配置cas服务器和客户端

Posted 黑客不黑撒

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了配置cas服务器和客户端相关的知识,希望对你有一定的参考价值。

1.编译cas
下载 cas-4.1.9.tar.gz
tar -xzf cas-4.1.9.tar.gz
cd cas-4.1.9
mvn clean install -DskipTests

2.cd cas-server-webapp/target/cas.war ../server-tomcat-8.0.12/webapps/

启动tomcat

通过浏览器访问https://server.hacker.org:8443/cas

用户名和密码在casWEB-INFdeployerConfigContext.xml文件中定义
<entry key="casuser" value="Mellon"/>

3.客户端tomcat 配置
两个tomcat-8.0.12webappsexamplesWEB-INFlib下添加cas-client-core-3.2.0.jar、commons-logging-1.1.3.jar、slf4j-api-1.7.12.jar三个jar包

修改login-tomcat-8.0.12webappsexamplesWEB-INFweb.xml
添加

<filter>
<filter-name>CAS Single Sign Out Filter</filter-name>
<filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>
<init-param>
<param-name>casServerUrlPrefix</param-name>
<param-value>https://server.hacker.org:8443/cas</param-value>
</init-param>
</filter>

<listener>
<listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class>
</listener>

<filter>
<filter-name>CAS Authentication Filter</filter-name>
<filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>
<init-param>
<param-name>casServerLoginUrl</param-name>
<param-value>https://server.hacker.org:8443/cas/login</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>https://login.hacker.org:18443</param-value>
</init-param>
</filter>

<filter>
<filter-name>CAS Validation Filter</filter-name>
<filter-class>org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</filter-class>
<init-param>
<param-name>casServerUrlPrefix</param-name>
<param-value>https://server.hacker.org:8443/cas</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>https://login.hacker.org:18443</param-value>
</init-param>
<init-param>
<param-name>redirectAfterValidation</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>useSession</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>authn_method</param-name>
<param-value>mfa-duo</param-value>
</init-param>
</filter>

<filter>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class>
</filter>

<filter-mapping>
<filter-name>CAS Single Sign Out Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>

<filter-mapping>
<filter-name>CAS Validation Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>

<filter-mapping>
<filter-name>CAS Authentication Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>

<filter-mapping>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>


blog-tomcat-8.0.12的修改如下:


<filter>
<filter-name>CAS Single Sign Out Filter</filter-name>
<filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>
<init-param>
<param-name>casServerUrlPrefix</param-name>
<param-value>https://server.hacker.org:8443/cas</param-value>
</init-param>
</filter>

<listener>
<listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class>
</listener>

<filter>
<filter-name>CAS Authentication Filter</filter-name>
<filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>
<init-param>
<param-name>casServerLoginUrl</param-name>
<param-value>https://server.hacker.org:8443/cas/login</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>https://blog.hacker.org:28443</param-value>
</init-param>
</filter>

<filter>
<filter-name>CAS Validation Filter</filter-name>
<filter-class>org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</filter-class>
<init-param>
<param-name>casServerUrlPrefix</param-name>
<param-value>https://server.hacker.org:8443/cas</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>https://blog.hacker.org:28443</param-value>
</init-param>
<init-param>
<param-name>redirectAfterValidation</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>useSession</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>authn_method</param-name>
<param-value>mfa-duo</param-value>
</init-param>
</filter>

<filter>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class>
</filter>

<filter-mapping>
<filter-name>CAS Single Sign Out Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>

<filter-mapping>
<filter-name>CAS Validation Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>

<filter-mapping>
<filter-name>CAS Authentication Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>

<filter-mapping>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>

启动login和blog tomcat

4.访问,见证奇迹的时候到了
访问
https://login.hacker.org:18443/examples/servlets/servlet/HelloWorldExample
输入用户名和密码
再访问
https://blog.hacker.org:28443/examples/servlets/servlet/HelloWorldExample
发现不用输入用户名和密码就可以登录
退出登录
https://server.hacker.org:8443/cas/logout
再次访问
https://login.hacker.org:18443/examples/servlets/servlet/HelloWorldExample
发现又要登录









































































































































以上是关于配置cas服务器和客户端的主要内容,如果未能解决你的问题,请参考以下文章

Cas 服务器 Service(Cas客户端)注册信息维护

CAS4.2单点登录如何配置多个系统登录一次和退出到登录页问题

cas单点登录服务端客户端搭建

CAS-5.3单点登录/退出客户端搭建(Springboot)

CAS —— Mac下配置CAS到Tomcat(服务端)(转)

用cas来实现php的单点登陆