一、数据库配置
1.复杂数据库驱动jar文件到cas服务端网站的lib目录下
2.修改CasServer/WEB-INF/deployerConfigContext.xml文件:
<!-- 注释掉如下代码-->
<bean class="org.jasig.cas.authentication.handler.support.SimpleTestUsernamePasswordAuthenticationHandler" />
<bean class="org.jasig.cas.adaptors.jdbc.QueryDatabaseAuthenticationHandler">
<property name="sql" value="select PASSWORD_ from ID_USER where NAME_=?"/>
<property name="passwordEncoder" ref="passwordEncoder"/>
<property name="dataSource" ref="dataSource"/>
</bean>
<!-- 数据源定义 -->
<bean id="dataSource"
class="org.springframework.jdbc.datasource.DriverManagerDataSource">
<property name="driverClassName" value="${db.driver}" />
<property name="url" value="${db.url}" />
<property name="username" value="${db.username}" />
<property name="password" value="${db.password}" />
</bean>
<bean id="passwordEncoder"
class="org.jasig.cas.authentication.handler.DefaultPasswordEncoder"
autowire="byName">
<constructor-arg value="MD5" />
</bean>
database.hibernate.dialect=org.hibernate.dialect.OracleDialect
#database.hibernate.dialect=org.hibernate.dialect.MySQLDialect
#database.hibernate.dialect=org.hibernate.dialect.HSQLDialect
db.driver=oracle.jdbc.driver.OracleDriver
db.url=jdbc/:oracle/:thin/:@localhost/:1521/:master
db.username=casusername
db.password=caspwd
<!-- 注释掉如下代码-->
<bean class="org.jasig.cas.authentication.handler.support.SimpleTestUsernamePasswordAuthenticationHandler" />
<bean
class="com.jihong.cas.adaptors.ldap.BindLdapAuthenticationHandler">
<property name="filter" value="uid=%u" />
<!-- 基节点 -->
<property name="searchBase"
value="OU=单位,O=TJJU" />
<property name="contextSource" ref="contextSource" />
</bean>
<bean id="contextSource"
class="org.jasig.cas.adaptors.ldap.util.AuthenticatedLdapContextSource">
<property name="password" value="secret" />
<property name="pooled" value="true" />
<property name="urls">
<list>
<value>ldap://192.168.0.1:389/</value>
</list>
</property>
<!-- property name="userName" value="uid=admin,O=TJJU" /-->
<property name="baseEnvironmentProperties">
<map>
<entry>
<key>
<value>
java.naming.security.authentication
</value>
</key>
<value>simple</value>
</entry>
</map>
</property>
</bean>
<bean id="serviceRegistryDao"
class="org.jasig.cas.services.InMemoryServiceRegistryDaoImpl" />
<bean id="serviceRegistryDao"
class="org.jasig.cas.services.InMemoryServiceRegistryDaoImpl">
<!-- 注册客户端 -->
<property name="registeredServices">
<list>
<!-- 一个客户端配置 -->
<bean
class="org.jasig.cas.services.RegisteredServiceImpl"
p:id="1"
p:description="Tout Nancy 2"
p:serviceId="*://localhost:8080/**"
p:name="Tout Nancy 2"
p:theme="nancy2"
p:allowedToProxy="true"
p:enabled="true"
p:ssoEnabled="true"
p:anonymousAccess="false">
<!-- 允许的属性 -->
<property name="allowedAttributes" value="Name,telephoneNumber,fullName,mail,eduPersonAffiliation,groupMembership"/>
</bean>
</list>
</property>
</bean>
<bean id="attributeRepository"
class="org.jasig.services.persondir.support.StubPersonAttributeDao">
<property name="backingMap">
<map>
<entry key="uid" value="uid" />
<entry key="eduPersonAffiliation"
value="eduPersonAffiliation" />
<entry key="groupMembership" value="groupMembership" />
</map>
</property>
</bean>
<bean id="attributeRepository"
class="com.jihong.services.persondir.support.ldap.LdapPersonAttributeDao">
<property name="baseDN" value="OU=单位,O=TJJU" />
<property name="query" value="(uid={0})" />
<property name="contextSource" ref="contextSource" />
<property name="ldapAttributesToPortalAttributes">
<map>
<entry key="cn" value="Name" />
<entry value="Telephone" key="telephoneNumber" />
<entry value="Full Name" key="fullName" />
<entry value="Email" key="mail" />
<entry key="eduPersonAffiliation"
value="eduPersonAffiliation" />
<entry key="groupMembership" value="groupMembership" />
</map>
</property>
</bean>
1.复杂数据库驱动jar文件到cas服务端网站的lib目录下
2.修改CasServer/WEB-INF/deployerConfigContext.xml文件:
<!-- 注释掉如下代码--><bean class="org.jasig.cas.authentication.handler.support.SimpleTestUsernamePasswordAuthenticationHandler" /> 替换成:
<bean class="org.jasig.cas.adaptors.jdbc.QueryDatabaseAuthenticationHandler"> <property name="sql" value="select PASSWORD_ from ID_USER where NAME_=?"/> <property name="passwordEncoder" ref="passwordEncoder"/> <property name="dataSource" ref="dataSource"/> </bean> 在文件末尾加入:
<!-- 数据源定义 --> <bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource"> <property name="driverClassName" value="${db.driver}" /> <property name="url" value="${db.url}" /> <property name="username" value="${db.username}" /> <property name="password" value="${db.password}" /> </bean> <bean id="passwordEncoder" class="org.jasig.cas.authentication.handler.DefaultPasswordEncoder" autowire="byName"> <constructor-arg value="MD5" /> </bean> 在CasServer/WEB-INF/cas.properties文件中添加:
database.hibernate.dialect=org.hibernate.dialect.OracleDialect#database.hibernate.dialect=org.hibernate.dialect.MySQLDialect#database.hibernate.dialect=org.hibernate.dialect.HSQLDialectdb.driver=oracle.jdbc.driver.OracleDriverdb.url=jdbc/:oracle/:thin/:@localhost/:1521/:masterdb.username=casusernamedb.password=caspwd 二、LDAP配置
1.复杂cas-server-support-ldap-3.2.jar文件到cas服务端网站的lib目录下
2.修改CasServer/WEB-INF/deployerConfigContext.xml文件:
<!-- 注释掉如下代码--><bean class="org.jasig.cas.authentication.handler.support.SimpleTestUsernamePasswordAuthenticationHandler" />
替换成:(注意:位置)
<bean class="com.jihong.cas.adaptors.ldap.BindLdapAuthenticationHandler"> <property name="filter" value="uid=%u" /> <!-- 基节点 --> <property name="searchBase" value="OU=单位,O=TJJU" /> <property name="contextSource" ref="contextSource" /> </bean>在文件末尾加入:
<bean id="contextSource" class="org.jasig.cas.adaptors.ldap.util.AuthenticatedLdapContextSource"> <property name="password" value="secret" /> <property name="pooled" value="true" /> <property name="urls"> <list> <value>ldap://192.168.0.1:389/</value> </list> </property> <!-- property name="userName" value="uid=admin,O=TJJU" /--> <property name="baseEnvironmentProperties"> <map> <entry> <key> <value> java.naming.security.authentication </value> </key> <value>simple</value> </entry> </map> </property> </bean> 三、分析deployerConfigContext.xml的其他配置
1.客户端登陆服务配置:每加入一个客户端网站都需修改这个配置。
<bean id="serviceRegistryDao" class="org.jasig.cas.services.InMemoryServiceRegistryDaoImpl" /> 例如:
<bean id="serviceRegistryDao" class="org.jasig.cas.services.InMemoryServiceRegistryDaoImpl"> <!-- 注册客户端 --> <property name="registeredServices"> <list> <!-- 一个客户端配置 --> <bean class="org.jasig.cas.services.RegisteredServiceImpl" p:id="1" p:description="Tout Nancy 2" p:serviceId="*://localhost:8080/**" p:name="Tout Nancy 2" p:theme="nancy2" p:allowedToProxy="true" p:enabled="true" p:ssoEnabled="true" p:anonymousAccess="false"> <!-- 允许的属性 --> <property name="allowedAttributes" value="Name,telephoneNumber,fullName,mail,eduPersonAffiliation,groupMembership"/> </bean> </list> </property> </bean>2.属性注册:从数据库中读取的属性
<bean id="attributeRepository" class="org.jasig.services.persondir.support.StubPersonAttributeDao"> <property name="backingMap"> <map> <entry key="uid" value="uid" /> <entry key="eduPersonAffiliation" value="eduPersonAffiliation" /> <entry key="groupMembership" value="groupMembership" /> </map> </property> </bean> 例如:从LDAP中读取属性
<bean id="attributeRepository" class="com.jihong.services.persondir.support.ldap.LdapPersonAttributeDao"> <property name="baseDN" value="OU=单位,O=TJJU" /> <property name="query" value="(uid={0})" /> <property name="contextSource" ref="contextSource" /> <property name="ldapAttributesToPortalAttributes"> <map> <entry key="cn" value="Name" /> <entry value="Telephone" key="telephoneNumber" /> <entry value="Full Name" key="fullName" /> <entry value="Email" key="mail" /> <entry key="eduPersonAffiliation" value="eduPersonAffiliation" /> <entry key="groupMembership" value="groupMembership" /> </map> </property> </bean>转自:http://www.cnblogs.com/huangzhex/archive/2008/05/12/1193750.html