1
我多发部位.. 例如:Spring MVC的安全自动登录使用CAS服务器JASIG
http://example1.com
http://example2.com
和我有CAS服务器https://example.com
,如果我已经在CAS服务器为什么我在其他网站无法自动登录登录,,必须有一些行动喜欢去url http://example2.com/login
,我不希望用户做一些行动,如果我已经登录我的cas服务器后,我去其他网站,该网站可以自动登录。
这是我春天的安全配置..
<authentication-manager alias="authenticationManager">
<authentication-provider ref="casAuthenticationProvider" />
</authentication-manager>
<beans:bean id="casSingleSignOutFilter" class="org.jasig.cas.client.session.SingleSignOutFilter"/>
<beans:bean id="casAuthEntryPoint"
class="org.springframework.security.cas.web.CasAuthenticationEntryPoint">
<beans:property name="loginUrl" value="https://example.com/cas/" />
<beans:property name="serviceProperties" ref="casService" />
</beans:bean>
<beans:bean id="casService"
class="org.springframework.security.cas.ServiceProperties">
<beans:property name="service"
value="http://example2.com/auth_check"></beans:property>
</beans:bean>
<beans:bean id="casAuthenticationFilter"
class="org.springframework.security.cas.web.CasAuthenticationFilter">
<beans:property name="authenticationManager" ref="authenticationManager" /> <!-- Required -->
<beans:property name="filterProcessesUrl" value="/auth_check" />
</beans:bean>
<!-- Auth Provider -->
<beans:bean id="casAuthenticationProvider"
class="org.springframework.security.cas.authentication.CasAuthenticationProvider">
<beans:property name="ticketValidator" ref="casTicketValidator" /><!-- Required -->
<!-- <beans:property name="ticketValidator" ref="samlTicketValidator"/> -->
<beans:property name="serviceProperties" ref="casService" /> <!-- Required -->
<beans:property name="key" value="example2-cas" /> <!-- Required -->
<beans:property name="authenticationUserDetailsService"
ref="authenticationUserDetailsService" />
</beans:bean>
任何建议将帮助我。