CAS (1)--mac configure CAs to Tomcat (server side)

Tomcat version: tomcat-8.0.29

JDK version: jdk1.8.0_65

CAS version: cas4.1.2
cas-client-3.4.1

Reference Source:

CAS implements single sign-on (SSO) Classic Complete Tutorial

CAS 4.0 Configuration Development Manual

CAS client application implementation

Using CAS to implement single sign-on in Tomcat

Tomcat (1)--mac Configuring Tomcat Https/ssl

"Highly Available Ha" Apache (2)--mac installs multiple Apache tomcat instances

Target Schema

Download

First login to Jasig website http://downloads.jasig.org/, download the corresponding CAS version.

Since the site only provides source packages and does not provide a publishing package, it is necessary to download it yourself to compile.

CAS provides client packages for different clients, and here we choose Java-client as a demonstration.

First compile the service side

install -Dmaven.test.skip

Then find the corresponding war package "Cas-server-webapp-4.1.2.war" under target.

Configuring the service Side

• Simple setup

Refer to the following article to configure HTTPS for Tomcat

Tomcat (1)--mac Configuring Tomcat Https/ssl

"Highly Available Ha" Apache (2)--mac installs multiple Apache tomcat instances

And then we'll hit the war pack deployment again on Tomcat

Modify the login prompt text "./servers/cluster/tomcat/node-c/webapps/cas/web-inf/view/jsp/default/ui/casloginview.jsp" (Prepare for future cluster environment testing)

Then access Node-c via HTTPS

https://sso.hoau.com:8433/cas/login

Open the file "Deployerconfigcontext.xml" to view the CAS related configuration:

<bean id= " Primaryauthenticationhandler "class=" Org.jasig.cas.authentication.AcceptUsersAuthenticationHandler "> < property name= "users" > <map> <entry key= "Casuser" value=  "Mellon"/> </map> </property></bean                 

* Initial default state, CAS through the configured files in the user name password login Casuser/mellon

Try to login

• Use the database to verify

Required dependencies:

cas-server-support-jdbc-4.1.2.jarmysql-connector-java-5.1.37.jar

Mysql:
Create a new database in local MySQL and new table App_user as the target database for authenticating users

Modify Deployerconfigcontext.xml:

Comment out the bean "Primaryauthenticationhandler"

<!--  by Richard   <bean id="primaryAuthenticationHandler"      class="org.jasig.cas.authentication.AcceptUsersAuthenticationHandler">    <property name="users">        <map>            <entry key="casuser" value="Mellon"/>        </map>    </property></bean>-->

Increase Database DataSource

<BeanId="DataSource"class="Org.springframework.jdbc.datasource.DriverManagerDataSource" ><PropertyName="Driverclassname"Value="Com.mysql.jdbc.Driver" ></Property><Propertyname= "url" value=  "Jdbc:mysql://localhost:3306/hoau-dev" ></ property> <property name= "username" value=" root "></property>  <property name= "password" value= "Root123" ></ property> </BEAN>    

Increase Passwordencoder

<bean id="myPasswordEncoder"  class="org.jasig.cas.authentication.handler.PlainTextPasswordEncoder"/>    

* Note that here Encoder must, some forum articles may use "Defaultpasswordencoder", because the password data in our example does not use encryption, so we use "plaintextpasswordencoder" here

<bean id="myPasswordEncoder" class="org.jasig.cas.authentication.handler.DefaultPasswordEncoder"> <constructor-arg index="0"> <value>MD5</value> </constructor-arg> </bean>

Increase the "" of the DB

<bean id="dbAuthHandler" class="org.jasig.cas.adaptors.jdbc.QueryDatabaseAuthenticationHandler">     <property name="sql" value="select password from app_user where username=?" /> <property name="dataSource" ref="dataSource" /> <property name="passwordEncoder" ref="myPasswordEncoder"/> </bean>

Finally look back at the parameters of "AuthenticationManager"

Since we have modified the user authentication mode "Primaryauthenticationhandler" of the configuration file to "Dbauthhandler" for the DB authentication method, we need to modify "Primaryprincipalresolver" The parameters

<BeanId="AuthenticationManager"class="Org.jasig.cas.authentication.PolicyBasedAuthenticationManager" ><Constructor-arg><Map><!--| IMPORTANT | Every handler requires a unique name. | If more than one instance of the same handler class are configured, you must explicitly | Set its name to something and than its default name (typically, the simple class name). -<entry key-ref="Proxyauthenticationhandler" value-ref="Proxyprincipalresolver"/> <!--Richard change primaryprincipalresolver <entry key-ref= "Primaryauthenticationhandler" value-ref= " Primaryprincipalresolver "/>-- <entry key-ref=" Dbauthhandler " value-ref=" Primaryprincipalresolver "/> </map> </constructor-arg>    

Test

Try to access

https://sso.hoau.com:8433/cas

and use our data embedded in the database "test01/psw01" Login

End

Http://www.cnblogs.com/richaaaard/p/5045276.html

CAS (1)--mac Configuring CAs to Tomcat (server side) (RPM)