CAS = central authentication Service, centralized authentication services, an independent start instruction protocol. CAS is an open source project launched by Yale University, designed to provide a reliable single sign-on approach to WEB applications, and CAS became a Ja-sig project in December 2004.
Baidu Encyclopedia: Http://baike.baidu.com/subview/18179/6392359.htm#viewPageContent
Examples of Use:
First, version
CAS Service version Cas-server-3.4.8-release
CAS Client Version Cas-client-3.2.1-release
Second, create a certificate
1. Generate the certificate with the Keytool that comes with the JDK.
Command: Keytool-genkey-alias bpmkey2-keyalg rsa-keystore D:/keys/bpmkey2
This command is to create a Bpmkey2 certificate.
Note that the path must exist, and the name and surname of the item can be written.
2. Export the certificate
Command: Keytool-export-file d:/keys/bpm.crt-alias bpmkey2-keystore D:/keys/bpmkey2
The password is the password that created the certificate.
3. Import the certificate into the client JDK
Command: Keytool-import-keystore C:\Java\jdk1.7.0_11\jre\lib\security\cacerts-file d:/keys/bpm.crt-alias Bpmkey2
The password creates the certificate password.
The path to the JDK is the path to the JDK used by the project.
Third, build CAS server
1.cas.war placing WebApps under unpacking
Download the service side of the CAs, unzip and copy the Cas-server-webapp-3.4.8.war files from the Modules folder in the extracted files to the Tomcat\webapps directory (preferably renamed Cas.war)
2. Modify Tomcat\conf\server.xml
Where keystorefile represents the path to the certificate, and Keystorepass is the password for the certificate.
<ConnectorPort= "8443"Protocol= "Org.apache.coyote.http11.Http11Protocol"MaxThreads= "Max"sslenabled= "true"Scheme= "https"Secure= "true"ClientAuth= "false"Sslprotocol= "TLS"Keystorefile= "D:\keys\bpmkey"Keystorepass= "pass123"/>
3. Run Tomcat to access Https://linkey:8443/cas
The certificate has a problem, click Continue browsing.
Enter the user name and password consistent characters to log in.
Successful login indicates that the CAS server was successfully built.
Iv. Configuring the CAS client (own business system)
1. Add the client jar package to the project
Unzip the Cas-client-3.1.12.zip, and in the Modules folder there are the required jar packages, put the Cas-client-core-3.2.1.jar package under the project Web-inf/lib.
2. Configuring the Client Project Web. xml
<!--======================== Single Sign-on start ======================== - <!--for single-point exit, this filter is used for single-point logout functions, optional configuration - <Listener> <Listener-class>Org.jasig.cas.client.session.SingleSignOutHttpSessionListener</Listener-class> </Listener> <!--This filter is used to implement the single-point logout function, optional configuration. - <Filter> <Filter-name>CAS Single Sign Out Filter</Filter-name> <Filter-class>Org.jasig.cas.client.session.SingleSignOutFilter</Filter-class> </Filter> <filter-mapping> <Filter-name>CAS Single Sign Out Filter</Filter-name> <Url-pattern>/*</Url-pattern> </filter-mapping> <!--This filter is responsible for the user's certification work and must be enabled - <Filter> <Filter-name>Casfilter</Filter-name> <Filter-class>Org.jasig.cas.client.authentication.AuthenticationFilter</Filter-class> <Init-param> <Param-name>Casserverloginurl</Param-name> <Param-value>Https://zealon:8443/cas/login</Param-value> <!--the server here is the IP of the service side - </Init-param> <Init-param> <Param-name>ServerName</Param-name> <Param-value>http://zealon:8080</Param-value> </Init-param> </Filter> <filter-mapping> <Filter-name>Casfilter</Filter-name> <Url-pattern>/*</Url-pattern> </filter-mapping> <!--the filter is responsible for verifying the ticket, and it must be enabled - <Filter> <Filter-name>CAS Validation Filter</Filter-name> <Filter-class>Org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</Filter-class> <Init-param> <Param-name>Casserverurlprefix</Param-name> <Param-value>Https://zealon:8443/cas</Param-value> </Init-param> <Init-param> <Param-name>ServerName</Param-name> <Param-value>http://zealon:8080</Param-value> </Init-param> </Filter> <filter-mapping> <Filter-name>CAS Validation Filter</Filter-name> <Url-pattern>/*</Url-pattern> </filter-mapping> <!--the filter is responsible for implementing the package requested by the HttpServletRequest, such as allowing the developer to obtain the login name of the SSO login user through the HttpServletRequest getremoteuser () method, optional configuration. - <Filter> <Filter-name>CAS HttpServletRequest Wrapper Filter</Filter-name> <Filter-class>Org.jasig.cas.client.util.HttpServletRequestWrapperFilter</Filter-class> </Filter> <filter-mapping> <Filter-name>CAS HttpServletRequest Wrapper Filter</Filter-name> <Url-pattern>/*</Url-pattern> </filter-mapping><!--======================== Single Sign-on end ======================== -
View Code
3. Commissioning
Enter the address of your project and you will be redirected to the CAS login page.
Click Sign In
OK, you can successfully login to your business system here.
CAS Building for Java projects