I have integrated spring security into my project and I was previously authenticating user details using hibernate. Now I have to do it using CAS. This is my current Spring security.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:aop="http://www.springframework.org/schema/aop"
xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="
http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
http://www.springframework.org/schema/jee http://www.springframework.org/schema/jee/spring-jee.xsd
http://www.springframework.org/schema/lang http://www.springframework.org/schema/lang/spring-lang.xsd
http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd
http://www.springframework.org/schema/mvc
http://www.springframework.org/schema/mvc/spring-mvc-3.0.xsd
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.1.xsd
">
<global-method-security pre-post-annotations="enabled" />
<http pattern="/css/**" security="none"/>
<http pattern="/images/**" security="none"/>
<http pattern="/js/**" security="none"/>
<http pattern="/index.jsp" security="none"/>
<http pattern="/app/addNewUser.json" security="none"/>
<http pattern="/dbcomplogin.jsp" security="none"/>
<http pattern="/loggedout.jsp" security="none"/>
<http use-expressions="true">
<!--
Allow all other requests. In a real application you should
adopt a whitelisting approach where access is not allowed by default
-->
<intercept-url pattern="/**" access="isAuthenticated()" />
<form-login login-page='/dbcomplogin.jsp'
authentication-failure-url="/dbcomplogin.jsp?login_error=1"
default-target-url="/index.jsp" />
<logout logout-success-url="/loggedout.jsp" delete-cookies="JSESSIONID"/>
<remember-me />
</http>
<beans:bean id="myUserService" class="com.tcs.ceg.services.impl.UserServiceImpl" />
<authentication-manager>
<authentication-provider user-service-ref="myUserService" />
</authentication-manager>
</beans:beans>
in UserServiceImpl class "loadUserByUsername" method I am using Hibernate call to get user details from DB and I was returning the username,password if they exist in DB.
But now I have to do it using CAS server . Please tell me what all I need to change in my spring-security.xml so that, if the user is not authenticated the login page of CAS server will be opened and on click of logout the single logout will take place and logout page of CAS server will open. I am new to CAS and spring security so kindly help me.
Have you had a chance to review this link: http://static.springsource.org/spring-security/site/docs/3.0.x/reference/cas.html ?
The documentation walks you through how to configure the CAS client w/ Spring Security.
Look at the alias you are using for importing beans namespace. If your xml has configuration as xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" use it with the alias name as beans:bean
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.