CAS configuration log (1)

Last Update:2018-07-26 Source: Internet

Author: User

Tags cas wrapper

Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more ＞

In order to facilitate the establishment of a dedicated certificate to create the existence of the directory;
F:/casfile

First, note: Through a number of failures through the summary
1, JDK installed in a directory with spaces (such as: D:/program files/java/jdk1.5), often appear to find the path error.
2, Keytool use Java environment variables, is different case.

Second, start installation and configuration

1. Generate a Tomcat security certificate,

Running: cmd

Input:%java_home%/bin/keytool-genkey-alias tomcat-keyalg RSA

Enter

Password: Changeit

User name, localhost
Other Casual
To appear ... When [on], enter Y, return
Enter password again; Tomcat (password for security certificate)

Generated by default. KeyStore in C:/Documents and settings/your Windows user name/Next

2. Generate server Certificate

%java_home%/bin/keytool-export-alias Tomcat-file SERVER.CRT

In F: "Casfile will see a server.crt file;"

No matter what it is, go on ...

%java_home%/bin/keytool-import-file Server.crt-keystore%java_home%/jre/lib/security/cacerts

Note The password is: Changeit

3. certificate to produce server
Keytool-genkey-alias My-alias-name-keyalg Rsa-keystore Keystore-file

Enter the same content as 1

4. Start configuring the User Center site for the server:
Configuring Tomcat with HTTPS in the server

Add the following code in the Tomcat5/conf/server.xml

<connector classname= "Org.apache.coyote.tomcat5.CoyoteConnector"
Port= "8443" minprocessors= "5" maxprocessors= "75"
Enablelookups= "true" disableuploadtimeout= "true"
Acceptcount= "debug=" "0" scheme= "https"
Secure= "true" >
<factory classname= "Org.apache.coyote.tomcat5.CoyoteServerSocketFactory"

Keystorefile= "F:/casfile/keystore-file"

keystorepass= "Changeit" clientauth= "false" protocol= "TLS"/>

</Connector>

Unzip the Cas-server-3.1.1-release.zipp and copy the "modules" Cas-server-webapp-3.3.1.war to the TOMCAT5 WebApps and rename it to Cas.war

5. Start configuring application sites such as App1

Xml

<filter-name>cas Authentication filter</filter-name>

<filter-class>

Org.jasig.cas.client.authentication.AuthenticationFilter

</filter-class>

<init-param>

<param-name>casServerLoginUrl</param-name>

<param-value>

Https://a.site.com:8443/cas/login

</param-value>

</init-param>

<init-param>

<param-name>renew</param-name>

<param-value>false</param-value>

</init-param>

<init-param>

<param-name>gateway</param-name>

<param-value>false</param-value>

</init-param>

<init-param>

<param-name>serverName</param-name>

<param-value>http://d.site.com:8080</param-value>

</init-param>

</filter>

<filter-name>cas Validation filter</filter-name>

<filter-class>

Org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter

</filter-class>

<init-param>

<param-name>casServerUrlPrefix</param-name>

<param-value>https://a.site.com:8443/cas</param-value>

</init-param>

<init-param>

<param-name>serverName</param-name>

<param-value>http://d.site.com:8080</param-value>

</init-param>

<init-param>

<param-name>useSession</param-name>

<param-value>true</param-value>

</init-param>

<init-param>

<param-name>redirectAfterValidation</param-name>

<param-value>true</param-value>

</init-param>

</filter>

<filter-name>cas HttpServletRequest Wrapper filter</filter-name>

<filter-class>

Org.jasig.cas.client.util.HttpServletRequestWrapperFilter

</filter-class>

</filter>

<filter-name>cas Assertion Thread Local filter</filter-name>

<filter-class>

Org.jasig.cas.client.util.AssertionThreadLocalFilter

</filter-class>

</filter>

<filter-mapping>

<filter-name>cas Authentication filter</filter-name>

<url-pattern>/*</url-pattern>

</filter-mapping>

<filter-mapping>

<filter-name>cas Validation filter</filter-name>

<url-pattern>/*</url-pattern>

</filter-mapping>

<filter-mapping>

<filter-name>cas HttpServletRequest Wrapper filter</filter-name>

<url-pattern>/*</url-pattern>

</filter-mapping>

<filter-mapping>

<filter-name>cas Assertion Thread Local filter</filter-name>

<url-pattern>/*</url-pattern>

</filter-mapping>

1<filter>
2
3 <filter-name>cas Authentication filter</filter-name>
4
5 <filter-class>
6
7 Org.jasig.cas.client.authentication.AuthenticationFilter
8
9 </filter-class>
10
<init-param>
12
<param-name>casServerLoginUrl</param-name>
14
<param-value>
16
Https://a.site.com:8443/cas/login
18
</param-value>
20
</init-param>
22
23
24
<init-param>
26
<param-name>renew</param-name>
28
<param-value>false</param-value>
30
31

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

Sales Support

1 on 1 presale consultation

Chat Contact Sales
After-Sales Support

24/7 Technical Support 6 Free Tickets per Quarter Faster Response

Open a Ticket
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

Learn More