環境信息
節點 | 已安裝軟件 | 系統配置 |
---|---|---|
node8 | apache-tomcat-8.0.53.tar.gz;jdk-8u181-linux-x64.tar.gz | centos7.2 |
一.安裝 cas單點登錄系統
1.下載源碼,編譯
cas-server-4.0.0-release.zip 下載地址
2.進入 cas-server-4.0.0\cas-server-webapp 編譯
mvn clean install (mvn clean package)
注意: CAS_HOME/src/licensing/header.txt not found in file system, classpath or URL: unknown
去其他高版本的目錄下把證書拷過來就可以了
編譯成功在target目錄下得到:cas.war
3.把 cas.war移動到tomcat的webapp目錄下啓動
mv cas.war /usr/local/apache-tomcat-8.0.53/webapps/
cd /usr/local/apache-tomcat-8.0.53/logs
../bin/startup.sh
4.訪問 cas使用默認用戶名密碼驗證是否安裝成功
http://192.168.56.128:8080/cas/login
賬號:casuser
密碼:Mellon
二.配置 cas 單點登錄系統
1.修改 deployerConfigContext.xml
1.去掉系統默認的用戶名和密碼
2.添加 使用數據庫校驗
3.添加使用本地數據庫配置
2.去掉https驗證
3.使用兩個實例工程驗證
下載地址
1.請求 http://cas-client:8080/cas-client1/index.jsp
2.登錄成功
3.跳轉到cas-client2
三、拓展cas認證服務
1.需求
cas4.0 默認只支持用戶名登錄,業務需求需要支持 用戶名、郵箱等其他信息登錄。
2.解決方案,拓展 QueryDatabaseAuthenticationHandler.Java
修改 deployerConfigContext.xml
<!-- 訪問本地數據庫 -->
<bean id="dbAuthHandler"
class="org.jasig.cas.adaptors.jdbc.MultiQueryDatabaseAuthenticationHandler"
p:dataSource-ref="dataSource"
p:passwordEncoder-ref="passwordEncoder"
p:sql="select lower(ENCRYPTED_USER_PASSWORD) from sys_user
where su.user_name=upper(?)
or su.mobile_phone=?
or su.email=?
or su.tel=?"/>
/**
* 多條件查詢用戶密碼
*
* @author jinliang 2018/11/24 16:35
*/
public class MultiQueryDatabaseAuthenticationHandler extends AbstractJdbcUsernamePasswordAuthenticationHandler {
@NotNull
private String sql;
@Override
protected HandlerResult authenticateUsernamePasswordInternal(UsernamePasswordCredential credential) throws GeneralSecurityException, PreventedException {
final String username = credential.getUsername();
final String encryptedPassword = this.getPasswordEncoder().encode(credential.getPassword());
try {
final String dbPassword = getJdbcTemplate().queryForObject(this.sql, String.class, username,username,username);
if (!dbPassword.equals(encryptedPassword)) {
throw new FailedLoginException("Password does not match value on record.");
}
} catch (final IncorrectResultSizeDataAccessException e) {
if (e.getActualSize() == 0) {
throw new AccountNotFoundException(username + " not found with SQL query");
} else {
throw new FailedLoginException("Multiple records found for " + username);
}
} catch (final DataAccessException e) {
throw new PreventedException("SQL exception while executing query for " + username, e);
}
return createHandlerResult(credential, new SimplePrincipal(username), null);
}
/**
* 設置 sql
* @param sql
*/
public void setSql(String sql) {
this.sql = sql;
}
}