Home > Others

Single Sign-on CAS usage (ii): Deploying CAS servers and clients

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

Cas-server:https://www.apereo.org/projects/cas/download-cas

cas-client:http://developer.jasig.org/cas-clients/

CAS Official Tutorial: Https://wiki.jasig.org/display/CASUM/CAS+on+Windows+Quick+Setup+Guide

Version:

    • CAS Server version: cas-server-3.4.11
    • CAS Client version: cas-client-3.2.1

One: Download and import

1. Download CAs

Cas-server-3.4.11-release.zip

Cas-client-3.2.1-release.zip

2. Unzip the Cas-server-3.4.11-release.zip

You can see that there are many items in the package, we only need to select two items

Cas-server-core: Main business functions realized, eventually packaged into jars used by Cas-server-webapp

Cas-server-webapp: For the Cas-server master project, a variety of configuration files are centralized

Others are extension projects that can be used in certain situations.

Modules under the storage of a good variety of jars, WA pack, if you want to use directly, without modifying the source code, you can directly put these two projects

Deploy to Tomcat and start directly. I need to view the source code, so the source code directly into Eclipse, launched in Eclipse.

3. Unzip the Cas-client-3.2.1-release.zip

Cas-client-core Importing Eclipse

Two: Configuration cas-client

I now have two projects to integrate single sign-on, two project divisions are bound to test domain names

Item 1:app1.testcas.com

Item 2:app2.testcas.com

Cas-server Project: demo.testcas.com

Note: Cas-client requires commons-logging support, if your project does not import this jar package, additional import is required.

Open Web-inf/web.xml for Project 1

Add the following configuration, the red part is modified as the actual situation:

<!--======================== start ======================== -    <Context-param>        <Param-name>Casserverlogouturl</Param-name>        <Param-value>Https://demo.testcas.com/cas/login</Param-value>    </Context-param>    <Listener>        <Listener-class>Org.jasig.cas.client.session.SingleSignOutHttpSessionListener</Listener-class>    </Listener>    <Filter>        <Filter-name>CAS Single Sign Out Filter</Filter-name>        <Filter-class>Org.jasig.cas.client.session.SingleSignOutFilter</Filter-class>    </Filter>    <filter-mapping>        <Filter-name>CAS Single Sign Out Filter</Filter-name>        <Url-pattern>/*</Url-pattern>    </filter-mapping>    <Filter>        <Filter-name>CAS Filter</Filter-name>        <Filter-class>Org.jasig.cas.client.authentication.AuthenticationFilter</Filter-class>        <Init-param>            <Param-name>Casserverloginurl</Param-name>            <Param-value>Https://demo.testcas.com/cas/login</Param-value>        </Init-param>        <Init-param>            <Param-name>ServerName</Param-name>            <Param-value>http://app1.testcas.com</Param-value>        </Init-param>    </Filter>    <filter-mapping>        <Filter-name>CAS Filter</Filter-name>        <Url-pattern>/*</Url-pattern>    </filter-mapping>    <Filter>        <Filter-name>CAS Validation Filter</Filter-name>        <Filter-class>Org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</Filter-class>        <Init-param>            <Param-name>Casserverurlprefix</Param-name>            <Param-value>Https://demo.testcas.com/cas</Param-value>        </Init-param>        <Init-param>            <Param-name>ServerName</Param-name>            <Param-value>http://app1.testcas.com</Param-value>        </Init-param>    </Filter>    <filter-mapping>        <Filter-name>CAS Validation Filter</Filter-name>        <Url-pattern>/*</Url-pattern>    </filter-mapping>    <Filter>        <Filter-name>CAS HttpServletRequest Wrapper Filter</Filter-name>        <Filter-class>Org.jasig.cas.client.util.HttpServletRequestWrapperFilter</Filter-class>    </Filter>    <filter-mapping>        <Filter-name>CAS HttpServletRequest Wrapper Filter</Filter-name>        <Url-pattern>/*</Url-pattern>    </filter-mapping>    <Filter>        <Filter-name>CAS Assertion Thread Local Filter</Filter-name>        <Filter-class>Org.jasig.cas.client.util.AssertionThreadLocalFilter</Filter-class>    </Filter>    <filter-mapping>        <Filter-name>CAS Assertion Thread Local Filter</Filter-name>        <Url-pattern>/*</Url-pattern>    </filter-mapping>    <!--======================== End ======================== -

Modify the Pom.xml of item 1

<Dependency>    <groupId>Org.jasig.cas.client</groupId>    <Artifactid>Cas-client-core</Artifactid>    <version>3.2.1</version></Dependency>

Item 2 is modified according to the same procedure, except that the corresponding address should be modified appropriately.

Three. Start three items

Cas-server

App1

App2

in the Address bar, enter: Https://demo.testcas.com/cas/login

The default authentication processor supports those accounts whose username equals the password, so you can log in by entering the same username and password.

Four. Single Sign-on

At this point, we have implemented the simplest single sign-on.

1. If the user is not logged in, the page will cas-client redirected to the CAS login page regardless of which URL App1 is accessed.

The redirect URL is similar to the following:

Https://demo.testcas.com/cas/login? service=Http%3a%2f%2fapp1.testcas.com%2fb2c-haohai-server%2fuser%2fcaslogin

A service parameter was suffixed.

2. When the user enters the user name and password and clicks login, the page will be redirected to the page you just want to visit, and the suffix ticket parameter

Similar URLs:

Http://app1.testcas.com/b2c-haohai-server/user/casLogin? Ticket=st-1-l9mf0ohyjzdsssvbqcd1-cas

3. At this time, the user again access to the APP2 URL, then will bypass the original login page , directly logged into the APP2,App2 realize the free landing .

Similar URLs:

Http://app2.testcas.com/b2c-server/user/casLogin? Ticket=st-2-vdmdoncx9gaanyq3xfet-cas

4. When the user enters in the browser

Https://demo.testcas.com/cas/logout

After forced logoff, access to App1 or APP2 is redirected to the CAS login page.

Single Sign-on CAS usage series:

    • Single Sign-on CAS usage note (i): pre-preparation and configuring the SSL protocol for Cas-server
    • Single Sign-on CAS usage (ii): Deploying CAS servers and clients
    • Single Sign-on CAS usage Note (iii): Implement Custom Authentication User login
    • Single Sign-on CAS usage note (iv): Add a verification code to the login page
    • Single Sign-on CAS usage Note (v): Cas-client does not intercept static resources and requests that do not require a login.
    • Single Sign-on CAS usage note (vi): Single-point logout, single sign-off
    • Single Sign-on CAS usage note (vii): Analysis of server timeouts and client timeouts
    • Single Sign-on CAS usage Note (eight): Using MAVEN's overlay for non-invasive transformation CAs

Single Sign-on CAS usage (ii): Deploying CAS servers and clients

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
cas server cas php cas v3 couchbase cas php cas cas sso apereo cas

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More