【轉】Yale_CAS客戶端配置說明

時間 2019-12-07

標籤 yale cas 客戶端配置說明简体版

原文原文鏈接

Java Web應用

使用cas-client-3.1.12 Javaphp

設置filterweb

服務器

<listener>session

<listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class>app

</listener>curl

url

<filter>spa

<filter-name>CAS Single Sign Out Filter</filter-name>debug

<filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>code

</filter>

<filter-mapping>

<filter-name>CAS Single Sign Out Filter</filter-name>

<url-pattern>/*</url-pattern>

</filter-mapping>

<filter-name>CASFilter</filter-name>

<filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>

<init-param>

<param-name>casServerLoginUrl</param-name>

<param-value>https://sso.wsria.com:8443/cas/login</param-value>

</init-param>

<init-param>

<param-name>serverName</param-name>

<param-value>http://localhost:10000</param-value>

</init-param>

</filter>

<filter-mapping>

<filter-name>CASFilter</filter-name>

<url-pattern>/*</url-pattern>

</filter-mapping>

<filter-name>CAS Validation Filter</filter-name>

<filter-class>

org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</filter-class>

<init-param>

<param-name>casServerUrlPrefix</param-name>

<param-value>https://sso.wsria.com:8443/cas</param-value>

</init-param>

<init-param>

<param-name>serverName</param-name>

<param-value>http://localhost:10000</param-value>

</init-param>

</filter>

<filter-mapping>

<filter-name>CAS Validation Filter</filter-name>

<url-pattern>/*</url-pattern>

</filter-mapping>

<!--

該過濾器負責實現HttpServletRequest請求的包裹，

好比容許開發者經過HttpServletRequest的getRemoteUser()方法得到SSO登陸用戶的登陸名，可選配置。

-->

<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>

<filter-class>

org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class>

</filter>

<filter-mapping>

<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>

<url-pattern>/*</url-pattern>

</filter-mapping>

<!--

該過濾器使得開發者能夠經過org.jasig.cas.client.util.AssertionHolder來獲取用戶的登陸名。

好比AssertionHolder.getAssertion().getPrincipal().getName()。

-->

<filter-name>CAS Assertion Thread Local Filter</filter-name>

<filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class>

</filter>

<filter-mapping>

<filter-name>CAS Assertion Thread Local Filter</filter-name>

<url-pattern>/*</url-pattern>

</filter-mapping>

<display-name>AutoSetUserAdapterFilter</display-name>

<filter-name>AutoSetUserAdapterFilter</filter-name>

<filter-class>com.wsria.demo.filter.AutoSetUserAdapterFilter</filter-class>

</filter>

<filter-mapping>

<filter-name>AutoSetUserAdapterFilter</filter-name>

<url-pattern>/*</url-pattern>

</filter-mapping>

使用版本3.x用如下方法得到用戶名:

request.getRemoteUser()

前提是配置了CAS HttpServletRequest Wrapper Filter

.NET

1.使用casModule-1.0.1

2.添加casModule.dll的引用

3.在web.confg文件添加如下配置:

</appSettings>

<system.web>

...

    <httpModules>

      <add name="CasModule" type="Upmc.CasModule.CasModule, CasModule"/>

    </httpModules>

...

  </system.web>

</authentication>

</authorization>

PHP

1.增長Apache ssl_module模塊

2.增長php_curl模塊

3.使用到的文件或目錄:CAS-php-1.2.2/CAS.php和CAS-php-1.2.2/CAS目錄.

4.修改config中CAS目錄與服務器相關的配置:

$phpcas_path

$cas_host

5.調用phpCAS::getUser()得到用戶名.

6.在每一個受保護的頁面開關加如下代碼:

<?php

include_once('config.php');

include_once($phpcas_path.'/CAS.php');

phpCAS::setDebug();// Uncomment to enable debugging

phpCAS::client(CAS_VERSION_2_0, $cas_host, $cas_port, $cas_context);

// 必須調用如下兩個方法中的一個:phpCAS::setCasServerCACert(),phpCAS::setNoCasServerValidation()

// phpCAS::setCasServerCACert($cas_server_ca_cert_path); // 設置證書的路徑

phpCAS::setNoCasServerValidation();

phpCAS::forceAuthentication();

if (isset($_REQUEST['logout'])) { // logout if desired

phpCAS::logout();

}

相關標籤/搜索

每日一句

每一个你不满意的现在，都有一个你没有努力的曾经。