Tomcat: V8.5.x

Java: 1.8 x64

MySQL: 5.5.x

OS: Win10 x64

I. war

0. clone

git clone https://github.com/apereo/cas-gradle-overlay-template.git

1. set gradle

https://gradle.org/releases/

1) extract

gradle-4.10.3-bin.zip

2) set system variable

$PATH=$PATH;%GRADLE_HOME%\bin

2. build war

File location: cas\build\libs\cas.war

1) config file

gradle.properties

cas.version=
->
cas.version=

gradle.version=4.8
->
gradle.version=

springboot.version=.RELEASE
->
springboot.version=.RELEASE

change version:

2) build

cd cas-gradle-overlay-template
$gradle build

II. Run

0. key/certificate

1) genkey

keytool -genkey -keyalg RSA -alias thekeystore -keypass changeit -storepass changeit -keysize 2048 -keystore d:/etc/cas/thekeystore

info:

-dname "CN=localhost,OU=test.com,O=test,L=WH,ST=HB,C=CN"

2) export

keytool -export -alias thekeystore -file d:/etc/cas/cas538.crt -keystore d:/etc/cas/thekeystore -storepass changeit

3) import

keytool -import -alias thekeystore -storepass changeit -file d:/etc/cas/cas538.crt -keystore "%JAVA_HOME%\jre\lib\security\cacerts"

1. set tomcat

1)thekeystore

copy thekeystore file to $TOMCAT_HOME/conf

2)add https

server.xml

    <Connector port=" protocol="org.apache.coyote.http11.Http11NioProtocol"
               maxThreads=" SSLEnabled="true">
        <SSLHostConfig>
            <Certificate certificateKeystoreFile="conf/thekeystore"
                        keystorePass="changeit"
                         type="RSA" />
        </SSLHostConfig>
    </Connector>

2. let's it

(1) tomcat startup

startup.bat

(2) login

http://localhost:8080/cas

https://localhost:8443/cas

Enter username and password

casuser/Mellon

If you want to change the user/password, stop Tomcat and change it in Application.properties(webapps\cas\WEB-INF\classes).

##
# CAS Authentication Credentials
#
cas.authn.accept.users=casuser::Mellon

----Beautiful Split Line----

III. Database Authentication

0. config files folder

copy cas-gradle-overlay-template/etc to The drive letter where Tomcat is located.

For example:

e:\

1. service register

0) ON Services

     cas.properties

     Append the following Key-Value:

cas.serviceRegistry.initFromJson=truecas.serviceRegistry.json.location=classpath:/services

1) services file

webapps\cas\WEB-INF\classes\services

  • cas spring secured app
  •     casSecuredApp-19991.json
  • cas client for java
  •     loginInfo-10000004.json

2. JDBC Support

1) down jar

MySQL Connector/J is 5.x;

cas-server-support-jdbc for matching ' cas.server '.

If the cas.authn.jdbc.query[0].passwordEncoder.type is not NONE, add the cas-server-support-jdbc-authentication package.

https://mvnrepository.com/artifact/mysql/mysql-connector-java

https://mvnrepository.com/artifact/org.apereo.cas/cas-server-support-jdbc

https://mvnrepository.com/artifact/org.apereo.cas/cas-server-support-jdbc-authentication

2) properties

application.properties(..\webapps\cas\WEB-INF\classes)

##
# CAS Authentication Credentials
#
#cas.authn.accept.users=casuser::Mellon
# server.port =
cas.server.name: https://localhost:8443
cas.server.prefix: https://localhost:8443/cas

cas.adminPagesSecurity.ip=\.\.\.

logging.config: file:/etc/cas/config/log4j2.xml
cas.serviceRegistry.initFromJson=true
cas.serviceRegistry.json.location=classpath:/services

# SSL
# server.ssl.enabled=false

cas.authn.accept.users=
cas.authn.accept.name=
#CAS Database Authentication Property
#cas.authn.jdbc.query[].sql=SELECT * FROM users WHERE email = ?
cas.authn.jdbc.query[].sql=SELECT * FROM app_user WHERE email = ?
cas.authn.jdbc.query[].url=jdbc:mysql://127.0.0.1:3306/test
cas.authn.jdbc.query[].dialect=org.hibernate.dialect.MySQLDialect
cas.authn.jdbc.query[].user=DBAdmin
cas.authn.jdbc.query[].password=xbfirst
cas.authn.jdbc.query[].ddlAuto=none
cas.authn.jdbc.query[].driverClass=com.mysql.jdbc.Driver
## mysql8+
#cas.authn.jdbc.query[].driverClass=com.mysql.cj.jdbc.Driver
cas.authn.jdbc.query[].fieldPassword=password
#cas.authn.jdbc.query[].passwordEncoder.type=NONE
cas.authn.jdbc.query[].passwordEncoder.type=BCRYPT
# cas.authn.jdbc.query[].passwordEncoder.characterEncoding=
# cas.authn.jdbc.query[].passwordEncoder.encodingAlgorithm=
# cas.authn.jdbc.query[].passwordEncoder.secret=
cas.authn.jdbc.query[].passwordEncoder.strength=

cas.properties(e:\etc\cas\config)

3) table

create table APP_USER (
   id BIGINT NOT NULL AUTO_INCREMENT,
   sso_id VARCHAR() NOT NULL,
   password VARCHAR() NOT NULL,
   first_name VARCHAR() NOT NULL,
   last_name  VARCHAR() NOT NULL,
   email VARCHAR() NOT NULL,
   state VARCHAR() NOT NULL,
   PRIMARY KEY (id),
   UNIQUE (sso_id)
);

APP_USER

INSERT INTO APP_USER(sso_id, password, first_name, last_name, email, state)
VALUES ('sam','$2a$10$4eqIF5s/ewJwHK1p8lqlFOEm2QIA0S8g6./Lok.pQxqcxaBZYChRm', 'Sam','Smith','samy@xyz.com', 'Active');

insert data

3. test

cas client

Source:

configure file

{
    "@class" : "org.apereo.cas.services.RegexRegisteredService",
    "serviceId" : "^http://localhost:9000/login/cas",
    "name" : "CAS Spring Secured App",
    "description": "This is a Spring App that usses the CAS Server for it's authentication",
    ,

}

casSecuredApp-19991.json

{
  "@class" : "org.apereo.cas.services.RegexRegisteredService",
  "serviceId" : "^http://localhost:9080/loginInfo/",
  "name" : "Login Information",
  ,
  "description" : "Sample service for Cas client",

}

loginInfo-10000004.json

Reference:

0. Database Authentication

1) configure

2) password-encode

1. Service Registry

1) JSON Service Registry

2. keytool - del

keytool -delete -alias thekeystore -keystore "%JAVA_HOME%\jre\lib\security\cacerts" -storepass changeit

3. bcrypt tool

End

cas server的更多相关文章

  1. Eclipse配置CAS server

    1.下载cas server的源码包(我使用的是cas-server-3.5.2.1-release.zip) 2.解压压缩包到某个目录下,找到cas-server-3.5.2.1-release.z ...

  2. Cas Server中各配置文件介绍

    Cas Server中所有的配置文件都是放在WEB-INF目录及其子目录下的. 在WEB-INF/classes下的配置文件有: l  cas-theme-default.properties:该文件 ...

  3. 设置cas server使用http非安全协议

    目录 1.tomcat添加https安全协议 2.下载cas server端部署到tomcat上 3.CAS服务器深入配置(连接MYSQL) 4.Apache Shiro 集成Cas作为cas cli ...

  4. cas+tomcat+shiro实现单点登录-2-部署cas server到tomcat

    目录 1.tomcat添加https安全协议 2.下载cas server端部署到tomcat上 3.CAS服务器深入配置(连接MYSQL) 4.Apache Shiro 集成Cas作为cas cli ...

  5. nginx反向代理cas server之1:多个cas server负载均衡配置以及ssl配置

    系统环境采用centOS7 由于cas server不支持session持久化方式的共享,所以请用其他方式代替,例如:组播复制. 为什么不支持session持久化:http://blog.csdn.n ...

  6. 关于cas server无法通过session持久化方式实现集群的问题

    最近在搭建cas单点登录系统 ,在建立集群时发生一个问题. 搭建的环境是tomcat+tomcat-redis-session-manager+redis+cas 在对tomcat的session进行 ...

  7. CAS server打包小白教程

    如题,cas是耶鲁大学的一个开源的登录系统,功能齐全,受到很多企业的青睐. 耶鲁大学都不知道那你太out了,我告诉你吧!耶鲁大学就是山东一个椰子树长的很多的地方的大学,很牛逼. 很多新手程序员简历都喜 ...

  8. No principal was found in the response from the CAS server

    按网上的配置了 public String casServerUrlPrefix = "http://cas-server.com:8080/cas"; public String ...

  9. 单点登录(七)-----实战-----cas server去掉https验证

    我们在搭建cas中已经说过如果不搭建https证书体系的需要去掉https的验证: 单点登录(二)----实战------简单搭建CAS---测试认证方式搭建CAS 因为cas4.2以上的代码做了一些 ...

随机推荐

  1. Spring中时间格式注解@DateTimeFormat

    在SpringMVC中Controller中方法参数为Date类型想要限定请求传入时间格式时,可以通过@DateTimeFormat来指定,但请求传入参数与指定格式不符时,会返回400错误. 如果在B ...

  2. vue-router 与 react-router 设计理念上的区别

    vue-router 与 react-router 设计理念上的区别: 区别 vue-router react-router 改成history mode: 'history' 直接使用 react- ...

  3. PySpark理解wordcount.py

    在本文中, 我们借由深入剖析wordcount.py, 来揭开Spark内部各种概念的面纱.我们再次回顾wordcount.py代码来回答如下问题 对于大多数语言的Hello Word示例,都有mai ...

  4. Python正则表达式指南 (转)

    本文http://www.cnblogs.com/huxi/archive/2010/07/04/1771073.html 正则表达式经常被用到,而自己总是记不全,转载一份完整的以备不时之需. 1. ...

  5. IDEA中使用springBoot+gradle构建多模块项目

    https://blog.csdn.net/forMelo/article/details/78995875

  6. GTP+SDI工程播出部分思路整理

    GTP+SDI工程播出部分思路整理 1.video_out_to_sdi模块 关于video_out_to_sdi模块的输出信号: tx_video_a_y[9:0] 这是要输入SDI IP核内的 t ...

  7. Reporting Services报表常用的URL参数

    http://blog.sina.com.cn/s/blog_5ef7acf5010118a5.html Reporting Services报表常用的URL参数 (2012-03-01 20:57: ...

  8. ☞上一篇无聊文章 分析网站CSS构架流程(一)

    1.无力吐槽 2.reset.css 3.功能css() 4.单页面CSS 5.网站通用样式库 6.图标文件库

  9. 找进程的窗口Handle

    Process[] ProcessList = Process.GetProcessesByName("mspaint");//画图板 IntPtr test = ProcessL ...

  10. C/C++基础----特殊工具和技术 (重载new和delete,RTT,限定作用域的枚举类型,类成员指针,嵌套类,局部类,volatile,链接指示 extern “C”)

    重载new和delete 1调用operator new( 或new[])标准库函数分配足够大的.原始的.未命名的内存空间以便存储特定类型的对象 2编译器运行相应地构造函数以构造这些对象,并为其传入初 ...