【发布时间】:2017-02-20 06:01:42
【问题描述】:
我没有成功尝试让 Zeppelin 中的 shiro.ini 使用 cas。 我按照这些说明 http://shiro.apache.org/cas.html
casFilter = org.apache.shiro.cas.CasFilter
casFilter.failureUrl = /error.html
casRealm = org.apache.shiro.cas.CasRealm
casRealm.defaultRoles = USER
casRealm.casServerUrlPrefix = https://ticketserver.com
casRealm.casService = https://tickettranslater.com/j_spring_cas_security_check
casSubjectFactory = org.apache.shiro.cas.CasSubjectFactory
sessionManager = org.apache.shiro.web.session.mgt.DefaultWebSessionManager
securityManager.subjectFactory = $casSubjectFactory
securityManager.realms = $casRealm
### If caching of user is required then uncomment below lines
#cacheManager = org.apache.shiro.cache.MemoryConstrainedCacheManager
#securityManager.cacheManager = $cacheManager
securityManager.sessionManager = $sessionManager
# 86,400,000 milliseconds = 24 hour
#securityManager.sessionManager.globalSessionTimeout = 86400000
shiro.loginUrl = /api/login
[urls]
# anon means the access is anonymous.
# authcBasic means Basic Auth Security
# authc means Form based Auth Security
# To enfore security, comment the line below and uncomment the next one
/api/interpreter/** = authc, roles[USER]
/api/configurations/** = authc, roles[USER]
/api/credential/** = authc, roles[SOMEOTHER]
/api/login = casFilter
/** = authc
#/** = anon
#/** = authc
casService 应该将票证翻译给用户。 casServerUrlPrefix 是一旦获得滴答声的地方。 如果我输入 shiro.loginUrl = https://ticketserver.com?service=https://tickettranslater.com/j_spring_cas_security_check 除了 Origin 标头在此过程中丢失并且登录失败之外,它可以正常工作。
tickeserver.com 和 tickertranslator 都在网络中,它们适用于许多其他应用程序。
如何设置 shiro.ini 以便正确处理 cas 登录链?
【问题讨论】:
标签: cas shiro apache-zeppelin