SSO之简单实例
在做完了TOMCAT的SSL设置后,接下来我们用CAS做一个简单的实例。
?
一、环境准备
下载相应的服务器端包和客户端包
?
cas官方网站
http://www.jasig.org/cas
?
下载最新的服务端 CAS Server 3.3.3 Final
?
cas官方网站上面的客户端下载地址比较隐秘,没有完全公开,具体地址为
http://www.ja-sig.org/downloads/cas-clients/
下载最新的cas-client-3.1.6-release.zip
?
?
二、服务器端设置
?
将服务器端解压,将modules下面的cas-server-webapp-3.3.3.war部署到web服务器,重命名为CAS.war,作为单点的服务器。
?
?
三、客户端设置
?
1、解压后把modules下面的包放到我们的web应用中。导入相庆的SPRING.JAR包
?
2.配置web.xml,注意encodingFilter要提前配置,不然会出现数据插入数据库的时候有乱码。
serverName是我们web应用的地址和端口
?
?
?
?
<context-param> <param-name>serverName</param-name> <param-value>www.test.com:9080</param-value> </context-param> <filter> <filter-name>encodingFilter</filter-name> <filter-class> org.springframework.web.filter.CharacterEncodingFilter </filter-class> <init-param> <param-name>encoding</param-name> <param-value>UTF-8</param-value> </init-param> <init-param> <param-name>forceEncoding</param-name> <param-value>true</param-value> </init-param> </filter> <filter-mapping> <filter-name>encodingFilter</filter-name> <url-pattern>*.htm</url-pattern> </filter-mapping> <filter-mapping> <filter-name>encodingFilter</filter-name> <url-pattern>*.ftl</url-pattern> </filter-mapping> <filter-mapping> <filter-name>encodingFilter</filter-name> <url-pattern>*.xhtml</url-pattern> </filter-mapping> <filter-mapping> <filter-name>encodingFilter</filter-name> <url-pattern>*.html</url-pattern> </filter-mapping> <filter-mapping> <filter-name>encodingFilter</filter-name> <url-pattern>*.shtml</url-pattern> </filter-mapping> <filter-mapping> <filter-name>encodingFilter</filter-name> <url-pattern>*.jsp</url-pattern> </filter-mapping> <filter-mapping> <filter-name>encodingFilter</filter-name> <url-pattern>*.do</url-pattern> </filter-mapping> <filter-mapping> <filter-name>encodingFilter</filter-name> <url-pattern>*.vm</url-pattern> </filter-mapping> <filter> <filter-name>CAS Single Sign Out Filter</filter-name> <filter-class> org.jasig.cas.client.session.SingleSignOutFilter </filter-class> </filter> <filter-mapping> <filter-name>CAS Single Sign Out Filter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <listener> <listener-class> org.jasig.cas.client.session.SingleSignOutHttpSessionListener </listener-class> </listener> <filter> <filter-name>CAS Authentication Filter</filter-name> <filter-class> org.jasig.cas.client.authentication.AuthenticationFilter </filter-class> <init-param> <param-name>casServerLoginUrl</param-name> <param-value>https://www.test.com:8443/cas/login</param-value> </init-param> </filter> <filter> <filter-name>CAS Validation Filter</filter-name> <filter-class> org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter </filter-class> <init-param> <param-name>casServerUrlPrefix</param-name> <param-value>https://www.test.com:8443/cas</param-value> </init-param> </filter> <filter> <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name> <filter-class> org.jasig.cas.client.util.HttpServletRequestWrapperFilter </filter-class> </filter> <filter> <filter-name>CAS Assertion Thread Local Filter</filter-name> <filter-class> org.jasig.cas.client.util.AssertionThreadLocalFilter </filter-class> </filter> <filter-mapping> <filter-name>CAS Authentication Filter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <filter-mapping> <filter-name>CAS Validation Filter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <filter-mapping> <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <filter-mapping> <filter-name>CAS Assertion Thread Local Filter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping>
?
四、问题
?
在做完上述操作时,可能你会成功运行。但也有会发生以下错误:
?
unable to find valid certification path to requested target的异常
归根到底原因为:
?
产生证书导入的是JDK与TOMCAT所依赖的JRE环境不是同一个JRE。
?
解决方法:
?
将证书导入到相应的JRE中即可。
?
五、FILTER相应参数:
?
?
?
