</filter-name>
????? <url-pattern>/*</url-pattern>
??? </filter-mapping>
???
?
???
?
?

?<filter-mapping>
??<filter-name>struts2</filter-name>
??<url-pattern>/*</url-pattern>
?</filter-mapping>
?
?<listener>
??<listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class>
?</listener>
?

?<listener>
??<listener-class>
???org.springframework.web.context.ContextLoaderListener
??</listener-class>
?</listener>
?
?<listener>
??<listener-class>
???org.springframework.security.ui.session.HttpSessionEventPublisher
??</listener-class>
?</listener>

?<listener>
??<listener-class>
???org.springframework.web.util.Log4jConfigListener
??</listener-class>
?</listener>
?
?<servlet>
??<servlet-name>action</servlet-name>
??<servlet-class>
???org.apache.struts.action.ActionServlet
??</servlet-class>
??<init-param>
???<param-name>config</param-name>
???<param-value>/WEB-INF/struts-config.xml</param-value>
??</init-param>
??<init-param>
???<param-name>debug</param-name>
???<param-value>3</param-value>
??</init-param>
??<init-param>
???<param-name>detail</param-name>
???<param-value>3</param-value>
??</init-param>
??<load-on-startup>0</load-on-startup>
?</servlet> <!--DWR -->?????
?
?<servlet>
??<servlet-name>dwr-invoker</servlet-name>
???<servlet-class> org.directwebremoting.servlet.DwrServlet </servlet-class>
??<init-param>
???<param-name>debug</param-name>
???<param-value>true</param-value>
??</init-param>
??<init-param>?????
??????????? <param-name>crossDomainSessionSecurity</param-name>?????
??????????? <param-value>false</param-value>?????
??</init-param>
???????? <load-on-startup>3</load-on-startup>
?</servlet>

?<!--fckeditor servlet-->
??? <servlet>
??????? <servlet-name>Connector</servlet-name>
??????? <servlet-class>com.fredck.FCKeditor.connector.ConnectorServlet</servlet-class>
??????? <init-param>
??????????? <param-name>baseDir</param-name>
??????????? <param-value>/resupload/</param-value>
??????? </init-param>
??????? <init-param>
??????????? <param-name>debug</param-name>
??????????? <param-value>false</param-value>
??????? </init-param>
??????? <load-on-startup>1</load-on-startup>
??? </servlet>
?
??? <servlet>
??????? <servlet-name>SimpleUploader</servlet-name>
??????? <servlet-class>com.fredck.FCKeditor.uploader.SimpleUploaderServlet</servlet-class>
??????? <init-param>
??????????? <param-name>baseDir</param-name>
??????????? <param-value>/resupload/</param-value>
??????? </init-param>
??????? <init-param>
??????????? <param-name>debug</param-name>
??????????? <param-value>false</param-value>
??????? </init-param>
??????? <init-param>
??????????? <param-name>enabled</param-name>
??????????? <param-value>true</param-value>
??????? </init-param>
??????? <init-param>
??????????? <param-name>AllowedExtensionsFile</param-name>
??????????? <param-value></param-value>
??????? </init-param>
??????? <init-param>
??????????? <param-name>DeniedExtensionsFile</param-name>
??????????? <param-value>php|php3|php5|phtml|asp|aspx|ascx|jsp|cfm|cfc|pl|bat|exe|dll|reg|cgi</param-value>
??????? </init-param>
??????? <init-param>
??????????? <param-name>AllowedExtensionsImage</param-name>
??????????? <param-value>jpg|gif|jpeg|png|bmp</param-value>
??????? </init-param>
??????? <init-param>
??????????? <param-name>DeniedExtensionsImage</param-name>
??????????? <param-value></param-value>
??????? </init-param>
??????? <init-param>
??????????? <param-name>AllowedExtensionsFlash</param-name>
??????????? <param-value>swf|fla</param-value>
??????? </init-param>
??????? <init-param>
??????????? <param-name>DeniedExtensionsFlash</param-name>
??????????? <param-value></param-value>
??????? </init-param>
??????? <load-on-startup>2</load-on-startup>
??? </servlet>

?<!--
<servlet>
??? <servlet-name>easyjf</servlet-name>
??? <servlet-class>com.easyjf.web.ActionServlet</servlet-class>???
</servlet>

<servlet>
?? <servlet-name>test</servlet-name>
??? <servlet-class>com.easyjf.action.CommAction</servlet-class>
</servlet>

? <servlet-mapping>
??? <servlet-name>easyjf</servlet-name>
??? <url-pattern>*.ejf</url-pattern>??
? </servlet-mapping>?
?
? <servlet-mapping>
?? <servlet-name>test</servlet-name>
??? <url-pattern>/testServlet</url-pattern>
? </servlet-mapping>

-->

?<!--
?<servlet>
??? <servlet-name>DisplayChart </servlet-name>
??????? <servlet-class>
??????????? org.jfree.chart.servlet.DisplayChart
??????? </servlet-class>
??? </servlet>
??? <servlet-mapping>
??????? <servlet-name>DisplayChart </servlet-name>
??????? <url-pattern>/temp </url-pattern>
??? </servlet-mapping>
?-->
??? <servlet-mapping>
??<servlet-name>dwr-invoker</servlet-name>
??<url-pattern>/dwr/*</url-pattern>
?</servlet-mapping>
?
??<servlet-mapping>
??<servlet-name>action</servlet-name>
??<url-pattern>*.do</url-pattern>
?</servlet-mapping>

<session-config>
??<session-timeout>30</session-timeout>
?</session-config>

?<welcome-file-list>
??<welcome-file>/secure/redirect.jsp</welcome-file>
?</welcome-file-list>
? <jsp-config>
?<taglib>
??<taglib-uri>
??? http://www.springframework.org/security/tags
??</taglib-uri>
??<taglib-location>/WEB-INF/security.tld</taglib-location>
?</taglib>

?<taglib>
??<taglib-uri>/WEB-INF/struts-bean.tld</taglib-uri>
??<taglib-location>/WEB-INF/tld/struts-bean.tld</taglib-location>
?</taglib>

?<taglib>
??<taglib-uri>/WEB-INF/struts-html.tld</taglib-uri>
??<taglib-location>/WEB-INF/tld/struts-html.tld</taglib-location>
?</taglib>

?<taglib>
??<taglib-uri>/WEB-INF/struts-logic.tld</taglib-uri>
??<taglib-location>/WEB-INF/tld/struts-logic.tld</taglib-location>
?</taglib>

?<taglib>
??<taglib-uri>/WEB-INF/struts-nested.tld</taglib-uri>
??<taglib-location>
???/WEB-INF/tld/struts-nested.tld
??</taglib-location>
?</taglib>

?<taglib>
??<taglib-uri>/WEB-INF/struts-tiles.tld</taglib-uri>
??<taglib-location>/WEB-INF/tld/struts-tiles.tld</taglib-location>
?</taglib>

? </jsp-config>
?

</web-app>

?

applicationContext-security-cas.xml:

<?xml version="1.0" encoding="UTF-8"?>

<beans xmlns=" http://www.springframework.org/schema/beans "
??? xmlns:sec=" http://www.springframework.org/schema/security "
??? xmlns:xsi=" http://www.w3.org/2001/XMLSchema-instance "
??? xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
??????????????????????? http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd ">
??
??? <sec:http entry-point-ref="casProcessingFilterEntryPoint">
??????? <sec:intercept-url pattern="/secure/extreme/**" access="ROLE_SUPERVISOR" requires-channel="https"/>
??<sec:intercept-url pattern="/secure/**" access="ROLE_USER" />??
??????? <sec:logout logout-success-url="/apps/index.jsp"/>
??? </sec:http>
?
??? <sec:authentication-manager alias="authenticationManager"/>

??? <bean id="casProcessingFilter" class="org.springframework.security.ui.cas.CasProcessingFilter">
??????? <sec:custom-filter after="CAS_PROCESSING_FILTER"/>
??????? <property name="authenticationManager" ref="authenticationManager"/>
??????? <property name="authenticationFailureUrl" value="/casfailed.jsp"/>
??????? <property name="defaultTargetUrl" value="/apps/index.jsp" />
??????? <property name="proxyGrantingTicketStorage" ref="proxyGrantingTicketStorage" />
??????? <property name="proxyReceptorUrl" value="/secure/receptor" />
???????
??? </bean>

??? <bean id="casProcessingFilterEntryPoint" class="org.springframework.security.ui.cas.CasProcessingFilterEntryPoint">
??????? <property name="loginUrl" value=" https://crm.lucene.cn:8443/cas/login"/ >
??????? <property name="serviceProperties" ref="serviceProperties"/>
??? </bean>

??? <bean id="casAuthenticationProvider" class="org.springframework.security.providers.cas.CasAuthenticationProvider">
??????? <sec:custom-authentication-provider />
??????? <property name="userDetailsService" ref="userDetailsService"/>
??????? <property name="serviceProperties" ref="serviceProperties" />
??????? <property name="ticketValidator">
??????? ?<bean class="org.jasig.cas.client.validation.Cas20ServiceTicketValidator">
??????? ??<constructor-arg index="0" value=" https://crm.lucene.cn:8443/cas " />
??????? ??<property name="proxyGrantingTicketStorage" ref="proxyGrantingTicketStorage" />
??????? ???? <property name="proxyCallbackUrl" value=" https://crm.lucene.cn:8443/crm/secure/receptor " />?
??????? ???
??????????? </bean>
??????? </property>
??????? <property name="key" value="an_id_for_this_auth_provider_only"/>
??? </bean>
???
??? <bean id="proxyGrantingTicketStorage" class="org.jasig.cas.client.proxy.ProxyGrantingTicketStorageImpl" />

??? <bean id="serviceProperties" class="org.springframework.security.ui.cas.ServiceProperties">
??????? <property name="service" value=" https://crm.lucene.cn:8443/crm/j_spring_cas_security_check"/ >
??????? <property name="sendRenew" value="false"/>
??? </bean>
?
?? <bean id="daoAuthenticationProvider"
??class="org.springframework.security.providers.dao.DaoAuthenticationProvider">
??<property name="userDetailsService" ref="userDetailsService" />
??<property name="userCache" ref="userCache" />
??<property name="passwordEncoder" ref="passwordEncoder" />
?</bean>
?<bean id="passwordEncoder"
??class="org.springframework.security.providers.encoding.Md5PasswordEncoder" />
?<bean id="userDetailsService"
??class="org.openjweb.core.springsecurity.UserDetailsServiceImpl">
??<constructor-arg>
???<ref bean="IBaseDao3" />
??</constructor-arg>
?</bean>

?<bean id="userCache"
??class="org.springframework.security.providers.dao.cache.EhCacheBasedUserCache">
??<property name="cache" ref="userCacheBacked" />
?</bean>

?<bean id="userCacheBacked"
??class="org.springframework.cache.ehcache.EhCacheFactoryBean">
??<property name="cacheManager" ref="cacheManager" />
??<property name="cacheName" value="userCache" />
?</bean>

?<bean id="cacheManager"
??class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean">
??<property name="configLocation"
???value="classpath:ehcache-security.xml" />
?</bean>
?<bean id="filterSecurityInterceptor"
??class="org.springframework.security.intercept.web.FilterSecurityInterceptor">
??<sec:custom-filter before="FILTER_SECURITY_INTERCEPTOR" />
??<property name="authenticationManager"
???ref="authenticationManager" />
??<property name="accessDecisionManager"
???ref="accessDecisionManager" />
??<property name="alwaysReauthenticate" value="true" />
??<property name="objectDefinitionSource"
???ref="databaseFilterInvocationDefinitionSource" />
?</bean>
?<bean id="accessDecisionManager"
??class="org.springframework.security.vote.AffirmativeBased">
??<property name="decisionVoters">
???<list>
????<bean
?????class="org.springframework.security.vote.RoleVoter">
?????<property name="rolePrefix" value="" />
????</bean>
???</list>
??</property>
?</bean>
?<bean id="databaseFilterInvocationDefinitionSource"
??class="org.springframework.security.intercept.web.DefaultFilterInvocationDefinitionSource">
??<constructor-arg
???type="org.springframework.security.util.UrlMatcher"
???ref="antUrlPathMatcher" />
??<constructor-arg type="java.util.LinkedHashMap" ref="requestMap" />
?</bean>

?<bean id="antUrlPathMatcher"
??class="org.springframework.security.util.AntUrlPathMatcher" />

?<bean id="requestMap"
??class="org.openjweb.core.springsecurity.RequestMapFactoryBean"
??init-method="init">
??
?</bean>

</beans>

?

?

openjweb平臺配置cas server單點登錄