一 配置实例
应用场景: cas 服务部署在192.168.7.115 ,是一个web 应用,访问地址为:https://cas.mycompany.com:8443/cas/ 。web1 应用位于192.168.7.90 ,访问地址为:http://192.168.7.90:8081/web1 ,web2 应用位于192.168.7.90 ,访问地址为:http://192.168.7.90:8082/web2 。web1 和web2 通过cas 服务实现SSO 功能。浏览器位于本地localhost 。
cas 服务器: 172.16.52.35 启动8443 端口,需配置证书
web1 : 172.16.52.35
hosts 配置: 172.16.52.35 cas.mycompany.com
web.xml 里的配置:
<context-param>
<param-name>casServerUrlPrefix</param-name>
<param-value>https://cas.mycompany.com:8443/cas/</param-value>
</context-param>
<context-param>
<param-name>serverName</param-name>
<param-value>172.16.52.35:8081</param-value>
</context-param>
<filter>
<filter-name>CAS Authentication Filter</filter-name>
<filter-class>
org.jasig.cas.client.authentication.AuthenticationFilter
</filter-class>
<init-param>
<param-name>casServerLoginUrl</param-name>
<param-value>https://cas.mycompany.com:8443/cas/login</param-value>
</init-param>
</filter>
<filter>
<filter-name>CAS Validation Filter</filter-name>
<filter-class>
org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter
</filter-class>
</filter>
<filter-mapping>
<filter-name>CAS Authentication Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS Validation Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
JDK 启动参数需加上( 验证CAS 服务器证书的需要) :
-Djavax.net.ssl.trustStore=/home/yz/web1/conf/cas-client-trust-cert.jks
-Djavax.net.ssl.trustStorePassword=casclient!@#
web2 : 172.16.52.35
hosts 配置: 172.16.52.35 cas.mycompany.com
web.xml 里的配置:
同web1