1.1环境要求
1、杏彩合买源码分享
下载
2、大圣源码论坛
下载
3、迪士尼乐园平台源码
下载
4、皇冠体育二代信用盘
下载
1.1开始搭建
1.1.1创建/导入证书
注:如果不需要HTTPS进行访问,则可以跳过创建/导入证书这一节。
(1)使用JDK自带的keytool工具生成证书。
keytool -genkey -alias cassso -keyalg RSA -keystore E:/cas/keys/cassso.keystore
(2)导出证书
keytool -export -file E:/cas/keys/cassso.crt -alias cassso -keystore E:/cas/keys/cassso.keystore
(3)将证书导入到JDK中,出现如下图表示导出成功。注:这里输入密码是JDK的,如果没有修改过密码为:changeit
(4)配置TOMCAT
在tomcat目录下conf打开server.xml,找到84行,删除注释。
修改前:
-
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
-
maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
-
clientAuth="false" sslProtocol="TLS" />
-
<Connector port="8443" protocol="HTTP/1.1"
-
maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
-
clientAuth="false" sslProtocol="TLS"
-
keystoreFile="E:/cas/keys/cassso.keystore" keystorePass="123456"/>
1.1.2部署CAS SERVER端
(1)解压cas-server-4.0.0-release.zip 解压后在modules找到cas-server-webapp-4.0.0.war,将其拷贝到tomcat webapps下,运行tomcat,启动成功后在浏览器
输入:https://localhost:8443/cas-server-webapp-4.0.0/
显示如下页面,那就恭喜你已经部署成功了。
(2)输入用户名:casuser,密码:Mellon 登录,登录成功如下图:
这里我配置了证书,CAS默认是采用HTTPS的,如果没有配置证书,不需要用HTTPS更改以下配置,关闭即可
(1)修改配置文件:deployerConfigContext.xml
- <code class="language-html">修改前:
- <bean id="proxyAuthenticationHandler"
- class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler"
- p:httpClient-ref="httpClient" />
- 修改后:
- <bean id="proxyAuthenticationHandler"
- class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler"
- p:httpClient-ref="httpClient" p:requireSecure="false"/></code>
(2)修改配置文件:spring-configuration->ticketGrantingTicketCookieGenerator.xml
-
修改前:
-
<bean id="ticketGrantingTicketCookieGenerator" class="org.jasig.cas.web.support.CookieRetrievingCookieGenerator"
-
p:cookieSecure="true"
-
p:cookieMaxAge="-1"
-
p:cookieName="CASTGC"
-
p:cookiePath="/cas" />
-
修改后:
-
<bean id="ticketGrantingTicketCookieGenerator" class="org.jasig.cas.web.support.CookieRetrievingCookieGenerator"
-
p:cookieSecure="false"
-
p:cookieMaxAge="-1"
-
p:cookieName="CASTGC"
-
p:cookiePath="/cas" />
(3)修改配置文件:spring-configuration->warnCookieGenerator.xml
-
修改前:
-
<bean id="warnCookieGenerator" class="org.jasig.cas.web.support.CookieRetrievingCookieGenerator"
-
p:cookieSecure="true"
-
p:cookieMaxAge="-1"
-
p:cookieName="CASPRIVACY"
-
p:cookiePath="/cas" />
-
修改后:
-
<bean id="warnCookieGenerator" class="org.jasig.cas.web.support.CookieRetrievingCookieGenerator"
-
p:cookieSecure="false"
-
p:cookieMaxAge="-1"
-
p:cookieName="CASPRIVACY"
-
p:cookiePath="/cas" />
(4)在浏览器上输入:http://localhost:8080/cas-server-webapp-4.0.0
1.1.3CAS客户端部署
(1)在需要单点登录的应用web.xml中加入以下代码:
-
<!-- 用于单点登录退出监听 -->
-
<listener>
-
<listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class>
-
</listener>
-
<!--该过滤器用于实现单点登出功能,可选配置。 -->
-
<filter>
-
<filter-name>CASSingle Sign OutFilter</filter-name>
-
<filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>
-
</filter>
-
<filter-mapping>
-
<filter-name>CASSingle Sign OutFilter</filter-name>
-
<url-pattern>/*</url-pattern>
-
</filter-mapping>
-
<filter>
-
<filter-name>CASFilter</filter-name>
-
<filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>
-
<init-param>
-
<param-name>casServerLoginUrl</param-name>
-
<param-value>http://localhost:8080/cas-server/login</param-value>
-
</init-param>
-
<init-param>
-
<param-name>serverName</param-name>
-
<param-value>http://localhost:8180</param-value>
-
</init-param>
-
</filter>
-
<filter-mapping>
-
<filter-name>CASFilter</filter-name>
-
<url-pattern>/*</url-pattern>
-
</filter-mapping>
-
<!--该过滤器负责对Ticket的校验工作,必须启用它 -->
-
<filter>
-
<filter-name>CASValidationFilter</filter-name>
-
<filter-class>
-
org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter
-
</filter-class>
-
<init-param>
-
<param-name>casServerUrlPrefix</param-name>
-
<param-value>http://localhost:8080/cas-server</param-value>
-
</init-param>
-
<init-param>
-
<param-name>serverName</param-name>
-
<param-value>http://localhost:8180</param-value>
-
</init-param>
-
</filter>
-
<filter-mapping>
-
<filter-name>CASValidationFilter</filter-name>
-
<url-pattern>/*</url-pattern>
-
</filter-mapping>
-
<!-- 该过滤器负责实现HttpServletRequest请求的包裹, 比如允许开发者通过HttpServletRequest的getRemoteUser()方法获得SSO登录用户的登录名,可选配置。 -->
-
<filter>
-
<filter-name>CASHttpServletRequest WrapperFilter</filter-name>
-
<filter-class>
-
org.jasig.cas.client.util.HttpServletRequestWrapperFilter
-
</filter-class>
-
</filter>
-
<filter-mapping>
-
<filter-name>CASHttpServletRequest WrapperFilter</filter-name>
-
<url-pattern>/*</url-pattern>
-
</filter-mapping>
-
<!-- 该过滤器使得开发者可以通过org.jasig.cas.client.util.AssertionHolder来获取用户的登录名。 比如AssertionHolder.getAssertion().getPrincipal().getName()。 -->
-
<filter>
-
<filter-name>CASAssertion Thread LocalFilter</filter-name>
-
<filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class>
-
</filter>
-
<filter-mapping>
-
<filter-name>CASAssertion Thread LocalFilter</filter-name>
-
<url-pattern>/*</url-pattern>
-
</filter-mapping>
(2)添加以下依赖:
-
<dependency>
-
<groupId>org.jasig.cas.client</groupId>
-
<artifactId>cas-client-core</artifactId>
-
<version>3.4.1</version>
-
</dependency>
(3)加入修改相应的项目端口地址即可。