As a CAS server, whether or not clients can be accessed is defined by configuration. For the CAS server, each access client corresponds to a service configuration. When the CAS server is started, these services are loaded and registered, and the corresponding clients can be connected. Otherwise
1. Assume that the CAS server is of the HTTPS type.
Assume that our cas server runs on port 8443 and provides services over HTTPS (CAS server configuration in CAS Server Download, compilation and deployment ).
1.1 configuration when CAS client type is HTTP application
Assume that our cas client provides external services over HTTP. The domain name and port information for providing external services are http: // localhost: 8081.
1.1.1 register the CAS client (service) on the CAS Server)
Copy the service directory from target> CAS> WEB-INF> classes to SRC> main> resources, delete the Apereo-10000002.json files in the copied directory, rename the HTTPSandIMAPS-10000001.json to the TEST-10000003.json, such:
Modify the TEST-10000003.json file as follows:
{ "@class" : "org.apereo.cas.services.RegexRegisteredService", "serviceId" : "^(http)://localhost:8081.*", "name" : "TEST", "id" : 10000003, "description" : "This service definition authorizes all application urls that support HTTPS and IMAPS protocols.", "evaluationOrder" : 10000}
Note: The JSON file name is composed of the name-ID in the file content. For more information about the meaning and depth of each attribute in the JSON file, see section 82119246.
Add dependencies supported by Services registration for JSON files in POM
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-support-json-service-registry</artifactId>
<version>${cas.version}</version>
</dependency>
Modify application. Properties
# Enable service registration in JSON format
Cas. serviceregistry. initfromjson = true
# JSON services configuration location settings
Cas. serviceregistry. JSON. Location = classpath:/services
Build run to start the CAS Server
1.1.2 import the CAS server certificate on the CAS Client Computer
Export Certificate Based on key
Use the keystore Explorer (: https://download.csdn.net/download/popo_popo/10750816) that created the key to open the keystore file that was previously saved.
Certificate Import
Use keytool to import certificates. After the certificate is imported, access is successful with the CAS client!
Returns the protected address after successful login.
Note: If the CAS client does not import the certificate, the CAS client program will end the execution with a certificate exception. The contents of the CAS client will be included in subsequent articles.
1.2 configuration when the CAS client type is HTTPS Application
Follow up on subsequent articles
2. Assume that the CAS server is of the HTTP type.
Assume that our cas server runs on port 8080 and provides external services through HTTP (CAS server configuration in CAS server using HTTP for external services ).
2.1 configuration when CAS client type is HTTP application
This configuration is identical to the configuration in 1.1.1. Because HTTPS is not used, you do not need to import certificates.
CAS Server Service (CAS client) registration information maintenance