目标
- 统一用户管理
- 统一身份认证
- 统一授权管理
- 统一审计管理
- 单点登录
一、部署最基本系统
- 运行tomcat(略)
- 使用
./build.sh package生成 war 包。
在 \build\libs 下生成 cas.war 并在tomcat部署运行。 - 使用默认用户名密码登录 http://localhost:8080/cas/login
User: casuser
Password: Mellon
image.png
image.png
二、基于mysql数据库的用户管理
参考 CAS 5 Database Authentication Tutorial
- 启用 Database Authentication 并重新build
cas-overlay-template\build.gradle 添加
compile "org.apereo.cas:cas-server-support-jdbc:${project.'cas.version'}" -
参考教程的链接创建数据库表
image.png - 修改 apache-tomcat-9.0.13\webapps\cas\WEB-INF\classes\application.properties
注释掉 # cas.authn.accept.users=casuser::Mellon
加上:
cas.authn.jdbc.query[0].sql=SELECT * FROM USERS WHERE uid=?
cas.authn.jdbc.query[0].url=jdbc:[mysql://localhost/test?useUnicode=true&useJDBCCompliantTimezoneShift=true&useLegacyDatetimeCode=false&serverTimezone=UTC](mysql://localhost/test?useUnicode=true&useJDBCCompliantTimezoneShift=true&useLegacyDatetimeCode=false&serverTimezone=UTC)
cas.authn.jdbc.query[0].dialect=org.hibernate.dialect.MySQLDialect
cas.authn.jdbc.query[0].user=root
cas.authn.jdbc.query[0].password=yourpwd
cas.authn.jdbc.query[0].driverClass=com.mysql.jdbc.Driver
cas.authn.jdbc.query[0].fieldPassword=psw
logging.level.org.apereo=DEBUG
cas.authn.accept.users=
-
运行,用数据库的用户名密码登录成功
image.png
image.png
image.png
三、实现自己的用户登录系统
四、用户管理
五、授权管理
……
参考
******************************************************************
Apereo CAS ******************************************************************
Apereo CAS 6.0.0-SNAPSHOT
Enterprise Single SignOn for all earthlings and beyond
- https://github.com/apereo/cas
- https://apereo.github.io/cas
******************************************************************
6.0.0-SNAPSHOT
Enterprise Single SignOn for all earthlings and beyond
- https://github.com/apereo/cas
- https://apereo.github.io/cas
******************************************************************
Usage: build.sh [command]
The following commands are available:
clean: Clean Maven build directory
cli: Run the CAS command line shell and pass commands
copy: Copy config from the project's local etc/cas/config directory to the root /etc/cas/config
debug: Run cas.war and listen for Java debugger on port 5000
dependencies: Get a report of all dependencies configured in the build
docker: Build a Docker image based on the current build and configuration
gencert: Create keystore with SSL certificate in location where CAS looks by default
getview: Ask for a view name to be included in the overlay for customizations
getresource: Ask for a resource name (properties/json/etc file) to be included in the overlay for customizations
listviews: List all CAS views that ship with the web application and can be customized in the overlay
package: Clean and build CAS war
explode: Explode and unzip and packaged CAS war
run: Build and run cas.war via Java as an executable war
runalone: Build and run cas.war on its own as a standalone executable
tomcat: Deploy the CAS web application to an external Apache Tomcat server
update: Package the CAS overlay by force-updating dependencies and SNAPSHOT versions
