Yale CAS 安装配置过程指导书
2016-05-11 09:10
429 查看
1、配置Maven repo mirror
可以使用如下2个链接作为Maven的镜像地址。否则,整个编译过程会因为下载超时面失败。
http://maven.oschina.net/content/groups/public/
http://mirrors.aliyun.com/
2、配置https protocol in server.xml.
3、使用 JAVA keytool to generate CA
3.1 List all CAs in system
3.2 Clear the previously CA
3.3 Genereate the new CA
The first CN should be the value as the HOST name.
3.4 Export CA to CA files
3.5 Import CA file to system
On linux
On windows
4、在cas-management 中启用 casuser
At location: /home/cas/tomcat/webapps/cas-management/WEB-INF/classes, open file ‘user-detail.properties’ and uncommnet the line to let the casuser has the privilledge of ROLE_ADMIN or add a new line of your new user name.
C:\Windows\System32\drivers\etc
5、注册 CAS service.
In $CAS_HOME/tomcat/webapps/cas/WEB-INF/classes/services
add a JSON file with file name {ServiceName}-{ServiceID}.json.
For example:
iPortal-172428224375258.json
可以使用如下2个链接作为Maven的镜像地址。否则,整个编译过程会因为下载超时面失败。
http://maven.oschina.net/content/groups/public/
http://mirrors.aliyun.com/
#mvn clean install -Dmaven.test.skip #mvn eclipse:eclipse
2、配置https protocol in server.xml.
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" maxThreads="150" SSLEnabled="true" scheme="https" secure="true" keystoreFile="/home/cas/cas.allinone.statcks.keystore" keystorePass="cas123" truststoreFile="/usr/lib/jvm/java-1.7.0-openjdk-1.7.0.91.x86_64/jre/lib/security/cacerts" clientAuth="false" sslProtocol="TLS" />
3、使用 JAVA keytool to generate CA
3.1 List all CAs in system
keytool -list -v -alias cas -keystore cas.allinone.keystore keytool -list -keystore $JAVA_HOME/lib/security/cacerts
3.2 Clear the previously CA
keytool -delete -alias cas -keystore $JAVA_HOME/lib/security/cacerts cacerts password: changeit
3.3 Genereate the new CA
keytool -genkey -alias cas -keypass cas123 -keyalg RSA -keystore cas.njsdb.keystore
The first CN should be the value as the HOST name.
3.4 Export CA to CA files
keytool -export -alias cas -keypass cas123 -file cas.njsdb.crt -keystore cas.njsdb.keystore
3.5 Import CA file to system
On linux
keytool -import -alias cas -file cas.njsdb.crt -keystore $JAVA_HOME/lib/security/cacerts -keypass changeit
On windows
keytool -import -alias cas -file cas.njsdb.crt -keystore %JAVA_HOME%\lib\security\cacerts -keypass changeit
4、在cas-management 中启用 casuser
At location: /home/cas/tomcat/webapps/cas-management/WEB-INF/classes, open file ‘user-detail.properties’ and uncommnet the line to let the casuser has the privilledge of ROLE_ADMIN or add a new line of your new user name.
C:\Windows\System32\drivers\etc
5、注册 CAS service.
In $CAS_HOME/tomcat/webapps/cas/WEB-INF/classes/services
add a JSON file with file name {ServiceName}-{ServiceID}.json.
For example:
iPortal-172428224375258.json
{ "@class" : "org.jasig.cas.services.RegexRegisteredService", "serviceId" : "^http://localhost:8080/iportal", "name" : "iPortal", "id" : 172428224375258, "description" : "Apereo foundation sample service", "proxyPolicy" : { "@class" : "org.jasig.cas.services.RefuseRegisteredServiceProxyPolicy" }, "evaluationOrder" : 1, "usernameAttributeProvider" : { "@class" : "org.jasig.cas.services.DefaultRegisteredServiceUsernameProvider" }, "logoutType" : "BACK_CHANNEL", "attributeReleasePolicy" : { "@class" : "org.jasig.cas.services.ReturnAllowedAttributeReleasePolicy", "principalAttributesRepository" : { "@class" : "org.jasig.cas.authentication.principal.DefaultPrincipalAttributesRepository" }, "authorizedToReleaseCredentialPassword" : false, "authorizedToReleaseProxyGrantingTicket" : false }, "accessStrategy" : { "@class" : "org.jasig.cas.services.DefaultRegisteredServiceAccessStrategy", "enabled" : true, "ssoEnabled" : true } }
相关文章推荐
- maven学习
- maven插件maven-war-plugin的使用
- jenkins------部署项目到jboss eap下
- maven使用经验集
- MyEclipse Web Project转Eclipse Dynamic Web Project
- Windows Clang开发环境备忘
- 傻瓜式用Eclipse连接MySQL数据库
- Eclipse引入jquery报错如何解决
- 让Flex Builder 3.0与Eclipse3.4整合起来
- Eclipse配置Javascript开发环境图文教程
- 使用zend studio for eclipse不能激活代码提示功能的解决办法
- 图解Eclipse j2ee开发环境的搭建过程
- 两种Eclipse部署动态web项目方法
- ext for eclipse插件安装方法
- 解决Fedora14下eclipse进行android开发,ibus提示没有输入窗口的方法详解
- eclipse导入jquery包后报错的解决方法
- Eclipse 格式化代码时不换行与自动换行的实现方法
- Eclipse下jQuery文件报错出现错误提示红叉
- eclipse如何忽略js文件报错(附图)
- eclipse3.2.2 + MyEclipse5.5 + Tomcat5.5.27 配置数据库连接池