单点登录1

oa-app/src/main/java/com/css/oa/config/CasConfiguration.java

@@ -0,0 +1,111 @@
package com.css.oa.config;
import org.jasig.cas.client.authentication.AuthenticationFilter;
import org.jasig.cas.client.configuration.ConfigurationKeys;
import org.jasig.cas.client.session.SingleSignOutFilter;
import org.jasig.cas.client.session.SingleSignOutHttpSessionListener;
import org.jasig.cas.client.util.HttpServletRequestWrapperFilter;
import org.jasig.cas.client.validation.Cas30ProxyReceivingTicketValidationFilter;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.boot.web.servlet.ServletListenerRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import javax.servlet.http.HttpSessionListener;
@Configuration
@EnableConfigurationProperties(CasConfigurationProperties.class)
public class CasConfiguration {
    @Autowired
    private CasConfigurationProperties autoconfig;
    @Bean
    public ServletListenerRegistrationBean<HttpSessionListener> httpSessionListener() {
        ServletListenerRegistrationBean<HttpSessionListener> listener = new ServletListenerRegistrationBean<>();
        listener.setListener(new SingleSignOutHttpSessionListener());
        return listener;
    }
    /**
     * 该过滤器用于实现单点登出功能，单点退出配置，一定要放在其他filter之前
     */
    @Bean
    public FilterRegistrationBean singleSignOutFilter() {
        FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
        filterRegistration.setFilter(new SingleSignOutFilter());
        filterRegistration.addUrlPatterns("/*");
        filterRegistration.addInitParameter(ConfigurationKeys.CAS_SERVER_URL_PREFIX.getName(), autoconfig.getCasServerUrlPrefix());
        filterRegistration.addInitParameter(ConfigurationKeys.SERVER_NAME.getName(), autoconfig.getServerName());
        filterRegistration.setOrder(1);
        return filterRegistration;
    }
    /**
     * 该过滤器负责用户的认证工作
     */
    @Bean
    public FilterRegistrationBean authenticationFilter() {
        FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
        filterRegistration.setFilter(new AuthenticationFilter());
        filterRegistration.addUrlPatterns("/*");
        filterRegistration.addInitParameter(ConfigurationKeys.CAS_SERVER_LOGIN_URL.getName(), autoconfig.getCasServerLoginUrl());
        filterRegistration.addInitParameter(ConfigurationKeys.SERVER_NAME.getName(), autoconfig.getServerName());
        filterRegistration.addInitParameter(ConfigurationKeys.IGNORE_URL_PATTERN_TYPE.getName(), autoconfig.getIgnoreUrlPatternType());
        filterRegistration.addInitParameter(ConfigurationKeys.IGNORE_PATTERN.getName(), autoconfig.getIgnorePattern());
        filterRegistration.setOrder(2);
        return filterRegistration;
    }
    /**
     * 该过滤器负责对Ticket的校验工作
     */
    @Bean
    public FilterRegistrationBean cas30ProxyReceivingTicketValidationFilter() {
        FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
        filterRegistration.setFilter(new Cas30ProxyReceivingTicketValidationFilter());
        filterRegistration.addUrlPatterns("/*");
        filterRegistration.addInitParameter(ConfigurationKeys.CAS_SERVER_URL_PREFIX.getName(), autoconfig.getCasServerUrlPrefix());
        filterRegistration.addInitParameter(ConfigurationKeys.SERVER_NAME.getName(), autoconfig.getServerName());
        filterRegistration.addInitParameter(ConfigurationKeys.REDIRECT_AFTER_VALIDATION.getName(), String.valueOf(autoconfig.isRedirectAfterValidation()));
        filterRegistration.addInitParameter(ConfigurationKeys.USE_SESSION.getName(), String.valueOf(autoconfig.isUseSession()));
        filterRegistration.addInitParameter(ConfigurationKeys.ENCODING.getName(), autoconfig.getEncoding());
        filterRegistration.setOrder(3);
        return filterRegistration;
    }
    /**
     * 该过滤器对HttpServletRequest请求包装，
     * 可通过HttpServletRequest的getRemoteUser()方法获得登录用户的登录名
     */
    @Bean
    public FilterRegistrationBean httpServletRequestWrapperFilter() {
        FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
        filterRegistration.setFilter(new HttpServletRequestWrapperFilter());
        filterRegistration.addUrlPatterns("/*");
        filterRegistration.setOrder(4);
        return filterRegistration;
    }
    /**
     * 该过滤器使得可以通过org.jasig.cas.client.util.AssertionHolder来获取用户的登录名。
     * 比如AssertionHolder.getAssertion().getPrincipal().getName()。
     * 这个类把Assertion信息放在ThreadLocal变量中，这样应用程序不在web层也能够获取到当前登录信息
     */
    /*@Bean
    public FilterRegistrationBean assertionThreadLocalFilter() {
        FilterRegistrationBean filterRegistration = new FilterRegistrationBean();
        filterRegistration.setFilter(new AssertionThreadLocalFilter());
        filterRegistration.addUrlPatterns("/*");
        filterRegistration.setOrder(5);
        return filterRegistration;
    }*/
}

oa-app/src/main/java/com/css/oa/config/CasConfigurationProperties.java

@@ -0,0 +1,308 @@
package com.css.oa.config;
import org.springframework.boot.context.properties.ConfigurationProperties;
/**
 * SingleSignOutFilter 配置如下：
 * <table>
 * <thead>
 * <tr>
 * <th>Property</th>
 * <th>Description</th>
 * <th>Required</th>
 * </tr>
 * </thead>
 * <tbody>
 * <tr>
 * <td><code>artifactParameterName</code></td>
 * <td>The ticket artifact parameter name. Defaults to <code>ticket</code></td>
 * <td>No</td>
 * </tr>
 * <tr>
 * <td><code>logoutParameterName</code></td>
 * <td>Defaults to <code>logoutRequest</code></td>
 * <td>No</td>
 * </tr>
 * <tr>
 * <td><code>frontLogoutParameterName</code></td>
 * <td>Defaults to <code>SAMLRequest</code></td>
 * <td>No</td>
 * </tr>
 * <tr>
 * <td><code>relayStateParameterName</code></td>
 * <td>Defaults to <code>RelayState</code></td>
 * <td>No</td>
 * </tr>
 * <tr>
 * <td><code>eagerlyCreateSessions</code></td>
 * <td>Defaults to <code>true</code></td>
 * <td>No</td>
 * </tr>
 * <tr>
 * <td><code>artifactParameterOverPost</code></td>
 * <td>Defaults to  <code>false</code></td>
 * <td>No</td>
 * </tr>
 * <tr>
 * <td><code>casServerUrlPrefix</code></td>
 * <td>URL to root of CAS Web application context.</td>
 * <td>Yes</td>
 * </tr></tbody></table>
 * --------------------------------------------</br>
 * AuthenticationFilter 配置如下：
 * <table>
 * <thead>
 * <tr>
 * <th>Property</th>
 * <th>Description</th>
 * <th>Required</th>
 * </tr>
 * </thead>
 * <tbody>
 * <tr>
 * <td><code>casServerLoginUrl</code></td>
 * <td>Defines the location of the CAS server login URL, i.e. <code>https://localhost:8443/cas/login</code></td>
 * <td>Yes</td>
 * </tr>
 * <tr>
 * <td><code>serverName</code></td>
 * <td>The name of the server this application is hosted on. Service URL will be dynamically constructed using this, i.e. <a href="https://localhost:8443" rel="nofollow">https://localhost:8443</a> (you must include the protocol, but port is optional if it's a standard port).</td>
 * <td>Yes</td>
 * </tr>
 * <tr>
 * <td><code>service</code></td>
 * <td>The service URL to send to the CAS server, i.e. <code>https://localhost:8443/yourwebapp/index.html</code></td>
 * <td>No</td>
 * </tr>
 * <tr>
 * <td><code>renew</code></td>
 * <td>specifies whether <code>renew=true</code> should be sent to the CAS server. Valid values are either <code>true/false</code> (or no value at all). Note that <code>renew</code> cannot be specified as local <code>init-param</code> setting.</td>
 * <td>No</td>
 * </tr>
 * <tr>
 * <td><code>gateway</code></td>
 * <td>specifies whether <code>gateway=true</code> should be sent to the CAS server. Valid values are either <code>true/false</code> (or no value at all)</td>
 * <td>No</td>
 * </tr>
 * <tr>
 * <td><code>artifactParameterName</code></td>
 * <td>specifies the name of the request parameter on where to find the artifact (i.e. <code>ticket</code>).</td>
 * <td>No</td>
 * </tr>
 * <tr>
 * <td><code>serviceParameterName</code></td>
 * <td>specifies the name of the request parameter on where to find the service (i.e. <code>service</code>)</td>
 * <td>No</td>
 * </tr>
 * <tr>
 * <td><code>encodeServiceUrl</code></td>
 * <td>Whether the client should auto encode the service url. Defaults to <code>true</code></td>
 * <td>No</td>
 * </tr>
 * <tr>
 * <td><code>ignorePattern</code></td>
 * <td>Defines the url pattern to ignore, when intercepting authentication requests.</td>
 * <td>No</td>
 * </tr>
 * <tr>
 * <td><code>ignoreUrlPatternType</code></td>
 * <td>Defines the type of the pattern specified. Defaults to <code>REGEX</code>. Other types are <code>CONTAINS</code>, <code>EXACT</code>.</td>
 * <td>No</td>
 * </tr>
 * <tr>
 * <td><code>gatewayStorageClass</code></td>
 * <td>The storage class used to record gateway requests</td>
 * <td>No</td>
 * </tr>
 * <tr>
 * <td><code>authenticationRedirectStrategyClass</code></td>
 * <td>The class name of the component to decide how to handle authn redirects to CAS</td>
 * <td>No</td>
 * </tr></tbody></table>
 * <p>
 * ---------------------------------------------------<br/>
 * Cas20ProxyReceivingTicketValidationFilter 配置如下：
 * <table>
 * <thead>
 * <tr>
 * <th>Property</th>
 * <th>Description</th>
 * <th>Required</th>
 * </tr>
 * </thead>
 * <tbody>
 * <tr>
 * <td><code>casServerUrlPrefix</code></td>
 * <td>The start of the CAS server URL, i.e. <code>https://localhost:8443/cas</code></td>
 * <td>Yes</td>
 * </tr>
 * <tr>
 * <td><code>serverName</code></td>
 * <td>The name of the server this application is hosted on. Service URL will be dynamically constructed using this, i.e. <code>https://localhost:8443</code> (you must include the protocol, but port is optional if it's a standard port).</td>
 * <td>Yes</td>
 * </tr>
 * <tr>
 * <td><code>renew</code></td>
 * <td>Specifies whether <code>renew=true</code> should be sent to the CAS server. Valid values are either <code>true/false</code> (or no value at all). Note that <code>renew</code> cannot be specified as local <code>init-param</code> setting.</td>
 * <td>No</td>
 * </tr>
 * <tr>
 * <td><code>redirectAfterValidation</code></td>
 * <td>Whether to redirect to the same URL after ticket validation, but without the ticket in the parameter. Defaults to <code>true</code>.</td>
 * <td>No</td>
 * </tr>
 * <tr>
 * <td><code>useSession</code></td>
 * <td>Whether to store the Assertion in session or not. If sessions are not used, tickets will be required for each request. Defaults to <code>true</code>.</td>
 * <td>No</td>
 * </tr>
 * <tr>
 * <td><code>exceptionOnValidationFailure</code></td>
 * <td>whether to throw an exception or not on ticket validation failure. Defaults to <code>true</code></td>
 * <td>No</td>
 * </tr>
 * <tr>
 * <td><code>proxyReceptorUrl</code></td>
 * <td>The URL to watch for <code>PGTIOU/PGT</code> responses from the CAS server. Should be defined from the root of the context. For example, if your application is deployed in <code>/cas-client-app</code> and you want the proxy receptor URL to be <code>/cas-client-app/my/receptor</code> you need to configure proxyReceptorUrl to be <code>/my/receptor</code>.</td>
 * <td>No</td>
 * </tr>
 * <tr>
 * <td><code>acceptAnyProxy</code></td>
 * <td>Specifies whether any proxy is OK. Defaults to <code>false</code>.</td>
 * <td>No</td>
 * </tr>
 * <tr>
 * <td><code>allowedProxyChains</code></td>
 * <td>Specifies the proxy chain. Each acceptable proxy chain should include a space-separated list of URLs (for exact match) or regular expressions of URLs (starting by the <code>^</code> character). Each acceptable proxy chain should appear on its own line.</td>
 * <td>No</td>
 * </tr>
 * <tr>
 * <td><code>proxyCallbackUrl</code></td>
 * <td>The callback URL to provide the CAS server to accept Proxy Granting Tickets.</td>
 * <td>No</td>
 * </tr>
 * <tr>
 * <td><code>proxyGrantingTicketStorageClass</code></td>
 * <td>Specify an implementation of the ProxyGrantingTicketStorage class that has a no-arg constructor.</td>
 * <td>No</td>
 * </tr>
 * <tr>
 * <td><code>sslConfigFile</code></td>
 * <td>A reference to a properties file that includes SSL settings for client-side SSL config, used during back-channel calls. The configuration includes keys for <code>protocol</code> which defaults to <code>SSL</code>, <code>keyStoreType</code>, <code>keyStorePath</code>, <code>keyStorePass</code>, <code>keyManagerType</code> which defaults to <code>SunX509</code> and <code>certificatePassword</code>.</td>
 * <td>No.</td>
 * </tr>
 * <tr>
 * <td><code>encoding</code></td>
 * <td>Specifies the encoding charset the client should use</td>
 * <td>No</td>
 * </tr>
 * <tr>
 * <td><code>secretKey</code></td>
 * <td>The secret key used by the <code>proxyGrantingTicketStorageClass</code> if it supports encryption.</td>
 * <td>No</td>
 * </tr>
 * <tr>
 * <td><code>cipherAlgorithm</code></td>
 * <td>The algorithm used by the <code>proxyGrantingTicketStorageClass</code> if it supports encryption. Defaults to <code>DESede</code></td>
 * <td>No</td>
 * </tr>
 * <tr>
 * <td><code>millisBetweenCleanUps</code></td>
 * <td>Startup delay for the cleanup task to remove expired tickets from the storage. Defaults to <code>60000 msec</code></td>
 * <td>No</td>
 * </tr>
 * <tr>
 * <td><code>ticketValidatorClass</code></td>
 * <td>Ticket validator class to use/create</td>
 * <td>No</td>
 * </tr>
 * <tr>
 * <td><code>hostnameVerifier</code></td>
 * <td>Hostname verifier class name, used when making back-channel calls</td>
 * <td>No</td>
 * </tr></tbody></table>
 */
@ConfigurationProperties(prefix = "spring.cas")
public class CasConfigurationProperties {
    private String casServerUrlPrefix = "http://10.1.193.115:8100/cas";
    private String casServerLoginUrl = casServerUrlPrefix + "/login";
    private String casServerLogoutUrl = casServerUrlPrefix + "/logout";
    private String serverName = "http://10.1.176.129:8081/zhbg";
    private boolean useSession = true;
    private boolean redirectAfterValidation = true;
    private String ignorePattern = "\\.(js|img|css)(\\?.*)?$";
    private String ignoreUrlPatternType = "REGEX";
    private String encoding = "UTF-8";
    public String getCasServerUrlPrefix() {
        return casServerUrlPrefix;
    }
    public void setCasServerUrlPrefix(String casServerUrlPrefix) {
        this.casServerUrlPrefix = casServerUrlPrefix;
    }
    public String getCasServerLoginUrl() {
        return casServerLoginUrl;
    }
    public void setCasServerLoginUrl(String casServerLoginUrl) {
        this.casServerLoginUrl = casServerLoginUrl;
    }
    public String getCasServerLogoutUrl() {
        return casServerLogoutUrl;
    }
    public void setCasServerLogoutUrl(String casServerLogoutUrl) {
        this.casServerLogoutUrl = casServerLogoutUrl;
    }
    public String getServerName() {
        return serverName;
    }
    public void setServerName(String serverName) {
        this.serverName = serverName;
    }
    public boolean isUseSession() {
        return useSession;
    }
    public void setUseSession(boolean useSession) {
        this.useSession = useSession;
    }
    public boolean isRedirectAfterValidation() {
        return redirectAfterValidation;
    }
    public void setRedirectAfterValidation(boolean redirectAfterValidation) {
        this.redirectAfterValidation = redirectAfterValidation;
    }
    public String getIgnorePattern() {
        return ignorePattern;
    }
    public void setIgnorePattern(String ignorePattern) {
        this.ignorePattern = ignorePattern;
    }
    public String getIgnoreUrlPatternType() {
        return ignoreUrlPatternType;
    }
    public void setIgnoreUrlPatternType(String ignoreUrlPatternType) {
        this.ignoreUrlPatternType = ignoreUrlPatternType;
    }
    public String getEncoding() {
        return encoding;
    }
    public void setEncoding(String encoding) {
        this.encoding = encoding;
    }
}

oa-app/src/main/java/com/css/oa/config/WebSecurityConfig.java

@@ -1,30 +1,88 @@
package com.css.oa.config;
import org.jasig.cas.client.session.SingleSignOutHttpSessionListener;
import org.jasig.cas.client.util.AbstractCasFilter;
import org.jasig.cas.client.validation.AssertionImpl;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.security.SecurityProperties;
import org.springframework.boot.web.servlet.ServletListenerRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
import org.springframework.core.annotation.Order;
import org.springframework.security.authentication.AnonymousAuthenticationToken;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.provisioning.UserDetailsManager;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
import org.springframework.web.cors.CorsUtils;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
/**
 * @author hjf
 * @version V1.0
 * @description: TODO
 * @date 2019/11/25 11:25
 */
@Configuration
public class WebSecurityConfig extends /*WebMvcConfigurationSupport*/WebMvcConfigurerAdapter {
//@Order(SecurityProperties.ACCESS_OVERRIDE_ORDER)
@Order(SecurityProperties.BASIC_AUTH_ORDER)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter{
    @Autowired
    private CasConfigurationProperties autoconfig;
    @Bean
    public RedisSessionInterceptor getSessionInterceptor(){
        return  new RedisSessionInterceptor();
    public UserDetailsManager userDetailsService(AuthenticationManagerBuilder auth) throws Exception {
        auth.inMemoryAuthentication().withUser("demo").password("demo").roles("USER");
        return (UserDetailsManager) auth.getDefaultUserDetailsService();
    }
    @Override
    public void addInterceptors(InterceptorRegistry registry) {
       //拦截所有请求
       //registry.addInterceptor(getSessionInterceptor()).excludePathPatterns("/login**").addPathPatterns("/**");
       //放行所有请求
        registry.addInterceptor(getSessionInterceptor()).excludePathPatterns("/**");
    public void configure(WebSecurity web) throws Exception {
        web.ignoring().antMatchers("/css/**", "/js/**");
    }
        super.addInterceptors(registry);
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.headers().frameOptions().disable();
        http.csrf().disable();
        http.httpBasic().disable();
        http.formLogin()
            .loginPage("/casLogin")
            .loginProcessingUrl("/login")
            .defaultSuccessUrl("/index")
            .successHandler(new SavedRequestAwareAuthenticationSuccessHandler(){
                @Override
                public void onAuthenticationSuccess(HttpServletRequest request,
                                                    HttpServletResponse response, Authentication authentication)
                    throws ServletException, IOException {
                    super.onAuthenticationSuccess(request, response, authentication);
                    Authentication auth = SecurityContextHolder.getContext().getAuthentication();
                    if (!(auth instanceof AnonymousAuthenticationToken)) {
                        User user = (User) auth.getPrincipal();
                        request.getSession().setAttribute(AbstractCasFilter.CONST_CAS_ASSERTION, new AssertionImpl(user.getUsername()));
                    }
                }
            })
            .permitAll();
        http.authorizeRequests()
            .requestMatchers(CorsUtils::isPreFlightRequest).permitAll()
            .antMatchers("/register", "/casLogin").permitAll()
            .anyRequest().authenticated();
        http.logout()
            .logoutUrl("/logout")
            .logoutSuccessUrl(autoconfig.getCasServerLogoutUrl() + "?service=" + autoconfig.getServerName() + "/index")
            .permitAll();
        http.antMatcher("/**");
    }
    @Bean
    public ServletListenerRegistrationBean<SingleSignOutHttpSessionListener> singleSignOutHttpSessionListener(){
        ServletListenerRegistrationBean<SingleSignOutHttpSessionListener> servletListenerRegistrationBean =
            new ServletListenerRegistrationBean<>();
        servletListenerRegistrationBean.setListener(new SingleSignOutHttpSessionListener());
        return servletListenerRegistrationBean;
    }
}

oa-app/src/main/java/com/css/oa/exam/admin/bean/LoginUser.java

@@ -0,0 +1,22 @@
package com.css.oa.exam.admin.bean;
public class LoginUser {
    private String username;
    private String password;
    public String getUsername() {
        return username;
    }
    public void setUsername(String username) {
        this.username = username;
    }
    public String getPassword() {
        return password;
    }
    public void setPassword(String password) {
        this.password = password;
    }
}

oa-app/src/main/java/com/css/oa/exam/admin/controller/AdminController.java

@@ -1,34 +1,79 @@
package com.css.oa.exam.admin.controller;
import com.css.oa.exam.admin.bean.LoginUser;
import com.css.oa.exam.base.BaseController;
import com.css.oa.exam.admin.service.AdminService;
import io.swagger.annotations.Api;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AnonymousAuthenticationToken;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.provisioning.UserDetailsManager;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.*;
@Api(tags = {"模拟切换用户"})
import javax.servlet.http.HttpServletRequest;
@Api(tags = {"管理员登录"})
@RestController
@RequestMapping("/admin")
public class AdminController extends BaseController {
    @Autowired
    private AdminService mService;
//    @ApiOperation(value = "增加公告接口")
//    @PostMapping("/login")
//    public Result login(HttpServletResponse response,
//                        @RequestParam("username") String username,
//                        @RequestParam("password") String password) {
//        Result<Map> result;
//        try {
//            String token = mService.login(response, username, password);
//            result = setResult(token);
//        } catch (Exception e) {
//            result = setErr(e.getMessage());
//            e.printStackTrace();
//        }
//        return result;
//    }
    private UserDetailsService userDetailsService;
    @GetMapping("*")
    public String welcome() {
        return "redirect:casLogin";
    }
    @GetMapping("index")
    public String index() {
        return "welcome";
    }
    @GetMapping("login")
    public String loginPage(Model model) {
        Authentication auth = SecurityContextHolder.getContext().getAuthentication();
        if (!(auth instanceof AnonymousAuthenticationToken)) {
            return "redirect:index";
        }
        LoginUser user = new LoginUser();
        model.addAttribute("user",user);
        return "login";
    }
    @GetMapping("casLogin")
    public String casLogin(HttpServletRequest request) {
        if (request.getRemoteUser() != null) {
            Authentication auth = new UsernamePasswordAuthenticationToken(request.getRemoteUser(), request.getRemoteUser(),
                    AuthorityUtils.createAuthorityList("USER"));
            SecurityContextHolder.getContext().setAuthentication(auth);
            return "redirect:index";
        }
        return "redirect:login";
    }
    @GetMapping("register")
    public String registerPage(Model model) {
        LoginUser user = new LoginUser();
        model.addAttribute("user",user);
        return "register";
    }
    @PostMapping("register")
    public String register(LoginUser user) {
        UserDetailsManager userDetailsManager = (UserDetailsManager) userDetailsService;
        boolean exists = userDetailsManager.userExists(user.getUsername());
        if (!exists) {
            userDetailsManager.createUser(new User(user.getUsername(), user.getPassword(), AuthorityUtils.createAuthorityList("USER")));
            return "redirect:register?success";
        } else {
            return "redirect:register?error";
        }
    }
}

pom.xml

@@ -50,6 +50,26 @@
    </properties>
    <dependencies>
        <dependency>
            <groupId>org.jasig.cas.client</groupId>
            <artifactId>cas-client-core</artifactId>
            <version>3.5.1</version>
        </dependency>
        <dependency>
            <groupId>org.springframework.security</groupId>
            <artifactId>spring-security-config</artifactId>
            <version>4.1.0.RELEASE</version>
        </dependency>
        <dependency>
            <groupId>org.springframework.security</groupId>
            <artifactId>spring-security-core</artifactId>
            <version>4.1.0.RELEASE</version>
        </dependency>
        <dependency>
            <groupId>org.springframework.security</groupId>
            <artifactId>spring-security-web</artifactId>
            <version>4.1.0.RELEASE</version>
        </dependency>
        <!--        llg加的测试依赖-->
        <dependency>
            <groupId>junit</groupId>