服务端cas:从网上下载cas:/在cas下:在cas-client下:解压cas-server-3.5.2-release.zip\cas-server-3.5.2\module\cas-server-webapp-3.5.2.war部署到tomcat上,设置F:\apache-tomcat-6.0.30\webapps\cas\WEB-INF\cas-servlet.xml(大家取实际情况的路径) <bean id="logoutController" class="org.jasig.cas.web.LogoutController"p:followServiceRedirects="${cas.logout.followServiceRedirects:true}"/> 默认为false,这个设置是为了让登出(logout)以后进入到指定页面.设置deployerConfigContext.xml配置数据源和加密:<beanid="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource"> <propertyname="driverClassName"><value>oracle.jdbc.driver.OracleDriver</value></property> <propertyname="url"><value>jdbc:oracle:thin:@127.0.0.1:1521:orcl</value></property><property name="username"><value>require</value></property><property name="password"><value>require</value></property></bean><!-- <beanid="MD5PasswordEncoder"class="org.jasig.cas.authentication.handler.DefaultPasswordEncoder"><constructor-arg index="0"><value>MD5</value></constructor-arg></bean> -->然后注释掉下面这行,这行是为了测试使用,只要账号密码相同就可以通过验证<beanclass="org.jasig.cas.authentication.handler.support.SimpleTestUsernamePasswordAuthentication Handler" />这里看sql语句就知道是连数据库验证账号密码了<bean class="org.jasig.cas.adaptors.jdbc.QueryDatabaseAuthenticationHandler"> <property name="dataSource" ref="dataSource"></property> <property name="sql"value="select userpassword from user_ where useraccount=?"></property><!--<property name="passwordEncoder" ref="MD5PasswordEncoder"></property>--> </bean>CAS服务器端的修改:修改spring-configuration/ticketGrantingTicketCookieGenerator.xml<="" span="">p:cookieSecure="true"p:cookieMaxAge="-1"p:cookieName="CASTGC"p:cookiePath="/cas" />将p:cookieSecure="true" 改为 false false才能避免取消ssl后重复登录这个设置完大家就不要用https了直接使用http:xxx还有一个地方要特别说明:有一个地方设置系统数量的:在spring-configuration/ticketExpirationPolicies.xml设置c:numberOfUses="2";你要加多少个系统就写多少数字。
服务端配置完成了。
客户端:在项目中导入cas-client.jar设置filter编辑web.xml,然后粘贴下面的代码:<!-- 用于单点退出,该过滤器用于实现单点登出功能,可选配置--><LISTENER><LISTENER-CLASS>org.jasig.cas.client.session.SingleSignOutHttpSession Listener</LISTENER-CLASS></LISTENER><!-- 该过滤器用于实现单点登出功能,可选配置。
--><FILTER><FILTER-NAME>CAS Single Sign Out Filter</FILTER-NAME><FILTER-CLASS>org.jasig.cas.client.session.SingleSignOutFilter</FILTE R-CLASS></FILTER><FILTER-MAPPING><FILTER-NAME>CAS Single Sign Out Filter</FILTER-NAME><URL-PATTERN>/*</URL-PATTERN></FILTER-MAPPING><!-- 该过滤器负责用户的认证工作,必须启用它 --><FILTER><FILTER-NAME>CASFilter</FILTER-NAME><FILTER-CLASS>org.jasig.cas.client.authentication.AuthenticationFilte r</FILTER-CLASS><INIT-PARAM><PARAM-NAME>casServerLoginUrl</PARAM-NAME><PARAM-VALUE>https://:8443/cas/login</PARAM-VALUE><!--这里的server是服务端的IP--></INIT-PARAM><INIT-PARAM><PARAM-NAME>serverName</PARAM-NAME><PARAM-VALUE>http://localhost:10000</PARAM-VALUE></INIT-PARAM></FILTER><FILTER-MAPPING><FILTER-NAME>CASFilter</FILTER-NAME><URL-PATTERN>/*</URL-PATTERN></FILTER-MAPPING><!-- 该过滤器负责对Ticket的校验工作,必须启用它 --><FILTER><FILTER-NAME>CAS Validation Filter</FILTER-NAME><FILTER-CLASS>org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFi lter</FILTER-CLASS><INIT-PARAM><PARAM-NAME>casServerUrlPrefix</PARAM-NAME><PARAM-VALUE>https://:8443/cas</PARAM-VALUE></INIT-PARAM><INIT-PARAM><PARAM-NAME>serverName</PARAM-NAME><PARAM-VALUE>http://localhost:10000</PARAM-VALUE></INIT-PARAM></FILTER><FILTER-MAPPING><FILTER-NAME>CAS Validation Filter</FILTER-NAME><URL-PATTERN>/*</URL-PATTERN></FILTER-MAPPING><!--该过滤器负责实现HttpServletRequest请求的包裹,比如允许开发者通过HttpServletRequest的getRemoteUser()方法获得SSO登录用户的登录名,可选配置。
AttributePrincipal principal = (AttributePrincipal)request.getUserPrincipal();String username = principal.getName();--><FILTER><FILTER-NAME>CAS HttpServletRequest Wrapper Filter</FILTER-NAME><FILTER-CLASS>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</FILTER-CLA SS></FILTER><FILTER-MAPPING><FILTER-NAME>CAS HttpServletRequest Wrapper Filter</FILTER-NAME><URL-PATTERN>/*</URL-PATTERN></FILTER-MAPPING><!--该过滤器使得开发者可以通过org.jasig.cas.client.util.AssertionHolder 来获取用户的登录名。