如何将CAS认证与弹簧安全相结合？

Question

我已将弹簧安全性集成到我的项目中，并且我之前使用休眠验证了用户详细信息。现在我必须使用CAS来完成它。 这是我目前的春天的security.xml

<?xml version="1.0" encoding="UTF-8"?> 
<beans:beans xmlns="http://www.springframework.org/schema/security" 
    xmlns:beans="http://www.springframework.org/schema/beans" 
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
    xmlns:aop="http://www.springframework.org/schema/aop" 
    xmlns:context="http://www.springframework.org/schema/context" 
    xsi:schemaLocation=" 
     http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop.xsd 
     http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd 
     http://www.springframework.org/schema/jee http://www.springframework.org/schema/jee/spring-jee.xsd 
     http://www.springframework.org/schema/lang http://www.springframework.org/schema/lang/spring-lang.xsd 
     http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx.xsd 
     http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd 
     http://www.springframework.org/schema/mvc 
     http://www.springframework.org/schema/mvc/spring-mvc-3.0.xsd 
     http://www.springframework.org/schema/beans 
     http://www.springframework.org/schema/beans/spring-beans-3.0.xsd 
     http://www.springframework.org/schema/security 
     http://www.springframework.org/schema/security/spring-security-3.1.xsd 
     "> 



    <global-method-security pre-post-annotations="enabled" /> 

    <http pattern="/css/**" security="none"/> 
    <http pattern="/images/**" security="none"/> 
    <http pattern="/js/**" security="none"/> 
    <http pattern="/index.jsp" security="none"/> 
    <http pattern="/app/addNewUser.json" security="none"/> 
    <http pattern="/dbcomplogin.jsp" security="none"/> 
    <http pattern="/loggedout.jsp" security="none"/> 

    <http use-expressions="true"> 
     <!-- 
      Allow all other requests. In a real application you should 
      adopt a whitelisting approach where access is not allowed by default 
      --> 
     <intercept-url pattern="/**" access="isAuthenticated()" /> 
     <form-login login-page='/dbcomplogin.jsp' 
      authentication-failure-url="/dbcomplogin.jsp?login_error=1" 
      default-target-url="/index.jsp" /> 
     <logout logout-success-url="/loggedout.jsp" delete-cookies="JSESSIONID"/> 
     <remember-me /> 

    </http> 

    <beans:bean id="myUserService" class="com.tcs.ceg.services.impl.UserServiceImpl" /> 
    <authentication-manager> 
    <authentication-provider user-service-ref="myUserService" /> 
    </authentication-manager> 

</beans:beans> 

在UserServiceImpl类“loadUserByUsername”的方法，我使用Hibernate的调用来获取从数据库用户的详细信息，如果他们在数据库中存在，我回国的用户名，密码。

但现在我必须使用CAS服务器来做到这一点。请告诉我在我的spring-security.xml中需要更改哪些内容，以便如果用户未通过身份验证，CAS服务器的登录页面将会打开，单击注销后将单击注销并注销CAS服务器将打开。 我是新来的CAS和春季安全，所以善待我。

Answer 1

您是否有机会查看此链接：http://static.springsource.org/spring-security/site/docs/3.0.x/reference/cas.html？

该文档将指导您完成如何配置CAS客户端/ Spring Security。

Answer 2

看看您用于导入bean命名空间的别名。如果你的xml的配置为xmlns：beans =“http://www.springframework.org/schema/beans”xmlns：xsi =“http://www.w3.org/2001/XMLSchema-instance”将它与别名为豆类：豆类