CAS5.X 集群配置 初版
基础版
cas-overlay pom.xml
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd ">
<modelVersion>4.0.0</modelVersion>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-overlay</artifactId>
<packaging>war</packaging>
<version>1.0</version> <dependencies>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<version>${mysql.driver.version}</version>
<scope>runtime</scope>
</dependency> <dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-webapp-tomcat</artifactId>
<version>${cas.version}</version>
<type>war</type>
<scope>runtime</scope>
</dependency> <dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-support-jdbc</artifactId>
<version>${cas.version}</version>
</dependency> <dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-support-oauth-webflow</artifactId>
<version>${cas.version}</version>
</dependency> <dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-support-redis-ticket-registry</artifactId>
<version>${cas.version}</version>
</dependency> <dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-webapp-session-redis</artifactId>
<version>${cas.version}</version>
</dependency> <dependency>
<groupId>com.thetransactioncompany</groupId>
<artifactId>java-property-utils</artifactId>
<version>1.9.1</version>
</dependency> <dependency>
<groupId>com.thetransactioncompany</groupId>
<artifactId>cors-filter</artifactId>
<version>2.5</version>
</dependency> <dependency>
<groupId>javax.servlet</groupId>
<artifactId>javax.servlet-api</artifactId>
<version>3.0.1</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>javax.servlet.jsp</groupId>
<artifactId>jsp-api</artifactId>
<version>2.1</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>jstl</artifactId>
<version>1.2</version>
</dependency> </dependencies> <properties>
<cas.version>5.1.1</cas.version>
<springboot.version>1.4.2.RELEASE</springboot.version>
<maven.compiler.source>1.8</maven.compiler.source>
<maven.compiler.target>1.8</maven.compiler.target>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<mysql.driver.version>6.0.6</mysql.driver.version>
</properties> <build>
<plugins>
<plugin>
<groupId>com.rimerosolutions.maven.plugins</groupId>
<artifactId>wrapper-maven-plugin</artifactId>
<version>0.0.4</version>
<configuration>
<verifyDownload>true</verifyDownload>
<checksumAlgorithm>MD5</checksumAlgorithm>
</configuration>
</plugin>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
<version>${springboot.version}</version>
<configuration>
<mainClass>org.springframework.boot.loader.WarLauncher</mainClass>
<addResources>true</addResources>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-war-plugin</artifactId>
<version>2.6</version>
<configuration>
<warName>cas</warName>
<failOnMissingWebXml>false</failOnMissingWebXml>
<recompressZippedFiles>false</recompressZippedFiles>
<archive>
<compress>false</compress>
<manifestFile>${project.build.directory}/war/work/org.apereo.cas/cas-server-webapp-tomcat/META-INF/MANIFEST.MF
</manifestFile>
</archive>
<overlays>
<overlay>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-webapp-tomcat</artifactId>
</overlay>
</overlays>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>3.3</version>
</plugin>
</plugins>
<finalName>cas</finalName>
</build> <repositories>
<repository>
<id>public</id>
<name>Public Repositories</name>
<url>http://192.168.1.21:8083/nexus/content/groups/public</url> <snapshots>
<enabled>true</enabled>
</snapshots>
<releases>
<enabled>true</enabled>
</releases>
</repository> <repository>
<id>sonatype-releases</id>
<url>http://oss.sonatype.org/content/repositories/releases/</url>
<snapshots>
<enabled>false</enabled>
</snapshots>
<releases>
<enabled>true</enabled>
</releases>
</repository>
<repository>
<id>sonatype-snapshots</id>
<url>https://oss.sonatype.org/content/repositories/snapshots/</url>
<snapshots>
<enabled>true</enabled>
</snapshots>
<releases>
<enabled>false</enabled>
</releases>
</repository>
<repository>
<id>shibboleth-releases</id>
<url>https://build.shibboleth.net/nexus/content/repositories/releases</url>
</repository>
<repository>
<id>spring-milestones</id>
<url>https://repo.spring.io/milestone</url>
</repository>
</repositories> <profiles>
<profile>
<activation>
<activeByDefault>false</activeByDefault>
</activation>
<id>pgp</id>
<build>
<plugins>
<plugin>
<groupId>com.github.s4u.plugins</groupId>
<artifactId>pgpverify-maven-plugin</artifactId>
<version>1.1.0</version>
<executions>
<execution>
<goals>
<goal>check</goal>
</goals>
</execution>
</executions>
<configuration>
<pgpKeyServer>hkp://pool.sks-keyservers.net</pgpKeyServer>
<pgpKeysCachePath>${settings.localRepository}/pgpkeys-cache</pgpKeysCachePath>
<scope>test</scope>
<verifyPomFiles>true</verifyPomFiles>
<failNoSignature>false</failNoSignature>
</configuration>
</plugin>
</plugins>
</build>
</profile>
</profiles>
</project>
配置文件
application.properties
##
# CAS Server Context Configuration
#
server.context-path=/cas
server.port= cas.server.name=http://192.168.20.119:80
cas.server.prefix=http://192.168.20.119:80/cas
cas.host.name=tusheng.cnblogs.com server.ssl.key-store=file:/etc/cas/thekeystore
server.ssl.key-store-password=changeit
server.ssl.key-password=changeit
# server.ssl.ciphers=
# server.ssl.client-auth=
# server.ssl.enabled=
# server.ssl.key-alias=
# server.ssl.key-store-provider=
# server.ssl.key-store-type=
# server.ssl.protocol=
# server.ssl.trust-store=
# server.ssl.trust-store-password=
# server.ssl.trust-store-provider=
# server.ssl.trust-store-type= server.max-http-header-size=
server.use-forward-headers=true
server.connection-timeout=
server.error.include-stacktrace=ALWAYS server.tomcat.max-http-post-size=
server.tomcat.basedir=build/tomcat
server.tomcat.accesslog.enabled=true
server.tomcat.accesslog.pattern=%t %a "%r" %s (%D ms)
server.tomcat.accesslog.suffix=.log
server.tomcat.max-threads=
server.tomcat.port-header=X-Forwarded-Port
server.tomcat.protocol-header=X-Forwarded-Proto
server.tomcat.protocol-header-https-value=https
server.tomcat.remote-ip-header=X-FORWARDED-FOR
server.tomcat.uri-encoding=UTF- spring.http.encoding.charset=UTF-
spring.http.encoding.enabled=true
spring.http.encoding.force=true ##
# CAS Cloud Bus Configuration
#
spring.cloud.bus.enabled=false
# spring.cloud.bus.refresh.enabled=true
# spring.cloud.bus.env.enabled=true
# spring.cloud.bus.destination=CasCloudBus
# spring.cloud.bus.ack.enabled=true endpoints.enabled=false
endpoints.sensitive=true endpoints.restart.enabled=false
endpoints.shutdown.enabled=false management.security.enabled=true
management.security.roles=ACTUATOR,ADMIN
management.security.sessions=if_required
management.context-path=/status
management.add-application-context-header=false security.basic.authorize-mode=role
security.basic.enabled=false
security.basic.path=/cas/status/** ##
# CAS Web Application Session Configuration
#
server.session.timeout=300
server.session.cookie.http-only=true
server.session.tracking-modes=COOKIE ##
# CAS Thymeleaf View Configuration
#
spring.thymeleaf.encoding=UTF-8
spring.thymeleaf.cache=true
spring.thymeleaf.mode=HTML
##
# CAS Log4j Configuration
#
# logging.config=file:/etc/cas/log4j2.xml
server.context-parameters.isLog4jAutoInitializationDisabled=true ##
# CAS AspectJ Configuration
#
spring.aop.auto=true
spring.aop.proxy-target-class=true ##
# CAS Authentication Credentials
#
#cas.authn.accept.users=casuser::Mellon #############jdbc authentication##################
cas.authn.jdbc.query[0].sql=SELECT password,salt FROM sys_user WHERE login_name=?
cas.authn.jdbc.query[0].healthQuery=SELECT 1
cas.authn.jdbc.query[0].isolateInternalQueries=false
cas.authn.jdbc.query[0].url=jdbc:mysql://192.168.20.119:3306/cas-local?useUnicode=true&useSSL=false&characterEncoding=utf-8&serverTimezone=GMT%2B8
cas.authn.jdbc.query[0].failFast=true
cas.authn.jdbc.query[0].isolationLevelName=ISOLATION_READ_COMMITTED
cas.authn.jdbc.query[0].dialect=org.hibernate.dialect.MySQLDialect
cas.authn.jdbc.query[0].leakThreshold=10
cas.authn.jdbc.query[0].propagationBehaviorName=PROPAGATION_REQUIRED
cas.authn.jdbc.query[0].batchSize=1
cas.authn.jdbc.query[0].user=root
cas.authn.jdbc.query[0].ddlAuto=validate
cas.authn.jdbc.query[0].maxAgeDays=180
cas.authn.jdbc.query[0].password=tusheng
cas.authn.jdbc.query[0].autocommit=false
cas.authn.jdbc.query[0].driverClass=com.mysql.cj.jdbc.Driver
cas.authn.jdbc.query[0].idleTimeout=5000
cas.authn.jdbc.query[0].credentialCriteria= cas.authn.jdbc.query[0].pool.minSize=10
cas.authn.jdbc.query[0].pool.maxSize=100
#密码字段
cas.authn.jdbc.query[0].fieldPassword=password
cas.authn.jdbc.query[0].fieldExpired=
cas.authn.jdbc.query[0].fieldDisabled=
#cas.authn.jdbc.query[0].principalAttributeList=sn,cn:commonName,givenName cas.authn.jdbc.query[0].passwordEncoder.type=DEFAULT
#加密方式
cas.authn.jdbc.query[0].passwordEncoder.encodingAlgorithm=MD5 # cas.authn.attributeRepository.jdbc[0].attributes.test_name=test_name
# cas.authn.attributeRepository.jdbc[0].attributes.salt=salt
# cas.authn.attributeRepository.jdbc[0].attributes.cn=commonName
# cas.authn.attributeRepository.jdbc[0].attributes.affiliation=groupMembership cas.authn.attributeRepository.jdbc[0].singleRow=true
# cas.authn.attributeRepository.jdbc[0].order=0
cas.authn.attributeRepository.jdbc[0].requireAllAttributes=true
cas.authn.attributeRepository.jdbc[0].caseCanonicalization=LOWER
cas.authn.attributeRepository.jdbc[0].queryType=OR # Used only when there is a mapping of many rows to one user
# cas.authn.attributeRepository.jdbc[0].columnMappings.columnAttrName1=columnAttrValue1
# cas.authn.attributeRepository.jdbc[0].columnMappings.columnAttrName2=columnAttrValue2
# cas.authn.attributeRepository.jdbc[0].columnMappings.columnAttrName3=columnAttrValue3 cas.authn.attributeRepository.jdbc[0].sql=SELECT * FROM sys_user WHERE {0}
cas.authn.attributeRepository.jdbc[0].username=login_name
cas.authn.attributeRepository.jdbc[0].healthQuery=SELECT 1
# cas.authn.attributeRepository.jdbc[0].isolateInternalQueries=false
cas.authn.attributeRepository.jdbc[0].url=jdbc:mysql://192.168.20.119:3306/cas-local?useUnicode=true&useSSL=false&characterEncoding=utf-8&serverTimezone=GMT%2B8
# cas.authn.attributeRepository.jdbc[0].failFast=true
# cas.authn.attributeRepository.jdbc[0].isolationLevelName=ISOLATION_READ_COMMITTED
cas.authn.attributeRepository.jdbc[0].dialect=org.hibernate.dialect.MySQLDialect
# cas.authn.attributeRepository.jdbc[0].leakThreshold=10
# cas.authn.attributeRepository.jdbc[0].propagationBehaviorName=PROPAGATION_REQUIRED
# cas.authn.attributeRepository.jdbc[0].batchSize=1
cas.authn.attributeRepository.jdbc[0].user=root
cas.authn.attributeRepository.jdbc[0].ddlAuto=validate
cas.authn.attributeRepository.jdbc[0].password=tusheng
# cas.authn.attributeRepository.jdbc[0].autocommit=false
cas.authn.attributeRepository.jdbc[0].driverClass=com.mysql.cj.jdbc.Driver
# cas.authn.attributeRepository.jdbc[0].idleTimeout=5000
# cas.authn.attributeRepository.jdbc[0].pool.suspension=false
# cas.authn.attributeRepository.jdbc[0].pool.minSize=6
# cas.authn.attributeRepository.jdbc[0].pool.maxSize=18
# cas.authn.attributeRepository.jdbc[0].pool.maxWait=2000
# cas.authn.attributeRepository.jdbc[0].dataSourceName=
# cas.authn.attributeRepository.jdbc[0].dataSourceProxy=false cas.authn.attributeRepository.defaultAttributesToRelease=test_name,salt
#tgc的生存周期,-1 永不过期
cas.tgc.maxAge=-1
#默认为true,使用https,如果只需要http,修改为false即可
cas.tgc.secure=false
#随便搞的一串数字 个数必须超过 256/8/2=16
# The encryption secret key. By default, must be a octet string of size 256.
cas.tgc.encryptionKey=nXL-DN7Xbt3HsY_Wwp9zVAUP-r4sFkZOIfAstCfpCXI
#随便搞的一串数字 个数必须超过 512/8/2=32
# The signing secret key. By default, must be a octet string of size 512
cas.tgc.signingKey=tushengN7Xbt3HsY_Wwp9zVAUP-r4sFkZOIfAstCfpCXItushengN7Xbt3HsY_Wwp9zVAUP-r4sFkZOIfAstCfpCXI
cas.tgc.cipherEnabled=true #cas.googleRecaptcha.verifyUrl=https://www.google.com/recaptcha/api/siteverify
#cas.googleRecaptcha.siteKey=123456
#cas.googleRecaptcha.secret=111111 # Redis server host.
cas.ticket.registry.redis.host=192.168.20.186
#
#Database index used by the connection factory.
cas.ticket.registry.redis.database=0
#
## Redis server port.
cas.ticket.registry.redis.port=6379
#
## Login password of the redis server.
cas.ticket.registry.redis.password=lucheng
#
## Connection timeout in milliseconds
cas.ticket.registry.redis.timeout=30
#
##
cas.ticket.registry.redis.pool.max-active=20
#
# Max number of "idle" connections in the pool. Use a negative value to indicate an unlimited number of idle connections.
cas.ticket.registry.redis.pool.maxIdle=8
#
# Target for the minimum number of idle connections to maintain in the pool. This setting only has an effect if it is positive.
cas.ticket.registry.redis.pool.minIdle=0
#
# Max number of connections that can be allocated by the pool at a given time. Use a negative value for no limit.
cas.ticket.registry.redis.pool.maxActive=8
#
# Maximum amount of time (in milliseconds) a connection allocation should block
# before throwing an exception when the pool is exhausted. Use a negative value to block indefinitely.
cas.ticket.registry.redis.pool.maxWait=-1 cas.ticket.registry.redis.crypto.signing.key=
cas.ticket.registry.redis.crypto.signing.keySize=512
cas.ticket.registry.redis.crypto.encryption.key=
cas.ticket.registry.redis.crypto.encryption.keySize=16
cas.ticket.registry.redis.crypto.alg=AES cas.webflow.autoconfigure=true
cas.webflow.alwaysPauseRedirect=false
cas.webflow.refresh=true
cas.webflow.redirectSameState=false cas.webflow.session.lockTimeout=30
cas.webflow.session.compress=false
cas.webflow.session.maxConversations=5
cas.webflow.session.storage=true # Manage session storage via Redis
spring.session.store-type=redis
spring.redis.host=192.168.20.186
spring.redis.password=tusheng
spring.redis.port=6379 #cas.webflow.signing.key=tusheng
#cas.webflow.signing.keySize=512
#cas.webflow.encryption.keySize=16
#cas.webflow.encryption.key=
#cas.webflow.alg=AES
CAS5.X 集群配置 初版的更多相关文章
- Ubuntu 14.04中Elasticsearch集群配置
Ubuntu 14.04中Elasticsearch集群配置 前言:本文可用于elasticsearch集群搭建参考.细分为elasticsearch.yml配置和系统配置 达到的目的:各台机器配置成 ...
- Redis 3.0 Cluster集群配置
Redis 3.0 Cluster集群配置 安装环境依赖 安装gcc:yum install gcc 安装zlib:yum install zib 安装ruby:yum install ruby 安装 ...
- MongoDB高可用集群配置的方案
>>高可用集群的解决方案 高可用性即HA(High Availability)指的是通过尽量缩短因日常维护操作(计划)和突发的系统崩溃(非计划)所导致的停机时间,以提高系统和应用的可用性. ...
- MySQL Cluster 7.3.5 集群配置实例(入门篇)
一.环境说明: CentOS6.3(32位) + MySQL Cluster 7.3.5,规划5台机器,资料如下: 节点分布情况: MGM:192.168.137. NDBD1:192.168.137 ...
- MySQL Cluster 7.3.5 集群配置参数优化(优化篇)
按照前面的教程:MySQL Cluster 7.3.5 集群配置实例(入门篇),可快速搭建起基础版的MySQL Cluster集群,但是在生成环境中,还是有很多问题的,即配置参数需要优化下, 当前生产 ...
- 关于ActiveMQ的几种集群配置
ActiveMQ的几种集群配置. Queue consumer clusters 此集群让多个消费者同时消费一个队列,若某个消费者出问题无法消费信息,则未消费掉的消息将被发给其他正常的消费者,结构图如 ...
- solrCloud+tomcat+zookeeper集群配置
solrcolud安装solrCloud+tomcat+zookeeper部署 转载请出自出处:http://eksliang.iteye.com/blog/2107002 http://eksli ...
- RabbitMq 集群配置
1. RabbitMQ 所需的附属安装包 1.1 openGL安装 执行命令: [root@localhost local]# yum install mesa-libGL-devel mesa-l ...
- Spring+quartz 实现定时任务job集群配置
为什么要有集群定时任务? 因为如果多server都触发相同任务,又同时执行,那在99%的场景都是不适合的.比如银行每晚24:00都要汇总营业额.像下面3台server同时进行汇总,最终计算结果可能是真 ...
随机推荐
- Android udp json+数组 --->bytes发送数据
Android json支持五种数据类型 String / int(float)/bool / null / object 今天说 object : json = new JSONObject( ...
- web前端(12)—— 页面布局2
本篇博文,主要就讲定位的问题,也就是页面布局里最重要的,本篇博文不出意外的话,也是css的最后一篇博文了 定位,position属性 定位有三种: 相对定位 绝对定位 固定定位 相对定位,positi ...
- SQLServer2016 AlwaysOn AG基于工作组的搭建笔记
最近搭建了一套SQLServer2016 AlwaysOn AG. (后记:经实际测试,使用SQLServer2012 也同样可以在Winserver2016上搭建基于工作组的AlwaysOn AG, ...
- innodb二阶段日志提交机制和组提交解析
前些天在查看关于innodb_flush_log_at_trx_commit的官网解释时产生了一些疑问,关于innodb_flush_log_at_trx_commit参数的详细解释参见官网: htt ...
- SQL Server has encountered 1 occurrence(s) of cachestore flush for the 'Object Plans' cachestore (part of plan cache) due to some database maintenance or reconfigure operations.
2017-11-01 09:49:44.35 spid166 SQL Server has encountered 1 occurrence(s) of cachestore flush for th ...
- Elasticsearch拼音和ik分词器的结合应用
一.创建索引时,自定义拼音分词和ik分词 PUT /my_index { "index": { "analysis": { "analyzer&quo ...
- c/c++ 字节对齐
c 字节对齐 概念: 结构体里会包括各种类型的成员,比如int char long等等,它们要占用的空间不同,系统为一个结构体开辟内存空间时,会有2种选择. 第一种:节省空间的方案,以上面的列子来说的 ...
- SQLServer插入数据
使用数据库管理工具插入数据 打开数据库,选则要插入数据的表->右键点击->选择插入前200行->在右边视图中输入要插入的数据(如果字段设置为不为空,则必须输入,如果字段设置为可空,则 ...
- March 09th, 2018 Week 10th Friday
All good things must come to an end. 好景无常. Love is when the other person's happiness is more importa ...
- 【工匠大道】升级Mac下的svn,解决命令行不能使用svn的问题
本文地址 原文地址 一. 为什么要升级SVN? 因为MAC上默认安装的是1.6版本,在使用时经常会提示SVN版本太旧,所以一定要升级 二. 怎么升级? 所有软件安装都是这三步吧,哈哈 第一步: 下载 ...