二、配置cas服务器和客户端

1.编译cas

下载cas-4.1.9.tar.gz

tar -xzf cas-4.1.9.tar.gz

cd cas-4.1.9

mvn clean install -DskipTests

2.cd cas-server-webapp/target/cas.war ../server-tomcat-8.0.12/webapps/

启动tomcat

通过浏览器访问https://server.hacker.org:8443/cas

用户名和密码在cas\WEB-INF\deployerConfigContext.xml文件中定义

3.客户端tomcat 配置

两个tomcat-8.0.12\webapps\examples\WEB-INF\lib下添加cas-client-core-3.2.0.jar、commons-logging-1.1.3.jar、slf4j-api-1.7.12.jar三个jar包

修改login-tomcat-8.0.12\webapps\examples\WEB-INF\web.xml

添加

    

        CAS Single Sign Out Filter

        org.jasig.cas.client.session.SingleSignOutFilter

        

            casServerUrlPrefix

            https://server.hacker.org:8443/cas

    

        org.jasig.cas.client.session.SingleSignOutHttpSessionListener

    

        CAS Authentication Filter

        org.jasig.cas.client.authentication.AuthenticationFilter

        

            casServerLoginUrl

            https://server.hacker.org:8443/cas/login

        

            serverName

            https://login.hacker.org:18443

    

        CAS Validation Filter

        org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter

        

            casServerUrlPrefix

            https://server.hacker.org:8443/cas

        

            serverName

            https://login.hacker.org:18443

        

            redirectAfterValidation

            true

        

            useSession

            true

        

            authn_method

            mfa-duo

    

        CAS HttpServletRequest Wrapper Filter

        org.jasig.cas.client.util.HttpServletRequestWrapperFilter

    

        CAS Single Sign Out Filter

        /*

    

        CAS Validation Filter

        /*

    

        CAS Authentication Filter

        /*

    

        CAS HttpServletRequest Wrapper Filter

        /*

blog-tomcat-8.0.12的修改如下：

    

        CAS Single Sign Out Filter

        org.jasig.cas.client.session.SingleSignOutFilter

        

            casServerUrlPrefix

            https://server.hacker.org:8443/cas

    

        org.jasig.cas.client.session.SingleSignOutHttpSessionListener

    

        CAS Authentication Filter

        org.jasig.cas.client.authentication.AuthenticationFilter

        

            casServerLoginUrl

            https://server.hacker.org:8443/cas/login

        

            serverName

            https://blog.hacker.org:28443

    

        CAS Validation Filter

        org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter

        

            casServerUrlPrefix

            https://server.hacker.org:8443/cas

        

            serverName

            https://blog.hacker.org:28443

        

            redirectAfterValidation

            true

        

            useSession

            true

        

            authn_method

            mfa-duo

    

        CAS HttpServletRequest Wrapper Filter

        org.jasig.cas.client.util.HttpServletRequestWrapperFilter

    

        CAS Single Sign Out Filter

        /*

    

        CAS Validation Filter

        /*

    

        CAS Authentication Filter

        /*

    

        CAS HttpServletRequest Wrapper Filter

        /*

启动login和blog tomcat

4.访问，见证奇迹的时候到了

访问

https://login.hacker.org:18443/examples/servlets/servlet/HelloWorldExample

输入用户名和密码

再访问

https://blog.hacker.org:28443/examples/servlets/servlet/HelloWorldExample

发现不用输入用户名和密码就可以登录

退出登录

https://server.hacker.org:8443/cas/logout

再次访问

https://login.hacker.org:18443/examples/servlets/servlet/HelloWorldExample

发现又要登录