CAS配置日志(1)

 

为了方便,专门建立一个生成证书的存在目录;
F:/casfile
 
一、注意事项:通过几次失败的经过总结
1、jdk安装在有空格的目录中(如:D:/Program Files/java/jdk1.5),经常出现找不到路径的错误。
2、keytool使用java环境变量,是区别大小写的。

二、开始安装并且配置

1.     生成Tomcat的安全证书,

运行:cmd

输入:%java_home%/bin/keytool -genkey -alias tomcat -keyalg RSA

回车

密码:changeit

用户名,localhost
其它随便
到出现……[on]的时候,输入y,回车
再次输入密码;tomcat(安全证书的密码)

默认生成的.keystore 在C:/Documents and Settings/你的windows用户名/下

 

2.     生成服务器证书

%java_home%/bin/keytool -export -alias tomcat -file server.crt

在F:"casfile下会看到一个server.crt文件;

暂时不管它,继续…

%java_home%/bin/keytool -import -file server.crt -keystore %java_home%/jre/lib/security/cacerts

注意密码为:changeit

 

3.     产生SERVER的证书
keytool -genkey -alias my-alias-name -keyalg RSA -keystore keystore-file

输入的内容同1

4.     开始配置服务器的用户中心站点:
在server配置tomcat使用HTTPS

Tomcat5/conf/server.xml里添加以下代码

<Connector className="org.apache.coyote.tomcat5.CoyoteConnector"
port="8443" minProcessors="5" maxProcessors="75"
enableLookups="true" disableUploadTimeout="true"
acceptCount="100" debug="0" scheme="https"
secure="true">
<Factory className="org.apache.coyote.tomcat5.CoyoteServerSocketFactory"

keystoreFile="F:/casfile/keystore-file"

keystorePass="changeit" clientAuth="false" protocol="TLS" />

</Connector>

将cas-server-3.1.1-release.zipp解压,并将"modules"cas-server-webapp-3.3.1.war拷贝到tomcat5的webapps下,重新命名为cas.war

5.     开始配置应用站点比如app1

web.xml

<?xml version="1.0" encoding="ISO-8859-1"?>

<!DOCTYPE web-app

    PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"

    "http://java.sun.com/dtd/web-app_2_3.dtd">

 

<web-app>

<filter>

<filter-name>CASFilter</filter-name>

<filter-class>edu.yale.its.tp.cas.client.filter.CASFilter</filter-class>

<init-param>

<param-name>edu.yale.its.tp.cas.client.filter.loginUrl</param-name>

<param-value>https://localhost:8443/cas/login</param-value>

</init-param>

<init-param>

<param-name>edu.yale.its.tp.cas.client.filter.validateUrl</param-name>

<param-value>https://localhost:8443/cas/proxyValidate</param-value>

</init-param>

<init-param>

<param-name>edu.yale.its.tp.cas.client.filter.serverName</param-name>

<param-value>localhost:8080</param-value>

</init-param>

</filter>

<filter-mapping>

<filter-name>CASFilter</filter-name>

<url-pattern>/*</url-pattern>

</filter-mapping> 

</web-app>

  • 0
    点赞
  • 1
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
1,tomcat8的配置: 1.1修改tomcat8.x/conf/context.xml的配置如下: <?xml version="1.0" encoding="UTF-8"?> <!-- Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements. See the NOTICE file distributed with this work for additional information regarding copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. --> <!-- The contents of this file will be loaded for each web application --> <Context> <!-- Default set of monitored resources. If one of these changes, the --> <!-- web application will be reloaded. --> <WatchedResource>WEB-INF/web.xml</WatchedResource> <WatchedResource>${catalina.base}/conf/web.xml</WatchedResource> <!-- Uncomment this to disable session persistence across Tomcat restarts --> <!-- <Manager pathname="" /> <Resources cachingAllowed="true" cacheMaxSize="100000" /> <Manager className="de.javakaffee.web.msm.MemcachedBackupSessionManager" memcachedNodes="n1:127.0.0.1:11211" username="root" password="" sticky="false" sessionBackupAsync="false" lockingMode="uriPattern:/path1|/path2" requestUriIgnorePattern=".*\.(ico|png|gif|jpg|css|js)$" transcoderFactoryClass="de.javakaffee.web.msm.serializer.kryo.KryoTranscoderFactory" /> --> <Resources cachingAllowed="true" cacheMaxSize="100000" /> <Manager className="de.javakaffee.web.msm.MemcachedBackupSessionManager" memcachedNodes="n1:127.0.0.1:11211" username="root" password="" sticky="false" sessionBackupAsync="false" lockingMode="uriPattern:/path1|/path2" requestUriIgnorePattern=".*\.(ico|png|gif|jpg|css|js)$" sessionBackupTimeout="18000" transcoderFactoryClass="de.javakaffee.web.msm.serializer.javolution.JavolutionTranscoderFactory" copyCollectionsForSerialization="false" /> </Context> 1.2添加memcached如下依赖的jar包到tomcat8.x/lib/: asm-5.1.jar couchbase-client-1.4.12.jar javolution-5.5.1.jar kryo-4.0.0.jar kryo-serializers-0.38.jar memcached-session-manager-2.0.0.jar memcached-session-manager-tc8-2.0.0.jar minlog-1.3.jar msm-javolution-serializer-2.0.0.jar msm-kryo-serializer-2.0.0.jar msm-xstream-serializer-2.0.0.jar objenesis-2.1.jar reflectasm-1.09.jar spymemcached-2.12.1.jar 2,nginx的配置: #user nobody; worker_processes 1; #error_log logs/error.log; #error_log logs/error.log notice; #error_log logs/error.log info; #pid logs/nginx.pid; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log logs/access.log main; client_header_timeout 3m; client_body_timeout 3m; send_timeout 3m; sendfile on; tcp_nopush on; tcp_nodelay on; #keepalive_timeout 0; keepalive_timeout 65; gzip on; #设定负载均衡的服务器列表 upstream 127.0.0.1 { #设定负载均衡的服务器列表 #ip_hash; #同一机器在多网情况下,路由切换,ip可能不同 #weigth参数表示权值,权值越高被分配到的几率越大 server 127.0.0.1:8085 weight=1 max_fails=20 fail_timeout=600s; server 127.0.0.1:8086 weight=1 max_fails=20 fail_timeout=600s; } map $http_upgrade $connection_upgrade { default upgrade; '' close; } server { listen 80; server_name localhost; charset UTF-8; #设定本虚拟主机的访问日志 access_log logs/host.access.log main; #对 "/" 所有应用启用负载均衡 location / { proxy_pass http://127.0.0.1; #保留用户真实信息 proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; index index.html index.htm index.aspx; } #对 "/Dossm3RabbitMQConsumer/" 启用负载均衡 location /Dossm3RabbitMQConsumer/ { proxy_pass http://localhost:8086; #保留用户真实信息 proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; index index.html index.htm index.aspx; } } # another virtual host using mix of IP-, name-, and port-based configuration # #server { # listen 8000; # listen somename:8080; # server_name somename alias another.alias; # location / { # root html; # index index.html index.htm; # } #} # HTTPS server # #server { # listen 443 ssl; # server_name localhost; # ssl_certificate cert.pem; # ssl_certificate_key cert.key; # ssl_session_cache shared:SSL:1m; # ssl_session_timeout 5m; # ssl_ciphers HIGH:!aNULL:!MD5; # ssl_prefer_server_ciphers on; # location / { # root html; # index index.html index.htm; # } #} } 3,cas配置(): 3.1 修改/CAS/WEB-INF/spring-configuration/ticketRegistry.xml <?xml version="1.0" encoding="UTF-8"?> <!-- Licensed to Jasig under one or more contributor license agreements. See the NOTICE file distributed with this work for additional information regarding copyright ownership. Jasig licenses this file to you under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at the following location: http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. --> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:p="http://www.springframework.org/schema/p" xmlns:util="http://www.springframework.org/schema/util" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd"> <description> Configuration for the default TicketRegistry which stores the tickets in-memory and cleans them out as specified intervals. </description> <!-- memcached 配置开始 --> <!-- Ticket Registry --> <bean id="ticketRegistry" class="org.jasig.cas.ticket.registry.MemCacheTicketRegistry"> <constructor-arg index="0"> <bean class="net.spy.memcached.spring.MemcachedClientFactoryBean" p:servers="127.0.0.1:11211" p:protocol="BINARY" p:locatorType="ARRAY_MOD" p:failureMode="Redistribute" p:transcoder-ref="serialTranscoder"> <property name="hashAlg"> <util:constant static-field="net.spy.memcached.DefaultHashAlgorithm.FNV1A_64_HASH" /> </property> </bean> </constructor-arg> <!-- TGT timeout in seconds --> <constructor-arg index="1" value="36000" /> <!-- ST timeout in seconds --> <constructor-arg index="2" value="2" /> </bean> <bean id="serialTranscoder" class="net.spy.memcached.transcoders.SerializingTranscoder" p:compressionThreshold="2048" /> <!-- memcached 配置结束 --> <!--Quartz --> <!-- 默认配置开始 --> <!-- Ticket Registry --> <!-- <bean id="ticketRegistry" class="org.jasig.cas.ticket.registry.DefaultTicketRegistry" />--> <!-- TICKET REGISTRY CLEANER --> <!-- <bean id="ticketRegistryCleaner" class="org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner" p:ticketRegistry-ref="ticketRegistry" p:logoutManager-ref="logoutManager" /> <bean id="jobDetailTicketRegistryCleaner" class="org.springframework.scheduling.quartz.MethodInvokingJobDetailFactoryBean" p:targetObject-ref="ticketRegistryCleaner" p:targetMethod="clean" /> <bean id="triggerJobDetailTicketRegistryCleaner" class="org.springframework.scheduling.quartz.SimpleTriggerBean" p:jobDetail-ref="jobDetailTicketRegistryCleaner" p:startDelay="200000" p:repeatInterval="50000000" /> --> <!-- 默认配置结束 --> </beans> 3.2 添加cas和memcached整合的如下依赖jar包到/CAS/WEB-INF/lib: cas-server-integration-memcached-4.0.0.jar mockito-core-2.1.0-RC.1.jar spymemcached-2.11.2.jar 参考CAS官方配置:https://apereo.github.io/cas/4.2.x/installation/Memcached-Ticket-Registry.html
目录 第一节,安装Windows Server 2012 R2操作系统 2 第二节,安装Vmware Tools 5 第三节,安装Active Directory服务 7 3.1 AD域安装 7 3.1.1 AD主域控制安装 7 3.1.2 AD备份域控制器安装 7 3.2 DNS配置 8 第四节, 证书服务器配置 8 第五节, Exchange2013规划与部署 9 5.1、AD+Exchange服务器规划(CTBC.COM.CN) 9 5.2、Exchange架构图 9 5.3、邮件管理用户 10 第六节, 安装Exchange2013后端服务器 10 6.1 系统准备 10 6.2 Exchange 2013后端服务器图形化部署 11 第七节, 安装Exchange2013前端服务器 11 7.1 系统组件准备 11 7.2软件安装 12 7.3使用界面化部署Exchange Server 2013前端服务器 12 第八节, Exchange2013配置 12 8.1 DAG高可用配置 12 8.1.1 网络设置 12 8.1.2 DNS设置 15 8.1.3 创建发送连接器 18 8.1.4. 配置外部访问域 21 8.1.5.配置Outlook Anywhere 23 8.1.6 删除默认邮箱数据库(建议,但不是必须) 24 8.1.7. 配置邮箱数据库属性 30 8.1.8. 修改接收连接器 31 8.1.9.修改发送连接器 32 8.1.20.修改组织传输设置 33 8.1.21. 配置见证服务器 33 8.1.22.创建DAG可用性组 38 7.1.23.创建DAG网络 40 8.1.24. 添加数据库副本 43 8.1.25. 开启循环日志 45 8.1.26. 批量创建用户邮箱 47 8.1.27.申请企业内部证书 48 8.2 Exchange 2013相关设置 59 8.2.1 设置最大接收和发送邮件大小 59 8.2.2 设置邮箱大小、保留策略 60 8.2.3 客户端配置 63 8.3 Exchange 2013设置收发外网邮件 63 8.3.1、配置 Exchange 2013 可以正常接收邮件(情况一) 63 8.3.2、配置 Exchange 2013 可以正常接收邮件(情况二) 64
目录: H3C_CAS支持硬件SR-IOV操作指导书 H3C_CAS与趋势产品联调操作配置指导书 H3C_CAS虚拟机内存隔离操作指导书 H3C_CAS虚拟机搭建双机热备环境方案及报告 ) H3C_CAS_3.0虚拟机防病毒操作指导书 H3C_CAS端口镜像特性操作指导书 H3C_CAS主机时间同步操作指导书 H3C_CAS资源模糊搜索特性说明书 H3C_CAS云彩虹2.0操作指导书 H3C_CAS云业务流程定制操作指导书 H3C_CAS支持硬件NUMA操作指导书 H3C_CAS虚拟机配置调整操作指导书 H3C_CAS虚拟机迁移特性说明书 H3C_CAS虚拟机时间同步操作指导书 H3C_CAS应用HA操作指导书 H3C_CAS虚拟机操作系统安装操作指导书 H3C_CAS虚拟机分组管理特性说明书 H3C_CAS虚拟机回收站操作指导书 H3C_CAS虚拟机蓝屏HA操作指导书 H3C_CAS管理帐号安全特性说明书 H3C_CAS内存气球特性操作指导书 H3C_CAS网络优先级操作指导书 H3C_CAS虚拟化软件自动安装(PXE)与发现操作指导书 H3C_CAS短信告警操作指导书 H3C_CAS告警管理操作指导书 H3C_CAS存储IO优先级操作指导书 H3C_CAS存储负载均衡操作指导书 H3C_CAS存储在线扩容操作指导书 H3C_CAS端口镜像特性操作指导书 H3C_CAS_SSV用户自助服务特性说明书 H3C_CAS_V2V离线迁移操作指导书 H3C_CAS_VDI虚拟桌面功能操作指导书 H3C_CAS_VXLAN操作指导书 H3C_CAS_JMeter性能测试操作指导书 H3C_CAS_LDAP帐号同步特性说明书 H3C_CAS_NetFlow特性操作指导书 H3C_CAS_SRM操作指导书 H3C_CAS_DRX特性增强说明书 H3C_CAS_FT特性操作指导书 H3C_CAS_GPU直通配置指导书 H3C_CAS_IP地址管理操作指导书 H3C_CAS_360解决方案病毒扫描操作指导 H3C_CAS_CAStools安装操作指导书(Red Hat Enterprise Linux Server 7.x ) H3C_CAS_CAStools升级特性操作指导书 H3C_CAS支持OVF虚拟机格式操作指导书 H3C_CAS资源性能监控操作指导书 H3C_CAS虚拟机磁盘限速功能操作指导书 H3C_CAS虚拟机快照操作指导书 H3C_CAS虚拟机列表导出功能操作指导书 H3C_CAS界面客户化定制操作指导书 H3C_CAS虚拟机安全隔离测试指导书 H3C_CAS虚拟机创建操作指导书 H3C_CAS浮动桌面池操作指导书 H3C_CAS基于集群增加共享存储操作指导书 H3C_CAS计算资源超配操作指导书 H3C_CAS_SSV云主机生命周期管理操作指导书 H3C_CAS_VDI虚拟桌面功能操作指导书 H3C_CAS本地用户批量导入功能操作指导书 H3C_CAS_CVM联动资源管理操作指导书 H3C_CAS_CVM配置备份与恢复功能操作指导书 H3C_CAS_CVM日志文件收集操作指导书

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值