CAS3.3.0在logout后不能自动根据service跳转,所以装了个CAS4.0.0,记录一下

简介:

环境:

Oracle 11g

Centos 6.5

CAS 4.0

Tomcat 7

JDK 1.7


CAS3.3.0在logout后不能自动根据service跳转,所以装了个CAS4.0.0,记录一下

1.  Cas Server下载:http://developer.jasig.org/cas/

  Cas Client下载:http://developer.jasig.org/cas-clients/

2. 下载完毕4.0.zip文件后,解压后再module里面会有一个4.0的war包cas-server-webapp-4.0.0.war。
3. 把这个war包拷到tomcat7中,重命名为cas.war。
4. 把tomcat7启动起来,然后再cas目录下找到WEB-INF中的lib中,
5. 加入这几个jar包:
cas-server-support-jdbc-4.0.0.jar
oracle-jdbc-11.2.jar
ojdbc6.jar
commons-dbcp-1.3.jar
自己写的PasswordEncoder-0.6.1.jar
commons-pool-1.5.6.jar
6. 然后修改cas\WEB-INF\spring-configuration\ticketGrantingTicketCookieGenerator.xml
的p:cookieSecure="false",如下

<?xml version="1.0" encoding="UTF-8"?>

<beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xmlns:p="http://www.springframework.org/schema/p"
       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd">
	<description>
		Defines the cookie that stores the TicketGrantingTicket.  You most likely should never modify these (especially the "secure" property).
		You can change the name if you want to make it harder for people to guess.
	</description>
	<bean id="ticketGrantingTicketCookieGenerator" class="org.jasig.cas.web.support.CookieRetrievingCookieGenerator"
		p:cookieSecure="true"
		p:cookieMaxAge="-1"
		p:cookieName="CASTGC"
		p:cookiePath="/cas" />
</beans>



7.修改cas\web-inf\ deployerConfigContext.xml文件:


<?xml version="1.0" encoding="UTF-8"?>

<beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xmlns:p="http://www.springframework.org/schema/p"
       xmlns:c="http://www.springframework.org/schema/c"
       xmlns:tx="http://www.springframework.org/schema/tx"
       xmlns:util="http://www.springframework.org/schema/util"
       xmlns:sec="http://www.springframework.org/schema/security"
       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.2.xsd
       http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.2.xsd
       http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.2.xsd
       http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd">

    <bean id="authenticationManager" class="org.jasig.cas.authentication.PolicyBasedAuthenticationManager">
        <constructor-arg>
            <map>
                <entry key-ref="proxyAuthenticationHandler" value-ref="proxyPrincipalResolver" />
		 		<entry key-ref="dbAuthHandler" value-ref="primaryPrincipalResolver"/>
            </map>
        </constructor-arg>
        <property name="authenticationPolicy">
            <bean class="org.jasig.cas.authentication.AnyAuthenticationPolicy" />
        </property>
    </bean>
    <bean id="proxyAuthenticationHandler"
          class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler"
          p:httpClient-ref="httpClient" />
	<bean id="casDataSource" class="org.apache.commons.dbcp.BasicDataSource">
		   <property name="driverClassName">
			   <value>oracle.jdbc.driver.OracleDriver</value>
		   </property>
		   <property name="url">
			   <value>jdbc:oracle:thin:@10.0.1.177:1521:shdgdb</value>
		   </property>    
		   <property name="username">
			   <value>shdg</value>    
		   </property>
		   <property name="password">
			   <value>shdg</value>
		   </property>
	</bean>
	<bean id="myPasswordEncoder" class="com.esteel.cas.until.PasswordEncoder"/>
	<bean id="dbAuthHandler"
      class="org.jasig.cas.adaptors.jdbc.QueryDatabaseAuthenticationHandler"
      p:dataSource-ref="casDataSource"
      p:sql="select trade_passwd from tb_cus_user where cus_user_id = ?"
	  p:passwordEncoder-ref="myPasswordEncoder"
	  />
	<bean id="proxyPrincipalResolver"
          class="org.jasig.cas.authentication.principal.BasicPrincipalResolver" />
	<bean id="primaryPrincipalResolver"
          class="org.jasig.cas.authentication.principal.PersonDirectoryPrincipalResolver" >
        <property name="attributeRepository" ref="attributeRepository" />
    </bean>
    <bean id="attributeRepository" class="org.jasig.services.persondir.support.StubPersonAttributeDao"
            p:backingMap-ref="attrRepoBackingMap" />
    <util:map id="attrRepoBackingMap">
        <entry key="uid" value="uid" />
        <entry key="eduPersonAffiliation" value="eduPersonAffiliation" /> 
        <entry key="groupMembership" value="groupMembership" />
    </util:map>
    <bean id="serviceRegistryDao" class="org.jasig.cas.services.InMemoryServiceRegistryDaoImpl"
            p:registeredServices-ref="registeredServicesList" />
    <util:list id="registeredServicesList">
        <bean class="org.jasig.cas.services.RegexRegisteredService"
              p:id="0" p:name="HTTP and IMAP" p:description="Allows HTTP(S) and IMAP(S) protocols"
              p:serviceId="^(https?|imaps?)://.*" p:evaluationOrder="10000001" />
    </util:list>
    <bean id="auditTrailManager" class="com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager" />
    <bean id="healthCheckMonitor" class="org.jasig.cas.monitor.HealthCheckMonitor" p:monitors-ref="monitorsList" />
    <util:list id="monitorsList">
      <bean class="org.jasig.cas.monitor.MemoryMonitor" p:freeMemoryWarnThreshold="10" />
      <bean class="org.jasig.cas.monitor.SessionMonitor"
          p:ticketRegistry-ref="ticketRegistry"
          p:serviceTicketCountWarnThreshold="5000"
          p:sessionCountWarnThreshold="100000" />
    </util:list>
</beans>

8.修改cas-servlet.xml为如下


<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xmlns:webflow="http://www.springframework.org/schema/webflow-config"
       xmlns:p="http://www.springframework.org/schema/p"
       xmlns:c="http://www.springframework.org/schema/c"
       xmlns:util="http://www.springframework.org/schema/util"
       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
       http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd
       http://www.springframework.org/schema/webflow-config http://www.springframework.org/schema/webflow-config/spring-webflow-config-2.3.xsd">

  <import resource="spring-configuration/propertyFileConfigurer.xml"/>

  <!-- Theme Resolver -->
  <bean id="themeResolver" class="org.jasig.cas.services.web.ServiceThemeResolver"
        p:defaultThemeName="${cas.themeResolver.defaultThemeName}"
        p:argumentExtractors-ref="argumentExtractors"
        p:servicesManager-ref="servicesManager">
    <property name="mobileBrowsers">
      <util:map>
        <entry key=".*iPhone.*" value="iphone"/>
        <entry key=".*Android.*" value="iphone"/>
        <entry key=".*Safari.*Pre.*" value="iphone"/>
        <entry key=".*Nokia.*AppleWebKit.*" value="iphone"/>
      </util:map>
    </property>
  </bean>

  <!-- View Resolver -->
  <bean id="viewResolver" class="org.springframework.web.servlet.view.ResourceBundleViewResolver"
        p:order="0">
    <property name="basenames">
      <util:list>
        <value>${cas.viewResolver.basename}</value>
        <value>protocol_views</value>
      </util:list>
    </property>
  </bean>
  
  <!-- Locale Resolver -->
  <bean id="localeResolver" class="org.springframework.web.servlet.i18n.CookieLocaleResolver" p:defaultLocale="zh_CN" />

  <bean id="localeChangeInterceptor" class="org.springframework.web.servlet.i18n.LocaleChangeInterceptor"/>

  <bean id="urlBasedViewResolver" class="org.springframework.web.servlet.view.UrlBasedViewResolver"
        p:viewClass="org.springframework.web.servlet.view.InternalResourceView"
        p:prefix="/WEB-INF/view/jsp/"
        p:suffix=".jsp"
        p:order="1"/>
  
  <bean id="errorHandlerResolver" class="org.jasig.cas.web.FlowExecutionExceptionResolver"/>

  <bean class="org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter"/>

  <bean
      id="handlerMappingC"
      class="org.springframework.web.servlet.handler.SimpleUrlHandlerMapping"
      p:alwaysUseFullPath="true">
    <property name="mappings">
      <util:properties>
        <prop key="/serviceValidate">serviceValidateController</prop>
        <prop key="/proxyValidate">proxyValidateController</prop>
        
        <prop key="/p3/serviceValidate">v3ServiceValidateController</prop>
        <prop key="/p3/proxyValidate">v3ProxyValidateController</prop>
        
        <prop key="/validate">legacyValidateController</prop>
        <prop key="/proxy">proxyController</prop>
        <prop key="/authorizationFailure.html">passThroughController</prop>
        <prop key="/status">healthCheckController</prop>
        <prop key="/statistics">statisticsController</prop>
      </util:properties>
    </property>
   
  </bean>

  <bean id="passThroughController" class="org.springframework.web.servlet.mvc.UrlFilenameViewController"/>

  <!-- login webflow configuration -->
  <bean id="loginFlowHandlerMapping" class="org.springframework.webflow.mvc.servlet.FlowHandlerMapping"
        p:flowRegistry-ref="loginFlowRegistry" p:order="2">
    <property name="interceptors">
      <ref local="localeChangeInterceptor" />
    </property>
  </bean>

  <bean id="loginHandlerAdapter" class="org.jasig.cas.web.flow.SelectiveFlowHandlerAdapter"
        p:supportedFlowId="login" p:flowExecutor-ref="loginFlowExecutor" p:flowUrlHandler-ref="loginFlowUrlHandler" />

  <bean id="loginFlowUrlHandler" class="org.jasig.cas.web.flow.CasDefaultFlowUrlHandler" />

  <webflow:flow-executor id="loginFlowExecutor" flow-registry="loginFlowRegistry">
    <webflow:flow-execution-attributes>
      <webflow:always-redirect-on-pause value="false" />
      <webflow:redirect-in-same-state value="false" />
    </webflow:flow-execution-attributes>
    <webflow:flow-execution-listeners>
      <webflow:listener ref="terminateWebSessionListener" />
    </webflow:flow-execution-listeners>
  </webflow:flow-executor>

  <webflow:flow-registry id="loginFlowRegistry" flow-builder-services="builder">
    <webflow:flow-location path="/WEB-INF/login-webflow.xml" id="login" />
  </webflow:flow-registry>

  <!-- logout webflow configuration -->
  <bean id="logoutFlowHandlerMapping" class="org.springframework.webflow.mvc.servlet.FlowHandlerMapping"
        p:flowRegistry-ref="logoutFlowRegistry" p:order="3">
    <property name="interceptors">
      <ref local="localeChangeInterceptor" />
    </property>
  </bean>

  <bean id="logoutHandlerAdapter" class="org.jasig.cas.web.flow.SelectiveFlowHandlerAdapter"
        p:supportedFlowId="logout" p:flowExecutor-ref="logoutFlowExecutor" p:flowUrlHandler-ref="logoutFlowUrlHandler" />

  <bean id="logoutFlowUrlHandler" class="org.jasig.cas.web.flow.CasDefaultFlowUrlHandler"
        p:flowExecutionKeyParameter="RelayState" />

  <webflow:flow-executor id="logoutFlowExecutor" flow-registry="logoutFlowRegistry">
    <webflow:flow-execution-attributes>
      <webflow:always-redirect-on-pause value="false" />
      <webflow:redirect-in-same-state value="false" />
    </webflow:flow-execution-attributes>
    <webflow:flow-execution-listeners>
      <webflow:listener ref="terminateWebSessionListener" />
    </webflow:flow-execution-listeners>
  </webflow:flow-executor>

  <webflow:flow-registry id="logoutFlowRegistry" flow-builder-services="builder">
    <webflow:flow-location path="/WEB-INF/logout-webflow.xml" id="logout" />
  </webflow:flow-registry>

  <webflow:flow-builder-services id="builder" view-factory-creator="viewFactoryCreator" expression-parser="expressionParser" />

  <bean id="logoutConversionService" class="org.jasig.cas.web.flow.LogoutConversionService" />

  <bean id="terminateWebSessionListener" class="org.jasig.cas.web.flow.TerminateWebSessionListener" />

  <bean id="expressionParser" class="org.springframework.webflow.expression.spel.WebFlowSpringELExpressionParser"
        c:conversionService-ref="logoutConversionService">
    <constructor-arg>
        <bean class="org.springframework.expression.spel.standard.SpelExpressionParser" />
    </constructor-arg>
  </bean>

  <bean id="viewFactoryCreator" class="org.springframework.webflow.mvc.builder.MvcViewFactoryCreator">
    <property name="viewResolvers">
      <util:list>
        <ref local="viewResolver"/>
      </util:list>
    </property>
  </bean>
  
  <!--  CAS 2 Protocol service/proxy validation -->     
  <bean id="abstractValidateController" class="org.jasig.cas.web.ServiceValidateController" abstract="true"
        p:centralAuthenticationService-ref="centralAuthenticationService"
        p:proxyHandler-ref="proxy20Handler"
        p:argumentExtractor-ref="casArgumentExtractor"/>
  
  <bean id="proxyValidateController" parent="abstractValidateController"/>

  <bean id="serviceValidateController" parent="abstractValidateController"
        p:validationSpecificationClass="org.jasig.cas.validation.Cas20WithoutProxyingValidationSpecification"/>

  <!--  CAS 3 Protocol service/proxy validation with attributes -->
  <bean id="v3AbstractValidateController" parent="abstractValidateController" abstract="true"
        p:successView="cas3ServiceSuccessView"
        p:failureView="cas3ServiceFailureView" />
        
  <bean id="v3ProxyValidateController" parent="v3AbstractValidateController" />

  <bean id="v3ServiceValidateController" parent="v3AbstractValidateController"
        p:validationSpecificationClass="org.jasig.cas.validation.Cas20WithoutProxyingValidationSpecification"/>
 
  <!--  CAS 1 legacy validation -->       
  <bean id="legacyValidateController" parent="abstractValidateController"
        p:proxyHandler-ref="proxy10Handler"
        p:successView="cas1ServiceSuccessView"
        p:failureView="cas1ServiceFailureView"
        p:validationSpecificationClass="org.jasig.cas.validation.Cas10ProtocolValidationSpecification"/>

  <bean id="proxyController" class="org.jasig.cas.web.ProxyController"
        p:centralAuthenticationService-ref="centralAuthenticationService"/>

  <bean id="statisticsController" class="org.jasig.cas.web.StatisticsController"
        p:casTicketSuffix="${host.name}" c:ticketRegistry-ref="ticketRegistry" />

  <bean id="logoutAction" class="org.jasig.cas.web.flow.LogoutAction"
        p:servicesManager-ref="servicesManager"
        p:followServiceRedirects="${cas.logout.followServiceRedirects:true}"/>

  <bean id="frontChannelLogoutAction" class="org.jasig.cas.web.flow.FrontChannelLogoutAction"
        c:logoutManager-ref="logoutManager"/>

  <bean id="healthCheckController" class="org.jasig.cas.web.HealthCheckController"
        p:healthCheckMonitor-ref="healthCheckMonitor"/>

  <bean id="initialFlowSetupAction" class="org.jasig.cas.web.flow.InitialFlowSetupAction"
        p:argumentExtractors-ref="argumentExtractors"
        p:warnCookieGenerator-ref="warnCookieGenerator"
        p:ticketGrantingTicketCookieGenerator-ref="ticketGrantingTicketCookieGenerator"/>

  <bean id="authenticationViaFormAction" class="org.jasig.cas.web.flow.AuthenticationViaFormAction"
        p:centralAuthenticationService-ref="centralAuthenticationService"
        p:warnCookieGenerator-ref="warnCookieGenerator"
        p:ticketRegistry-ref="ticketRegistry"/>

  <bean id="authenticationExceptionHandler" class="org.jasig.cas.web.flow.AuthenticationExceptionHandler" />

  <bean id="generateServiceTicketAction" class="org.jasig.cas.web.flow.GenerateServiceTicketAction"
        p:centralAuthenticationService-ref="centralAuthenticationService"/>

  <bean id="sendTicketGrantingTicketAction" class="org.jasig.cas.web.flow.SendTicketGrantingTicketAction"
        p:centralAuthenticationService-ref="centralAuthenticationService"
        p:ticketGrantingTicketCookieGenerator-ref="ticketGrantingTicketCookieGenerator"/>

  <bean id="gatewayServicesManagementCheck" class="org.jasig.cas.web.flow.GatewayServicesManagementCheck"
    c:servicesManager-ref="servicesManager" />

  <bean id="serviceAuthorizationCheck" class="org.jasig.cas.web.flow.ServiceAuthorizationCheck"
    c:servicesManager-ref="servicesManager" />

  <bean id="generateLoginTicketAction" class="org.jasig.cas.web.flow.GenerateLoginTicketAction"
        p:ticketIdGenerator-ref="loginTicketUniqueIdGenerator"/>

  <bean id="messageInterpolator" class="org.jasig.cas.util.SpringAwareMessageMessageInterpolator"/>

  <bean id="credentialsValidator" class="org.springframework.validation.beanvalidation.LocalValidatorFactoryBean"
        p:messageInterpolator-ref="messageInterpolator"/>

  <bean id="ticketGrantingTicketCheckAction" class="org.jasig.cas.web.flow.TicketGrantingTicketCheckAction"
        c:registry-ref="ticketRegistry" />

  <bean id="terminateSessionAction" class="org.jasig.cas.web.flow.TerminateSessionAction"
        c:cas-ref="centralAuthenticationService"
        c:tgtCookieGenerator-ref="ticketGrantingTicketCookieGenerator"
        c:warnCookieGenerator-ref="warnCookieGenerator"/>
</beans>

9.最后就是改下登陆的样式。

登陆界面在\cas\WEB-INF\view\jsp\default\ui\中的casLoginView.jsp中修改。


10,最后上传下做好的登陆界面图。



目录
相关文章
|
6月前
|
算法 Java 应用服务中间件
cas5.3:CAS Server搭建
cas5.3:CAS Server搭建
336 0
|
6月前
|
缓存 前端开发 Java
【二十八】springboot之通过threadLocal+参数解析器实现同session一样保存当前登录信息的功能
【二十八】springboot之通过threadLocal+参数解析器实现同session一样保存当前登录信息的功能
169 1
|
应用服务中间件 nginx
|
存储 PHP 数据库
PHP如何注册一个会话变量和读取session?底层原理是什么?
PHP如何注册一个会话变量和读取session?底层原理是什么?
PHP为什么需要注销变量与销毁session?底层原理是什么?
PHP为什么需要注销变量与销毁session?底层原理是什么?
119 0
|
Java
【JAVA】【SpringBoot】当重新启动项目的时候,需要把用户一些状态回退,但是回退失败了,项目却没有停止,可以用System.exit(1);
【JAVA】【SpringBoot】当重新启动项目的时候,需要把用户一些状态回退,但是回退失败了,项目却没有停止,可以用System.exit(1);
369 0
【JAVA】【SpringBoot】当重新启动项目的时候,需要把用户一些状态回退,但是回退失败了,项目却没有停止,可以用System.exit(1);
|
Java 数据安全/隐私保护
cas server +cas client 单点登录配置实例
cas server 配置 首先你要下一个 cas server 。如果你要有所了解的话,可以下载一个cas server source。 使用ide 打开 cas server ,maven 构建,jetty 运行。
1977 0
|
存储 数据安全/隐私保护
|
Java 应用服务中间件 Apache
|
机器学习/深度学习
另一套备用的代码,通过service调用和登陆用户交互
结合这两个东东,应该差不多可以搞定我需要的事情啦。 因为更改不了service代码,所以希望从service调用的代码里,争脱出来,和本地登陆用户进行交互启动。 #include #include #include #include #include #include ...
910 0