CAS + Tomcat Configuration steps detailed notes (i)

First you need to prepare the resources as follows:

cas-server-4.0.0-release.zip,cas-client-2.0.11.zip,apache-tomcat-6.0.29

The following operations operate under DOS ("Start-to-run", enter "cmd"), deploy the CAS server-side SSL generation

1. Build the service End library file (what is your first and last name?) Here you need to fill in your computer name, my Computer name is ZK)

keytool-genkey-alias tomcat-server-keyalg rsa-keypass changeit-storepass changeit-keystore server.keystore

2. Export server-side certificates

keytool-export-alias tomcat-server-storepass changeit-file server.cer-keystore server.keystore

3. Generating Client Files

keytool-genkey-alias tomcat-client-keyalg rsa-keypass changeit-storepass changeit-keystore client.keystore

4. Export the client certificate

keytool-export-alias tomcat-client-storepass changeit-file client.cer-keystore client.keystore

5. Import server-side certificates

keytool-import-trustcacerts-alias server-file server.cer-keystore cacerts-storepass Changeit

6. Import the client certificate

keytool-import-trustcacerts-alias client-file client.cer-keystore cacerts-storepass Changeit

Specific operating procedures such as:

  7, cacerts, Server.keystore, Client.keystore, Server.cer, Client.cer5 The files (in the C packing directory) are copied to the CAS server, Application Server (subsystem) and java_home/jre/lib/security file (my path is: C:\Program files\java\jdk1.6.0_14 \jre\lib\security). (Tomcat for each subsystem is copied)

   cas the server after copying files such as:

  

  8, unzip the downloaded Cas-server-4.0.0-release.zip package, in Cas-server-4.0.0\ Modules file plus find the Cas-server-webapp-4.0.0.war package, copy the package to the Tomcat server D:\apache-tomcat-6.0.29\webapps, Tomcat will be automatically extracted when booting. Enter the tomcat in the D:\apache-tomcat-6.0.29\conf directory to find Server.xml, modify the file to add content to Server.xml

<connector protocol= "Org.apache.coyote.http11.Http11NioProtocol"             port= "8443" minsparethreads= "5" maxsparethreads= "enablelookups="             true "disableuploadtimeout=" true "               acceptcount=" "  maxthreads=" "Scheme=" "             https" secure= "true" sslenabled= "true"             clientauth= "false" sslprotocol= "TLS             " Keystorefile= "D:/apache-tomcat-6.0.29/server.keystore"               keystorepass= "Changeit"/>  

The specific placement location is as follows:

  9, start the Tomcat server, run Https://zk:8443/cas/login in the browser, the following page appears to prove that the CAS service side configuration is successful

Enter the user name and password on this page: Casuser/mellon (old CAS version is the same user name and password can be logged in, but the new version cas4.0 must enter the previous user name and password), and then click the login will go to the Login Success page

Input path: Https://zk:8443/cas/logout successful exit

10, the configuration subsystem of the Tomcat environment, you need to copy the above generated 5 files to Tomcat, and then configure Web. XML, because I am testing on my own computer, so I used the same tomcat. We test the use of Tomcat to bring the example, start the server in the browser to enter the address: Http://localhost:8080/examples/servlets/servlet/HelloWorldExample, meet:

Then we start to configure the D:\apache-tomcat-6.0.29\webapps\examples\WEB-INF path under Web. XML (If you are testing in different Tomcat to modify its web. XML under the Tomcat path where the subsystem resides), add the following to Web. xml:

<filter> <filter-name>cas filter</filter-name> <filter-class >edu.yale.its.tp.cas.client.filter.CASFilter</filter-class> <init-param> <param-name> Edu.yale.its.tp.cas.client.filter.loginurl</param-name> <param-value>https://zk:8443/cas/login</ param-value> </init-param> <init-param> <param-name> Edu.yale.its.tp.cas.client.filter.validateurl</param-name> <param-value>https://zk:8443/cas/ servicevalidate</param-value> </init-param> <init-param> <param-name> Edu.yale.its.tp.cas.client.filter.servername</param-name> <param-value>localhost:8080</ param-value> </init-param> </filter> <filter-mapping> <filter-name>cas filter</ Filter-name> <url-pattern>/servlets/servlet/HelloWorldExample</url-pattern> </filter-mapping 

Unzip the Cas-client-2.0.11.zip package, find Casclient.jar under Cas-client-2.0.11\java\lib, copy to D:\apache-tomcat-6.0.29\webapps\ Examples\web-inf\lib folder (if you are testing in different Tomcat, copy to the tomcat corresponding path where the subsystem resides).

10. Restart the server and enter the path in the 10th step in the browser: Http://localhost:8080/examples/servlets/servlet/HelloWorldExample, as shown in:

Click still continue to see such as:

You can see that the request has been successfully intercepted, and then enter the user name and password: Casuser/mellon login, you will see such as:

Login successfully!

You can see that the path in the browser's address bar is significantly different from the path in the 10th step browser, and the CAS security certificate is more.

By the end of this article, a simple CAs single sign-on has been completed, and as you continue in-depth study, you will continue to write CAS learning notes

CAS + Tomcat Configuration steps detailed notes (i)