Index: build.gradle
===================================================================
diff -u -r27947 -r27951
--- build.gradle	(.../build.gradle)	(revision 27947)
+++ build.gradle	(.../build.gradle)	(revision 27951)
@@ -1073,6 +1073,10 @@
 		
 		compile group: 'sun', name: 'jdbc-odbc', version: '1.0'
 		
+		// 引入CAS client，用户单点登录的身份验证
+		compile group: 'org.jasig.cas.client', name: 'cas-client-core', version: '3.4.1'
+		// 引入Spring Security CAS的jar包
+		compile 'org.springframework.security:spring-security-cas:' + springSecurityVersion
 	
 		// ssts-web项目，具有条件依赖，根据发布项目的名称，依赖于不同的jar包
 		if (projectName == 'gyey'){ // 广医二院
@@ -1087,10 +1091,6 @@
 		}
 		else if (projectName == 'szsdsrmyy'){ // 深圳市第三人民医院
 			compile (project(":ssts-zd5y-misc"))
-			// 引入CAS client，用户单点登录的身份验证
-			compile group: 'org.jasig.cas.client', name: 'cas-client-core', version: '3.4.1'
-			// 引入Spring Security CAS的jar包
-			compile 'org.springframework.security:spring-security-cas:' + springSecurityVersion
 		}		
 		else if (projectName == 'gdsy'){ // 广东省人民医院
 			compile (project(":ssts-gdsy-misc"))
Index: ssts-web/src/main/resources/spring/security/applicationContext-acegi-security-szsdsrmyy.xml.back
===================================================================
diff -u -r27867 -r27951
--- ssts-web/src/main/resources/spring/security/applicationContext-acegi-security-szsdsrmyy.xml.back	(.../applicationContext-acegi-security-szsdsrmyy.xml.back)	(revision 27867)
+++ ssts-web/src/main/resources/spring/security/applicationContext-acegi-security-szsdsrmyy.xml.back	(.../applicationContext-acegi-security-szsdsrmyy.xml.back)	(revision 27951)
@@ -176,12 +176,12 @@
         
     <bean id="casAuthenticationFilter" class="org.jasig.cas.client.authentication.AuthenticationFilter">
 	    <property name="casServerLoginUrl" value="http://192.168.25.22:8089/Portal/login" />
-	    <property name="serverName" value="http://192.168.0.100:8080" />
+	    <property name="serverName" value="http://192.168.25.39" />
 	</bean>
 	
 	<bean id="casValidationFilter" class="org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter">
 	    <!-- property name="casServerUrlPrefix" value="http://192.168.25.22:8089/Portal" /-->
-	    <property name="serverName" value="http://192.168.0.100:8080" />
+	    <property name="serverName" value="http://192.168.25.39" />
 	    <property name="exceptionOnValidationFailure" value="true" />
 	    <property name="proxyGrantingTicketStorage" ref="proxyGrantingTicketStorage" />
 	    <property name="redirectAfterValidation" value="true" />
Index: ssts-web/src/main/java/com/forgon/disinfectsystem/sso/cas/client/filter/UsernamePasswordAuthenticationForCasFilter.java
===================================================================
diff -u
--- ssts-web/src/main/java/com/forgon/disinfectsystem/sso/cas/client/filter/UsernamePasswordAuthenticationForCasFilter.java	(revision 0)
+++ ssts-web/src/main/java/com/forgon/disinfectsystem/sso/cas/client/filter/UsernamePasswordAuthenticationForCasFilter.java	(revision 27951)
@@ -0,0 +1,123 @@
+package com.forgon.disinfectsystem.sso.cas.client.filter;
+
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.jasig.cas.client.authentication.AttributePrincipalImpl;
+import org.jasig.cas.client.util.AbstractCasFilter;
+import org.jasig.cas.client.validation.Assertion;
+import org.jasig.cas.client.validation.AssertionImpl;
+import org.springframework.security.authentication.AuthenticationServiceException;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
+
+/**
+ * @author Terry
+ * @Date 2016-12-27 21:43:10
+ * 为CAS服务的身份验证Filter
+ * 验证用户名和密码通过后，在Http Session中放置一个Assertion对象，让casAuthenticationFilter认为身份验证通过了
+ * Assertion对象包含了通过身份验证的用户名principle，以及通过验证的时间
+ */
+public class UsernamePasswordAuthenticationForCasFilter extends AbstractAuthenticationProcessingFilter {
+
+	private static final String DEFAULT_FILTER_PROCESSES_URL = "/j_spring_security_check";
+	private static final String POST = "POST";
+	
+    public static final String SPRING_SECURITY_FORM_USERNAME_KEY = "j_username";
+    public static final String SPRING_SECURITY_FORM_PASSWORD_KEY = "j_password";
+    
+    private String usernameParameter = SPRING_SECURITY_FORM_USERNAME_KEY;
+    private String passwordParameter = SPRING_SECURITY_FORM_PASSWORD_KEY;
+	private boolean postOnly = true;
+	
+	public UsernamePasswordAuthenticationForCasFilter() {
+		super(DEFAULT_FILTER_PROCESSES_URL);
+	}
+	@Override
+	public Authentication attemptAuthentication(HttpServletRequest request,
+			HttpServletResponse response) throws AuthenticationException,
+			IOException, ServletException {
+
+		// You'll need to fill in the gaps here. See the source of
+		// UsernamePasswordAuthenticationFilter for a working implementation
+		// you can leverage.
+        if (postOnly && !request.getMethod().equals("POST")) {
+            throw new AuthenticationServiceException("Authentication method not supported: " + request.getMethod());
+        }
+
+        String username = obtainUsername(request);
+        String password = obtainPassword(request);
+
+        if (username == null) {
+            username = "";
+        }
+
+        if (password == null) {
+            password = "";
+        }
+
+        username = username.trim();
+
+        UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(username, password);
+
+        // Allow subclasses to set the "details" property
+        setDetails(request, authRequest);
+
+        Authentication authenticate = this.getAuthenticationManager().authenticate(authRequest);
+        
+		return authenticate;
+		
+	}
+
+    protected void setDetails(HttpServletRequest request, UsernamePasswordAuthenticationToken authRequest) {
+        authRequest.setDetails(authenticationDetailsSource.buildDetails(request));
+    }
+    
+	@Override
+	public void doFilter(ServletRequest req, ServletResponse res,
+			FilterChain chain) throws IOException, ServletException {
+		final HttpServletRequest request = (HttpServletRequest) req;
+		final HttpServletResponse response = (HttpServletResponse) res;
+		if (request.getMethod().equals(POST)) {
+			// If the incoming request is a POST, then we send it up
+			// to the AbstractAuthenticationProcessingFilter.
+			super.doFilter(request, response, chain);
+
+			final Assertion assertion;
+			final Map<String, Object> attributes = new HashMap<String, Object>();
+
+			String principal = obtainUsername(request);
+			assertion = new AssertionImpl(new AttributePrincipalImpl(principal,
+					attributes));
+			
+			request.getSession().setAttribute(AbstractCasFilter.CONST_CAS_ASSERTION, assertion);
+
+		} else {
+			// If it's a GET, we ignore this request and send it
+			// to the next filter in the chain. In this case, that
+			// pretty much means the request will hit the /login
+			// controller which will process the request to show the
+			// login page.
+			chain.doFilter(request, response);
+		}
+	}
+	
+    protected String obtainUsername(HttpServletRequest request) {
+        return request.getParameter(usernameParameter);
+    }
+    
+    protected String obtainPassword(HttpServletRequest request) {
+        return request.getParameter(passwordParameter);
+    }
+
+}