jasig

jasig CAS实现单点登录(数据库认证)

落爺英雄遲暮 提交于 2020-04-07 08:52:35
之前转载了一篇IBM的CAS单点登录实现,不过瘾,于是到官网弄下最新版本来再战一把: 这个CAS( Central Authentication Service )是耶鲁大学的开源项目,旨在实现企业应用单点登录,还是很不错的,牛b的大学确实不一样,不是我们这些2b学校式的教育。其官网 http://www.jasig.org/cas ,很不幸,应该翻了墙才能进去,自己去捣鼓翻墙吧,建议就GoAgent足已。 实验环境: 1.jdk7_45 2.tomcat7_45 3.三台虚拟机: 1.tomcat1(部署cas验证服务器) 2.tomcat2(其中部署了两个web应用cas-web-client, cas-web-client2) 3.mysql server一台(直接到数据库种验证) 原理图: 资源下载地址: http://downloads.jasig.org/ 解压之,jar会再modules目录下,其他都为源代码项目 已经打包的server: client: ------------------------------------------------------ 开始搭建: CAS服务器配置: 1.在tomcat1所在机器生成证书: 这时会在用户主目录下生成.keystore文件,这个文件也可在上述命令种指定,其中生成过程会填入一些信息,注意输入第一个时(名字与姓氏

CAS Single LogOut(SLO) not working - CAS 4.2.3

ⅰ亾dé卋堺 提交于 2020-03-23 07:56:37
问题 I am having issues with Single LogOut in CAS. I am using CAS server 4.2.3 and Spring 3.2. My client casified applications are configured on spring security. Followed the following documentation, http://docs.spring.io/spring-security/site/docs/3.2.9.RELEASE/reference/htmlsingle/#cas-singlelogout I have 2 cas client web application. When I logout from one of the cas client web application, and refresh the page in the 2nd cas client application which I already logged in (in the same browser in a

jasig CAS登录验证分析

不羁岁月 提交于 2020-03-12 11:19:57
jasig CAS登录验证分析: 之前文章讲到了怎么利用jasig CAS实现sso: http://my.oschina.net/indestiny/blog/200768 本文对jasig CAS验证过程做个简单的分析,便于以后能够更好定制自己的CAS, 要了解CAS流程你需要知道spring,springmvc等知识,也要了解spring-webflow, 因为整个验证流程都是由spring-webflow定制的,你可以参考我转载的一篇spring-webflow的文章: http://my.oschina.net/indestiny/blog/201988 ok, 就开始了。 先说说我们未登录状态时: 重点就是服务器端的配置:WEB-INF/login-webflow.xml中,它定义了整个登录流程,我们先就分析其流程: <flow xmlns="http://www.springframework.org/schema/webflow" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/webflow http://www.springframework.org/schema/webflow

jasig cas too many redirects issue

为君一笑 提交于 2019-12-30 13:35:17
问题 I'm trying to secure a spring-boot web application using spring security and spring-security-cas (SSO with Jasig CAS). I'm facing a too many redirects error when trying to access a protected resources. The project is available here Do you see any error in my configuration? Thanks in advance redirect loop error screenshot 回答1: Finally found out the error: In SpringSecurity 4.x, CasAuthenticationFilter's defaultFilterProcessesUrl path is changed. So Change '/j_spring_cas_security_check' to '

CAS logout and cookies elimination

自作多情 提交于 2019-12-21 10:18:09
问题 I just made a HelloWorld servlet and implemented CAS on it. I'm being able to log in without problem and CAS is setting 3 cookies in my browser, the CASGT, and 2 JSESSIONID 1 for /cas and another for /helloWorld The problem is that then I access https://blah:8443/cas/logout, I see the logged out succesfuly screen but the cookies still are in my browser, so I'm not being loged out, I can get in again in /helloWorld without the login screen showing up. Do you know what should I do for CAS to

Stateless CAS - The supplied proxy callback url j_spring_cas_security_proxyreceptor' could not be authenticated

杀马特。学长 韩版系。学妹 提交于 2019-12-12 05:39:56
问题 I need to secure my RESTful stateless webservices with CAS and right now I'm trying to follow this Spring Stateless CAS demo but continuously getting a following error: 22:42:27.885 [http-nio-8443-exec-8] [first-spring-stateless] DEBUG o.s.s.c.web.CasAuthenticationFilter - Authentication request failed: org.springframework.security.authentication.BadCredentialsException: The supplied proxy callback url 'https://localhost:8443/first-spring-stateless/j_spring_cas_security_proxyreceptor' could

Jasig CAS SSO .NET client not logging out from other apps

别等时光非礼了梦想. 提交于 2019-12-12 03:47:12
问题 I am using the Jasig CAS .NET client to authenticate in my application using SSO from a server. I have implemented everything just like the documentation says and added [Authorize] in all my controllers. Log in is working fine from my app and the one I'm trying to integrate with. I can log in from either app and the user is authenticated. The problem is with the log out. If I log out from the other app, the user will still have access in my application. Is this because CAS log off can't

Use Jasig CAS délégation with 2 IdP (ADFS or others)

…衆ロ難τιáo~ 提交于 2019-12-12 02:22:40
问题 I want to use Jasig CAS (Apereo CAS), but in authentication delegation with IdP. My question is : it is possible to configure CAS for delegate authentification with two IdP ? How can I do that ? How did the WAYF ? And in the best possible way that must run with 2 ADFS :) I see that (cas-pac4j) : http://jasig.github.io/cas/development/integration/Delegate-Authentication.html But I don't see if it is possible to configure 2 IdP. Thanks 回答1: I make my WAYF application with CAS 4.1.3 and Pac4J 1

CAS server cross subdomain ST ticket

时光毁灭记忆、已成空白 提交于 2019-12-12 02:22:10
问题 I have own Jasig CAS server: https://cas.example.com Also, I have two subdomains(applications) connected to this CAS server, for example: https://ui.example.com https://api.example.com I can successfully create ST ticket for https://ui.example.com with a following request: https://cas.example.com/login?service=https://ui.example.com response: https://cas.example.com/?ticket=ST-5-p5rVK3OWBKPzwAAZteNw-cas.example.com/ but I'm unable to use this ticket for https://api.example.com https://api

adding jasig CAS authentication for OBIEE (Oracle Business Inteligence)11g

雨燕双飞 提交于 2019-12-10 16:35:29
问题 I'm trying to add CAS as an authentication provider for OBIEE 11g. up until now I've added the cas-client-core-3.2.1.jar jar to $MW_HOME/wlserver_10.3/server/lib/consoleapp/webapp/WEB-INF/lib/ and configure $MW_HOME/wlserver_10.3/server/lib/consoleapp/webapp/WEB-INF/web.xml with the the flowing elements: <filter> <filter-name>CAS Authentication Filter</filter-name> <filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class> <init-param> <param-name>casServerLoginUrl<