本节介绍一下客户端如何配置,客户端配置没有服务端那么复杂...
客户端Tomcat配置
-
首先确认证书文件已经拷贝到Tomcat的目录下,我们新建两个客户端的web应用,分别命名为Client1,Client2,在页面上稍作处理用于区分即可。
[注意] 我们使用两个Tomcat,一个模拟服务器,一个模拟客户端。如果哦使用同一个Tomcat请注意区分端口!
-
打开server.xml,在<server></server>中配置如下:
<Service name="Client1"> <Connector port="6111" maxHttpHeaderSize="8891" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" redirectPort="8443" acceptCount="100" connectionTimeout="20000" disableUploadTimeout="true" URIEncoding="GBK" /> <Engine name="Client1" defaultHost="Client1"> <Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase"/> <Host name="Client1" appBase="E:DeploymentClient1" unpackWARs="true" autoDeploy="true" xmlValidation="false" xmlNamespaceAware="false"> </Host> </Engine> </Service>
以上配置表示为Client1指定端口号为6111,部署到E:DeploymentClient1目录下。为Client2选择不同的端口号做同样的配置,完成后进行部署。
[注意]部署时我们采用如下步骤:
![CAS单点登录配置:[4]客户端配置](http://b.hiphotos.baidu.com/exp/w=500/sign=007416c4818ba61edfeec82f713497cc/ac6eddc451da81cb889a93c35166d016092431bb.jpg)
-
部署成功:同时E:DeploymentClient1下会多出部署的文件
![CAS单点登录配置:[4]客户端配置](http://h.hiphotos.baidu.com/exp/w=500/sign=ab8c7be18eb1cb133e693c13ed5456da/bba1cd11728b47102636edc2c0cec3fdfc0323a6.jpg)
END
Web.xml配置
-
将如下配置拷贝到web.xml中,并修改加黑倾斜处
<filter> <filter-name>CAS Single Sign Out Filter</filter-name> <filter-class> org.jasig.cas.client.session.SingleSignOutFilter </filter-class> </filter> <filter-mapping> <filter-name>CAS Single Sign Out Filter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <listener> <listener-class> org.jasig.cas.client.session.SingleSignOutHttpSessionListener </listener-class> </listener> <!--Single Sign on --> <filter> <filter-name>CAS Authentication Filter</filter-name> <filter-class> org.jasig.cas.client.authentication.AuthenticationFilter </filter-class> <!--The following address is CAS server address, using default port 443 --> <init-param> <param-name>casServerLoginUrl</param-name> <param-value>https://fighting.com/cas/login</param-value> </init-param> <init-param> <param-name>renew</param-name> <param-value>false</param-value> </init-param> <init-param> <param-name>gateway</param-name> <param-value>false</param-value> </init-param> <!-- Client application address --> <init-param> <param-name>serverName</param-name> <param-value>http://fighting.com:6111</param-value> </init-param> </filter> <!--Ticket Validation --> <filter> <filter-name>CAS Validation Filter</filter-name> <filter-class> org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter </filter-class> <init-param> <param-name>redirectAfterValidation</param-name> <param-value>true</param-value> </init-param> <init-param> <param-name>casServerUrlPrefix</param-name> <param-value>https://fighting.com/cas</param-value> </init-param> <init-param> <param-name>serverName</param-name> <param-value>http://fighting.com:6111</param-value> </init-param> <init-param> <param-name>useSession</param-name> <param-value>true</param-value> </init-param> <init-param> <param-name>redirectAfterValidation</param-name> <param-value>true</param-value> </init-param> </filter> <filter> <filter-name> CAS HttpServletRequest WrapperFilter </filter-name> <filter-class> org.jasig.cas.client.util.HttpServletRequestWrapperFilter </filter-class> </filter> <filter> <filter-name> CAS Assertion Thread Local Filter </filter-name> <filter-class> org.jasig.cas.client.util.AssertionThreadLocalFilter </filter-class> </filter> <filter-mapping> <filter-name>CAS Authentication Filter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <filter-mapping> <filter-name>CAS Validation Filter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <filter-mapping> <filter-name> CAS HttpServletRequest WrapperFilter </filter-name> <url-pattern>/*</url-pattern> </filter-mapping> <filter-mapping> <filter-name> CAS Assertion Thread Local Filter </filter-name> <url-pattern>/*</url-pattern> </filter-mapping>
-
客户端配置就这么简单,如果运行时报如下错误,
请将cas-client-core-3.2.0.jar、commons-logging-1.1.jar复制到tomcat的lib中
![CAS单点登录配置:[4]客户端配置](http://c.hiphotos.baidu.com/exp/w=500/sign=e5f76799da33c895a67e987be1127397/4bed2e738bd4b31c6dd284b584d6277f9f2ff8d6.jpg)
END