没有属性传给客户端

Question

i am building SSO application with CAS. 我正在用CAS构建SSO应用程序。 in spring client, no attributes came with CasAssertionAuthenticationToken . 在spring client中， CasAssertionAuthenticationToken没有属性。

there are lots of samples on net, they seems to have no problem with this ( is something obvious missing?) 网上有很多样本，它们似乎对此没有问题（明显缺少某些东西吗？）

for cas server, its all default configuration except i changed registered service default to make sure that is not the problem. 对于cas服务器，除我更改了注册服务的默认设置以确保这不是问题外，它的所有默认配置都是如此。 this part look like this: 这部分看起来像这样：

    <bean class="org.jasig.cas.services.RegexRegisteredService">
        <property name="id" value="1"/>
        <property name="name" value="HTTP and IMAP"/>
        <property name="description" value="Allows HTTP(S) and IMAP(S)"/>
        <property name="serviceId" value="^(https?|imaps?)://.*"/>
        <property name="evaluationOrder" value="0"/>
        <property name="ignoreAttributes" value="true"/>
        <property name="attributeFilter">
            <bean class="org.jasig.cas.services.support.RegisteredServiceDefaultAttributeFilter"/>
        </property>
    </bean>

when debugging results there are 3 predefined attributes that are going to get released!! 调试结果时，将释放3个预定义的属性！

in the spring, the server response when verifying ticket is like this: 在春季，验证票证时服务器的响应如下：

<cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
<cas:authenticationSuccess>
    <cas:user>casuser</cas:user>        
</cas:authenticationSuccess>
</cas:serviceResponse>

it contains no attributes at all. 它根本不包含任何属性。 can not figure out what is missing. 无法找出丢失的内容。 considering cas config is almost default configurations, this is my spring config (i used spring boot for configuring client): 考虑到cas config几乎是默认配置，这是我的spring config（我使用spring boot来配置客户端）：

@Configuration
@Order(SecurityProperties.ACCESS_OVERRIDE_ORDER)
public class Security extends WebSecurityConfigurerAdapter {

    @Bean
    public ServiceProperties serviceProperties() {
        ServiceProperties prop = new ServiceProperties();
        prop.setService("http://localhost:8180/j_spring_cas_security_check");
        prop.setSendRenew(true);
        return prop;
    }


    @Bean
    public AuthenticationProvider casAuthenticationProvider() {
        CasAuthenticationProvider casAuthenticationProvider = new CasAuthenticationProvider();
        casAuthenticationProvider.setAuthenticationUserDetailsService(authenticationUserDetailsService());
        casAuthenticationProvider.setServiceProperties(serviceProperties());
        casAuthenticationProvider.setTicketValidator(ticketValidator());
        casAuthenticationProvider.setKey("test_app_key");
        return casAuthenticationProvider;
    }

    @Bean
    public AuthenticationUserDetailsService<CasAssertionAuthenticationToken> authenticationUserDetailsService() {
        return new TestCasAuthenticationUserDetailsService();
    }

    @Bean
    public TicketValidator ticketValidator() {
        return new Cas20ServiceTicketValidator("https://localhost:8443/cas");
    }

    @Bean
    public CasAuthenticationEntryPoint casAuthenticationEntryPoint() {
        CasAuthenticationEntryPoint casAuthenticationEntryPoint = new CasAuthenticationEntryPoint();
        casAuthenticationEntryPoint.setLoginUrl("https://localhost:8443/cas/login");
        casAuthenticationEntryPoint.setServiceProperties(serviceProperties());
        return casAuthenticationEntryPoint;
    }

    @Bean
    public CasAuthenticationFilter casAuthenticationFilter() throws Exception {
        CasAuthenticationFilter casAuthenticationFilter = new CasAuthenticationFilter();
        casAuthenticationFilter.setAuthenticationManager(authenticationManager());
        return casAuthenticationFilter;
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
                .addFilter(casAuthenticationFilter());
        http
                .exceptionHandling()
                .authenticationEntryPoint(casAuthenticationEntryPoint());
        http.authorizeRequests()
                .anyRequest().authenticated();
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth
                .authenticationProvider(casAuthenticationProvider());
    }
}

can anyone tell me what is that obvious part that i am missing? 谁能告诉我我想念的那明显部分是什么？

Answer 1

wow. 哇。 I can not believe it. 我不相信。 All this time for just a p3!!! 所有这些时间仅为p3 ！！！ The TicketValidator url must end with /p3 so that it use cas 3.0 protocol and return values. TicketValidator网址必须以/p3结尾，以便使用cas 3.0协议并返回值。 This is the change: 这是更改：

    @Bean
    public TicketValidator ticketValidator() {
        return new Cas20ServiceTicketValidator("https://localhost:8443/cas/p3");
    }

The documentation could be a bit more clear about it (Now that i know the answer it seems really obvious though). 该文档可能对此更加清楚（现在，我知道答案似乎很明显）。 Hope this can help someone who need to config spring security with cas. 希望这可以帮助需要使用cas配置spring security的人。

没有属性传给客户端

问题描述

1 个解决方案

解决方案1
3 已采纳 2015-04-20 10:35:33

没有属性传给客户端

问题描述

1 个解决方案

解决方案1 3 已采纳 2015-04-20 10:35:33

解决方案1
3 已采纳 2015-04-20 10:35:33