Article Directory
First, the deployment cas
1. Copy cas.war to webapps
The following cas.war webapps into Tomcat can start tomcat
2. login page
Two, CAS server configuration
2.1. Adding users
- Find the file specified
- Add a line to
<bean id="primaryAuthenticationHandler"
class="org.jasig.cas.authentication.AcceptUsersAuthenticationHandler">
<property name="users">
<map>
<entry key="casuser" value="Mellon"/>
<entry key="admin" value="admin"/>
</map>
</property>
</bean>
2.2. Modify the port
If we do not want to use port 8080 to access CAS, you can modify the port
- ① modify TOMCAT port
Open the tomcat directory conf \ server.xml find the following configuration
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
change into
<Connector port="9100" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
The port 8080 instead 9100
- ② CAS modify configuration files
Cas modify the WEB-INF / cas.properties
the 8080 revised to 9100
server.name=http://localhost:9100
2.3. Certification removal https
- ① cas modify the WEB-INF / deployerConfigContext.xml
Locate the following configuration
<!-- Required for proxy ticket mechanism. -->
<bean id="proxyAuthenticationHandler"
class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler"
p:httpClient-ref="httpClient"/>
Modified
<!-- Required for proxy ticket mechanism. -->
<bean id="proxyAuthenticationHandler"
class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler"
p:httpClient-ref="httpClient" p:requireSecure="false"/>
It should increase the parameter p:requireSecure="false"
, requireSecure attribute meaning to the need for secure authentication, that is, HTTPS, false is not used
- ② modify ticketGrantingTicketCookieGenerator.xml
modify the cas/WEB-INF/spring-configuration/ticketGrantingTicketCookieGenerator.xml
find the following configuration
<bean id="ticketGrantingTicketCookieGenerator" class="org.jasig.cas.web.support.CookieRetrievingCookieGenerator"
p:cookieSecure="true"
p:cookieMaxAge="-1"
p:cookieName="CASTGC"
p:cookiePath="/cas" />
After modifying the configuration
<bean id="ticketGrantingTicketCookieGenerator" class="org.jasig.cas.web.support.CookieRetrievingCookieGenerator"
p:cookieSecure="false"
p:cookieMaxAge="3600"
p:cookieName="CASTGC"
p:cookiePath="/cas" />
参数p:cookieSecure="true",同理为HTTPS验证相关,TRUE为采用HTTPS验证,FALSE为不采用https验证。
参数p:cookieMaxAge="-1",是COOKIE的最大生命周期,-1为无生命周期,即只在当前打开的窗口有效,关闭或重新打开其它窗口,仍会要求验证。可以根据需要修改为大于0的数字,比如3600等,意思是在3600秒内,打开任意窗口,都不需要验证。
我们这里将cookieSecure改为false , cookieMaxAge 改为3600
- ③ Modify warnCookieGenerator.xml
modified cas's WEB-INF / spring-configuration /
find the following configuration, here we will cookieSecure changed false, cookieMaxAge changed to 3600
<bean id="warnCookieGenerator" class="org.jasig.cas.web.support.CookieRetrievingCookieGenerator"
p:cookieSecure="true"
p:cookieMaxAge="-1"
p:cookieName="CASPRIVACY"
p:cookiePath="/cas" />
change into
<bean id="warnCookieGenerator" class="org.jasig.cas.web.support.CookieRetrievingCookieGenerator"
p:cookieSecure="false "
p:cookieMaxAge="3600"
p:cookieName="CASPRIVACY"
p:cookiePath="/cas" />
Http protocol enabled, close the HTTPS protocol