国内私募机构九鼎控股打造APP,来就送 20元现金领取地址:
http://jdb.jiudingcapital.com/phone.html
内部邀请码: C8E245J (不写邀请码,没有现金送)
国内私募机构九鼎控股打造,九鼎投资是在全国股份转让系统挂牌的公众公司,股票代码为430719,为“中国PE第一股”,市值超1000亿元。
内部邀请码: C8E245J (不写邀请码,没有现金送)
国内私募机构九鼎控股打造,九鼎投资是在全国股份转让系统挂牌的公众公司,股票代码为430719,为“中国PE第一股”,市值超1000亿元。
------------------------------------------------------------------------------------------------------------------------------------------------------------------
原文地址:http://blog.csdn.net/designlife/article/details/2956814
最近,在做CAS单点登陆的一个模块,由于公司的产品太多,各个系统都要部署,在开发中Https的证书的部署比较麻烦,所以,打算把CAS的Https去掉。具体的修改如下
1.修改cas-servlet.xml
Java代码
- <bean id="warnCookieGenerator" class="org.jasig.cas.web.support.CookieRetrievingCookieGenerator"
- p:cookieSecure="true"
- p:cookieMaxAge="-1"
- p:cookieName="CASPRIVACY"
- p:cookiePath="/cas" />
- <bean id="ticketGrantingTicketCookieGenerator" class="org.jasig.cas.web.support.CookieRetrievingCookieGenerator"
- p:cookieSecure="true "
- p:cookieMaxAge="-1"
- p:cookieName="CASTGC"
- p:cookiePath="/cas" />
- <bean id="warnCookieGenerator" class="org.jasig.cas.web.support.CookieRetrievingCookieGenerator"
- p:cookieSecure="true"
- p:cookieMaxAge="-1"
- p:cookieName="CASPRIVACY"
- p:cookiePath="/cas" />
- <bean id="ticketGrantingTicketCookieGenerator" class="org.jasig.cas.web.support.CookieRetrievingCookieGenerator"
- p:cookieSecure="true "
- p:cookieMaxAge="-1"
- p:cookieName="CASTGC"
- p:cookiePath="/cas" />
把上面连个bean中的p:cookieSecure="true "修改为p:cookieSecure="false"
2.修改deployerConfigContext.xml
Java代码
- <bean class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler"
- p:httpClient-ref="httpClient" />
- <bean class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler"
- p:httpClient-ref="httpClient" />
添加p:requireSecure="false"
3.修改casclient的客户端
修改客户端的https验证
(1).edu.yale.its.tp.cas.client.filter.edu.yale.its.tp.cas.client.filter
Java代码
- if (! casValidate.startsWith("https://")){
- throw new ServletException("validateUrl must start with https://, its current value is [" + casValidate + "]");
- }
- if (casServiceUrl != null){
- if (! (casServiceUrl.startsWith("https://")|| (casServiceUrl.startsWith("http://") ))){
- throw new ServletException("service URL must start with http:// or https://; its current value is [" + casServiceUrl + "]");
- }
- }
- if (! casValidate.startsWith("https://")){
- throw new ServletException("validateUrl must start with https://, its current value is [" + casValidate + "]");
- }
- if (casServiceUrl != null){
- if (! (casServiceUrl.startsWith("https://")|| (casServiceUrl.startsWith("http://") ))){
- throw new ServletException("service URL must start with http:// or https://; its current value is [" + casServiceUrl + "]");
- }
- }
把这两段内容注释掉
(2).修改edu.yale.its.tp.cas.util.SecureURL
Java代码
- if (!u.getProtocol().equals("https")){
- // IOException may not be the best exception we could throw here
- // since the problem is with the URL argument we were passed, not
- // IO. -awp9
- log.error("retrieve(" + url + ") on an illegal URL since protocol was not https.");
- throw new IOException("only 'https' URLs are valid for this method");
- }
- if (!u.getProtocol().equals("https")){
- // IOException may not be the best exception we could throw here
- // since the problem is with the URL argument we were passed, not
- // IO. -awp9
- log.error("retrieve(" + url + ") on an illegal URL since protocol was not https.");
- throw new IOException("only 'https' URLs are valid for this method");
- }
把这段内容注释掉
