cas server

Tomcat: V8.5.x

Java: 1.8 x64

MySQL: 5.5.x

OS: Win10 x64

I. war

0. clone

git clone https://github.com/apereo/cas-gradle-overlay-template.git

1. set gradle

https://gradle.org/releases/

1) extract

gradle-4.10.3-bin.zip

2) set system variable

$PATH=$PATH;%GRADLE_HOME%\bin

2. build war

File location: cas\build\libs\cas.war

1) config file

gradle.properties

cas.version=
->
cas.version=

gradle.version=4.8
->
gradle.version=

springboot.version=.RELEASE
->
springboot.version=.RELEASE

change version:

2) build

cd cas-gradle-overlay-template

$gradle build

II. Run

0. key/certificate

1) genkey

keytool -genkey -keyalg RSA -alias thekeystore -keypass changeit -storepass changeit -keysize 2048 -keystore d:/etc/cas/thekeystore

info:

-dname "CN=localhost,OU=test.com,O=test,L=WH,ST=HB,C=CN"

2) export

keytool -export -alias thekeystore -file d:/etc/cas/cas538.crt -keystore d:/etc/cas/thekeystore -storepass changeit

3) import

keytool -import -alias thekeystore -storepass changeit -file d:/etc/cas/cas538.crt -keystore "%JAVA_HOME%\jre\lib\security\cacerts"

1. set tomcat

1）thekeystore

copy thekeystore file to $TOMCAT_HOME/conf

2）add https

server.xml

    <Connector port=" protocol="org.apache.coyote.http11.Http11NioProtocol"
               maxThreads=" SSLEnabled="true">
        <SSLHostConfig>
            <Certificate certificateKeystoreFile="conf/thekeystore"
                        keystorePass="changeit"
                         type="RSA" />
        </SSLHostConfig>
    </Connector>

2. let's it

(1) tomcat startup

startup.bat

(2) login

http://localhost:8080/cas

https://localhost:8443/cas

Enter username and password

casuser/Mellon

If you want to change the user/password, stop Tomcat and change it in Application.properties(webapps\cas\WEB-INF\classes).

##
# CAS Authentication Credentials
#
cas.authn.accept.users=casuser::Mellon

----Beautiful Split Line----

III. Database Authentication

0. config files folder

copy cas-gradle-overlay-template/etc to The drive letter where Tomcat is located.

For example：

e:\

1. service register

0) ON Services

     cas.properties

     Append the following Key-Value:

cas.serviceRegistry.initFromJson=truecas.serviceRegistry.json.location=classpath:/services

1) services file

webapps\cas\WEB-INF\classes\services

• cas spring secured app
•     casSecuredApp-19991.json
• cas client for java
•     loginInfo-10000004.json

2. JDBC Support

1) down jar

MySQL Connector/J is 5.x;

cas-server-support-jdbc for matching ' cas.server '.

If the cas.authn.jdbc.query[0].passwordEncoder.type is not NONE, add the cas-server-support-jdbc-authentication package.

https://mvnrepository.com/artifact/mysql/mysql-connector-java

https://mvnrepository.com/artifact/org.apereo.cas/cas-server-support-jdbc

https://mvnrepository.com/artifact/org.apereo.cas/cas-server-support-jdbc-authentication

2) properties

application.properties(..\webapps\cas\WEB-INF\classes)

##
# CAS Authentication Credentials
#
#cas.authn.accept.users=casuser::Mellon

# server.port =
cas.server.name: https://localhost:8443
cas.server.prefix: https://localhost:8443/cas

cas.adminPagesSecurity.ip=\.\.\.

logging.config: file:/etc/cas/config/log4j2.xml
cas.serviceRegistry.initFromJson=true
cas.serviceRegistry.json.location=classpath:/services

# SSL
# server.ssl.enabled=false

cas.authn.accept.users=
cas.authn.accept.name=
#CAS Database Authentication Property
#cas.authn.jdbc.query[].sql=SELECT * FROM users WHERE email = ?
cas.authn.jdbc.query[].sql=SELECT * FROM app_user WHERE email = ?
cas.authn.jdbc.query[].url=jdbc:mysql://127.0.0.1:3306/test
cas.authn.jdbc.query[].dialect=org.hibernate.dialect.MySQLDialect
cas.authn.jdbc.query[].user=DBAdmin
cas.authn.jdbc.query[].password=xbfirst
cas.authn.jdbc.query[].ddlAuto=none
cas.authn.jdbc.query[].driverClass=com.mysql.jdbc.Driver
## mysql8+
#cas.authn.jdbc.query[].driverClass=com.mysql.cj.jdbc.Driver
cas.authn.jdbc.query[].fieldPassword=password
#cas.authn.jdbc.query[].passwordEncoder.type=NONE
cas.authn.jdbc.query[].passwordEncoder.type=BCRYPT
# cas.authn.jdbc.query[].passwordEncoder.characterEncoding=
# cas.authn.jdbc.query[].passwordEncoder.encodingAlgorithm=
# cas.authn.jdbc.query[].passwordEncoder.secret=
cas.authn.jdbc.query[].passwordEncoder.strength=

cas.properties(e:\etc\cas\config)

3) table

create table APP_USER (
   id BIGINT NOT NULL AUTO_INCREMENT,
   sso_id VARCHAR() NOT NULL,
   password VARCHAR() NOT NULL,
   first_name VARCHAR() NOT NULL,
   last_name  VARCHAR() NOT NULL,
   email VARCHAR() NOT NULL,
   state VARCHAR() NOT NULL,
   PRIMARY KEY (id),
   UNIQUE (sso_id)
);

APP_USER

INSERT INTO APP_USER(sso_id, password, first_name, last_name, email, state)
VALUES ('sam','$2a$10$4eqIF5s/ewJwHK1p8lqlFOEm2QIA0S8g6./Lok.pQxqcxaBZYChRm', 'Sam','Smith','samy@xyz.com', 'Active');

insert data

3. test

cas client

Source:

configure file

{
    "@class" : "org.apereo.cas.services.RegexRegisteredService",
    "serviceId" : "^http://localhost:9000/login/cas",
    "name" : "CAS Spring Secured App",
    "description": "This is a Spring App that usses the CAS Server for it's authentication",
    ,

}

casSecuredApp-19991.json

{
  "@class" : "org.apereo.cas.services.RegexRegisteredService",
  "serviceId" : "^http://localhost:9080/loginInfo/",
  "name" : "Login Information",
  ,
  "description" : "Sample service for Cas client",

}

loginInfo-10000004.json

Reference:

0. Database Authentication

1) configure

2) password-encode

1. Service Registry

1) JSON Service Registry

2. keytool - del

keytool -delete -alias thekeystore -keystore "%JAVA_HOME%\jre\lib\security\cacerts" -storepass changeit

3. bcrypt tool

End