CAS project deployment and operations base

First, the deployment cas

1. Copy cas.war to webapps

The following cas.war webapps into Tomcat can start tomcat

2. login page

Two, CAS server configuration

2.1. Adding users

2. Find the file specified
3. Add a line to

<bean id="primaryAuthenticationHandler"
          class="org.jasig.cas.authentication.AcceptUsersAuthenticationHandler">
        <property name="users">
            <map>
                <entry key="casuser" value="Mellon"/>
				<entry key="admin" value="admin"/>
            </map>
        </property>
    </bean>

2.2. Modify the port

If we do not want to use port 8080 to access CAS, you can modify the port

• ① modify TOMCAT port

Open the tomcat directory conf \ server.xml find the following configuration

  <Connector port="8080" protocol="HTTP/1.1"
               connectionTimeout="20000"
               redirectPort="8443" />

change into

  <Connector port="9100" protocol="HTTP/1.1"
               connectionTimeout="20000"
               redirectPort="8443" />

The port 8080 instead 9100

• ② CAS modify configuration files

Cas modify the WEB-INF / cas.properties
the 8080 revised to 9100

server.name=http://localhost:9100

2.3. Certification removal https

• ① cas modify the WEB-INF / deployerConfigContext.xml

Locate the following configuration

 <!-- Required for proxy ticket mechanism. -->
    <bean id="proxyAuthenticationHandler"
          class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler"
          p:httpClient-ref="httpClient"/>

Modified

 <!-- Required for proxy ticket mechanism. -->
    <bean id="proxyAuthenticationHandler"
          class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler"
          p:httpClient-ref="httpClient" p:requireSecure="false"/>

It should increase the parameter p:requireSecure="false", requireSecure attribute meaning to the need for secure authentication, that is, HTTPS, false is not used

• ② modify ticketGrantingTicketCookieGenerator.xml
  modify the cas/WEB-INF/spring-configuration/ticketGrantingTicketCookieGenerator.xml
  find the following configuration

<bean id="ticketGrantingTicketCookieGenerator" class="org.jasig.cas.web.support.CookieRetrievingCookieGenerator"
		p:cookieSecure="true"
		p:cookieMaxAge="-1"
		p:cookieName="CASTGC"
		p:cookiePath="/cas" />

After modifying the configuration

<bean id="ticketGrantingTicketCookieGenerator" class="org.jasig.cas.web.support.CookieRetrievingCookieGenerator"
	    p:cookieSecure="false"
		p:cookieMaxAge="3600"
		p:cookieName="CASTGC"
		p:cookiePath="/cas" />

参数p:cookieSecure="true"，同理为HTTPS验证相关，TRUE为采用HTTPS验证，FALSE为不采用https验证。
参数p:cookieMaxAge="-1"，是COOKIE的最大生命周期，-1为无生命周期，即只在当前打开的窗口有效，关闭或重新打开其它窗口，仍会要求验证。可以根据需要修改为大于0的数字，比如3600等，意思是在3600秒内，打开任意窗口，都不需要验证。
我们这里将cookieSecure改为false ,  cookieMaxAge 改为3600

• ③ Modify warnCookieGenerator.xml
  modified cas's WEB-INF / spring-configuration /
  find the following configuration, here we will cookieSecure changed false, cookieMaxAge changed to 3600

<bean id="warnCookieGenerator" class="org.jasig.cas.web.support.CookieRetrievingCookieGenerator"
		p:cookieSecure="true"
		p:cookieMaxAge="-1"
		p:cookieName="CASPRIVACY"
		p:cookiePath="/cas" />

change into

<bean id="warnCookieGenerator" class="org.jasig.cas.web.support.CookieRetrievingCookieGenerator"
		p:cookieSecure="false "
		p:cookieMaxAge="3600"
		p:cookieName="CASPRIVACY"
		p:cookiePath="/cas" />

Http protocol enabled, close the HTTPS protocol