Cas+OpenLDAP配置
http://downloads.jasig.org/cas/cas-server-3.3-release.zip
?
安装LDAP
(另文档)
?
?
进入命令行:
C:\ >keytool -genkey -alias tomcat -keyalg RSA
输入keystore密码:? password
您的名字与姓氏是什么?
? [Unknown]:? samwong
您的组织单位名称是什么?
? [Unknown]:? mycompany
您的组织名称是什么?
? [Unknown]:? myorganization
您所在的城市或区域名称是什么?
? [Unknown]:? gz
您所在的州或省份名称是什么?
? [Unknown]:? gd
该单位的两字母国家代码是什么
? [Unknown]:? cn
CN=samwong, OU=mycompany, O=myorganzation, L=gz, ST=gd, C=cn 正确吗?
? [否]:? y
?
输入<tomcat>的主密码
??????? (如果和 keystore 密码相同,按回车):
C:\ >
?
2.将产生的.keystore(默认路径在“C:\Documents and Settings\用户名”下面)放到JbossHOME\server\default\conf下,重命名为chap8.keystore。
3. 打开JbossHOME\server\default\deploy\jboss-web.deployer\server.xml,修改8443如下配置:
?
<Connector port="8443" address="${jboss.bind.address}"
???????? maxThreads="100" strategy="ms" maxHttpHeaderSize="8192"
???????? emptySessionPath="true"
???????? scheme="https" secure="true" clientAuth="false" SSLEnabled="true"
???????? ?sslProtocol = "TLS"
???????? ?keystoreFile="${jboss.server.home.dir}/conf/chap8.keystore"
?? keystorePass="password" />
?
?
4.启动Jboss,在浏览器地址栏中分别输入http://localhost:8080/和https://localhost:8443/进行测试。
?
?
?
解压cas-server-3.3-release.zip,
在Modules里面 有个cas-server-webapp-3.3.war
改名为cas.war,然后Copy到\server\default\deploy
?
启动jboss测试 https://localhost:8443/cas/login
如果能出现正常的 CAS 登录页面,则说明 CAS Server 已经部署成功。
?
?
整合:
cas-server-support-ldap-3.3.jar
?
http://trac.openmicroscopy.org.uk/omero/export/1967/omero/trunk/lib/repository/spring/spring-ldap/1.2.1/spring-ldap-1.2.1.jar
?
?
?
<bean id="authenticationManager"à<property name="authenticationHandlers"> à
<bean?????????????????????????????????? />
?
改为:
?
???????????????????????????????????? <bean? style="margin: 0cm 0cm 0pt;">??????????????????? <property name="filter" value="cn=%u" />?
??????????????????? <property name="searchBase" value="ou=it,dc=myldap,dc=com" />???
??????????????????? <property? name="contextSource"? ref="contextSource" />?
??????????????? </bean>
?
?
?
?<bean id="contextSource" style="margin: 0cm 0cm 0pt;">??????? <property name="anonymousReadOnly" value="false" />?
??????? <property name="password" value="password" />?
??????? <property name="pooled" value="false" />?
??????? <property name="urls">?
??????????? <list>?
??????????????? <value>ldap://localhost:389/</value>?
??????????? </list>?
??????? </property>?
??????? <property name="userName" value="cn=manager,dc=myldap,dc=com" />?
??????? <property name="baseEnvironmentProperties">?
??????????? <map>?
??????????????? <entry>?
??????????????????????? <key><value>java.naming.security.protocol</value></key>?
??????????????????????? <value>none</value>?
??????????????????? </entry>?
??????????????? <entry>?
??????????????????????? <key><value>java.naming.security.authentication</value></key>?
??????????????????????? <value>simple</value>?
????????????? ??????</entry>?
??????????????? </map>?
??????? </property>?
</bean>
