1、tomcat部署https请求:
jdk生成证书:
keytool -genkey -alias ppt -keyalg RSA -keystore d:/keys/cert
导出证书:
keytool -export -file d:/keys/ppt.crt -alias ppt -keystore d:/keys/cert
为客户端导入证书:
keytool -import -keystore C:\Program Files\Java\jre1.6.0_03\lib\security\cacerts -file D:/keys/ppt.crt -alias ppt
修改tomcat /conf/server.xml文件:
<Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol"
maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" keystoreFile="D:\keys\cert" keystorePass="123456"/>
2、首先下载cas包,我的是cas-server-4.0.0-release.zip,解压到指定目录,把modules下面的cas-server-webapp-4.0.0.war部署到tomcat,启动tomcat,用户名跟密码是这个:
<map>
<entry key="casuser" value="Mellon"/>
</map>
3、从mysql数据认证,配置如下(WEB-INF/deployerConfigContext.xml):
<bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource">
<property name="driverClassName" value="com.mysql.jdbc.Driver" />
<property name="url" value="jdbc:mysql://localhost:3306/cas?useUnicode=true&characterEncoding=utf-8"/>
<property name="username" value="root" />
<property name="password" value="root" />
</bean>
<bean id="dbAuthHandler"
class="org.jasig.cas.adaptors.jdbc.QueryDatabaseAuthenticationHandler"
p:dataSource-ref="dataSource"
p:sql="select password from cas_user where username=? " />
增加这两个bean。然后修改:
<bean id="authenticationManager" class="org.jasig.cas.authentication.PolicyBasedAuthenticationManager">
<constructor-arg>
<map>
<!--
| IMPORTANT
| Every handler requires a unique name.
| If more than one instance of the same handler class is configured, you must explicitly
| set its name to something other than its default name (typically the simple class name).
-->
<!--
<entry key-ref="proxyAuthenticationHandler" value-ref="proxyPrincipalResolver" />
<entry key-ref="primaryAuthenticationHandler" value-ref="primaryPrincipalResolver" />
-->
<entry key-ref="dbAuthHandler" value-ref="primaryPrincipalResolver"/>
</map>
</constructor-arg>
4、把cas-server-support-jdbc-4.0.0.jar,mysql-connector-java-5.1.21.jar放到webapps\cas\WEB-INF\lib,就可以了。
5、客户端配置,pom文件加:
<dependency>
<groupId>org.jasig.cas</groupId>
<artifactId>cas-client-core</artifactId>
<version>3.1.10</version>
</dependency>
6、web.xml文件配置:
<filter>
<filter-name>cas</filter-name>
<filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>
<init-param>
<param-name>casServerLoginUrl</param-name>
<param-value>https://127.0.0.1:8443/cas/login</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>https://127.0.0.1:8443/</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>cas</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
总结:我把上面两个包放到tomcat的lib下面,各种报错,折腾了好久,用试一下的心态,把他们放到WEB-INF\lib\下面,终于成功,纪念一下。但是为什么放在tomcat的lib下面不行,目前还不知道,感觉应该是一样的,用的是tomcat7.继续加油。