Article directory
1, Deploy cas
1. Copy cas.war to webapps
Put cas.war under the webapps of Tomcat and start Tomcat
2. Login page
2, CAS server configuration
2.1. Add user
- Find the specified file
- Just add one line
<bean id="primaryAuthenticationHandler" class="org.jasig.cas.authentication.AcceptUsersAuthenticationHandler"> <property name="users"> <map> <entry key="casuser" value="Mellon"/> <entry key="admin" value="admin"/> </map> </property> </bean>
2.2. Port modification
If we do not want to access CAS with port 8080, we can modify the port
- ① Modify the port of TOMCAT
Open the tomcat directory conf\server.xml to find the following configuration
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
Modified to
<Connector port="9100" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
Change port 8080 to 9100
- ② Modify CAS profile
Modify WEB-INF/cas.properties of CAS
Change 8080 to 9100
server.name=http://localhost:9100
2.3. Remove https authentication
- ① Modify WEB-INF/deployerConfigContext.xml of cas
Find the following configuration
<!-- Required for proxy ticket mechanism. --> <bean id="proxyAuthenticationHandler" class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler" p:httpClient-ref="httpClient"/>
After modification
<!-- Required for proxy ticket mechanism. --> <bean id="proxyAuthenticationHandler" class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler" p:httpClient-ref="httpClient" p:requireSecure="false"/>
The parameter p:requireSecure="false" needs to be added here. The attribute requireSecure means whether security verification is required, i.e. HTTPS, and false means not to use
-
② Modify ticketGrantingTicketCookieGenerator.xml
Modify / WEB-INF/spring-configuration/ticketGrantingTicketCookieGenerator.xml of cas
Locate the following configuration
<bean id="ticketGrantingTicketCookieGenerator" class="org.jasig.cas.web.support.CookieRetrievingCookieGenerator"
p:cookieSecure="true"
p:cookieMaxAge="-1"
p:cookieName="CASTGC"
p:cookiePath="/cas" />
Configuration after modification
<bean id="ticketGrantingTicketCookieGenerator" class="org.jasig.cas.web.support.CookieRetrievingCookieGenerator"
p:cookieSecure="false"
p:cookieMaxAge="3600"
p:cookieName="CASTGC"
p:cookiePath="/cas" />
Parameter p:cookieSecure="true", similarly, it is related to HTTPS verification. TRUE means HTTPS verification is used, FALSE means HTTPS verification is not used. Parameter p: cookiemaxage = - 1 ", is the maximum life cycle of COOKIE, - 1 is no life cycle, that is, it is only valid in the currently opened window, closing or reopening other windows will still require validation. It can be changed to a number greater than 0 as needed, such as 3600, which means that no verification is needed to open any window within 3600 seconds. Let's change cookieSecure to false and cookiemaxage to 3600
-
③ Modify warnCookieGenerator.xml
Modify the WEB-INF/spring-configuration/warnCookieGenerator.xml of cas
Find the following configuration. We change cookieSecure to false and cookiemaxage to 3600
<bean id="warnCookieGenerator" class="org.jasig.cas.web.support.CookieRetrievingCookieGenerator"
p:cookieSecure="true"
p:cookieMaxAge="-1"
p:cookieName="CASPRIVACY"
p:cookiePath="/cas" />
Modified to
<bean id="warnCookieGenerator" class="org.jasig.cas.web.support.CookieRetrievingCookieGenerator"
p:cookieSecure="false "
p:cookieMaxAge="3600"
p:cookieName="CASPRIVACY"
p:cookiePath="/cas" />
Enable http protocol and turn off HTTPS protocol
