标签:
1. 下载 cas server 源码
https://github.com/Jasig/cas/releases
我下载的是 4.0.1。你也可以直接checkout
cas client : http://downloads.jasig.org/cas-clients/
版本是 3.3.3
2. 将下载的 cas-4.0.1.zip 解压, 在根目录 执行
mvn package install -Dmaven.test.skip=true
执行完成后,可将 cas-server-webapp\target\cas.war 部署到tomcat
3. 生成证书
生成证书
keytool -genkey -dname "cn=sso.cas.com,ou=cas,o=cas,c=CN" -alias cas.com -keypass 123456 -keystore cas.com.keystore -storepass 123456 -validity 180
导出证书
keytool -export -file C:\cas.com.crt -keystore cas.com.keystore -storepass 123456 -alias cas.com
keytool -import -keystore "%java_home%\jre\lib\security\cacerts" -file C:\cas.com.crt
查看证书
keytool -list -v -keystore "%java_home%\jre\lib\security\lu-cacerts"
修改 tomcat conf server.xml :
<Connector SSLEnabled="true" clientauth="false" keystoreFile="conf/cas.com.keystore" keystorePass="123456" maxThreads="150"
port="8443" protocol="HTTP/1.1" scheme="https" secure="true" sslProtocol="TLS" />4. 开发 cas server
第一种:下载 cas server 源码后,执行
mvn eclipse:eclipse导入eclipse,这时会报错:
Plugin execution not covered by lifecycle configuration:xxx plugin
在 cas-4.0.1\pom.xml 里的 build - pluginManagement - plugins 节点加入:
<plugin> <groupId>org.eclipse.m2e</groupId> <artifactId>lifecycle-mapping</artifactId> <version>1.0.0</version> <configuration> <lifecycleMappingMetadata> <pluginExecutions> <pluginExecution> <pluginExecutionFilter> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-checkstyle-plugin</artifactId> <versionRange>2.10</versionRange> <goals> <goal>checkstyle</goal> </goals> </pluginExecutionFilter> <action> <ignore /> </action> </pluginExecution> <pluginExecution> <pluginExecutionFilter> <groupId>com.mycila.maven-license-plugin</groupId> <artifactId>maven-license-plugin</artifactId> <versionRange>1.9.0</versionRange> <goals> <goal>check</goal> </goals> </pluginExecutionFilter> <action> <ignore /> </action> </pluginExecution> <pluginExecution> <pluginExecutionFilter> <groupId>org.codehaus.mojo</groupId> <artifactId>aspectj-maven-plugin</artifactId> <versionRange>1.4</versionRange> <goals> <goal>compile</goal> </goals> </pluginExecutionFilter> <action> <ignore /> </action> </pluginExecution> </pluginExecutions> </lifecycleMappingMetadata> </configuration> </plugin>
参考: http://jasig.github.io/cas/4.0.x/installation/Maven-Overlay-Installation.html
下载maven 模板: https://github.com/UniconLabs/simple-cas4-overlay-template/archive/master.zip
导入eclipse,import - maven - existing maven projects,在pom.xml加入依赖,支持访问数据库验证密码:
<dependencies>
<dependency>
<groupId>org.jasig.cas</groupId>
<artifactId>cas-server-webapp</artifactId>
<version>${cas.version}</version>
<type>war</type>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.jasig.cas</groupId>
<artifactId>cas-server-core</artifactId>
<version>${cas.version}</version>
</dependency>
<dependency>
<groupId>org.jasig.cas</groupId>
<artifactId>cas-server-support-jdbc</artifactId>
<version>${cas.version}</version>
</dependency>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<version>5.1.35</version>
</dependency>
<dependency>
<groupId>c3p0</groupId>
<artifactId>c3p0</artifactId>
<version>${c3p0.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-core</artifactId>
<version>${spring.version}</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>javax.validation</groupId>
<artifactId>validation-api</artifactId>
<version>${javax.validation.version}</version>
<scope>compile</scope>
</dependency>
</dependencies>
<properties>
<cas.version>4.0.1</cas.version>
<maven.compiler.source>1.7</maven.compiler.source>
<maven.compiler.target>1.7</maven.compiler.target>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<spring.version>3.2.6.RELEASE</spring.version>
<javax.validation.version>1.0.0.GA</javax.validation.version>
<c3p0.version>0.9.1.2</c3p0.version>
</properties>
修改 deployerConfigContext.xml :
<bean id="authenticationManager" class="org.jasig.cas.authentication.PolicyBasedAuthenticationManager">
<constructor-arg>
<map>
<entry key-ref="proxyAuthenticationHandler" value-ref="proxyPrincipalResolver" />
<!--<entry key-ref="primaryAuthenticationHandler" value-ref="primaryPrincipalResolver" /> -->
<entry key-ref="dbAuthHandler" value-ref="primaryPrincipalResolver"/>
</map>
</constructor-arg>
<property name="authenticationPolicy">
<bean class="org.jasig.cas.authentication.AnyAuthenticationPolicy" />
</property>
</bean><!--
<bean id="primaryAuthenticationHandler"
class="org.jasig.cas.authentication.AcceptUsersAuthenticationHandler">
<property name="users">
<map>
<entry key="casuser" value="Mellon"/>
</map>
</property>
</bean>
-->
<bean id="dataSource"
class="com.mchange.v2.c3p0.ComboPooledDataSource"
p:driverClass="com.mysql.jdbc.Driver" p:jdbcUrl="jdbc:mysql://localhost:3306/portal_230?useUnicode=true&characterEncoding=UTF8&noAccessToProcedureBodies=true&autoReconnect=true&zeroDateTimeBehavior=convertToNull"
p:user="root"
p:password="root" />
<!-- 密码加密方式-->
<bean id="passwordEncoder"
class="com.my.cas.authentication.handler.SelfPasswordEncoder"
c:encodingAlgorithm="SHA1"
p:characterEncoding="UTF-8" />
<bean id="dbAuthHandler"
class="org.jasig.cas.adaptors.jdbc.QueryDatabaseAuthenticationHandler"
p:dataSource-ref="dataSource"
p:sql="select password from test_user where username=? "
p:passwordEncoder-ref="passwordEncoder"
/>
其中的
com.my.cas.authentication.handler.SelfPasswordEncoder
为自定义的密码加密类,实现接口
org.jasig.cas.authentication.handler.PasswordEncoder
标签:
原文地址:http://blog.csdn.net/yanjunlu/article/details/45498509
