cas server 端配置+2客户端配置

最新推荐文章于 2022-09-28 15:36:58 发布
最新推荐文章于 2022-09-28 15:36:58 发布
阅读量412 收藏
点赞数
文章标签: cas
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/xiaogg3678/article/details/51721336
版权

1  cas server 端配置

ticketGrantingTicketCookieGenerator.xml

<beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xmlns:p="http://www.springframework.org/schema/p"
       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd">
<description>
Defines the cookie that stores the TicketGrantingTicket.  You most likely should never modify these (especially the "secure" property).
You can change the name if you want to make it harder for people to guess.
</description>
<bean id="ticketGrantingTicketCookieGenerator" class="org.jasig.cas.web.support.CookieRetrievingCookieGenerator"
p:cookieSecure="false"
p:cookieMaxAge="6000"
p:cookieName="CASTGC"
p:cookiePath="/cas" />
</beans>



warnCookieGenerator.xml

<beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xmlns:p="http://www.springframework.org/schema/p"
       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd">
<description>
This Spring Configuration file describes the cookie used to store the WARN parameter so that a user is warned whenever the CAS service
is used.  You would modify this if you wanted to change the cookie path or the name.
</description>

<bean id="warnCookieGenerator" class="org.jasig.cas.web.support.CookieRetrievingCookieGenerator"
p:cookieSecure="false"
p:cookieMaxAge="6000"
p:cookieName="CASPRIVACY"
p:cookiePath="/cas" />
</beans>

deployerConfigContext.xml

添加:bean

 <bean id="mysqlDataSource" class="org.apache.commons.dbcp.BasicDataSource">
     <property name="driverClassName" value="com.microsoft.sqlserver.jdbc.SQLServerDriver" />
     <property name="url" value="jdbc:sqlserver://192.168.1.188:1433;DatabaseName=Performance_report"/>
     <property name="username" value="performance" />
     <property name="password" value="performance" />
</bean>


替换authenticationHandlers下面配置如下:

<property name="authenticationHandlers">
<list>
<bean class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler" p:httpClient-ref="httpClient" />
<!--注释掉默认的的认证实现<bean 
class="org.jasig.cas.authentication.handler.support.SimpleTestUsernamePasswordAuthenticationHandler" />-->
<!-- 数据库查询认证处理器 -->
<bean class="org.jasig.cas.adaptors.jdbc.QueryDatabaseAuthenticationHandler">
<property name="dataSource" ref="mysqlDataSource"/>
<property name="sql"  value=" select password from pl_user where name = ?" />
<!-- <property name="passwordEncoder">
  <bean class="org.jasig.cas.authentication.handler.DefaultPasswordEncoder">
<constructor-arg value="MD5"/>
  </bean>
</property>-->
</bean>
</list>
</property>

cas-server-support-jdbc-3.5.2.jar

sqljdbc4.jar  sqlserver驱动放到cas服务端项目lib下

commons-dbcp-1.2.2.jar

commons-collections-3.2.jar

commons-logging-1.1.jar


2  客户端配置-client-1


web.xml 添加


cas-client-core-3.2.0.jar

log4j-1.2.15.jar

commons-logging-1.1.jar






<!-- ???? -->
<listener>
<listener-class>
org.jasig.cas.client.session.SingleSignOutHttpSessionListener
</listener-class>
</listener>


<!-- ??????????????,????? -->


<filter>
<filter-name>CAS Single Sign Out Filter</filter-name>
<filter-class>
org.jasig.cas.client.session.SingleSignOutFilter
</filter-class>
</filter>


<filter-mapping>
<filter-name>CAS Single Sign Out Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>


<!-- cas登录认证服务,发放ticik -->
<filter>
<filter-name>CASFilter</filter-name>
<filter-class>
org.jasig.cas.client.authentication.AuthenticationFilter
</filter-class>
<init-param>
<param-name>casServerLoginUrl</param-name>
<param-value>
http://cas.demo.com:8080/cas/login
</param-value>
<!--app1客户端IP -->
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>http://app1.demo.com:8081</param-value>
</init-param>
</filter>


<filter-mapping>
<filter-name>CASFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>


<!-- cas登录验证tick服务 -->
<filter>
<filter-name>CAS Validation Filter</filter-name>
<filter-class>
org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter
</filter-class>


<init-param>
<param-name>casServerUrlPrefix</param-name>
<param-value>http://cas.demo.com:8080/cas</param-value>
</init-param>


<init-param>
<param-name>serverName</param-name>
<param-value>http://app1.demo.com:8081</param-value>
</init-param>


</filter>


<filter-mapping>
<filter-name>CAS Validation Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>


<!-- ????????HttpServletRequest?????,
?????????HttpServletRequest?getRemoteUser()????SSO????????,?????
-->


<filter>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<filter-class>
org.jasig.cas.client.util.HttpServletRequestWrapperFilter
</filter-class>
</filter>


<filter-mapping>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>


<!--
?????????????org.jasig.cas.client.util.AssertionHolder??????????
??AssertionHolder.getAssertion().getPrincipal().getName()? -->


<filter>
<filter-name>CAS Assertion Thread Local Filter</filter-name>
<filter-class>
org.jasig.cas.client.util.AssertionThreadLocalFilter
</filter-class>
</filter>


<filter-mapping>
<filter-name>CAS Assertion Thread Local Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>



3  客户端配置-client-2

web.xml 添加



<!-- ???? -->
<listener>
<listener-class>
org.jasig.cas.client.session.SingleSignOutHttpSessionListener
</listener-class>
</listener>





<filter>
<filter-name>CAS Single Sign Out Filter</filter-name>
<filter-class>
org.jasig.cas.client.session.SingleSignOutFilter
</filter-class>
</filter>


<filter-mapping>
<filter-name>CAS Single Sign Out Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>

<!-- cas登录认证ticked -->

<filter>
<filter-name>CASFilter</filter-name>
<filter-class>
org.jasig.cas.client.authentication.AuthenticationFilter
</filter-class>
<init-param>
<param-name>casServerLoginUrl</param-name>
<param-value>
http://cas.demo.com:8080/cas/login
</param-value>

</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>http://app2.demo.com:8082</param-value>
</init-param>
</filter>


<filter-mapping>
<filter-name>CASFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>


<!-- cas登录验证ticked-->
<filter>
<filter-name>CAS Validation Filter</filter-name>
<filter-class>
org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter
</filter-class>


<init-param>
<param-name>casServerUrlPrefix</param-name>
<param-value>http://cas.demo.com:8080/cas</param-value>
</init-param>


<init-param>
<param-name>serverName</param-name>
<param-value>http://app2.demo.com:8082</param-value>
</init-param>


</filter>


<filter-mapping>
<filter-name>CAS Validation Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>


<!-- ????????HttpServletRequest?????,
?????????HttpServletRequest?getRemoteUser()????SSO????????,?????
-->


<filter>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<filter-class>
org.jasig.cas.client.util.HttpServletRequestWrapperFilter
</filter-class>
</filter>


<filter-mapping>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>


<!--
?????????????org.jasig.cas.client.util.AssertionHolder??????????
??AssertionHolder.getAssertion().getPrincipal().getName()? -->


<filter>
<filter-name>CAS Assertion Thread Local Filter</filter-name>
<filter-class>
org.jasig.cas.client.util.AssertionThreadLocalFilter
</filter-class>
</filter>


<filter-mapping>
<filter-name>CAS Assertion Thread Local Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>


4  C:\Windows\System32\drivers\etc\hosts文件


127.0.0.1       cas.demo.com
127.0.0.1       app1.demo.com
127.0.0.1       app2.demo.com


5 对应3个tomcat server.xml 配置

<Engine name="Catalina" defaultHost="app2.demo.com">


      <!--For clustering, please take a look at documentation at:
          /docs/cluster-howto.html  (simple how to)
          /docs/config/cluster.html (reference documentation) -->
      <!--
      <Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster"/>
      -->        


      <!-- The request dumper valve dumps useful debugging information about
           the request and response data received and sent by Tomcat.
           Documentation at: /docs/config/valve.html -->
      <!--
      <Valve className="org.apache.catalina.valves.RequestDumperValve"/>
      -->


      <!-- This Realm uses the UserDatabase configured in the global JNDI
           resources under the key "UserDatabase".  Any edits
           that are performed against this UserDatabase are immediately
           available for use by the Realm.  -->
      <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
             resourceName="UserDatabase"/>


      <!-- Define the default virtual host
           Note: XML Schema validation will not work with Xerces 2.2.
       -->
      <Host name="app2.demo.com"  appBase="webapps"
            unpackWARs="true" autoDeploy="true"
            xmlValidation="false" xmlNamespaceAware="false">


        <!-- SingleSignOn valve, share authentication between web applications
             Documentation at: /docs/config/valve.html -->
        <!--
        <Valve className="org.apache.catalina.authenticator.SingleSignOn" />
        -->


        <!-- Access log processes all example.
             Documentation at: /docs/config/valve.html -->
        <!--
        <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"  
               prefix="localhost_access_log." suffix=".txt" pattern="common" resolveHosts="false"/>
        -->




<!--








<Context path="/web" docBase="E:\workspace\dxj\WebRoot\"  reloadable="true" debug="0" />


<Context path="/web" docBase="E:\workspace\pl_report\WebRoot\"  reloadable="true" debug="0" />




<Context path="/web" docBase="E:\workspace\report_single\WebRoot\"  reloadable="true" debug="0" />


<Context path="/app2" debug="0" docBase="E:\App2Work\app2\WebRoot" reloadable="true" />
-->


      </Host>



6  浏览器

http://app1.demo.com:8081/examples/servlets/TestLoginServlet

http://app2.demo.com:8082/examples/servlets/TestLoginServlet

或者tomcat6-x64自带的

examples

http://app1.demo.com:8081/examples/servlets/

http://app2.demo.com:8082/examples/servlets/


输入任意地址,均跳转到cas登录,登陆成功app1,则app2无需再次输入用户名和密码。就可以访问资源。



xiaogg3678
关注
  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
cas server 导入eclipse 配置sqlserver,mysql
07-16
可以导入eclipse的cas server项目工程,配置了mysql数据库或者sql server数据库,添加了des自定义加密算法,可改造
CAS统一登录认证(3):几个配置细节
LinBSoft的专栏
08-21 846
1.  SSL证书配置 前面测试用的是自签证证书,chrome58以后版本不能认可,如果要实用,需要申请几大认证机构的认证证书 我申请了Comodo的免费试用证书,当天就收到签发的证书文件包 解压下载的证书文件包,里面有个目录apache,目录下有三个文件:ca.crt   server.crt   server.key 使用配置方法: cd  /usr/local/apache-tom...
CAS认证登录,CAS客户配置并对接多个不同服务(spring boot)
佛系写BUG的博客
04-29 4164
Spring Boot集成CAS客户 1.服务设置授权域名或者IP 2.访问地址 完整的访问路径: https://xxx.xxx.xxx.xxx.cn/sso/login?service=https://xxx.xxxx.cn/svc/sso/login/callback/ahjzu 登录成功后,服务将信息通过回调地址返回给客户。 3.客户导入jar包 pom引入本地jar包 4.过滤器配置文件 package com.wst.oss.common.filter.lib; impor
CAS 安装配置
runargound的博客
09-28 838
CAS 基础安装配置
CAS环境搭建
ye_quiet的专栏
10-21 305
目录 cas环境搭建 1生成证书 2配置服务配置客户 四实现单点登录 目录 用 [TOC]来生成目录: cas环境搭建 本文主要记录自己的搭建过程及遇到的问题。当然借鉴了其他的博客。 原址(http://blog.csdn.net/small_love/article/details/6664831) 1、生成证书: 证书对于实现此单点登录非常
CAS单点登录(SSO)服务自定义认证+CAS客户配置+CAS完整使用文档+CAS4.2.7 cas-serv服务源码 cas-client客户源码
06-27
包含cas源码、cas使用说明文档(包含配置信息)、连接数据库所需jar包、cas服务自定义返回值等
cas4.1.4server服务+client
07-06
cas4.1.4server服务+client 解包直接使用 0配置---------------------
单点登录cas-server4.0+client
最新发布
10-28
单点登录cas-server4.0+client,把压缩包内的cas4放在tomcat-7.0.81安装目录的webapps文件夹下面,运行tomcat会自动安装服务客户用的是官网ExampleWebSite,由于没有配置casproxy,已经把web.config的...
CAS客户与服务器配置
11-27
CAS Server 为需要独立部署的 Web 应用。 CAS Client 支持非常多的客户(这里指单点登录系统中的各个 Web 应用),包括 Java, .Net, PHP, Perl, Apache, uPortal, Ruby 等。 邮箱 erp oa 有一个特点 就是密码和...
cas单点登录服务器客户的demo
05-19
cas单点登录服务器客户配置说明,以及源码解析,实例演示。
搭建cas服务,cas与sqlserver连接,cas与security连接
10-31
附件为本人搭建的cas服务、cas与sqlserver连接以及cas与security连接,欢迎学习、指导、交流,谢谢大家。
Cas之5.2.x版本之单点登录服务安装(SpringBoot启动)-yellowcong
02-02 1万+
Cas5.2版本的springboot服务搭建,之前搞过,都是通过打成war包,然后放到tomcat跑的方式,比较的low,应广大吃瓜群众的要求,我就写了这一篇博文,关于springboot启动cas的方式。说实话,以前我没打算写得,因为没人问我这个需求,后来问的人多了。 项目源码https://gitee.com/yellowcong/springboot_cas/tree/master/cas-
[异常笔记]启动DFS报错:Cannot find configuration directory: /etc/hadoop
weixin_34392906的博客
04-11 848
[hadoop@master ~]$ start-dfs.sh Incorrect configuration: namenode address dfs.namenode.servicerpc-address or dfs.namenode.rpc-address is not configured. Starting namenodes on [] Error: Cannot fin...
cas 配置数据源 , 解决CAS 不支持你提供的凭证
岑国程
09-30 1万+
(HTTP方式) 安装环境 Tomcat7.0JDK6CAS SERVER 3.5.2,下载地址  http://www.jasig.org/cas/download 1.打开cas\WEB-INF\deployerConfigContext.xml文件 (1) 注销系统默认登录方式: <bean class="org.jasig.cas.authentication.
CAS单点登录(SSO)介绍及部署
热门推荐
架构师修炼道路
02-19 2万+
介绍CASCAS 是Yale(耶鲁)大学的一个开源的企业级单点登录系统,它的特点: Java (Spring Webflow/Spring Boot) 服务组件 可插拔身份验证支持(LDAP,Database,X.509,MFA) 支持多种协议(CAS,SAML,OAuth,OpenID,OIDC) 跨平台客户支持(Java,.Net,PHP,Perl,Apache等) 与uPortal,Lif
CAS单点登录之mysql数据库用户验证及常见问题
gaojiyinhang2的专栏
05-23 3323
前面已经介绍了CAS服务器的搭建,详情见:搭建CAS单点登录服务器。然而前面只是简单地介绍了服务器的搭建,其验证方式是原始的配置文件的方式,这显然不能满足日常的需求。下面介绍下通过mysql数据库认证的方式。   一、CAS认证之mysql数据库认证   1、在mysql中新建一个cas数据库并创建user表 CREATE DATABASE /*!32312 IF NOT EXIST
cas server登录成功后 重定向指定的客户路径 如何设置
06-08
CAS服务中,可以在`cas.properties`配置文件中设置`cas.login.redirectParameter`参数,该参数指定了登录成功后重定向到客户应用程序时所需的参数名,默认值为`service`。如果您想要将用户重定向到客户应用...

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值