Heim >Backend-Entwicklung >PHP-Tutorial >cas sso 集成 java + php (discuz,bbs) 配备

cas sso 集成 java + php (discuz,bbs) 配备

WBOY
WBOYOriginal
2016-06-13 11:01:191334Durchsuche

cas sso 集成 java + php (discuz,bbs) 配置

cas 搭建准备工作:

cas-server-3.4.4

cas-client-3.2.0

apache-tomcat-6.0.14

?

去掉https认证,改成http认证

1、进入WEB-INF\spring-configuration目录
打开warnCookieGenerator.xml文件
修改p:cookieSecure的值为false

2、打开ticketGrantingTicketCookieGenerator.xml文件
同样修改p:cookieSecure的值为false

3、打开WEB-INF\deployerConfigContext.xml文件
查找org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler
把这代码块修改为如下:(添加 p:requireSecure="false"? )

<bean class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler" p:httpclient-ref="httpClient" p:requiresecure="false"></bean>

?

java 客户端配置

<!-- cas client start -->	<!-- 用于单点退出,该过滤器用于实现单点登出功能,可选配置-->	<listener>	        <listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class>	</listener>	<!-- 该过滤器用于实现单点登出功能,可选配置。 -->	<filter>	        <filter-name>CAS Single Sign Out Filter</filter-name>	        <filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>	</filter>	<filter-mapping>	        <filter-name>CAS Single Sign Out Filter</filter-name>	        <url-pattern>/*</url-pattern>	</filter-mapping>		<!-- 该过滤器负责用户的认证工作,必须启用它 -->	<filter>	        <filter-name>CASFilter</filter-name>	        <filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>	        <init-param>	                <param-name>casServerLoginUrl</param-name>	                <param-value>http://116.226.60.173:8888/cas/login</param-value>	                <!--这里的server是服务端的IP-->	        </init-param>	        <init-param>	                <param-name>serverName</param-name>	                <param-value>http://116.226.60.173:8888</param-value>	        </init-param>	</filter>	<filter-mapping>	    <filter-name>CASFilter</filter-name>	    <url-pattern>/front/member/*</url-pattern>	</filter-mapping>		<filter-mapping>	    <filter-name>CASFilter</filter-name>	    <url-pattern>/memberCenter/*</url-pattern>	</filter-mapping>		<!-- 该过滤器负责对Ticket的校验工作,必须启用它 -->	<filter>	        <filter-name>CAS Validation Filter</filter-name>	        <filter-class>	                org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</filter-class>	        <init-param>	                <param-name>casServerUrlPrefix</param-name>	                <param-value>http://116.226.60.173:8888/cas</param-value>	        </init-param>	        <init-param>	                <param-name>serverName</param-name>	                <param-value>http://116.226.60.173:8888</param-value>	        </init-param>	</filter>	 	 <filter-mapping>	    <filter-name>CAS Validation Filter</filter-name>	    <url-pattern>/*</url-pattern>	</filter-mapping>		<!--	        该过滤器负责实现HttpServletRequest请求的包裹,	        比如允许开发者通过HttpServletRequest的getRemoteUser()方法获得SSO登录用户的登录名,可选配置。	-->	<filter>	        <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>	        <filter-class>	                org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class>	</filter>	<filter-mapping>	        <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>	        <url-pattern>/*</url-pattern>	</filter-mapping>	<filter>	        <filter-name>CAS Assertion Thread Local Filter</filter-name>	        <filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class>	</filter>	<filter-mapping>	        <filter-name>CAS Assertion Thread Local Filter</filter-name>	        <url-pattern>/*</url-pattern>	</filter-mapping>	<!-- cas client end -->

?

?

?

php 端配置

require_once 'CAS.php';define('CAS_SERVER_HOSTNAME', "192.168.18.8"); define('CAS_SERVER_PORT', 8888); define('CAS_SERVER_APP_NAME', "cas"); phpCAS::setDebug();phpCAS::client(CAS_VERSION_2_0, CAS_SERVER_HOSTNAME, CAS_SERVER_PORT, CAS_SERVER_APP_NAME); phpCAS::setNoCasServerValidation();phpCAS::handleLogoutRequests(); phpCAS::forceAuthentication();$username = phpCAS::getUser(); //获取cas 服务端用户名?
Stellungnahme:
Der Inhalt dieses Artikels wird freiwillig von Internetnutzern beigesteuert und das Urheberrecht liegt beim ursprünglichen Autor. Diese Website übernimmt keine entsprechende rechtliche Verantwortung. Wenn Sie Inhalte finden, bei denen der Verdacht eines Plagiats oder einer Rechtsverletzung besteht, wenden Sie sich bitte an admin@php.cn
Vorheriger Artikel:关于php vps 治理Nächster Artikel:php种常量定制及使用方法