- cas server下载
#下载地址
#4.0.* 4.1.* 使用maven 4.2.* 开始使用gradle
https://www.apereo.org/projects/cas/download-cas
https://github.com/apereo/cas/releases/tag/v4.2.1
- 更改配置信息(支持http,cas server默认只支持https登陆,改成支持http)
F:\software\cas\cas-4.1.7\cas-server-webapp\src\main\webapp\WEB-INF\spring-configuration\ticketGrantingTicketCookieGenerator.xml
#p:cookieSecure="true" 改成 p:cookieSecure="false"
F:\software\cas\cas-4.1.7\cas-server-webapp\src\main\webapp\WEB-INF\deployerConfigContext.xml
<bean id="proxyAuthenticationHandler"
class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler"
p:httpClient-ref="supportsTrustStoreSslSocketFactoryHttpClient" />
#添加 p:requireSecure="false"
#F:\software\cas\cas-4.1.7\cas-server-webapp\src\main\webapp\WEB-INF\springconfiguration\warnCookieGenerator.xml(org.jasig.cas.web.support.CookieRetrievingCookieGenerator)
#p:cookieSecure="true" 改成 p:cookieSecure="false"
#F:\software\cas\cas-4.1.7\cas-server-webapp\src\main\resources\services\HTTPSandIMAPS-10000001.json
修改 "serviceId" : "^(https|imaps)://.*", 为: "serviceId" : "^(https|imaps|http)://.*",
- 配置SSL(Tomcat、Keytool)

#生成证书
keytool -genkey -alias cas_tomcat -keyalg RSA -keystore D:/keys/cas_tomcat
#导出证书
keytool -export -file d:/keys/cas_tomcat.crt -alias cas_tomcat -keystore d:/keys/cas_tomcat
#配置域名
C:\Windows\System32\drivers\etc\hosts
#把证书导入到客户端JDK中
keytool -import -keystore "C:\Program Files\Java\jdk1.7.0_75\jre\lib\security\cacerts" -file D:/keys/cas_tomcat.crt -alias cas_tomcat
#若是出现错误 keytool 错误: java.io.IOException: Keystore was tampered with, or password was incorrect
#删除 C:\Program Files\Java\jdk1.7.0_75\jre\lib\security\cacerts 文件
#配置tomcat,修改 %TOMCAT_HOME%\conf\server.xml
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="D:/keys/cas_tomcat" <!--生成的证书的位置-->
keystorePass="123456"/> <!-- 生成证书设置的密码-->
- 测试访问单点登陆
#地址:https://127.0.0.1:8443/cas/login
#测试帐号: casuser:Mellon
#F:\software\cas\cas-4.1.7\cas-server-webapp\src\main\webapp\WEB-INF\deployerConfigContext.xml里,primaryAuthenticationHandler这个bean