tomcat6.0.2 cas spring security配置开发
来源:互联网 发布:arp专杀软件 编辑:程序博客网 时间:2024/06/05 16:13
经过一天的搜索和修改tomcat终于能够集成cas了
下载服务版本cas-server-3.3.5-release将其解压moduls目录下的cas-server-webapp-3.3.5.war修改为cas。war部署到tomcat
生成密钥之前请配置好jdk的系统变量生成密钥如下命令
@del *.bak
@del server.jks
@del *.cer
@del *.p12
: ------
: server
: ------
call keytool -genkey -keyalg RSA -dname "cn=localhost,ou=localhost,o=localhost,l=china,st=beijing,c=cn" -alias server -keypass password -keystore server.jks -storepass password
: ------
: user
: ------
call keytool -genkey -v -alias user -keyalg RSA -storetype PKCS12 -keystore user.p12 -dname "cn=user,ou=localhost,o=localhost.com,l=china,st=beijing,c=cn" -storepass password -keypass password
call keytool -export -alias user -keystore user.p12 -storetype PKCS12 -storepass password -rfc -file user.cer
call keytool -import -v -file user.cer -keystore server.jks -storepass password
: ------
: import
: ------
call keytool -export -trustcacerts -alias server -file server.cer -keystore server.jks -storepass password
call keytool -import -trustcacerts -alias server -file server.cer -keystore "D:/spring/cacerts" -storepass changeit
pause
注意黑体字的文件时我在jdk安装目录下的security文件夹下拷出来的由于我的系统是win7对C盘的安全性要求较高,若在C盘生成会出现读写错误,所以我将这个文件拷贝出来,然后再将生成的文件拷贝到security目录下。
sever.jks文件放置tomcat的config下
修改tomcat config下的server。xml文件加入
<Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol" SSLEnabled="true" scheme="https" secure="true"
clientAuth="want" sslProtocol="TLS"
keystoreFile="${catalina.home}/conf/server.jks"
keystoreType="JKS" keystorePass="password"
truststoreFile="${catalina.home}/conf/server.jks"
truststoreType="JKS" truststorePass="password"
/>
注意黑体字在tomcat6中配置这也是和其他版本的不同,
启动tomcat即可https://localhost:8443/cas/浏览看到熟悉服务器登陆界面说明已经安装成功了
部署security应用由于在MyEclipse中开发一定要注意jdk中cacerts文件是否被加入认证信息,MyEclipse编译器默认的在其安装目录下,若加入了j2eeMyEclipse首先选择的编译器是j2ee的编译器。配置文件如下
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.1.xsd">
<http auto-config='true' entry-point-ref="casProcessingFilterEntryPoint">
<intercept-url pattern="/admin.jsp" access="ROLE_ADMIN" />
<intercept-url pattern="/index.jsp" access="ROLE_USER" />
<intercept-url pattern="/" access="ROLE_USER" />
<logout logout-success-url="/cas-logout.jsp"/>
</http>
<user-service id="userService">
<user name="admin" password="admin" authorities="ROLE_USER, ROLE_ADMIN" />
<user name="user" password="user" authorities="ROLE_USER" />
</user-service>
<authentication-manager alias="authenticationManager"/>
<beans:bean id="casProcessingFilter" class="org.springframework.security.ui.cas.CasProcessingFilter">
<custom-filter after="CAS_PROCESSING_FILTER"/>
<beans:property name="authenticationManager" ref="authenticationManager"/>
<beans:property name="authenticationFailureUrl" value="/casfailed.jsp" />
<beans:property name="defaultTargetUrl" value="/" />
</beans:bean>
<beans:bean id="casProcessingFilterEntryPoint"
class="org.springframework.security.ui.cas.CasProcessingFilterEntryPoint">
<beans:property name="loginUrl" value="https://localhost:8443/cas/login" />
<beans:property name="serviceProperties" ref="casServiceProperties" />
</beans:bean>
<beans:bean id="casServiceProperties" class="org.springframework.security.ui.cas.ServiceProperties">
<beans:property name="service" value="https://localhost:8443/cas/j_spring_cas_security_check"/>
<beans:property name="sendRenew" value="false"/>
</beans:bean>
<beans:bean id="casAuthenticationProvider"
class="org.springframework.security.providers.cas.CasAuthenticationProvider">
<custom-authentication-provider />
<beans:property name="userDetailsService" ref="userService" />
<beans:property name="serviceProperties" ref="casServiceProperties" />
<beans:property name="ticketValidator">
<beans:bean class="org.jasig.cas.client.validation.Cas20ServiceTicketValidator">
<beans:constructor-arg index="0" value="https://localhost:8443/cas" />
</beans:bean>
</beans:property>
<beans:property name="key" value="password" />
</beans:bean>
</beans:beans>
web.xml文件的配置如下
<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.4"
xmlns="http://java.sun.com/xml/ns/j2ee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee
http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>classpath:applicationContext*.xml</param-value>
</context-param>
<!--
<filter>
<filter-name>CAS Single Sign Out Filter</filter-name>
<filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CAS Single Sign Out Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
-->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<listener>
<listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class>
</listener>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
</web-app>
证书问题请将生成的证书加载到证书受信任的根目录机构否则打开页面时会出现证书错误。
- tomcat6.0.2 cas spring security配置开发
- CAS、Spring Security、Ldap配置整合
- CAS、Spring Security、Ldap配置整合
- Spring Security结合CAS的配置
- CAS Spring Security 3 整合配置
- spring security 整合 CAS
- spring security 整合 CAS
- spring security 整合cas
- spring-security整合CAS
- Spring Security 整合Cas
- Spring security集成CAS
- spring security cas
- OpenJWeb平台Spring Security+CAS SSO的配置
- CAS 与 Spring Security 3.1整合配置详解
- CAS 与 Spring Security 3.1整合配置详解
- CAS、Spring Security、Ldap配置整合(资料整合)
- CAS 与 Spring Security 3.1整合配置详解
- CAS+Spring security实现单点登录之配置篇
- 杭电ACM3198
- 用户模式及驱动模式同步
- c#中的二级修饰符 - 常量,readonly
- linux 更改gcc版本
- 高兴点,别郁闷~
- tomcat6.0.2 cas spring security配置开发
- 信息化项目要学会向上要支持
- 好玩的做图片网站
- 十五种途径告诉你什么不是云计算
- 对Visual Studio C++ hash_map严谨一点的测试
- c++入门
- 手机常识1,2,3 适合老年用的手机
- ...........
- mysql命令