配置uPortal的cas
uPortal 4 默认绑定了一个cas服务. 这个cas 服务跟uPortal服务一起启动。
如果默认的cas有以下几项发生改变之后,要想uPortal继续能够使用默认绑定的cas,则uPortal也要修改两个文件才能继续使用cas:web.xml和security.properties。
- server hostname cas
- server port
- SSL/non-SSL
- application context name change
- uPortal和cas不再用localhost访问,从其他地方用ip访问
Option 1: 修改默认自带的cas
Step 1: 修改filters/local.properties
1. NEW: 在filters文件夹, local.properties文件记录了cas服务器的配置,把“localhost:8080”改成cas修改后的地址即可。
# HSQL Configuration
environment.build.hsql.port=
8887
# Database Connection Settings (Uncomment the Maven Filters section in rdbm.properties)
environment.build.hibernate.connection.driver_class=org.hsqldb.jdbc.JDBCDriver
environment.build.hibernate.connection.url=jdbc:hsqldb:hsql:
//localhost:${environment.build.hsql.port}/uPortal
environment.build.hibernate.connection.username=sa
environment.build.hibernate.connection.password=
environment.build.hibernate.dialect=org.hibernate.dialect.HSQLDialect
# uPortal server configuration properties
environment.build.uportal.server=localhost:
8080
environment.build.uportal.protocol=http
environment.build.uportal.context=/uPortal
environment.build.uportal.email.fromAddress=portal
@university
.edu
# CAS server configuration properties
environment.build.cas.server=localhost:
8080
environment.build.cas.protocol=http
|
Step 2: uportal-war/src/main/resources/properties/security.properties
如果你要修改uPortal首页的登录和登出连接,则找到security.properties文件,修改即可。
 | logoutRedirect.root 默认情况下登出是跳到了cas的登出页面. 如果你想用户点击“ logging out“跳转到你想要的页面 你就把登出超链接的"url="修改成"service="
|
## This is the factory that supplies the concrete authentication
class
root=org.jasig.portal.security.provider.UnionSecurityContextFactory
root.cas=org.jasig.portal.security.provider.cas.CasAssertionSecurityContextFactory
#root.cas=org.jasig.cas3.extensions.clearpass,integration.uportal.PasswordCachingCasAssertionSecurityContextFactory
root.simple=org.jasig.portal.security.provider.SimpleSecurityContextFactory
## Answers what tokens are examined in the request
for
each context during authentication.
## A subcontext only needs to set its tokens
if
it differs from those of the root context.
principalToken.root=userName
credentialToken.root=password
credentialToken.root.cas=ticket
## Answers where the user will be redirected when log out occurs. Each security context can have one.
## (See comments in the LogoutServlet
class
)
## It would be better to escape the value of the url parameter, but since there are no parameters on the
## unescaped URL and since there are no further parameters on the logout URL,
this
does work.
logoutRedirect.root=${environment.build.cas.protocol}:
//${environment.build.cas.server}/cas/logout?url=${environment.build.uportal.protocol}://${environment.build.uportal.server}${environment.build.uportal.context}/Login
## This is the factory that supplies the concrete authorization
class
authorizationProvider=org.jasig.portal.security.provider.AuthorizationServiceFactoryImpl
## Login URL,
if
specified the CLogin channel will display a Login link with
##
this
URL instead of the standard userName/password form.
org.jasig.portal.channels.CLogin.CasLoginUrl=${environment.build.cas.protocol}:
//${environment.build.cas.server}/cas/login?service=${environment.build.uportal.protocol}://${environment.build.uportal.server}${environment.build.uportal.context}/Login
## URL of the CAS cleartext password service
#org.jasig.cas3.extensions.clearpass.integration.uportal.PasswordCachingCasAssertionSecurityContextFactory.clearPassCasUrl=${environment.build.cas.protocol}:
//${environment.build.cas.server}/cas/clearPass
###
...
|
Step 3: Rebuild uPortal
这里是要先情况之前老的部署,cmd命令进入..\uPortal-4.0.5-quick-start\uPortal-4.0.5,不能会报出找不到clean这个目标
ant clean deploy-ear
|
Step 4: Restart Tomcat
| Note: If you choose not to configure the CasLoginUrl parameter you will receive the following error, "Could not resolve property placeholder ${org.jasig.portal.channels.CLogin.CasLoginUrl}". This error stems from the CasLoginUrl parameter being referenced in two files: jsonRenderingPipelinContext.xml andrenderingPipelineContext.xml located in the directory path, uportal-war/src/main/resources/properties/contexts. Therefore, you will need to remove (comment out) the CasLoginUrl parameter reference in the two xml files. <entry key="EXTERNAL_LOGIN_URL" value="${org.jasig.portal.channels.CLogin.CasLoginUrl}" />
|
Option 2: 配置使用外部独立配置的CAS
要使 uPortal 使用外部的cas.同样的要先进行上面的配置。不同的是,你也许想把原来的移除掉
Steps 1 and 2:跟上面配置一样,修改两个文件。
同上,修改 web.xml和 security.properties两个文件,让uPortal找打新的CAS的URL
Step 3: 移除默认的CAS
通过命令”ant deploy-ear“来移除默认cas,先修改:
- 注释或删除uportal-portlets-overlay/pom.xml文件的
<module>cas</module>. - 注释或删除 uportal-ear/pom.xml 的CAS <dependency>部分和 <webModule> 元素 .
Step 4. Rebuild uPortal
ant clean deploy-ear
|
2479
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
