CAS使用总结
一、CAS环境搭建
1、下载CAS服务器
CAS 官网:http://www.jasig.org/cas 下载,这可能需要翻墙
CAS下载:http://downloads.jasig.org/cas/
2、解压CAS
1)下载 CAS 服务器最新版:cas-server-3.5.2-release.zip
2)解压程序包
3)复制 cas-server-3.5.2/modules/cas-server-webapp-3.5.2.war 到 Tomcat 的 webapps 目录下,并重命名为 ROOT.war
3、创建密钥库
1
|
keytool -genkeypair -alias
"cas"
-keyalg
"RSA"
-keystore
"F:\sync\java\Keys\cas.keystore"
|
4、导出到证书文件
1、“名字与姓氏”应该是域名,若输成了姓名,和真正运行的时候域名不符,会出问题;
1
|
keytool -export -alias cas -file
"F:\sync\java\Keys\cas.crt"
-keystore
"F:\sync\java\Keys\cas.keystore"
|
5、为JVM导入证书
1
|
keytool -import -keystore
"%JAVA_HOME%\jre\lib\security\cacerts"
-file
"F:\sync\java\Keys\cas.crt"
-alias cas
|
1)可能遇到以下错误 (删除cacerts)
1
2
|
keytool 错误: java.io.IOException: Keystore was tampered with,
or
password was incorrect
keytool -delete -keystore
"%JAVA_HOME%\jre\lib\security\cacerts"
-alias cas //删除操作
|
2)没有导入证书
1
|
javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
|
1
2
3
4
5
6
7
8
9
10
11
12
|
<
bean
id
=
"dataSource"
class
=
"org.springframework.jdbc.datasource.DriverManagerDataSource"
>
<
property
name
=
"driverClassName"
><
value
>com.mysql.jdbc.Driver</
value
></
property
>
<
property
name
=
"url"
><
value
>jdbc:mysql://192.168.64.137/cas?useUnicode=true&characterEncoding=utf-8</
value
></
property
>
<
property
name
=
"username"
><
value
>root</
value
></
property
>
<
property
name
=
"password"
><
value
>123456</
value
></
property
>
</
bean
>
<
bean
id
=
"MD5PasswordEncoder"
class
=
"org.jasig.cas.authentication.handler.DefaultPasswordEncoder"
>
<
constructor-arg
index
=
"0"
>
<
value
>MD5</
value
>
</
constructor-arg
>
</
bean
>
|