Home >Backend Development >PHP Tutorial > cas sso 集成 java + php (discuz,bbs) 配备

cas sso 集成 java + php (discuz,bbs) 配备

WBOY
WBOYOriginal
2016-06-13 13:02:35927browse

cas sso 集成 java + php (discuz,bbs) 配置

cas 搭建准备工作:

cas-server-3.4.4

cas-client-3.2.0

apache-tomcat-6.0.14

?

去掉https认证,改成http认证

1、进入WEB-INF\spring-configuration目录
打开warnCookieGenerator.xml文件
修改p:cookieSecure的值为false

2、打开ticketGrantingTicketCookieGenerator.xml文件
同样修改p:cookieSecure的值为false

3、打开WEB-INF\deployerConfigContext.xml文件
查找org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler
把这代码块修改为如下:(添加 p:requireSecure="false"? )

<bean class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler" p:httpclient-ref="httpClient" p:requiresecure="false"></bean>

?

java 客户端配置

<!-- cas client start -->
	<!-- 用于单点退出,该过滤器用于实现单点登出功能,可选配置-->
	<listener>
	        <listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class>
	</listener>

	<!-- 该过滤器用于实现单点登出功能,可选配置。 -->
	<filter>
	        <filter-name>CAS Single Sign Out Filter</filter-name>
	        <filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>
	</filter>
	<filter-mapping>
	        <filter-name>CAS Single Sign Out Filter</filter-name>
	        <url-pattern>/*</url-pattern>
	</filter-mapping>
	
	<!-- 该过滤器负责用户的认证工作,必须启用它 -->
	<filter>
	        <filter-name>CASFilter</filter-name>
	        <filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>
	        <init-param>
	                <param-name>casServerLoginUrl</param-name>
	                <param-value>http://116.226.60.173:8888/cas/login</param-value>
	                <!--这里的server是服务端的IP-->
	        </init-param>
	        <init-param>
	                <param-name>serverName</param-name>
	                <param-value>http://116.226.60.173:8888</param-value>
	        </init-param>
	</filter>
	<filter-mapping>
	    <filter-name>CASFilter</filter-name>
	    <url-pattern>/front/member/*</url-pattern>
	</filter-mapping>
	
	<filter-mapping>
	    <filter-name>CASFilter</filter-name>
	    <url-pattern>/memberCenter/*</url-pattern>
	</filter-mapping>
	
	<!-- 该过滤器负责对Ticket的校验工作,必须启用它 -->
	<filter>
	        <filter-name>CAS Validation Filter</filter-name>
	        <filter-class>
	                org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</filter-class>
	        <init-param>
	                <param-name>casServerUrlPrefix</param-name>
	                <param-value>http://116.226.60.173:8888/cas</param-value>
	        </init-param>
	        <init-param>
	                <param-name>serverName</param-name>
	                <param-value>http://116.226.60.173:8888</param-value>
	        </init-param>
	</filter>
	 
	 <filter-mapping>
	    <filter-name>CAS Validation Filter</filter-name>
	    <url-pattern>/*</url-pattern>
	</filter-mapping>
	
	<!--
	        该过滤器负责实现HttpServletRequest请求的包裹,
	        比如允许开发者通过HttpServletRequest的getRemoteUser()方法获得SSO登录用户的登录名,可选配置。
	-->
	<filter>
	        <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
	        <filter-class>
	                org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class>
	</filter>
	<filter-mapping>
	        <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
	        <url-pattern>/*</url-pattern>
	</filter-mapping>

	<filter>
	        <filter-name>CAS Assertion Thread Local Filter</filter-name>
	        <filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class>
	</filter>
	<filter-mapping>
	        <filter-name>CAS Assertion Thread Local Filter</filter-name>
	        <url-pattern>/*</url-pattern>
	</filter-mapping>
	<!-- cas client end -->

?

?

?

php 端配置

require_once 'CAS.php';
define('CAS_SERVER_HOSTNAME', "192.168.18.8"); 
define('CAS_SERVER_PORT', 8888); 
define('CAS_SERVER_APP_NAME', "cas"); 
phpCAS::setDebug();
phpCAS::client(CAS_VERSION_2_0, CAS_SERVER_HOSTNAME, CAS_SERVER_PORT, CAS_SERVER_APP_NAME); 
phpCAS::setNoCasServerValidation();
phpCAS::handleLogoutRequests(); 
phpCAS::forceAuthentication();

$username = phpCAS::getUser(); //获取cas 服务端用户名?
Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn