国内私募机构九鼎控股打造APP,来就送 20元现金领取地址:http://jdb.jiudingcapital.com/phone.html
内部邀请码:C8E245J (不写邀请码,没有现金送)
国内私募机构九鼎控股打造,九鼎投资是在全国股份转让系统挂牌的公众公司,股票代码为430719,为“中国PE第一股”,市值超1000亿元。 
------------------------------------------------------------------------------------------------------------------------------------------------------------------

http://docs.jboss.com/jbportal/v2.7.1/referenceGuide/html/sso.html#d0e11667

21.3. CAS - Central Authentication Service

This Single Sign On plugin enables seamless integration between JBoss Portal and the CAS Single Sign On Framework. Details about CAS can be found here

21.3.1. Integration steps

Note

The steps below assume that CAS server and JBoss Portal will be deployed on the same JBoss Application Server instance. CAS will be configured to leverage identity services exposed by JBoss Portal to perform authentication. Procedure may be slightly different for other deployment scenarios. Both JBoss Portal and CAS will need to be configured to authenticate against same database or LDAP server. Please see CAS documentation to learn how to setup it up against proper identity store.

Note

Configuration below assumes that JBoss Application Server is HTTPS enabled and operates on standard ports: 80 (for HTTP) and 443 (for HTTPS).

  1. Install CAS server (v 3.0.7). This should be as simple as deploying single cas.war file.
  2. Copy portal-identity-lib.jar and portal-identity-sso-lib.jar files from$JBOSS_HOME/server/default/deploy/jboss-portal.sar/lib to$JBOSS_HOME/server/default/deploy/cas.war/WEB-INF/lib.
  3. Edit $JBOSS_HOME/server/default/deploy/jboss-portal.sar/portal-server.war/WEB-INF/context.xml file and enable proper Apache Tomcat Valve by uncommenting following lines:
    <Valve className="org.jboss.portal.identity.sso.cas.CASAuthenticationValve"
    casLogin="https://localhost/cas/login"
    casValidate="https://localhost/cas/serviceValidate"
    casServerName="localhost"
    authType="FORM"
    />

    Update valve options as follow:

    • casLogin: URL of your CAS Authentication Server
    • casValidate: URL of your CAS Authentication Server validation service
    • casServerName: the hostname:port combination of your CAS Authentication Server

    Note

    CAS client requires to use SSL connection. To learn how to setup JBoss Application Server to use HTTPS see here

  4. Copy casclient.jar into $JBOSS_HOME/server/default/deploy/jboss-portal.sar/lib. You can download this file from CAS homepage or from JBoss repository underhttp://repository.jboss.com/cas/3.0.7/lib/

    Note

    The CAS engine does not accept self-signed SSL certificates. This requirement is fine for production use where a production level SSL certificate is available. However, for testing purposes, this can get a little annoying. Hence, if you are having this issue, you can usecasclient-lenient.jar instead.

  5. Edit $JBOSS_HOME/server/default/deploy/jboss-portal.sar/META-INF/jboss-service.xml file and uncomment following lines:
    <mbean
    code="org.jboss.portal.identity.sso.cas.CASAuthenticationService"
    name="portal:service=Module,type=CASAuthenticationService"
    xmbean-dd=""
    xmbean-code="org.jboss.portal.jems.as.system.JBossServiceModelMBean">
    <xmbean/>
    <depends>portal:service=Module,type=IdentityServiceController</depends>
    <attribute name="HavingRole"></attribute>
    </mbean>

    This will expose special service in JBoss Portal that can be leveraged by CAS AuthenticationHandler if the server is deployed on the same application server instance. This AuthenticationHandler will be enabled in next 2 steps.

  6. Edit $JBOSS_HOME/server/default/deploy/cas.war/WEB-INF/deployerConfigContext.xml and add following line in the authenticationHandlers section:
    <bean class="org.jboss.portal.identity.sso.cas.CASAuthenticationHandler" />
    

    This can replace default SimpleTestUsernamePasswordAuthenticationHandler so whole part of this config file can look as follows:

                      <property name="authenticationHandlers">
    <list>
    <!--
    | This is the authentication handler that authenticates services by means of callback via SSL, thereby validating
    | a server side SSL certificate.
    +-->
    <bean
    class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler">
    <property
    name="httpClient"
    ref="httpClient" />
    </bean> <!--
    | This is the authentication handler declaration that every CAS deployer will need to change before deploying CAS
    | into production. The default SimpleTestUsernamePasswordAuthenticationHandler authenticates UsernamePasswordCredentials
    | where the username equals the password. You will need to replace this with an AuthenticationHandler that implements your
    | local authentication strategy. You might accomplish this by coding a new such handler and declaring
    | edu.someschool.its.cas.MySpecialHandler here, or you might use one of the handlers provided in the adaptors modules.
    +-->
    <bean class="org.jboss.portal.identity.sso.cas.CASAuthenticationHandler" />
    </list>
    </property>

To test the integration:

  • Go to your portal. Typically, http://localhost:8080/portal
  • Click on the "Login" link on the main portal page
  • This should bring up the CAS Authentication Server's login screen instead of the default JBoss Portal login screen
  • Input your portal username and password. For built-in portal login try user:user or admin:admin
  • If login is successful, you should be redirected back to the portal with the appropriate user logged in

Central Authentication Service的更多相关文章

  1. Hadoop生态圈-单点登录框架之CAS(Central Authentication Service)部署

    Hadoop生态圈-单点登录框架之CAS(Central Authentication Service)部署 作者:尹正杰 版权声明:原创作品,谢绝转载!否则将追究法律责任. 一.CAS简介 CAS( ...

  2. CAS(Central Authentication Service)——windows上简单搭建及測试

    入手文章,大神绕行. 一.服务端搭建 我使用的服务端版本号为:cas-server-3.4.11-release.zip.解压之后,将\cas-server-3.4.11-release\cas-se ...

  3. 自己动手搭建 CAS(Central Authentication Service) 环境,为了单点登录(Single Sign On , 简称 SSO )

    介绍 刚刚搭建 CAS 成功了,现在记录下来,怕以后忘记,同时也给需要帮助的人.CAS 搭建需要服务端和客户端,服务端是 Java 写的,如果自己搭建则需要安装与配置 Java 环境.客户端可以是多种 ...

  4. 集成基于CAS协议的单点登陆

    相信大家对单点登陆(SSO,Single Sign On)这个名词并不感到陌生吧?简单地说,单点登陆允许多个应用使用同一个登陆服务.一旦一个用户登陆了一个支持单点登陆的应用,那么在进入其它使用同一单点 ...

  5. CAS FOR WINDOW ACTIVE DIRECTORY SSO单点登录

    一.CAS是什么? CAS(Central Authentication Service)是 Yale 大学发起的一个企业级的.开源的项目,旨在为 Web 应用系统提供一种可靠的单点登录解决方法(支持 ...

  6. 【Java EE 学习 68】【单点登录】【两种单点登录类型:SSO/CAS、相同一级域名的SSO】

    单点登录:SSO(Single Sign On) 什么是单点登录:大白话就是多个网站共享一个用户名和密码的技术,对于普通用户来说,只需要登录其中任意一个网站,登录其他网站的时候就能够自动登陆,不需要再 ...

  7. CAS学习笔记(一)

    近期做单点登录,看了一些CAS资料,做下总结 一.cas简介 全名:Central Authentication Service 特点: 1.开源的.多协议的 SSO 解决方案: Protocols  ...

  8. 【单点登录】【两种单点登录类型:SSO/CAS、相同一级域名的SSO】

    单点登录:SSO(Single Sign On) 什么是单点登录:大白话就是多个网站共享一个用户名和密码的技术,对于普通用户来说,只需要登录其中任意一个网站,登录其他网站的时候就能够自动登陆,不需要再 ...

  9. CAS 集群部署session共享配置

    背景 前段时间,项目计划搞独立的登录鉴权中心,由于单独开发一套稳定的登录.鉴权代码,工作量大,最终的方案是对开源鉴权中心CAS(Central Authentication Service)作适配修改 ...

随机推荐

  1. 微软嵌入式WEC2013产品研讨会(深圳站---2013.10.16)

    主要内容如下: 1.      Windows Embedded Compact 2013面向的市场 主要面向工业自动化.医疗设备和零售行业这些市场,和物联网关系非常紧密. 2.      Windo ...

  2. Oracle EBS Report 输出字符字段前部"0"被Excel自动去掉问题

    Oracle  EBS 提供多种报表的开发和输出形式,由于MS Excel在处理数据方面的优势明显,报表输出用Excel打开是很常见的开发项. 但是正是由于Excel的"过于智能而不智能&q ...

  3. zoj 3351 Bloodsucker(概率 dp)

    题目:http://acm.zju.edu.cn/onlinejudge/showProblem.do?problemId=4530 dp[i]表示现在存在i个吸血鬼要达成目标(全为吸血鬼)天数的数学 ...

  4. poj 3259 Wormholes(最短路 Bellman)

    题目:http://poj.org/problem?id=3259 题意:一个famer有一些农场,这些农场里面有一些田地,田地里面有一些虫洞,田地和田地之间有路,虫洞有这样的性质: 时间倒流.问你这 ...

  5. volicety常用方法

    1.volicety得到某个元素的个数 $extendsInfos.size() 2.volicety 布尔值判断: 如果a为null,#if($a) ,产生的判断值是false  等同于#if(fa ...

  6. Asp.net调用百度搜索引擎

    ASP.NET 调用百度搜索引擎 百度搜索引擎提供了一段嵌入到页面中的代码 <form action="http://www.baidu.com/baidu" target= ...

  7. Dapper连接Oracle

    Dapper连接Oracle去年写过了篇博客,名字叫:让dapper支持Oracle 网址:http://www.cnblogs.com/ushou/archive/2012/09/28/270690 ...

  8. I.MX6 android 禁止低电量自动关机

    /************************************************************************ * I.MX6 android 禁止低电量自动关机 ...

  9. Js动态传递不定数目的参数

    回调程序中,经常有这样的需求:用户传递一个回调方法,该方法可以有不定的参数. 如果参数数目固定则很容易实现,看代码: //回调函数1 function callback1(a,b,c) { alert ...

  10. Java [leetcode 35]Search Insert Position

    题目描述: Given a sorted array and a target value, return the index if the target is found. If not, retu ...