How to use Tomcat and CAS for single Sign-on (2): Configure CAS database validation and CAS client configuration

(1), the previous article mainly described the deployment of Tomcat and the CAS server side.

Next there are two main steps.

Note: To turn on two Tomcat, remove the environment variable of the directly configured Tomcat!!!!!!!!!!

Client Configuration MySQL Database Login

First, create a new database named Test in MySQL, new table name user, add two columns: username and password.

Insert a data: INSERT into User (Username,password) VALUES (' Test ', ' test ');

Cas Server 4.0.0 version

After the Cas.war is placed in the Tomcat WebApps directory, after extracting the CAS directory, open the Deployerconfigcontext.xml file in the Web-inf directory.

Find the following places:

Here is the original CAs login method, that is, Casuer/mellon account/password login. Modified to read as follows:

Here is the Add data source.

and add the following:

<bean id= "DataSource" class= "Org.springframework.jdbc.datasource.DriverManagerDataSource" >

<property name= "Driverclassname" >

<value>com.mysql.jdbc.Driver</value>

</property>

<property name= "url" >

<value>jdbc:mysql://localhost:3306/test</value>

</property>

<property name= "username" >

<value>root</value>

</property>

<property name= "Password" >

<value>123456</value>

</property>

</bean>

Now, we open open the CAs login interface, you can log in with Test/test account password.

Configure CAs Client

Re-unzip a tomcat, named Tomcat-app.

Download cas-client-3.3.2, unzip, the modules directory under the Cas-client-core-3.3.2.jar copy to Tomcat-app under the Lib directory under the Webapps/examples/web-inf.

Modify the Server.xml file in the Conf directory

Primarily modifies the run port to prevent port collisions. The following changes are included:

Take Tomcat's own examples as an example.

First, open the Web-inf directory under the Webapps/examples directory, open the Web. xml file, and add the following content:

<!--======================== Single Sign-on start ========================

<filter>

<filter-name>cas filter</filter-name>

<filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>

<init-param>

<param-name>casServerLoginUrl</param-name>

<param-value>https://lyt.cas.com:8443/cas/login</param-value>

</init-param>

<init-param>

<param-name>serverName</param-name>

<param-value>http://lyt.app.com:18080</param-value>

</init-param>

</filter>

<filter-mapping>

<filter-name>cas filter</filter-name>

<url-pattern>/*</url-pattern>//This means CAS authentication is required to access all content in the examples directory, or it can be changed to <url-pattern>/servlets/ Servlet/helloworldexample</url-pattern>, this would require CAS authentication only when accessing the HelloWorld example.

</filter-mapping>

<!--the filter is responsible for verifying the ticket, it must be enabled--

<filter>

<filter-name>cas Validation filter</filter-name>

<filter-class>org.jasig.cas.client.validation.cas20proxyreceivingticketvalidationfilter</filter-class >

<init-param>

<param-name>casServerUrlPrefix</param-name>

<param-value>https://lyt.cas.com:8443/cas</param-value>

</init-param>

<init-param>

<param-name>serverName</param-name>

<param-value>http://lyt.app.com:18080</param-value>

</init-param>

</filter>

<filter-mapping>

<filter-name>cas Validation filter</filter-name>

<url-pattern>/*</url-pattern>

</filter-mapping>

<!--======================== Single Sign-on end ========================-

Next, let's test it.

Run two tomcat at the same time, enter in the browser: lyt.app.com:18080/examples/servlets/servlet/helloworldexample

Discovery automatically jumps to the CAS login page.

After entering the account password Test/test, the login is successful. Jumps to the target page.

This is a successful initial configuration of CAs single sign-on.

How to use Tomcat and CAS for single Sign-on (2): Configure CAS database validation and CAS client configuration