:-)
I saw many articles about CAS, I started practicing, from the simplest start! An article in the collection store is deployed on Tomcat. Since the CAS uses SSL as a communication protocol between Server and Client, the first to configure Tomcat to use SSL, then deploy CAS Server, use servlet-esample as the effect of the SSO as the CAS Client. Specific steps are as follows:
First, configure Tomcat to enable the SSL protocol.
Generate a key for SSL communication for Tomcat: KeyTool -Genkey -Alaias Tomcat -Keyalg RSA, input key password, and corresponding parameters, the result is a key file named .KetStore in the user directory. Export Key file: keytool -export -file server.crt -alias tomcat, enter the password in the previous step, result in the current directory generated a Server.CRT key file. Import key for JVM: KeyTool-IMPORT -KEYSTORE% JAVA_HOME% / jre / lib / security / cacerts -file server.crt -alias Tomcat, enter your password, you will create a cacerts file. Modify Tomcat Profile Server.xml, remove the annotation for SSL, that is, open 8443 port, note that the keystorePass = "password" parameter is added to the Connector field, and Password is the password involved in the above steps. Start Tomcat, Test https: // localhost: 8443 / Whether you need access to verification.
Second, deploy CAS Server 2.0.12 to Tomcat
A simple way is to copy the CAS.WAR file in the download package directly to Tomcat's WebApps directory. Another method is actually the same, just use ANT to compile the source code of CAS Server, deploy directly into Tomcat. I used Eclipse to compile their source code and deployed successfully. Start Tomcat, Test https: // localhost: 8443 / CAS, whether you can access the CAS home page.
Third, deploy CAS Client 2.0.11 to Servlet-Examples
Tested using the servlet-example instance, copy the casclient.jar file in the download package to the server of the web-inflicity in Servlet-Examples, here you need to manually establish the lib directory. Modify Servlet-Examples configuration file web.xml, add the following filters:
Start Tomcat, locate the servlet-example application, click Execute; browser jump to the CAS login home page, pay attention to the service name of Servlet-Examples in the URL, there is no modification of its verification criteria, Therefore, only the username and password can be verified. Verify that the browser is repositioned to servlet-examples and displays the content of the servlet. Click the HTTP Header's servlet application, you can see that the username information of the current user is recorded. There is no need to enter the username and password again after accessing servlet-examples applications.
At this point, CAS Server and Client have been successfully deployed and configured on Tomcat and achieved the expected SSO effect.
