CAS 5.3.x 单点登录实现集群搭建,快速入手(三)!!!!

已于 2023-10-16 22:43:23 修改
阅读量3.3k 收藏 3
点赞数
分类专栏: java SSO CAS 文章标签: java CAS 单点登录 集群
于 2018-09-07 19:40:01 首次发布
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/Qensq/article/details/82501275
版权
java 同时被 3 个专栏收录
29 篇文章 1 订阅
订阅专栏
SSO
3 篇文章 0 订阅
订阅专栏
CAS
3 篇文章 1 订阅
订阅专栏

前言:

该篇教程描述如何搭建CAS5.3.x集群操作,由于官方文档并没有贴出集群搭建方案,所以本博主根据源码剖析解决该问题。

进入下面小程序可以体验效果:

 

文档并没有深入浅出说明原理,直接贴代码用于快速上手学习。

学习CAS5.x 推荐看 以下两个博主文章

此博主文章:https://blog.csdn.net/u010475041/article/category/7156505

此博主文章:狂飙的yellowcong的博客_CSDN博客-centos,单点登录,Docker学习领域博主

全部基于springboot开发,请存在此基础再学习!

该教程由本博主(Garc)首发,所以转载请说明原处,谢谢!!

该教程分为两个部分,衔接第二篇

       1.解决 flowExecutionKey CAS点击按钮后异常跳回原页面

PS:请按顺序一步一步来

如果发现CAS不能打印info日志,增加一个AsyncLogger指定自己的工程package就好了

以下所有的 configuration 都需要配置spring ,使用spring aop 配置

配置文件目录:src/main/resources/META-INF/spring.factories 增加如下内容:

com.hpay.sso.support.auth.config.CasWebflowContextConfiguration

解决该异常说明:

由于登录的时候在Nginx分发节点时,将webflow的其中一个节点的flowExecutionKey下发到另一个节点中,然后另一个节点不能正常解密(原因未找到,加密算法我没看懂)。导致出现CAS点击按钮后异常跳回原页面的问题,由于是nginx分发,所以会随机出现。

一、解决 flowExecutionKey 异常跳回原页面

maven依赖包

                <dependency>
                    <groupId>org.cryptacular</groupId>
                    <artifactId>cryptacular</artifactId>
                    <version>1.2.2</version>
                </dependency>

                <dependency>
                    <groupId>org.apereo.cas</groupId>
                    <artifactId>cas-server-support-throttle-core</artifactId>
                    <version>${cas.version}</version>
                </dependency>

                <dependency>
                    <groupId>org.apereo.cas</groupId>
                    <artifactId>cas-server-support-pm-webflow</artifactId>
                    <version>${cas.version}</version>
                </dependency>

application.properties 配置

因为需要替换掉框架内的源码,所以必须要使用该配置排除框架的Bean配置管理使用自定义配置

spring.autoconfigure.exclude=org.apereo.cas.web.flow.config.CasWebflowContextConfiguration

EncryptedTranscoder 自定义加密解密算法

该代码是在原框架代码上加上了自定义加密解密算法,本人使用AES加密解密

AESCoder 此处不提供,请自备!

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.net.URL;
import java.security.KeyStore;
import java.util.Arrays;
import java.util.zip.GZIPInputStream;
import java.util.zip.GZIPOutputStream;

import com.hpay.sso.support.auth.Crypto.AESCoder;
import org.apereo.spring.webflow.plugin.Transcoder;
import org.cryptacular.bean.BufferedBlockCipherBean;
import org.cryptacular.bean.CipherBean;
import org.cryptacular.bean.KeyStoreFactoryBean;
import org.cryptacular.generator.sp80038a.RBGNonce;
import org.cryptacular.io.URLResource;
import org.cryptacular.spec.BufferedBlockCipherSpec;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

public class EncryptedTranscoder implements Transcoder {

    private static final Logger LOGGER = LoggerFactory.getLogger(EncryptedTranscoder.class);

    private CipherBean cipherBean;
    private boolean compression = true;

    public EncryptedTranscoder() throws IOException {
        BufferedBlockCipherBean bufferedBlockCipherBean = new BufferedBlockCipherBean();
        bufferedBlockCipherBean.setBlockCipherSpec(new BufferedBlockCipherSpec("AES", "CBC", "PKCS7"));
        bufferedBlockCipherBean.setKeyStore(this.createAndPrepareKeyStore());
        bufferedBlockCipherBean.setKeyAlias("aes128");
        bufferedBlockCipherBean.setKeyPassword("changeit");
        bufferedBlockCipherBean.setNonce(new RBGNonce());
        this.setCipherBean(bufferedBlockCipherBean);
    }

    public EncryptedTranscoder(CipherBean cipherBean) throws IOException {
        this.setCipherBean(cipherBean);
    }

    public void setCompression(boolean compression) {
        this.compression = compression;
    }

    protected void setCipherBean(CipherBean cipherBean) {
        this.cipherBean = cipherBean;
    }

    public byte[] encode(Object o) throws IOException {
        if (o == null) {
            return new byte[0];
        } else {
            ByteArrayOutputStream outBuffer = new ByteArrayOutputStream();
            ObjectOutputStream out = null;

            try {
                if (this.compression) {
                    out = new ObjectOutputStream(new GZIPOutputStream(outBuffer));
                } else {
                    out = new ObjectOutputStream(outBuffer);
                }

                out.writeObject(o);
            } finally {
                if (out != null) {
                    out.close();
                }

            }

            try {
                byte[] bytes = AESCoder.encryptToByteArray(outBuffer.toByteArray());
                if (Arrays.equals(bytes, outBuffer.toByteArray())){
                    bytes = this.cipherBean.encrypt(outBuffer.toByteArray());
                }
                return bytes;
            } catch (Exception var7) {
                throw new IOException("Encryption error", var7);
            }
        }
    }

    public Object decode(byte[] encoded) throws IOException {

        byte[] data;
        try {
            data = AESCoder.decryptToByteArray(encoded);
            if (Arrays.equals(data, encoded)){
                data = this.cipherBean.encrypt(encoded);
            }
        } catch (Exception var11) {
            throw new IOException("Decryption error", var11);
        }

        ByteArrayInputStream inBuffer = new ByteArrayInputStream(data);
        ObjectInputStream in = null;

        Object var5;
        try {
            if (this.compression) {
                in = new ObjectInputStream(new GZIPInputStream(inBuffer));
            } else {
                in = new ObjectInputStream(inBuffer);
            }

            var5 = in.readObject();
        } catch (ClassNotFoundException var10) {
            throw new IOException("Deserialization error", var10);
        } finally {
            if (in != null) {
                in.close();
            }

        }

        return var5;
    }

    protected KeyStore createAndPrepareKeyStore() {
        KeyStoreFactoryBean ksFactory = new KeyStoreFactoryBean();
        URL u = this.getClass().getResource("/etc/keystore.jceks");
        ksFactory.setResource(new URLResource(u));
        ksFactory.setType("JCEKS");
        ksFactory.setPassword("changeit");
        return ksFactory.newInstance();
    }
}

WebflowExecutorFactory 自定义工厂

定义此处工厂是为了 将获取加密算法的对象替换成自定义加密算法对象,完成加密算法的替换工作

import org.apereo.cas.CipherExecutor;
import org.apereo.cas.configuration.model.webapp.WebflowProperties;
import org.apereo.cas.configuration.model.webapp.WebflowSessionManagementProperties;
import org.apereo.cas.configuration.support.Beans;
import org.apereo.cas.web.flow.executor.WebflowCipherBean;
import org.apereo.spring.webflow.plugin.ClientFlowExecutionRepository;
import org.apereo.spring.webflow.plugin.Transcoder;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.webflow.conversation.impl.SessionBindingConversationManager;
import org.springframework.webflow.definition.registry.FlowDefinitionRegistry;
import org.springframework.webflow.engine.impl.FlowExecutionImplFactory;
import org.springframework.webflow.execution.FlowExecutionListener;
import org.springframework.webflow.execution.factory.StaticFlowExecutionListenerLoader;
import org.springframework.webflow.execution.repository.impl.DefaultFlowExecutionRepository;
import org.springframework.webflow.execution.repository.snapshot
  .SerializedFlowExecutionSnapshotFactory;
import org.springframework.webflow.executor.FlowExecutor;
import org.springframework.webflow.executor.FlowExecutorImpl;

import java.io.IOException;

public class WebflowExecutorFactory {
    private static final Logger LOGGER = LoggerFactory.getLogger(WebflowExecutorFactory.class);
    private final WebflowProperties webflowProperties;
    private final FlowDefinitionRegistry flowDefinitionRegistry;
    private final CipherExecutor webflowCipherExecutor;
    private final FlowExecutionListener[] executionListeners;

    public FlowExecutor build() {
        return this.webflowProperties.getSession().isStorage() ? this.buildFlowExecutorViaServerSessionBindingExecution() : this.buildFlowExecutorViaClientFlowExecution();
    }

    private FlowExecutor buildFlowExecutorViaServerSessionBindingExecution() {
        SessionBindingConversationManager conversationManager = new SessionBindingConversationManager();
        WebflowSessionManagementProperties session = this.webflowProperties.getSession();
        conversationManager.setLockTimeoutSeconds((int)Beans.newDuration(session.getLockTimeout()).getSeconds());
        conversationManager.setMaxConversations(session.getMaxConversations());
        FlowExecutionImplFactory executionFactory = new FlowExecutionImplFactory();
        executionFactory.setExecutionListenerLoader(new StaticFlowExecutionListenerLoader(this.executionListeners));
        SerializedFlowExecutionSnapshotFactory flowExecutionSnapshotFactory = new SerializedFlowExecutionSnapshotFactory(executionFactory, this.flowDefinitionRegistry);
        flowExecutionSnapshotFactory.setCompress(session.isCompress());
        DefaultFlowExecutionRepository repository = new DefaultFlowExecutionRepository(conversationManager, flowExecutionSnapshotFactory);
        executionFactory.setExecutionKeyFactory(repository);
        return new FlowExecutorImpl(this.flowDefinitionRegistry, executionFactory, repository);
    }

    private FlowExecutor buildFlowExecutorViaClientFlowExecution() {
        ClientFlowExecutionRepository repository = new ClientFlowExecutionRepository();
        repository.setFlowDefinitionLocator(this.flowDefinitionRegistry);
        try {
            repository.setTranscoder(this.getWebflowStateTranscoder());
        } catch (IOException e) {
            LOGGER.error("异常",e);
        }
        FlowExecutionImplFactory factory = new FlowExecutionImplFactory();
        factory.setExecutionKeyFactory(repository);
        factory.setExecutionListenerLoader(new StaticFlowExecutionListenerLoader(new FlowExecutionListener[0]));
        repository.setFlowExecutionFactory(factory);
        factory.setExecutionListenerLoader(new StaticFlowExecutionListenerLoader(this.executionListeners));
        return new FlowExecutorImpl(this.flowDefinitionRegistry, factory, repository);
    }

    private Transcoder getWebflowStateTranscoder() throws IOException {
        try {
            WebflowCipherBean cipherBean = new WebflowCipherBean(this.webflowCipherExecutor);
            return new EncryptedTranscoder(cipherBean);
        } catch (Throwable var2) {
            throw var2;
        }
    }

    public WebflowExecutorFactory(WebflowProperties webflowProperties, FlowDefinitionRegistry flowDefinitionRegistry, CipherExecutor webflowCipherExecutor, FlowExecutionListener[] executionListeners) {
        this.webflowProperties = webflowProperties;
        this.flowDefinitionRegistry = flowDefinitionRegistry;
        this.webflowCipherExecutor = webflowCipherExecutor;
        this.executionListeners = executionListeners;
    }
}

替换原框架CasWebflowContextConfiguration配置

需要该配置生效必须要配置spring.autoconfigure.exclude 排除掉源码的配置

如果有使用登录界面自定义参数(验证码之类)的,再其他地方配置了 FlowDefinitionRegistry loginFlowRegistry

请将那个配置在CasWebflowContextConfiguration之前加载!

import com.hpay.sso.support.auth.util.cipher.WebflowExecutorFactory;
import org.apereo.cas.CipherExecutor;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.util.CollectionUtils;
import org.apereo.cas.web.flow.CasFlowHandlerAdapter;
import org.apereo.cas.web.flow.CasWebflowConfigurer;
import org.apereo.cas.web.flow.CasWebflowExecutionPlan;
import org.apereo.cas.web.flow.CasWebflowExecutionPlanConfigurer;
import org.apereo.cas.web.flow.actions.CasDefaultFlowUrlHandler;
import org.apereo.cas.web.flow.actions.LogoutConversionService;
import org.apereo.cas.web.flow.configurer.DefaultLoginWebflowConfigurer;
import org.apereo.cas.web.flow.configurer.DefaultLogoutWebflowConfigurer;
import org.apereo.cas.web.flow.configurer.GroovyWebflowConfigurer;
import org.apereo.cas.web.flow.configurer.plan.DefaultCasWebflowExecutionPlan;
import org.apereo.cas.web.support.AuthenticationThrottlingExecutionPlan;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.ObjectProvider;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.binding.convert.ConversionService;
import org.springframework.binding.expression.ExpressionParser;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.context.ApplicationContext;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.DependsOn;
import org.springframework.context.annotation.Lazy;
import org.springframework.core.annotation.Order;
import org.springframework.expression.spel.standard.SpelExpressionParser;
import org.springframework.web.servlet.HandlerAdapter;
import org.springframework.web.servlet.HandlerMapping;
import org.springframework.web.servlet.ViewResolver;
import org.springframework.web.servlet.i18n.LocaleChangeInterceptor;
import org.springframework.webflow.config.FlowBuilderServicesBuilder;
import org.springframework.webflow.config.FlowDefinitionRegistryBuilder;
import org.springframework.webflow.context.servlet.FlowUrlHandler;
import org.springframework.webflow.definition.registry.FlowDefinitionRegistry;
import org.springframework.webflow.engine.builder.ViewFactoryCreator;
import org.springframework.webflow.engine.builder.support.FlowBuilderServices;
import org.springframework.webflow.execution.FlowExecutionListener;
import org.springframework.webflow.executor.FlowExecutor;
import org.springframework.webflow.expression.spel.WebFlowSpringELExpressionParser;
import org.springframework.webflow.mvc.builder.MvcViewFactoryCreator;
import org.springframework.webflow.mvc.servlet.FlowHandlerAdapter;
import org.springframework.webflow.mvc.servlet.FlowHandlerMapping;

import java.util.ArrayList;
import java.util.List;

@Configuration("casWebflowContextConfiguration")
@EnableConfigurationProperties({CasConfigurationProperties.class})
public class CasWebflowContextConfiguration {
    private static final Logger LOGGER = LoggerFactory.getLogger(CasWebflowContextConfiguration.class);
    private static final int LOGOUT_FLOW_HANDLER_ORDER = 3;
    private static final String BASE_CLASSPATH_WEBFLOW = "classpath*:/webflow";
    @Autowired
    private CasConfigurationProperties casProperties;
    @Autowired
    @Qualifier("authenticationThrottlingExecutionPlan")
    private ObjectProvider<AuthenticationThrottlingExecutionPlan> authenticationThrottlingExecutionPlan;
    @Autowired
    @Qualifier("registeredServiceViewResolver")
    private ObjectProvider<ViewResolver> registeredServiceViewResolver;
    @Autowired
    private ApplicationContext applicationContext;
    @Autowired
    @Qualifier("webflowCipherExecutor")
    private CipherExecutor webflowCipherExecutor;

    public CasWebflowContextConfiguration() {
    }

    @Bean
    public ExpressionParser expressionParser() {
        return new WebFlowSpringELExpressionParser(new SpelExpressionParser(), this.logoutConversionService());
    }

    @Bean
    public ConversionService logoutConversionService() {
        return new LogoutConversionService();
    }

    @RefreshScope
    @Bean
    public ViewFactoryCreator viewFactoryCreator() {
        MvcViewFactoryCreator resolver = new MvcViewFactoryCreator();
        resolver.setViewResolvers(CollectionUtils.wrap((ViewResolver)this.registeredServiceViewResolver.getIfAvailable()));
        return resolver;
    }

    @Bean
    public FlowUrlHandler loginFlowUrlHandler() {
        return new CasDefaultFlowUrlHandler();
    }

    @Bean
    public FlowUrlHandler logoutFlowUrlHandler() {
        CasDefaultFlowUrlHandler handler = new CasDefaultFlowUrlHandler();
        handler.setFlowExecutionKeyParameter("RelayState");
        return handler;
    }

    @RefreshScope
    @Bean
    public HandlerAdapter logoutHandlerAdapter() {
        FlowHandlerAdapter handler = new CasFlowHandlerAdapter("logout");
        handler.setFlowExecutor(this.logoutFlowExecutor());
        handler.setFlowUrlHandler(this.logoutFlowUrlHandler());
        return handler;
    }

    @RefreshScope
    @Bean
    public FlowBuilderServices builder() {
        FlowBuilderServicesBuilder builder = new FlowBuilderServicesBuilder();
        builder.setViewFactoryCreator(this.viewFactoryCreator());
        builder.setExpressionParser(this.expressionParser());
        builder.setDevelopmentMode(this.casProperties.getWebflow().isRefresh());
        return builder.build();
    }

    @Bean
    public HandlerAdapter loginHandlerAdapter() {
        FlowHandlerAdapter handler = new CasFlowHandlerAdapter("login");
        handler.setFlowExecutor(this.loginFlowExecutor());
        handler.setFlowUrlHandler(this.loginFlowUrlHandler());
        return handler;
    }

    @RefreshScope
    @Bean
    @ConditionalOnMissingBean(
        name = {"localeChangeInterceptor"}
    )
    public LocaleChangeInterceptor localeChangeInterceptor() {
        LocaleChangeInterceptor bean = new LocaleChangeInterceptor();
        bean.setParamName(this.casProperties.getLocale().getParamName());
        return bean;
    }

    @Bean
    public HandlerMapping logoutFlowHandlerMapping() {
        FlowHandlerMapping handler = new FlowHandlerMapping();
        handler.setOrder(3);
        handler.setFlowRegistry(this.logoutFlowRegistry());
        Object[] interceptors = new Object[]{this.localeChangeInterceptor()};
        handler.setInterceptors(interceptors);
        return handler;
    }

    @Lazy
    @Bean
    public Object[] loginFlowHandlerMappingInterceptors() {
        List interceptors = new ArrayList();
        interceptors.add(this.localeChangeInterceptor());
        AuthenticationThrottlingExecutionPlan plan = (AuthenticationThrottlingExecutionPlan)this.authenticationThrottlingExecutionPlan.getIfAvailable();
        if (plan != null) {
            interceptors.addAll(plan.getAuthenticationThrottleInterceptors());
        }

        return interceptors.toArray();
    }

    @Bean
    public HandlerMapping loginFlowHandlerMapping() {
        FlowHandlerMapping handler = new FlowHandlerMapping();
        handler.setOrder(2);
        handler.setFlowRegistry(this.loginFlowRegistry());
        handler.setInterceptors(this.loginFlowHandlerMappingInterceptors());
        return handler;
    }

    @Bean
    public FlowDefinitionRegistry logoutFlowRegistry() {
        FlowDefinitionRegistryBuilder builder = new FlowDefinitionRegistryBuilder(this.applicationContext, this.builder());
        builder.setBasePath("classpath*:/webflow");
        builder.addFlowLocationPattern("/logout/*-webflow.xml");
        return builder.build();
    }

    @Bean
    public FlowDefinitionRegistry loginFlowRegistry() {
        FlowDefinitionRegistryBuilder builder = new FlowDefinitionRegistryBuilder(this.applicationContext, this.builder());
        builder.setBasePath("classpath*:/webflow");
        builder.addFlowLocationPattern("/login/*-webflow.xml");
        return builder.build();
    }

    @RefreshScope
    @Bean
    public FlowExecutor logoutFlowExecutor() {
        WebflowExecutorFactory factory = new WebflowExecutorFactory(this.casProperties.getWebflow(), this.logoutFlowRegistry(), this.webflowCipherExecutor, new FlowExecutionListener[0]);
        return factory.build();
    }

    @RefreshScope
    @Bean
    public FlowExecutor loginFlowExecutor() {
        WebflowExecutorFactory factory = new WebflowExecutorFactory(this.casProperties.getWebflow(), this.loginFlowRegistry(), this.webflowCipherExecutor, new FlowExecutionListener[0]);
        return factory.build();
    }

    @ConditionalOnMissingBean(
        name = {"defaultWebflowConfigurer"}
    )
    @Bean
    @Order(0)
    @RefreshScope
    public CasWebflowConfigurer defaultWebflowConfigurer() {
        DefaultLoginWebflowConfigurer c = new DefaultLoginWebflowConfigurer(this.builder(), this.loginFlowRegistry(), this.applicationContext, this.casProperties);
        c.setLogoutFlowDefinitionRegistry(this.logoutFlowRegistry());
        c.setOrder(-2147483648);
        return c;
    }

    @ConditionalOnMissingBean(
        name = {"defaultLogoutWebflowConfigurer"}
    )
    @Bean
    @Order(0)
    @RefreshScope
    public CasWebflowConfigurer defaultLogoutWebflowConfigurer() {
        DefaultLogoutWebflowConfigurer c = new DefaultLogoutWebflowConfigurer(this.builder(), this.loginFlowRegistry(), this.applicationContext, this.casProperties);
        c.setLogoutFlowDefinitionRegistry(this.logoutFlowRegistry());
        c.setOrder(-2147483648);
        return c;
    }

    @ConditionalOnMissingBean(
        name = {"groovyWebflowConfigurer"}
    )
    @Bean
    @DependsOn({"defaultWebflowConfigurer"})
    @RefreshScope
    public CasWebflowConfigurer groovyWebflowConfigurer() {
        GroovyWebflowConfigurer c = new GroovyWebflowConfigurer(this.builder(), this.loginFlowRegistry(), this.applicationContext, this.casProperties);
        c.setLogoutFlowDefinitionRegistry(this.logoutFlowRegistry());
        return c;
    }

    @Autowired
    @Bean
    public CasWebflowExecutionPlan casWebflowExecutionPlan(List<CasWebflowExecutionPlanConfigurer> configurers) {
        DefaultCasWebflowExecutionPlan plan = new DefaultCasWebflowExecutionPlan();
        configurers.forEach((c) -> {
            c.configureWebflowExecutionPlan(plan);
        });
        plan.execute();
        return plan;
    }

    @ConditionalOnMissingBean(
        name = {"casDefaultWebflowExecutionPlanConfigurer"}
    )
    @Bean
    public CasWebflowExecutionPlanConfigurer casDefaultWebflowExecutionPlanConfigurer() {
        return new CasWebflowExecutionPlanConfigurer() {
            public void configureWebflowExecutionPlan(CasWebflowExecutionPlan plan) {
                plan.registerWebflowConfigurer(CasWebflowContextConfiguration.this.defaultWebflowConfigurer());
                plan.registerWebflowConfigurer(CasWebflowContextConfiguration.this.defaultLogoutWebflowConfigurer());
                plan.registerWebflowConfigurer(CasWebflowContextConfiguration.this.groovyWebflowConfigurer());
            }
        };
    }
}

全部教程到此结束

第三篇教程内容到此已经结束了,只要根据此教程一步一步操作,就可以实现集群登录操作。

如果想了解更多,可以加QQ群 119170668

Qensq
关注
专栏目录
cas 5.3.x 服务端搭建()自定义登录主题(样式)
qq_26710557的博客
02-01 3375
首先在service目录下创建一个json文件形式为[theme-id].json 其中内容配置如下: {   "@class" : "org.apereo.cas.services.RegexRegisteredService",   "serviceId" : "^(https|imaps|http)://(localhost|www.hanyalei.com).*",   "name" ...
CAS服务器集群和客户端集群环境下的单点登录和单点注销解决方案
weixin_30260399的博客
08-14 607
CAS集群环境,包括CAS的客户应用是集群环境,以及CAS服务本身是集群环境这两种情况。在集群环境下使用CAS,要解决两个问题,一是单点退出(注销)时,CAS如何将退出请求正确转发到用户session所在的具体客户应用服务器,而不是转发到其他集群服务器上,二是解决CAS服务端集群环境下各种Ticket信息的共享。 CAS集群部署 由于CAS Server是一个Web应用,因此...
CAS 集群部署
weixin_34218890的博客
06-15 406
业务场景 单点登录服务器如果压力过大的情况,那么可以使用集群分担压力,但是cas 默认不支持session同步。 所以可以需要做session同步,可以使用j2cache 实现session同步。另外在登录后,cas服务器保存了客户端 对应的ticketId,因此也需要将ticket实现同步。 实现方法 1.准备jar包 将这些包copy 到cas的 WEB-INF/lib目录下 ...
cas5.3的详细配置(一)
最新发布
2403_87142815的博客
09-16 931
因为后面会用jdk的keytool来成生key,所以有多个jdk的同学,一定要注意,不要换来换去,另外后面打包的时候,也跟jdk有关。只有一个jdk的同学,直接忽略。成功后,就可以把上述项目,导入eclipse中,不做上一步,也可以直接导入到eclipse,但是配置起来麻烦一些,最好还是做一下上述步骤。1、这是一个模板项目,我们可以简单的在这个项目做改动,以支持简单的使用,也可以根据这个模板项目,完善处理,以便以后要做服务端的扩展处理。累了,以后再讲后续配置和使用吧,毁灭吧,什么不好的bug都被我碰到了。
cas集群架构程序 包括服务器程序和客户端
05-15
cas多服务器集群及客户端程序 服务器运行run.bat即启动 客户端通过 Client.login() Client.logout() Client.touch() Client.changePassword() 调用 通过telnet可以控制服务器重启(输入R)和停止(输入S)
【原创】CAS总结之集群环境篇
zhenkm0507
01-08 315
        CAS集群环境,包括CAS的客户应用是集群环境,以及CAS服务本身是集群环境这两种情况。在集群环境下使用CAS,要解决两个问题,一是单点退出时,CAS如何将退出请求正确转发到用户session所在的具体客户应用服务器,而不是转发到其他集群服务器上,二是解决CAS服务端集群环境下各种Ticket信息的共享。下面依次讨论在这两种集群环境下,CAS的使用情况。 一 客户应用是集群环...
CAS 集群
lfy1114的博客
06-02 523
使用nginx-sticky实现CAS集群 参考文档http://www.ttlsa.com/nginx/nginx-modules-nginx-sticky-module/ 简介:这种方法实现CAS集群是当应用请求通过nginx转发到认证中心时候,会在客服端cookie中存入一个md5码,nginx通过这个md5码对应后后台的CAS上,以后所有的认证服务都会在同一台CAS上。 1. ngi
CAS客户端集群
weixin_34198797的博客
09-23 255
2019独角兽企业重金招聘Python工程师标准>>> ...
CAS服务器端集群
weixin_33905756的博客
09-23 296
2019独角兽企业重金招聘Python工程师标准>>> ...
CAS5.3+windows AD域实现单点登录免身份认证.docx
05-17
CAS 5.3 及 Windows AD 域实现单点登录免身份认证 CAS(Central Authentication Service)是一种流行的开源身份验证系统,旨在提供单点登录(SSO)解决方案。Windows AD(Active Directory)则是微软公司推出的目录...
cas5.3.zip
01-08
CAS(Central Authentication Service)5.3是一个开源的身份验证框架,主要功能是实现单点登录(Single Sign-On,简称SSO)。在SSO系统中,用户只需登录一次,就能访问所有相互信任的应用系统,无需重复输入凭证。这...
单点登录cas-overlay-template-5.3编译后的cas.war
04-27
cas6.x需要使用jdk11版本,目前cas5.3.15.1是8的最高版本,但是稳定性cas-5.3.14.war最佳,本次基于jdk8-201编译
cas5.3.war
03-05
单点登陆cas5.3.war放到tomcat直接使用!
CAS Server 5.3搭建
热门推荐
abw986810159的博客
10-25 1万+
参考:https://blog.csdn.net/kunyang199034/article/details/80881118 一、下载CAS5.3  CAS5.3 Server我们下载cas-overlay-template版本  下载地址:https://github.com/apereo/cas-overlay-template  打开网址,点击左上角的Branch master可以选择要...
cas入门之二十九:cas 集群简介
snoopy
09-16 9447
cas 的运行环境是tomcat,cas集群主要分为两部分,一是登录过程中session的集群,二是登录之后产生的ticket的集群。 对于登录之后产生的ticket的集群,则相对容易,根据我前几篇文章可以找到答案,这两部分可以通过组合完成,达成相应的目的。 对于cas ticket集群,目前测试通过的有种方式 1.jpa ticket repositry 参看 2.echcache
cas4.0服务端集群
wpeng_1024的博客
08-22 3044
cas服务端集群,相信网上资料也蛮多的,无非就是session共享,ticket共享 关于session共享 上一篇tomcat redis session manager已经给出了具体的解决方案,这里主要说一下ticket共享问题 首先定义自己的ticketRegistory 如下 public class RedisTicketRegistry extends Abstr
CAS 5.3 服务的搭建 & MySQL 动态登录
qq_37084673的博客
04-09 760
进入 /target/cas/WEB-INF/classes/ 下,拷贝需要修改的配置文件。改为 "serviceId" : "^(https|imaps|http)://.*",把配置文件里的 root/password 换成自己服务器的 ,以免登录失败。修改 /src/main/resorces 下的配置文件,上一部拷贝过来的。这些字段也是自定义的,想改都可以改,注意和后面的配置文件对应起来即可。相关具体步骤,参考的以下文章,内容比较详细,都是有图版本的。target 里面的文件在下一步会用到。
cas3.5.2集群化部署及定制开发
陈立java进化论
01-20 2556
集群化方案: 1.tomcat集群共享session 2.持久化票根st及tgt 3.持久化service 4.修改ServiceManager,从内存共享改为redis共享 tomcat集群共享session 之所以要共享session,是因为cas使用了spring-webflow,而webflow使用session存储中间变量,如果不共享session,会直接导致登录流
基于redis的cas集群配置(转)
weixin_34396103的博客
06-05 167
1、cas ticket统一存储   做cas集群首先需要将ticket拿出来,做统一存储,以便每个节点访问到的数据一致。官方提供基于memcached的方案,由于项目需要,需要做计入redis,根据官方例子改了一个基于redis版本的。 public class RedisTicketRegistry extends AbstractDistributedTicketRegistry...
cas5.3.x数据库配置war包
01-30
cas5.3.x是一个单点登录解决方案,支持使用多种数据库作为用户信息存储的后端。配置CAS 5.3.x的数据库需要进行以下步骤: 1. 准备数据库:首先需要准备一个用于存储CAS用户信息的数据库。可以选择使用MySQL、...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包

打赏作者

Qensq

你的鼓励将是我创作的最大动力

¥1 ¥2 ¥4 ¥6 ¥10 ¥20
扫码支付:¥1
获取中
扫码支付

您的余额不足,请更换扫码支付或充值

打赏作者

实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值