Tomcat CAS (single sign on) version 5.2x configuration database access - yellow Tong

Keywords: JDBC Tomcat Spring SSL

;

The 5.2 version of CAS single sign on is really a big change. I came up with it after reading a lot of data. The general steps of configuration and the steps of configuring CAS and database are as follows: 1. Copying jar package, 2. Configuring application.properties Database configuration access, 3. Establish database data

Preparation before installation

Before installation, it is better to make sure that Cas is set up. If not, please refer to the following article
Tomcat's CAS (single sign on) version 5.2x installation - yellow Tong

Add jar package

jar package download address

#Download address on official website
https://oss.sonatype.org/content/repositories/releases/org/apereo/cas/

#Personal download address
http://yellowcong.qiniudn.com/cas-server-support-jdbc-5.2.0-all.zip

jar package details

You need to import the following package into the database. It's really slow to access their official website directly... I don't want to say anything. My version is version 5.2. Please pay attention to your version

#I packed all these jar packages into compressed packages
cas-server-support-jdbc-5.2.0.jar
cas-server-support-jdbc-authentication-5.2.0.jar
cas-server-support-jdbc-drivers-5.2.0.jar
mysql-connector-java-5.1.36.jar

Create database

-- Turn on remote access 
GRANT ALL PRIVILEGES ON *.*TO 'root'@'%' IDENTIFIED BY 'root' WITH GRANT OPTION;

-- Delete the database if it exists
DROP DATABASE IF EXISTS yellowcong;

-- Create database
CREATE DATABASE yellowcong;

-- Use database
USE yellowcong;

-- Create table
CREATE TABLE `yellowcong_users` (
  `id` INT(11) NOT NULL AUTO_INCREMENT,
  `age` INT(11) DEFAULT NULL,
  `nick_name` VARCHAR(32) DEFAULT NULL,
  `password` VARCHAR(32) DEFAULT NULL,
  `user_name` VARCHAR(32) DEFAULT NULL,
  PRIMARY KEY (`id`)
) ENGINE=INNODB AUTO_INCREMENT=15 DEFAULT CHARSET=utf8;


-- insert data
INSERT INTO yellowcong_users
  (id, age, nick_name, PASSWORD, user_name)
VALUES
  -- 4748f3d238406505bd50e5accc3a8aa2  This is doubi Of md5 code
  (1, 12, 'yellowocng', '4748f3d238406505bd50e5accc3a8aa2', 'yellowcong'),
  (12, 1314, 'doubi', '4748f3d238406505bd50e5accc3a8aa2', 'test'),
  (13, 1314, 'doubi', '4748f3d238406505bd50e5accc3a8aa2', 'test2'),
  (14, NULL, NULL, 'doubi', 'doubi');

Database configuration

Note that we directly modify the cas/WEB-INF/classes directory under tomcat application.properties configuration file

Configuration database information, the following configuration, it is recommended that you directly copy one copy, and then modify it on the basis of the above

##
# CAS Server Context Configuration
#
server.context-path=/cas
server.port=8443

#Add authentication service (add this configuration)
cas.serviceRegistry.initFromJson=true

#To issue a certificate, if you use an embedded container such as spring boot, you need to change the configuration here. If it is directly in tomcat, you need to change Tomcat to https
#server.ssl.key-store=file:/etc/cas/thekeystore
#server.ssl.key-store-password=changeit
#server.ssl.key-password=changeit
# server.ssl.ciphers=
# server.ssl.client-auth=
# server.ssl.enabled=
# server.ssl.key-alias=
# server.ssl.key-store-provider=
# server.ssl.key-store-type=
# server.ssl.protocol=
# server.ssl.trust-store=
# server.ssl.trust-store-password=
# server.ssl.trust-store-provider=
# server.ssl.trust-store-type=

#server.max-http-header-size=2097152
#server.use-forward-headers=true
#server.connection-timeout=20000
#server.error.include-stacktrace=ALWAYS

#server.compression.enabled=true
#server.compression.mime-types=application/javascript,application/json,application/xml,text/html,text/xml,text/plain

#server.tomcat.max-http-post-size=2097152
#server.tomcat.basedir=build/tomcat
#server.tomcat.accesslog.enabled=true
#server.tomcat.accesslog.pattern=%t %a "%r" %s (%D ms)
#server.tomcat.accesslog.suffix=.log
#server.tomcat.max-threads=10
#server.tomcat.port-header=X-Forwarded-Port
#server.tomcat.protocol-header=X-Forwarded-Proto
#server.tomcat.protocol-header-https-value=https
#server.tomcat.remote-ip-header=X-FORWARDED-FOR
#server.tomcat.uri-encoding=UTF-8

spring.http.encoding.charset=UTF-8
spring.http.encoding.enabled=true
spring.http.encoding.force=true

##
# CAS Cloud Bus Configuration
#
spring.cloud.bus.enabled=false
# spring.cloud.bus.refresh.enabled=true
# spring.cloud.bus.env.enabled=true
# spring.cloud.bus.destination=CasCloudBus
# spring.cloud.bus.ack.enabled=true

endpoints.enabled=false
endpoints.sensitive=true

endpoints.restart.enabled=false
endpoints.shutdown.enabled=false

management.security.enabled=true
management.security.roles=ACTUATOR,ADMIN
management.security.sessions=if_required
management.context-path=/status
management.add-application-context-header=false

security.basic.authorize-mode=role
security.basic.enabled=false
security.basic.path=/cas/status/**

##
# CAS Web Application Session Configuration
#
server.session.timeout=300
server.session.cookie.http-only=true
server.session.tracking-modes=COOKIE

##
# CAS Thymeleaf View Configuration
#
spring.thymeleaf.encoding=UTF-8
spring.thymeleaf.cache=false
spring.thymeleaf.mode=HTML
##
# CAS Log4j Configuration
#
# logging.config=file:/etc/cas/log4j2.xml
server.context-parameters.isLog4jAutoInitializationDisabled=true

##
# CAS AspectJ Configuration
#
spring.aop.auto=true
spring.aop.proxy-target-class=true

##
# CAS Authentication Credentials
#
#Comment out the default configuration, user name and password
#cas.authn.accept.users=casuser::Mellon

#Database configuration
cas.authn.jdbc.query[0].sql=SELECT * FROM yellowcong_users WHERE user_name =?   
#select * from cms_auth_user where user_name=?
cas.authn.jdbc.query[0].healthQuery=
cas.authn.jdbc.query[0].isolateInternalQueries=false
cas.authn.jdbc.query[0].url=jdbc:mysql://127.0.0.1:3306/yellowcong?useUnicode=true&characterEncoding=UTF-8&autoReconnect=true&useSSL=false
cas.authn.jdbc.query[0].failFast=true
cas.authn.jdbc.query[0].isolationLevelName=ISOLATION_READ_COMMITTED
cas.authn.jdbc.query[0].dialect=org.hibernate.dialect.MySQLDialect
cas.authn.jdbc.query[0].leakThreshold=10
cas.authn.jdbc.query[0].propagationBehaviorName=PROPAGATION_REQUIRED
cas.authn.jdbc.query[0].batchSize=1
cas.authn.jdbc.query[0].user=root
#cas.authn.jdbc.query[0].ddlAuto=create-drop
cas.authn.jdbc.query[0].maxAgeDays=180
cas.authn.jdbc.query[0].password=root
cas.authn.jdbc.query[0].autocommit=false
cas.authn.jdbc.query[0].driverClass=com.mysql.jdbc.Driver
cas.authn.jdbc.query[0].idleTimeout=5000
# cas.authn.jdbc.query[0].credentialCriteria=
# cas.authn.jdbc.query[0].name=
# cas.authn.jdbc.query[0].order=0
# cas.authn.jdbc.query[0].dataSourceName=
# cas.authn.jdbc.query[0].dataSourceProxy=false
cas.authn.jdbc.query[0].fieldPassword=PASSWORD

#Multi attribute
cas.authn.attributeRepository.jdbc[0].singleRow=true
cas.authn.attributeRepository.jdbc[0].order=0
cas.authn.attributeRepository.jdbc[0].url=jdbc:mysql://127.0.0.1:3306/yellowcong?useUnicode=true&characterEncoding=UTF-8&autoReconnect=true&useSSL=false
cas.authn.attributeRepository.jdbc[0].username=user_name
cas.authn.attributeRepository.jdbc[0].user=root
cas.authn.attributeRepository.jdbc[0].password=root
cas.authn.attributeRepository.jdbc[0].sql=select * from yellowcong_users where {0}
cas.authn.attributeRepository.jdbc[0].dialect=org.hibernate.dialect.MySQLDialect
cas.authn.attributeRepository.jdbc[0].ddlAuto=none
cas.authn.attributeRepository.jdbc[0].driverClass=com.mysql.jdbc.Driver
cas.authn.attributeRepository.jdbc[0].leakThreshold=10
cas.authn.attributeRepository.jdbc[0].propagationBehaviorName=PROPAGATION_REQUIRED
cas.authn.attributeRepository.jdbc[0].batchSize=1
cas.authn.attributeRepository.jdbc[0].healthQuery=SELECT 1
cas.authn.attributeRepository.jdbc[0].failFast=true

Access test

Login successful, straightforward

Reference article

https://apereo.github.io/cas/5.1.x/installation/Configuration-Properties.html#jdbc
https://apereo.github.io/cas/5.1.x/installation/Configuration-Server-Management.html

Posted by alivec on Fri, 22 May 2020 09:13:14 -0700