1.解压cas-server-3.4.8-release.zip 成cas-server-3.4.8文件,拷贝cas-server-3.4.8\modules\cas-server-webapp-3.4.8.war到复制到tomcat的webapps目录,并重命名为cas.war,启动tomcat后就可以访问这个应用了。
2.修改第一处:
cas/l
<bean class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler"
p:httpClient-ref="httpClient"/>
增加参数p:requireSecure="false",是否需要安全验证,即HTTPS,false为不采用。修改后为:
<bean class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler"
p:httpClient-ref="httpClient" p:requireSecure="false"/>
修改第二处:
cas/WEB-INF/l
<bean id="ticketGrantingTicketCookieGenerator" class="org.jasig.cas.web.support.CookieRetrievingCookieGenerator"
p:cookieSecure="true"
p:cookieMaxAge="-1"
p:cookieName="CASTGC"
p:cookiePath="/cas" />
3.访问localhost:8443/cas/login 显示cas登录页面则,服务器配置成功
4. 修改CAS登录的用户库
CAS的默认设置是只要用户名和密码相同,即可进行登录成功,真正的系统用户名和密码相同的可能性极小,所以我们需要修改默认的设置。
主要的修改在l文件里
位置:<TOMCAT_HOME>/webapps/cas/WEB-INF。
首先到
<bean class="org.jasig.cas.authentication.handler.support.SimpleTestUsernamePasswordAuthenticationHandler" />
注释该行,加入下面的bean:
<bean class="org.jasig.cas.adaptors.jdbc.QueryDatabaseAuthenticationHandler">
<property name="sql" value="select password from clientuser where username=?" />
<property name="dataSource" ref="dataSource" />
</bean>
这里bean的class属性用到的是CAS服务器端封装的JDBC包cas-server-jdbc-3.0.5-rc2.jar里的
QueryDatabaseAuthenticationHandler方法,所以要将此包拷贝到/WEB-INF下的lib中。
这里sql属性是从clientuser表中根据cas登陆名查密码。
dataSource属性需要再添加一个bean,如下:
<bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource">
<property name="driverClassName">
<value&sql.jdbc.Driver</value>
</property>
<property name="url">
<value>jdbc:mysql://192.168.1.130:3306/sso</value>
param name</property>
<property name="username">
<value>root</value>
</property>
<property name="password">
<value>pass</value>
</property>
</bean>
6.由于使用的是oracle 9i的数据库要把ojdbc14.jar驱动包copy到C:/tomcat5.5.26/common/lib目录下。
7.需要copy到C:/tomcat5.5.26/webapps/cas/WEB-INF/lib下的文件:
commons-collections-3.2.jar
commons-dbcp-1.2.1.jar
commons-pool-1.3.jar
ojdbc14.jar
-
-cas-server-jdbc-3.0.5.jar
cas
-server-support-jdbc-3.2.jar
8、启用tomcat中的l中以下配置
<!-- Define a SSL HTTP/1.1 Connector on port 8443 -->
<Connector port="8443" maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" />
在cas客户端应用的web-inf/lib下,放入cas-client-core-3.2.0.jar文件
9、在要进行认证的工程的l中,增加以下配置:
<!-- 使网站使用CAS进行身份认证 -->
<filter>
<filter-name>CAS Authentication Filter</filter-name>
<filter-class>
org.jasig.cas.client.authentication.AuthenticationFilter
</filter-class>
<init-param>
<param-name>casServerLoginUrl</param-name>
<param-value>
localhost:8443/cas/login
</param-value>
</init-param>
<init-param>
<param-name>renew</param-name>
<param-value>false</param-value>
</init-param>
<init-param>
<param-name>gateway</param-name>
<param-value>false</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>localhost:9000</param-value>
</init-param>
</filter>
<filter>
<filter-name>CAS Validation Filter</filter-name>
<filter-class>
org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter
</filter-class>
<init-param>
<param-name>casServerUrlPrefix</param-name>
<param-value>localhost:8443/cas</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>localhost:9000</param-value>
</init-param>
<init-param>
<param-name>useSession</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>redirectAfterValidation</param-name>
<param-value>true</param-value>
</init-param>
</filter>
<filter>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<filter-class>
org.jasig.cas.client.util.HttpServletRequestWrapperFilter
</filter-class>
</filter>
<filter>
<filter-name>CAS Assertion Thread Local Filter</filter-name>
<filter-class>
org.jasig.cas.client.util.AssertionThreadLocalFilter
</filter-class>
</filter>
<filter>
<filter-name>loginFilter</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
<init-param>
<param-name>targetFilterLifecycle</param-name>
<param-value>true</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CAS Authentication Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS Validation Filter</filter-name>
<url-pattern>/*</url-pattern
>
</filter-mapping>
<filter-mapping>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS Assertion Thread Local Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
访问localhost:9000/test1/welcome1.jsp,跳转到cas登录页面
版权声明:本站内容均来自互联网,仅供演示用,请勿用于商业和其他非法用途。如果侵犯了您的权益请与我们联系QQ:729038198,我们将在24小时内删除。
发表评论