Index: build.gradle
===================================================================
diff -u -r16176 -r16468
--- build.gradle	(.../build.gradle)	(revision 16176)
+++ build.gradle	(.../build.gradle)	(revision 16468)
@@ -685,6 +685,8 @@
 		compile (project(":forgon-core"))
 		compile (project(":ssts-diposablegoods"))
 		compile (project(":ssts-tousse"))
+		// 引入CAS client，用户单点登录的身份验证
+		compile group: 'org.jasig.cas.client', name: 'cas-client-core', version: '3.4.1'		
 	}
 }
 
@@ -836,6 +838,10 @@
 		}
 		else if (projectName == 'zd5y'){
 			compile (project(":ssts-zd5y-misc"))
+			// 引入CAS client，用户单点登录的身份验证
+			compile group: 'org.jasig.cas.client', name: 'cas-client-core', version: '3.4.1'
+			// 引入Spring Security CAS的jar包
+			compile 'org.springframework.security:spring-security-cas:' + springSecurityVersion
 		}
 		else if (projectName == 'gdsy'){
 			compile (project(":ssts-gdsy-misc"))
Index: ssts-web/src/main/resources/spring/projects/zd5y/applicationContext-acegi-security.xml
===================================================================
diff -u
--- ssts-web/src/main/resources/spring/projects/zd5y/applicationContext-acegi-security.xml	(revision 0)
+++ ssts-web/src/main/resources/spring/projects/zd5y/applicationContext-acegi-security.xml	(revision 16468)
@@ -0,0 +1,188 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+	xmlns:sec="http://www.springframework.org/schema/security" 
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xsi:schemaLocation="http://www.springframework.org/schema/beans
+	http://www.springframework.org/schema/beans/spring-beans-3.2.xsd
+	http://www.springframework.org/schema/security
+	http://www.springframework.org/schema/security/spring-security-3.2.xsd">
+	
+	<sec:debug />
+    
+    <bean id="usernamePasswordAuthenticationForCasFilter" class="com.forgon.disinfectsystem.sso.cas.client.filter.UsernamePasswordAuthenticationForCasFilter">
+    	<property name="authenticationManager" ref="sstsAuthenticationManager"/>
+    	
+    </bean>
+    
+    <sec:authentication-manager id= "authManager1" alias="sstsAuthenticationManager" >
+        <sec:authentication-provider user-service-ref="daoUserDetail">
+        	<sec:password-encoder hash="md5" />
+    	</sec:authentication-provider>
+    </sec:authentication-manager>
+    
+    <bean id="authenticationFilter" class=
+		"org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter">
+  		<property name="authenticationManager" ref="sstsAuthenticationManager"/>
+<!--   		<property name="filterProcessesUrl" value="/j_spring_security_check"/> -->
+	</bean>
+
+	<sec:authentication-manager id="authManager2" alias="authenticationManager">
+		<sec:authentication-provider ref="preAuthAuthProvider" />
+	</sec:authentication-manager>
+
+	<bean id="preAuthAuthProvider"
+		class="org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider">
+		<property name="preAuthenticatedUserDetailsService">
+			<bean id="userDetailsServiceWrapper"
+				class="org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper">
+				<property name="userDetailsService" ref="daoUserDetail" />
+<!-- 				<property name="userDetailsService" ref="userService" /> -->
+			</bean>
+		</property>
+	</bean>
+
+	<sec:user-service id="userService">
+		<sec:user name="admin" password="admin" authorities="ROLE_SUPERVISOR,ROLE_USER" />
+		<sec:user name="dianne" password="dianne" authorities="ROLE_USER" />
+		<sec:user name="scott" password="scott" authorities="ROLE_USER" />
+	</sec:user-service>
+    
+    
+    <bean id="loggerListener"
+        class="org.springframework.security.access.event.LoggerListener" />
+    
+
+    <bean id="logoutFilter"
+    	class="org.springframework.security.web.authentication.logout.LogoutFilter">
+    	<!-- 退出后指向的 URL -->
+    	<constructor-arg value="/cas-logout.jsp" />
+    	<constructor-arg>
+    		<list>
+    			<bean
+    				class="org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler" />
+    			<ref bean="logoutHandler"/>
+    		</list>
+    	</constructor-arg>
+    </bean>
+
+
+    <bean id="sessionRegistry" class="org.springframework.security.core.session.SessionRegistryImpl"/>
+    
+    
+	<bean id="springSecurityFilterChain" class="org.springframework.security.web.FilterChainProxy">
+	    <sec:filter-chain-map path-type="ant">
+
+	        <sec:filter-chain pattern="/login" filters="none"/>
+			<sec:filter-chain pattern="/logout" filters="none"/>
+			<sec:filter-chain pattern="/accessdenied" filters="none"/>
+			<sec:filter-chain pattern="/logon.jsp" filters="none"/>
+			<sec:filter-chain pattern="/debug/**" filters="none"/>
+			<sec:filter-chain pattern="/disinfectsystem/config/**" filters="none"/>
+			<sec:filter-chain pattern="/disinfectsystem/common/**" filters="none"/>
+			<sec:filter-chain pattern="/disinfectSystem/fileUploadServlet/**" filters="none"/>
+			<sec:filter-chain pattern="/CodeImageServlet/**" filters="none"/>
+			<sec:filter-chain pattern="/fckeditor/**" filters="none"/>
+			<sec:filter-chain pattern="/UserUpLoadFiles/**" filters="none"/>
+			<sec:filter-chain pattern="/favicon.ico" filters="none"/>
+			<sec:filter-chain pattern="/common/taglibs.jsp" filters="none"/>
+			<sec:filter-chain pattern="/js/**" filters="none"/>
+			<sec:filter-chain pattern="/jquery/**" filters="none"/>
+			<sec:filter-chain pattern="/ext/**" filters="none"/>
+<!-- 			<sec:filter-chain pattern="/dwr/**" filters="none"/> -->
+			<sec:filter-chain pattern="/images/**" filters="none"/>
+			<sec:filter-chain pattern="/styles/**" filters="none"/>
+			<sec:filter-chain pattern="/scripts/**" filters="none"/>
+			<sec:filter-chain pattern="/themes/**" filters="none"/>
+			<sec:filter-chain pattern="/cas-logout.jsp" filters="none"/>
+			<sec:filter-chain pattern="/j_spring_security_check" filters="usernamePasswordAuthenticationForCasFilter"/>
+			<sec:filter-chain pattern="/services/**" filters="none"/>
+			<sec:filter-chain pattern="/mobileClient/**" filters="none"/>
+			<sec:filter-chain pattern="/disinfectSystem/sterilization/sterilizationRecordAction!uploadSterilizationRecordPic.do" filters="none"/>	    	
+	    	
+	        <sec:filter-chain pattern="/" filters="casValidationFilter, wrappingFilter" />
+	        <sec:filter-chain pattern="/secure/receptor" filters="casValidationFilter" />
+<!-- 	        <sec:filter-chain pattern="/casLogon.jsp" filters="casValidationFilter" /> -->
+	        <sec:filter-chain pattern="/j_spring_security_logout" filters="logoutFilter,etf,fsi" />
+	        <sec:filter-chain pattern="/**" filters="casAuthenticationFilter, casValidationFilter, wrappingFilter, sif,j2eePreAuthFilter,logoutFilter,etf,fsi"/>
+	        
+	    </sec:filter-chain-map>
+	</bean>
+	
+	<bean id="sif" class="org.springframework.security.web.context.SecurityContextPersistenceFilter"/>
+	
+	<bean id="preAuthEntryPoint" class="org.springframework.security.web.authentication.Http403ForbiddenEntryPoint" />
+
+	<bean id="j2eePreAuthFilter"
+		class="org.springframework.security.web.authentication.preauth.j2ee.J2eePreAuthenticatedProcessingFilter">
+		<property name="authenticationManager" ref="authenticationManager" />
+		<property name="authenticationDetailsSource">
+			<bean
+				class="org.springframework.security.web.authentication.WebAuthenticationDetailsSource" />
+		</property>
+	</bean>
+
+	<!--  Spring 4.0以上的版本去掉了 ServletContextFactoryBean，可以直接去掉该bean的定义
+	<bean id="servletContext" class="org.springframework.web.context.support.ServletContextFactoryBean"/>
+	 -->
+	 
+	<bean id="etf" class="org.springframework.security.web.access.ExceptionTranslationFilter">
+    	<property name="authenticationEntryPoint" ref="preAuthEntryPoint"/>
+	</bean>
+
+	<bean id="httpRequestAccessDecisionManager" class="org.springframework.security.access.vote.AffirmativeBased">
+	    <property name="allowIfAllAbstainDecisions" value="false"/>
+	    <property name="decisionVoters">
+	        <list>
+	            <ref bean="roleVoter"/>
+	        </list>
+	    </property>
+	</bean>
+	
+
+	<bean id="fsi" class="org.springframework.security.web.access.intercept.FilterSecurityInterceptor">
+	    <property name="authenticationManager" ref="authenticationManager"/>
+	    <property name="accessDecisionManager" ref="httpRequestAccessDecisionManager"/>
+	    <property name="securityMetadataSource">
+	        <sec:filter-invocation-definition-source use-expressions="true">
+<!-- 	            <sec:intercept-url pattern="/secure/extreme/**" access="isFullyAuthenticated()"/> -->
+<!-- 	            <sec:intercept-url pattern="/secure/**" access="ROLE_USER"/> -->
+<!-- 	            <sec:intercept-url pattern="/casLogon.jsp" access="ROLE_ANONYMOUS"/> -->
+<!-- 				<sec:intercept-url pattern="/logon.jsp" access="permitAll"/> -->
+<!-- 	            <sec:intercept-url pattern="/**" access="isAuthenticated()"/> -->
+				<sec:intercept-url pattern="/**" access="isFullyAuthenticated()"></sec:intercept-url>
+		            
+	        </sec:filter-invocation-definition-source>
+	    </property>
+	</bean>
+	
+	<bean id="roleVoter" class="org.springframework.security.web.access.expression.WebExpressionVoter"/>
+	
+	<bean id="securityContextHolderAwareRequestFilter" class="org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter"/>
+
+	<bean class="org.jasig.cas.client.validation.Cas20ServiceTicketValidator" id="ticketValidator">
+	    <constructor-arg index="0" value="https://casserver:8443" />
+	    <property name="proxyGrantingTicketStorage" ref="proxyGrantingTicketStorage" />
+<!-- 	    <property name="proxyCallbackUrl" value="/proxy/receptor" /> -->
+	</bean>
+
+    <bean id="proxyGrantingTicketStorage" class="org.jasig.cas.client.proxy.ProxyGrantingTicketStorageImpl" />
+        
+    <bean id="casAuthenticationFilter" class="org.jasig.cas.client.authentication.AuthenticationFilter">
+	    <property name="casServerLoginUrl" value="https://casserver:8443/login" />
+	    <property name="serverName" value="http://localhost" />
+	</bean>
+	
+	<bean id="casValidationFilter" class="org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter">
+	    <!-- property name="casServerUrlPrefix" value="https://casserver:8443" /-->
+	    <property name="serverName" value="http://localhost" />
+	    <property name="exceptionOnValidationFailure" value="true" />
+	    <property name="proxyGrantingTicketStorage" ref="proxyGrantingTicketStorage" />
+	    <property name="redirectAfterValidation" value="true" />
+	    <property name="ticketValidator" ref="ticketValidator" />
+	    <property name="proxyReceptorUrl" value="/secure/receptor" />
+<!-- 	    <property name="proxyReceptorUrl" value="/casLogon.jsp" /> -->
+	</bean>
+	
+	<bean id="wrappingFilter" class="org.jasig.cas.client.util.HttpServletRequestWrapperFilter" />
+	
+</beans>
\ No newline at end of file
Index: ssts-web/src/main/webapp/WEB-INF/web-zd5y.xml
===================================================================
diff -u
--- ssts-web/src/main/webapp/WEB-INF/web-zd5y.xml	(revision 0)
+++ ssts-web/src/main/webapp/WEB-INF/web-zd5y.xml	(revision 16468)
@@ -0,0 +1,390 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<web-app xmlns="http://java.sun.com/xml/ns/javaee"
+	      xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	      xsi:schemaLocation="http://java.sun.com/xml/ns/javaee 
+	      http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
+	      version="3.0">
+	      
+    <display-name>SterileSupplySystem</display-name>
+  
+    <context-param>
+        <param-name>reload_interval_in_minutes</param-name>
+        <param-value>30</param-value>
+    </context-param>
+    
+    <context-param>
+        <param-name>contextConfigLocation</param-name>
+        <param-value>classpath*:spring/applicationContext-blank.xml</param-value>
+    </context-param>
+    
+    <context-param>
+        <param-name>locatorFactorySelector</param-name>
+        <param-value>classpath*:beanRefContext.xml</param-value>
+    </context-param>
+    
+    <context-param>
+        <param-name>parentContextKey</param-name>
+        <param-value>com.forgon.portal</param-value>
+    </context-param>
+
+
+    
+	<filter>
+		<filter-name>springSecurityFilterChain</filter-name>
+		<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
+	</filter>
+
+	<filter-mapping>
+		<filter-name>springSecurityFilterChain</filter-name>
+		<url-pattern>/*</url-pattern>
+	</filter-mapping>
+	
+	<filter>
+	   <filter-name>CAS Single Sign Out Filter</filter-name>
+	   <filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>
+	   <init-param>
+	      <param-name>casServerUrlPrefix</param-name>
+	      <param-value>https://casserver:8443</param-value>
+	   </init-param>
+	</filter>
+
+	<filter-mapping>
+		<filter-name>CAS Single Sign Out Filter</filter-name>
+		<url-pattern>/*</url-pattern>
+	</filter-mapping>
+
+    <filter>
+        <filter-name>EncodingFilter</filter-name>
+        <filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>
+        <init-param>
+            <param-name>encoding</param-name>
+            <param-value>UTF-8</param-value>
+        </init-param>
+    </filter>
+    
+    <filter>
+        <filter-name>resetPasswordFilter</filter-name>
+        <filter-class>com.forgon.security.filter.ResetPasswordFilter</filter-class>
+        <init-param>
+        	<param-name>toUrl</param-name>
+        	<param-value>/logon.jsp</param-value>
+        </init-param>
+    </filter>
+    
+    <!--Hibernate Open Session in View Filter-->
+    
+    <filter>
+        <filter-name>versionManagerFilter</filter-name>
+        <filter-class>com.forgon.register.filter.VersionManagerFilter</filter-class>
+        <init-param>
+            <param-name>noFilterUrl</param-name>
+            <param-value>/debug/;/disinfectsystem/config/;/disinfectsystem/common/;/disinfectSystem/fileUploadServlet;/CodeImageServlet;/fckeditor/;/UserUpLoadFiles/;/openSystemMainPage.jsp;/logon.jsp;/favicon.ico;/js/;/common/taglibs.jsp;/jquery/;/ext/;/dwr/;/images/;/styles/;/scripts/;/wap/index.jsp;/themes/;/services/;/ikey/;/mobileClient/;/disinfectSystem/sterilization/sterilizationRecordAction!uploadSterilizationRecordPic.do</param-value>
+        </init-param>
+    </filter>
+    
+    <filter>
+        <filter-name>struts2</filter-name>
+        <filter-class>org.apache.struts2.dispatcher.ng.filter.StrutsPrepareAndExecuteFilter</filter-class>
+    </filter>
+    
+     <filter>
+        <filter-name>hibernateFilter</filter-name>
+        <filter-class>org.springframework.orm.hibernate4.support.OpenSessionInViewFilter</filter-class>
+    </filter>
+    
+    <filter-mapping>
+        <filter-name>EncodingFilter</filter-name>
+        <url-pattern>/*</url-pattern>
+    </filter-mapping>
+    
+    <filter-mapping>
+        <filter-name>hibernateFilter</filter-name>
+        <url-pattern>/*</url-pattern>
+    </filter-mapping>
+    
+
+
+    <filter-mapping>
+        <filter-name>versionManagerFilter</filter-name>
+        <url-pattern>/*</url-pattern>
+    </filter-mapping>
+    
+    <filter-mapping>
+        <filter-name>struts2</filter-name>
+        <url-pattern>*.do</url-pattern>
+    </filter-mapping>
+    
+    <!-- filter-mapping> 暂时屏蔽验证密码复杂过滤器
+        <filter-name>resetPasswordFilter</filter-name>
+        <url-pattern>/openSystemMainPage.jsp</url-pattern>
+    </filter-mapping-->
+    
+    <listener>
+        <listener-class>
+            com.forgon.servlet.ForgonServletContextListener
+        </listener-class>
+    </listener>
+    <listener>
+        <listener-class>
+            org.springframework.web.context.ContextLoaderListener
+        </listener-class>
+    </listener>
+    <listener>
+        <listener-class>
+            com.forgon.tools.listener.SingletonSpringApplicationContextListener
+        </listener-class>
+    </listener>
+    
+    <!--listener>
+        <listener-class>com.sun.faces.config.ConfigureListener</listener-class>
+    </listener-->
+    
+    <listener>
+    	<listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class>
+	</listener>
+
+    <listener>
+        <listener-class>org.springframework.security.web.session.HttpSessionEventPublisher</listener-class>
+    </listener>  
+    <listener>
+        <listener-class>com.forgon.oa.onlineusers.listener.SessionInvalidationListener</listener-class>
+    </listener>
+    
+    <servlet>
+        <servlet-name>dwr-invoker</servlet-name>
+        <servlet-class>org.directwebremoting.servlet.DwrServlet</servlet-class>
+        <init-param>
+            <param-name>debug</param-name>
+            <param-value>true</param-value>
+        </init-param>
+        <init-param>
+            <param-name>classes</param-name>
+            <param-value>java.lang.Object</param-value>
+        </init-param>
+        <init-param>
+            <param-name>activeReverseAjaxEnabled</param-name>
+            <param-value>true</param-value>
+        </init-param>
+        <init-param>
+          <param-name>maxWaitAfterWrite</param-name>
+          <param-value>500</param-value>
+        </init-param>
+        <init-param>   
+            <param-name>crossDomainSessionSecurity</param-name>   
+            <param-value>false</param-value>   
+        </init-param>
+        <init-param>
+		    <param-name>scriptCompressed</param-name>
+			<param-value>true</param-value>   
+		</init-param>
+		<init-param>
+		   <param-name>compressionLevel</param-name>   
+		   <param-value>47</param-value>   
+		</init-param>
+    </servlet>
+    
+    <servlet>
+        <servlet-name>spring-mvc</servlet-name>
+        <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
+		<init-param>
+			<param-name>contextConfigLocation</param-name>
+			<param-value>/WEB-INF/spring-mvc-servlet.xml</param-value>
+		</init-param>
+        <load-on-startup>1</load-on-startup>
+    </servlet>
+    
+    <servlet>
+        <servlet-name>fileDownLoad</servlet-name>
+        <servlet-class>com.forgon.filedownload.servlet.FileDownLoadServlet</servlet-class>
+    </servlet>
+    
+    <servlet> 
+        <servlet-name>CodeImageServlet</servlet-name> 
+        <servlet-class>com.forgon.security.servlet.CodeImageServlet</servlet-class> 
+    </servlet>
+    
+    <servlet-mapping> 
+        <servlet-name>CodeImageServlet</servlet-name> 
+        <url-pattern>/CodeImageServlet</url-pattern> 
+    </servlet-mapping>
+    
+    
+    <servlet> 
+        <servlet-name>JRHTMLServlet</servlet-name> 
+        <servlet-class>org.xinyunfei.web.JRHTMLServlet</servlet-class> 
+   </servlet> 
+   <servlet-mapping> 
+        <servlet-name>JRHTMLServlet</servlet-name> 
+        <url-pattern>/JRHTMLServlet</url-pattern> 
+   </servlet-mapping>
+
+
+	<servlet>
+		<servlet-name>ImageServlet</servlet-name>
+		<servlet-class>net.sf.jasperreports.j2ee.servlets.ImageServlet</servlet-class>
+	</servlet>
+
+	<servlet-mapping>
+		<servlet-name>ImageServlet</servlet-name>
+		<url-pattern>/servlets/image</url-pattern>
+	</servlet-mapping>
+	
+	<servlet>
+	    <servlet-name>DisplayChart</servlet-name>
+	    <servlet-class>org.jfree.chart.servlet.DisplayChart</servlet-class>
+    </servlet>
+    
+    <servlet-mapping>
+        <servlet-name>DisplayChart</servlet-name>
+        <url-pattern>/DisplayChart</url-pattern>
+    </servlet-mapping>
+   
+ 
+     <!-- Faces Servlet -->
+    <!--servlet>
+        <servlet-name>Faces Servlet</servlet-name>
+        <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
+        <load-on-startup>3</load-on-startup>
+    </servlet-->
+    
+    <servlet>
+        <servlet-name>Connector</servlet-name>
+        <servlet-class>com.fredck.FCKeditor.connector.ConnectorServlet</servlet-class>
+        <init-param>
+            <param-name>baseDir</param-name>
+            <param-value>/UserUpLoadFiles/</param-value>
+        </init-param>
+        <init-param>
+            <param-name>debug</param-name>
+            <param-value>false</param-value>
+        </init-param>
+        <load-on-startup>1</load-on-startup>
+    </servlet>
+
+    <servlet>
+        <servlet-name>SimpleUploader</servlet-name>
+        <servlet-class>com.fredck.FCKeditor.uploader.SimpleUploaderServlet</servlet-class>
+        <init-param>
+            <param-name>baseDir</param-name>
+            <param-value>/UserUpLoadFiles/</param-value>
+        </init-param>
+        <init-param>
+            <param-name>debug</param-name>
+            <param-value>false</param-value>
+        </init-param>
+        <init-param>
+            <param-name>enabled</param-name>
+            <param-value>true</param-value>
+        </init-param>
+        <init-param>
+            <param-name>AllowedExtensionsFile</param-name>
+            <param-value></param-value>
+        </init-param>
+        <init-param>
+            <param-name>DeniedExtensionsFile</param-name>
+            <param-value>php|php3|php5|phtml|asp|aspx|ascx|jsp|cfm|cfc|pl|bat|exe|dll|reg|cgi</param-value>
+        </init-param>
+        <init-param>
+            <param-name>AllowedExtensionsImage</param-name>
+            <param-value>jpg|gif|jpeg|png|bmp</param-value>
+        </init-param>
+        <init-param>
+            <param-name>DeniedExtensionsImage</param-name>
+            <param-value></param-value>
+        </init-param>
+        <init-param>
+            <param-name>AllowedExtensionsFlash</param-name>
+            <param-value>swf|fla</param-value>
+        </init-param>
+        <init-param>
+            <param-name>DeniedExtensionsFlash</param-name>
+            <param-value></param-value>
+        </init-param>
+        <load-on-startup>1</load-on-startup>
+    </servlet>
+    
+	<servlet>
+		<servlet-name>cxf</servlet-name>
+		<display-name>cxf</display-name>
+		<description>Apache CXF Endpoint</description>
+		<servlet-class>org.apache.cxf.transport.servlet.CXFServlet</servlet-class>
+		<load-on-startup>1</load-on-startup>
+	</servlet>
+    <servlet>
+        <servlet-name>uploadImageServlet</servlet-name>
+        <servlet-class>com.forgon.disinfectsystem.sterilizationmanager.sterilizationrecord.servlet.UploadServlet</servlet-class>
+    </servlet>
+    <servlet-mapping>
+        <servlet-name>uploadImageServlet</servlet-name>
+        <url-pattern>/disinfectSystem/fileUploadServlet</url-pattern>
+    </servlet-mapping>
+    <servlet-mapping>
+        <servlet-name>Connector</servlet-name>
+        <url-pattern>/fckeditor/editor/filemanager/browser/default/connectors/jsp/connector</url-pattern>
+    </servlet-mapping>
+  
+  <servlet-mapping>
+    <servlet-name>SimpleUploader</servlet-name>
+    <url-pattern>/fckeditor/editor/filemanager/upload/simpleuploader</url-pattern>
+  </servlet-mapping>  
+
+
+    <servlet-mapping>
+        <servlet-name>dwr-invoker</servlet-name>
+        <url-pattern>/dwr/*</url-pattern>
+    </servlet-mapping>
+    
+    <servlet-mapping>
+        <servlet-name>fileDownLoad</servlet-name>
+        <url-pattern>/attachfiles/fileDownLoad</url-pattern>
+    </servlet-mapping>
+
+    <servlet-mapping>
+        <servlet-name>spring-mvc</servlet-name>
+        <url-pattern>*.mhtml</url-pattern>
+    </servlet-mapping>
+    
+	<servlet-mapping>
+		<servlet-name>cxf</servlet-name>
+		<url-pattern>/services/*</url-pattern>
+	</servlet-mapping>
+    <jsp-config>
+	    <taglib>
+			<taglib-uri>http://www.springmodules.org/tags/commons-validator</taglib-uri>
+			<taglib-location>/WEB-INF/tlds/spring-commons-validator.tld</taglib-location>
+		</taglib>
+		
+	    <taglib>
+			<taglib-uri>http://www.forgon.com/interceptString</taglib-uri>
+			<taglib-location>/WEB-INF/tlds/interceptStringTag.tld</taglib-location>
+		</taglib>
+		
+	    <taglib>
+			<taglib-uri>http://www.forgon.com/tags-operation</taglib-uri>
+			<taglib-location>/WEB-INF/tlds/operation.tld</taglib-location>
+		</taglib>
+
+	    <taglib>
+			<taglib-uri>http://www.forgon.com/tags-bean</taglib-uri>
+			<taglib-location>/WEB-INF/tlds/attachfile.tld</taglib-location>
+		</taglib>
+	
+	</jsp-config>
+    <context-param>
+            <param-name>javax.servlet.jsp.jstl.fmt.localizationContext</param-name>
+            <param-value>resources/oa</param-value>
+     </context-param>
+    
+    <welcome-file-list>
+        <welcome-file>openSystemMainPage.jsp</welcome-file>
+    </welcome-file-list>
+
+    <session-config>
+        <session-timeout>480</session-timeout>
+    </session-config>
+    <distributable/>
+	<error-page>
+	    <error-code>403</error-code>
+	    <location>/casfailed.jsp</location>
+	</error-page>    
+</web-app>
\ No newline at end of file
Index: ssts-web/src/main/webapp/casfailed.jsp
===================================================================
diff -u
--- ssts-web/src/main/webapp/casfailed.jsp	(revision 0)
+++ ssts-web/src/main/webapp/casfailed.jsp	(revision 16468)
@@ -0,0 +1,20 @@
+<%@ page contentType="text/html; charset=UTF-8"%>
+<%@ include file="/common/taglibs.jsp" %>
+<%@ page import="com.forgon.security.userdetails.*,com.forgon.security.service.*,com.forgon.directory.vo.LoginUserData,com.forgon.tools.SpringBeanManger,com.forgon.security.service.OperationManager"%>
+<%@page import="com.forgon.systemsetting.service.HttpOptionManager,com.forgon.disinfectsystem.common.*"%>
+<%@page import="com.forgon.disinfectsystem.basedatamanager.ipandorgunitmapping.service.IpAndOrgUnitMappingManager"%>
+<%@page import="com.forgon.log.model.Log" %>
+<%@page import="org.springframework.security.core.userdetails.*,org.springframework.security.authentication.*,org.springframework.security.core.*,org.springframework.security.core.context.*" %>
+<%@ page language="java" import="org.jasig.cas.client.authentication.AttributePrincipal" %>
+
+<%@page import="java.util.List"%>
+<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
+<title>系统信息</title>
+</head>
+<body>
+您好，在追溯系统数据中没找到您的注册信息，请与系统管理员联系！
+</body>
+</html>
\ No newline at end of file
Index: ssts-zd5y-misc/src/main/java/com/forgon/disinfectsystem/sso/cas/client/filter/UsernamePasswordAuthenticationForCasFilter.java
===================================================================
diff -u
--- ssts-zd5y-misc/src/main/java/com/forgon/disinfectsystem/sso/cas/client/filter/UsernamePasswordAuthenticationForCasFilter.java	(revision 0)
+++ ssts-zd5y-misc/src/main/java/com/forgon/disinfectsystem/sso/cas/client/filter/UsernamePasswordAuthenticationForCasFilter.java	(revision 16468)
@@ -0,0 +1,127 @@
+package com.forgon.disinfectsystem.sso.cas.client.filter;
+
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.jasig.cas.client.authentication.AttributePrincipalImpl;
+import org.jasig.cas.client.util.AbstractCasFilter;
+import org.jasig.cas.client.validation.Assertion;
+import org.jasig.cas.client.validation.AssertionImpl;
+import org.springframework.security.authentication.AuthenticationServiceException;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
+
+/**
+ * @author Terry
+ * @Date 2016-12-27 21:43:10
+ * 为CAS服务的身份验证Filter
+ * 验证用户名和密码通过后，在Http Session中放置一个Assertion对象，让casAuthenticationFilter认为身份验证通过了
+ * Assertion对象包含了通过身份验证的用户名principle，以及通过验证的时间
+ */
+public class UsernamePasswordAuthenticationForCasFilter extends AbstractAuthenticationProcessingFilter {
+
+	private static final String DEFAULT_FILTER_PROCESSES_URL = "/j_spring_security_check";
+	private static final String POST = "POST";
+	
+    public static final String SPRING_SECURITY_FORM_USERNAME_KEY = "j_username";
+    public static final String SPRING_SECURITY_FORM_PASSWORD_KEY = "j_password";
+    
+    private String usernameParameter = SPRING_SECURITY_FORM_USERNAME_KEY;
+    private String passwordParameter = SPRING_SECURITY_FORM_PASSWORD_KEY;
+	private boolean postOnly = true;
+	
+	public UsernamePasswordAuthenticationForCasFilter() {
+		super(DEFAULT_FILTER_PROCESSES_URL);
+	}
+
+	@Override
+	public Authentication attemptAuthentication(HttpServletRequest request,
+			HttpServletResponse response) throws AuthenticationException,
+			IOException, ServletException {
+
+		// You'll need to fill in the gaps here. See the source of
+		// UsernamePasswordAuthenticationFilter for a working implementation
+		// you can leverage.
+        if (postOnly && !request.getMethod().equals("POST")) {
+            throw new AuthenticationServiceException("Authentication method not supported: " + request.getMethod());
+        }
+
+        String username = obtainUsername(request);
+        String password = obtainPassword(request);
+
+        if (username == null) {
+            username = "";
+        }
+
+        if (password == null) {
+            password = "";
+        }
+
+        username = username.trim();
+
+        UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(username, password);
+
+        // Allow subclasses to set the "details" property
+        setDetails(request, authRequest);
+
+        Authentication authenticate = this.getAuthenticationManager().authenticate(authRequest);
+        
+		return authenticate;
+		
+		//return null;
+	}
+
+    protected void setDetails(HttpServletRequest request, UsernamePasswordAuthenticationToken authRequest) {
+        authRequest.setDetails(authenticationDetailsSource.buildDetails(request));
+    }
+    
+	@Override
+	public void doFilter(ServletRequest req, ServletResponse res,
+			FilterChain chain) throws IOException, ServletException {
+		final HttpServletRequest request = (HttpServletRequest) req;
+		final HttpServletResponse response = (HttpServletResponse) res;
+		if (request.getMethod().equals(POST)) {
+			// If the incoming request is a POST, then we send it up
+			// to the AbstractAuthenticationProcessingFilter.
+			super.doFilter(request, response, chain);
+
+			final Assertion assertion;
+			final Map<String, Object> attributes = new HashMap<String, Object>();
+
+			String principal = obtainUsername(request);
+			assertion = new AssertionImpl(new AttributePrincipalImpl(principal,
+					attributes));
+			
+			request.getSession().setAttribute(AbstractCasFilter.CONST_CAS_ASSERTION, assertion);
+
+			System.out.println("test");
+			
+		} else {
+			// If it's a GET, we ignore this request and send it
+			// to the next filter in the chain. In this case, that
+			// pretty much means the request will hit the /login
+			// controller which will process the request to show the
+			// login page.
+			chain.doFilter(request, response);
+		}
+	}
+	
+    protected String obtainUsername(HttpServletRequest request) {
+        return request.getParameter(usernameParameter);
+    }
+    
+    protected String obtainPassword(HttpServletRequest request) {
+        return request.getParameter(passwordParameter);
+    }
+
+}
Index: ssts-web/src/main/webapp/casLogon.jsp
===================================================================
diff -u
--- ssts-web/src/main/webapp/casLogon.jsp	(revision 0)
+++ ssts-web/src/main/webapp/casLogon.jsp	(revision 16468)
@@ -0,0 +1,52 @@
+<%@ page contentType="text/html; charset=UTF-8"%>
+<%@ include file="/common/taglibs.jsp" %>
+<%@ page import="com.forgon.security.userdetails.*,com.forgon.security.service.*,com.forgon.directory.vo.LoginUserData,com.forgon.tools.SpringBeanManger,com.forgon.security.service.OperationManager"%>
+<%@page import="com.forgon.systemsetting.service.HttpOptionManager,com.forgon.disinfectsystem.common.*"%>
+<%@page import="com.forgon.disinfectsystem.basedatamanager.ipandorgunitmapping.service.IpAndOrgUnitMappingManager"%>
+<%@page import="com.forgon.log.model.Log" %>
+<%@page import="org.springframework.security.core.userdetails.*,org.springframework.security.authentication.*,org.springframework.security.core.*,org.springframework.security.core.context.*" %>
+
+<%@page import="java.util.List"%>
+<%
+	String username = request.getRemoteUser();
+
+	System.out.println("RemoteUser = " + request.getRemoteUser());
+
+	UserDetailsService daoUserDetail = (UserDetailsService) SpringBeanManger
+			.getBean("daoUserDetail");
+
+	UserContainsSessionUser user = (UserContainsSessionUser) daoUserDetail
+			.loadUserByUsername(username);
+
+	// 验证不通过
+	if (user == null) {
+		// 跳转到登陆页
+		// ...
+		response.sendRedirect("logon.jsp");
+	}
+	// 验证通过后的处理
+	else {
+
+		Authentication authRequest = new UsernamePasswordAuthenticationToken(
+				user, "1", user.getAuthorities());
+
+		SecurityContextHolder.getContext().setAuthentication(
+				authRequest);
+		
+		response.sendRedirect("openSystemMainPage.jsp");
+
+		// 跳转到欢迎页面
+		// ...
+
+	}
+%>
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
+</head>
+
+<body>
+casLogon.jsp
+1111
+</body>
+</html>
Index: ssts-web/src/main/webapp/cas-logout.jsp
===================================================================
diff -u
--- ssts-web/src/main/webapp/cas-logout.jsp	(revision 0)
+++ ssts-web/src/main/webapp/cas-logout.jsp	(revision 16468)
@@ -0,0 +1,27 @@
+<%@ page language="java" contentType="text/html; charset=UTF-8"
+    pageEncoding="UTF-8"%>
+<%@ page import="com.forgon.security.userdetails.*,com.forgon.security.service.*,com.forgon.directory.vo.LoginUserData,com.forgon.tools.SpringBeanManger,com.forgon.security.service.OperationManager"%>
+<%@page import="com.forgon.systemsetting.service.HttpOptionManager,com.forgon.disinfectsystem.common.*"%>
+<%@page import="com.forgon.disinfectsystem.basedatamanager.ipandorgunitmapping.service.IpAndOrgUnitMappingManager"%>
+<%@page import="com.forgon.log.model.Log" %>
+<%@page import="org.springframework.security.core.userdetails.*,org.springframework.security.authentication.*,org.springframework.security.core.*,org.springframework.security.core.context.*" %>
+
+<%@page import="java.util.List"%>
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
+<title>CAS Logout</title>
+</head>
+<body>
+您已经退出了消毒供应追溯系统！
+<br><br>
+<a href="javascript:window.close();">关闭本窗口</a>
+<br><br><br>
+<a href="logon.jsp">本地重新登录</a>
+</body>
+<script>
+//window.close();
+</script>
+</html>
\ No newline at end of file