最近這兩天在搞單點登錄,第一次使用老出狀況。以下是配置過程:
1、安全證書
A)、生成證書KeyStore
keytool -genkey -alias?pwd123 -keyalg RSA -keystore server.keystore
B)、導出證書
keytool -export -file client.crt -alias?pwd123 -keystore server.keystore
C)、在客戶端導入證書
keytool -import -keystore %JAVA_HOME%/jre/lib/security/cacerts -file client.crt -alias pwd123
2、配置服務器端Tomcat
1.修改server.xml
<Connector
?????????? port="8443" minSpareThreads="5" maxSpareThreads="75"
?????????? enableLookups="true" disableUploadTimeout="true"
?????????? acceptCount="100"? maxThreads="200"
?????????? scheme="https" secure="true" SSLEnabled="true"
?????????? keystoreFile="keystore/server.keystore" keystorePass="pwd123"
?????????? clientAuth="false" sslProtocol="TLS"/>
CAS (Central Authentication Service)是Yale大學的ITS開發的一套JAVA實現的開源的SSO(single sign-on)的服務。該服務是以一個java web app(eg:cas.war)來進行服務
3、客戶端添加測試應用
配置應用WEB.XML文件
<!-- SSO-Start -->
???????? <filter>
?????????????????? <filter-name>CAS Filter</filter-name>
?????????????????? <filter-class>edu.yale.its.tp.cas.client.filter.CASFilter</filter-class>
?????????????????? <init-param>
??????????????????????????? <param-name>edu.yale.its.tp.cas.client.filter.loginUrl</param-name>
??????????????????????????? <param-value>https://www.jacas.com:8443/cas/login</param-value>
?????????????????? </init-param>
?????????????????? <init-param>
??????????????????????????? <param-name>edu.yale.its.tp.cas.client.filter.validateUrl</param-name>
??????????????????????????? <param-value>https://www.jacas.com:8443/cas/proxyValidate</param-value>
?????????????????? </init-param>
?????????????????? <init-param>
??????????????????????????? <param-name>edu.yale.its.tp.cas.client.filter.serverName</param-name>
??????????????????????????? <param-value>localhost</param-value>
?????????????????? </init-param>
???????? </filter>?
???????? <filter-mapping>
?????????????????? <filter-name>CAS Filter</filter-name>
?????????????????? <url-pattern>*.html</url-pattern>
???????? </filter-mapping>
???????? <filter-mapping>
?????????????????? <filter-name>CAS Filter</filter-name>
?????????????????? <url-pattern>*.htm</url-pattern>
???????? </filter-mapping>
???????? <filter-mapping>
?????????????????? <filter-name>CAS Filter</filter-name>
?????????????????? <url-pattern>*.action</url-pattern>
???????? </filter-mapping>????????
???????? <filter-mapping>
?????????????????? <filter-name>CAS Filter</filter-name>
?????????????????? <url-pattern>*</url-pattern>
???????? </filter-mapping>
???????? <!-- SSO-END -->
更多文章、技術交流、商務合作、聯系博主
微信掃碼或搜索:z360901061

微信掃一掃加我為好友
QQ號聯系: 360901061
您的支持是博主寫作最大的動力,如果您喜歡我的文章,感覺我的文章對您有幫助,請用微信掃描下面二維碼支持博主2元、5元、10元、20元等您想捐的金額吧,狠狠點擊下面給點支持吧,站長非常感激您!手機微信長按不能支付解決辦法:請將微信支付二維碼保存到相冊,切換到微信,然后點擊微信右上角掃一掃功能,選擇支付二維碼完成支付。
【本文對您有幫助就好】元
