?

國內(nèi)私募機(jī)構(gòu)九鼎控股打造APP，來就送?20元現(xiàn)金領(lǐng)取地址：http://jdb.jiudingcapital.com/phone.html
內(nèi)部邀請碼：C8E245J?（不寫邀請碼，沒有現(xiàn)金送）
國內(nèi)私募機(jī)構(gòu)九鼎控股打造，九鼎投資是在全國股份轉(zhuǎn)讓系統(tǒng)掛牌的公眾公司，股票代碼為430719，為“中國PE第一股”，市值超1000億元。?

?

?

?

------------------------------------------------------------------------------------------------------------------------------------------------------------------

?

?

?

?

http://docs.jboss.com/jbportal/v2.7.1/referenceGuide/html/sso.html#d0e11667

21.3.?CAS - Central Authentication Service

This Single Sign On plugin enables seamless integration between JBoss Portal and the CAS Single Sign On Framework. Details about CAS can be found?here

21.3.1.?Integration steps

Note

The steps below assume that CAS server and JBoss Portal will be deployed on the same JBoss Application Server instance. CAS will be configured to leverage identity services exposed by JBoss Portal to perform authentication. Procedure may be slightly different for other deployment scenarios. Both JBoss Portal and CAS will need to be configured to authenticate against same database or LDAP server. Please see CAS documentation to learn how to setup it up against proper identity store.

Note

Configuration below assumes that JBoss Application Server is HTTPS enabled and operates on standard ports: 80 (for HTTP) and 443 (for HTTPS).

Install CAS server (v 3.0.7). This should be as simple as deploying single?cas.war?file.

Copy?portal-identity-lib.jar?and?portal-identity-sso-lib.jar?files from$JBOSS_HOME/server/default/deploy/jboss-portal.sar/lib?to$JBOSS_HOME/server/default/deploy/cas.war/WEB-INF/lib.

Edit?$JBOSS_HOME/server/default/deploy/jboss-portal.sar/portal-server.war/WEB-INF/context.xml?file and enable proper Apache Tomcat Valve by uncommenting following lines: <Valve className="org.jboss.portal.identity.sso.cas.CASAuthenticationValve"casLogin="https://localhost/cas/login"casValidate="https://localhost/cas/serviceValidate"casServerName="localhost"authType="FORM" /> Update valve options as follow:

• casLogin:?URL of your CAS Authentication Server
• casValidate:?URL of your CAS Authentication Server validation service
• casServerName:?the hostname:port combination of your CAS Authentication Server

Note

CAS client requires to use SSL connection. To learn how to setup JBoss Application Server to use HTTPS see here

Copy?casclient.jar?into?$JBOSS_HOME/server/default/deploy/jboss-portal.sar/lib. You can download this file from CAS homepage or from JBoss repository underhttp://repository.jboss.com/cas/3.0.7/lib/

Note

The CAS engine does not accept self-signed SSL certificates. This requirement is fine for production use where a production level SSL certificate is available. However, for testing purposes, this can get a little annoying. Hence, if you are having this issue, you can usecasclient-lenient.jar?instead.

Edit?$JBOSS_HOME/server/default/deploy/jboss-portal.sar/META-INF/jboss-service.xml?file and uncomment following lines: <mbeancode="org.jboss.portal.identity.sso.cas.CASAuthenticationService"name="portal:service=Module,type=CASAuthenticationService"xmbean-dd=""xmbean-code="org.jboss.portal.jems.as.system.JBossServiceModelMBean"><xmbean/><depends>portal:service=Module,type=IdentityServiceController</depends><attribute name="HavingRole"></attribute> </mbean> This will expose special service in JBoss Portal that can be leveraged by CAS AuthenticationHandler if the server is deployed on the same application server instance. This AuthenticationHandler will be enabled in next 2 steps.

Edit?$JBOSS_HOME/server/default/deploy/cas.war/WEB-INF/deployerConfigContext.xml?and add following line in the?authenticationHandlers?section: <bean class="org.jboss.portal.identity.sso.cas.CASAuthenticationHandler" /> This can replace default?SimpleTestUsernamePasswordAuthenticationHandler?so whole part of this config file can look as follows: <property name="authenticationHandlers"><list><!--| This is the authentication handler that authenticates services by means of callback via SSL, thereby validating| a server side SSL certificate.+--><beanclass="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler"><propertyname="httpClient"ref="httpClient" /></bean><!--| This is the authentication handler declaration that every CAS deployer will need to change before deploying CAS| into production. The default SimpleTestUsernamePasswordAuthenticationHandler authenticates UsernamePasswordCredentials| where the username equals the password. You will need to replace this with an AuthenticationHandler that implements your| local authentication strategy. You might accomplish this by coding a new such handler and declaring| edu.someschool.its.cas.MySpecialHandler here, or you might use one of the handlers provided in the adaptors modules.+--><bean class="org.jboss.portal.identity.sso.cas.CASAuthenticationHandler" /></list> </property>

To test the integration:

• Go to your portal. Typically, http://localhost:8080/portal
• Click on the "Login" link on the main portal page
• This should bring up the CAS Authentication Server's login screen instead of the default JBoss Portal login screen
• Input your portal username and password. For built-in portal login try user:user or admin:admin
• If login is successful, you should be redirected back to the portal with the appropriate user logged in

轉(zhuǎn)載于:https://www.cnblogs.com/AloneSword/p/3217614.html

總結(jié)

以上是生活随笔為你收集整理的Central Authentication Service的全部內(nèi)容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網(wǎng)站內(nèi)容還不錯(cuò)，歡迎將生活随笔推薦給好友。