1.环境准本
jdk1.8 maven gradle tomcat8
2.下载cas
wget https://github.com/apereo/cas-gradle-overlay-template/archive/master.zip
unzip master.zip
cd cas-gradle-overlay-template-master
3.配置管理,注意CAS配置文件版本之间不能通用
3.1修改gradle下载路径,否则可能下载报错
vim gradle/wrapper/gradle-wrapper.properties
#distributionUrl=https\://services.gradle.org/distributions/gradle-3.1-bin.zip
distributionUrl=https\://downloads.gradle.org/distributions/gradle-3.1-bin.zip
3.2添加cas jdbc支持库
vim cas/build.gradle
在dependencies域里添加compile "org.apereo.cas:cas-server-support-jdbc:${project.'cas.version'}"
3.3添加cas数据库配置
vim etc/cas/config/cas.properties(工程下的etc目录)
cas.server.name: https://cas.example.org:8443
cas.server.prefix: https://cas.example.org:8443/cas
cas.adminPagesSecurity.ip=127\.0\.0\.1
logging.config: file:/etc/cas/config/log4j2.xml
# cas.serviceRegistry.config.location: classpath:/services
# 覆盖掉静态授权默认用户 cas默认用户casuser密码Mellon
cas.authn.accept.users=
# 数据库授权配置
cas.authn.jdbc.query[0].sql=SELECT pwd FROM customer WHERE phone=?
cas.authn.jdbc.query[0].healthQuery=SELECT 1
cas.authn.jdbc.query[0].isolateInternalQueries=false
cas.authn.jdbc.query[0].url=jdbc:${mysql_url}?characterEncoding=utf8&useSSL=true
cas.authn.jdbc.query[0].failFast=true
cas.authn.jdbc.query[0].isolationLevelName=ISOLATION_READ_COMMITTED
# cas.authn.jdbc.query[0].dialect=org.hibernate.dialect.HSQLDialect
cas.authn.jdbc.query[0].dialect=org.hibernate.dialect.MySQLDialect
cas.authn.jdbc.query[0].leakThreshold=10
cas.authn.jdbc.query[0].propagationBehaviorName=PROPAGATION_REQUIRED
cas.authn.jdbc.query[0].batchSize=1
# 数据库用户
cas.authn.jdbc.query[0].user=${db.user}
cas.authn.jdbc.query[0].ddlAuto=create-drop
cas.authn.jdbc.query[0].maxAgeDays=180
# 数据库密码
cas.authn.jdbc.query[0].password=${db.pwd}
cas.authn.jdbc.query[0].autocommit=false
cas.authn.jdbc.query[0].driverClass=com.mysql.jdbc.Driver
cas.authn.jdbc.query[0].idleTimeout=5000
# cas.authn.jdbc.query[0].credentialCriteria=
# NONE不加密 DEFAULT算法加密
# cas.authn.jdbc.query[0].passwordEncoder.type=NONE|DEFAULT|STANDARD|BCRYPT
cas.authn.jdbc.query[0].passwordEncoder.type=DEFAULT
# cas.authn.jdbc.query[0].passwordEncoder.characterEncoding=
# 算法名称 如MD5 SHA
cas.authn.jdbc.query[0].passwordEncoder.encodingAlgorithm=MD5
# cas.authn.jdbc.query[0].passwordEncoder.secret=
# cas.authn.jdbc.query[0].passwordEncoder.strength=16
# cas.authn.jdbc.query[0].principalTransformation.suffix=
# cas.authn.jdbc.query[0].principalTransformation.caseConversion=NONE|UPPERCASE|LOWERCASE
# cas.authn.jdbc.query[0].principalTransformation.prefix=
3.2客户端支持http协议
vim src/main/resources/services/HTTPSandIMAPS-10000001.json
{
"@class" : "org.apereo.cas.services.RegexRegisteredService",
"serviceId" : "^(https|http)://.*",
"name" : "HTTPS and http",