liferay4.3笔记之整合CAS server进行单点登录(SSO)
2008-04-07 10:39
323 查看
Lieferay和web项目中整合Liferay CAS server建立SSO,针对4.3版本进行如下操作
1、设置CAS server
首先下载cas-server WAR包,并将cas-web.war文件放入Tomcat's webapps目录下
编辑 tomcat 下的server.xml
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
<Connector port="8443" maxHttpHeaderSize="8192"
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
enableLookups="false" disableUploadTimeout="true"
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
acceptCount="100" scheme="https" secure="true"
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
clientAuth="false" sslProtocol="TLS" />
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
2、设置CAS client
下载cas-client-2.0.11,放至lib下
3、设置数字签名
在java环境中用使用keytool 进行设置
keytool -export -alias tomcat -keypass changeit -file %FILE_NAME%
keytool -import -alias tomcat -file %FILE_NAME% -keypass changeit -keystore %JAVA_HOME%/jre/lib/security/cacerts
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
D:/Java/jdk1.5/bin>keytool -export -alias tomcat -keypass changeit -file c:/server.cart
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
输入keystore密码: changeit
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
保存在文件中的认证 <c:/server.cart>
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
D:/Java/jdk1.5/bin>keytool -import -alias tomcat -file c:/server.cart -keypass changeit -keystore c:/cacerts
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
输入keystore密码: changeit
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
Owner: CN=localhost, OU=Unknown, O=Unknown, L=Unknown, ST=Unknown, C=Unknown
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
发照者: CN=localhost, OU=Unknown, O=Unknown, L=Unknown, ST=Unknown, C=Unknown
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
序号: 46d28617
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
有效期间: Mon Aug 27 16:06:47 CST 2007 至: Sun Nov 25 16:06:47 CST 2007
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
认证指纹:
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
MD5: 0E:27:55:74:D0:56:E8:39:B8:0D:58:1E:69:7B:C6:C5
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
SHA1: AD:7F:90:87:2B:18:99:07:DE:A6:A8:78:90:9F:86:CB:18:A8:67:03
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
信任这个认证? [否]: y
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
认证已添加至keystore中
4、设置Liferay Portal
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
<filter>
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
<filter-name>CAS Filter</filter-name>
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
<filter-class>edu.yale.its.tp.cas.client.filter.CASFilter</filter-class>
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
<init-param>
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
<param-name>edu.yale.its.tp.cas.client.filter.loginUrl</param-name>
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
<param-value>https://localhost:8443/cas-web/login</param-value>
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
</init-param>
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
<init-param>
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
<param-name>edu.yale.its.tp.cas.client.filter.validateUrl</param-name>
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
<param-value>https://localhost:8443/cas-web/proxyValidate</param-value>
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
</init-param>
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
<init-param>
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
<param-name>edu.yale.its.tp.cas.client.filter.serviceUrl</param-name>
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
<param-value>http://localhost:8080/c/portal/login</param-value>
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
</init-param>
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
</filter>
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
5、test SSO
相关问题汇总:
http://wiki.liferay.com/index.php/Single_SignOn_-_Integrating_Liferay_With_CAS_Server#Instructions_for_Liferay_4.2
1、设置CAS server
首先下载cas-server WAR包,并将cas-web.war文件放入Tomcat's webapps目录下
编辑 tomcat 下的server.xml
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
<Connector port="8443" maxHttpHeaderSize="8192"
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
enableLookups="false" disableUploadTimeout="true"
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
acceptCount="100" scheme="https" secure="true"
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
clientAuth="false" sslProtocol="TLS" />
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
2、设置CAS client
下载cas-client-2.0.11,放至lib下
3、设置数字签名
在java环境中用使用keytool 进行设置
D:/Java/jdk1.5/bin>keytool -genkey -alias tomcat -keypass changeit -keyalg RSA
输入keystore密码: changeit
您的名字与姓氏是什么?
[Unknown]: localhost
您的组织单位名称是什么?
[Unknown]:
您的组织名称是什么?
[Unknown]:
您所在的城市或区域名称是什么?
[Unknown]:
您所在的州或省份名称是什么?
[Unknown]:
该单位的两字母国家代码是什么
[Unknown]:
CN=localhost, OU=Unknown, O=Unknown, L=Unknown, ST=Unknown, C=Unknown 正确吗?
[否]: y
keytool -export -alias tomcat -keypass changeit -file %FILE_NAME%
keytool -import -alias tomcat -file %FILE_NAME% -keypass changeit -keystore %JAVA_HOME%/jre/lib/security/cacerts
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
D:/Java/jdk1.5/bin>keytool -export -alias tomcat -keypass changeit -file c:/server.cart
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
输入keystore密码: changeit
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
保存在文件中的认证 <c:/server.cart>
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
D:/Java/jdk1.5/bin>keytool -import -alias tomcat -file c:/server.cart -keypass changeit -keystore c:/cacerts
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
输入keystore密码: changeit
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
Owner: CN=localhost, OU=Unknown, O=Unknown, L=Unknown, ST=Unknown, C=Unknown
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
发照者: CN=localhost, OU=Unknown, O=Unknown, L=Unknown, ST=Unknown, C=Unknown
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
序号: 46d28617
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
有效期间: Mon Aug 27 16:06:47 CST 2007 至: Sun Nov 25 16:06:47 CST 2007
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
认证指纹:
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
MD5: 0E:27:55:74:D0:56:E8:39:B8:0D:58:1E:69:7B:C6:C5
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
SHA1: AD:7F:90:87:2B:18:99:07:DE:A6:A8:78:90:9F:86:CB:18:A8:67:03
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
信任这个认证? [否]: y
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
认证已添加至keystore中
4、设置Liferay Portal
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
<filter>
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
<filter-name>CAS Filter</filter-name>
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
<filter-class>edu.yale.its.tp.cas.client.filter.CASFilter</filter-class>
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
<init-param>
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
<param-name>edu.yale.its.tp.cas.client.filter.loginUrl</param-name>
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
<param-value>https://localhost:8443/cas-web/login</param-value>
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
</init-param>
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
<init-param>
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
<param-name>edu.yale.its.tp.cas.client.filter.validateUrl</param-name>
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
<param-value>https://localhost:8443/cas-web/proxyValidate</param-value>
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
</init-param>
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
<init-param>
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
<param-name>edu.yale.its.tp.cas.client.filter.serviceUrl</param-name>
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
<param-value>http://localhost:8080/c/portal/login</param-value>
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
</init-param>
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
</filter>
![](http://www.blogjava.net/Images/OutliningIndicators/None.gif)
5、test SSO
相关问题汇总:
http://wiki.liferay.com/index.php/Single_SignOn_-_Integrating_Liferay_With_CAS_Server#Instructions_for_Liferay_4.2
相关文章推荐
- SSO单点登录系列4:cas-server登录页面自定义修改过程(jsp页面修改)
- 使用单点登录(sso cas )整合dz论坛
- SSO单点登录系列3:cas-server端配置认证方式实践
- cas sso 整合记录
- Liferay SSO CAS 集成
- Single SignOn - Integrating Liferay With CAS Server
- 最新的vue webpack模板没有dev-server.js文件,进行后台数据模拟笔记
- Liferay门户与CAS实现SSO单点登录
- Maven下SSM项目整合笔记04:使用测试类进行数据库增删改查的测试
- SSO单点登录系列5:cas单点登录增加验证码功能完整步骤
- Spring+Shiro+CAS整合配置笔记
- CAS Server实现单点登录(Single Sign On , 简称 SSO )(裴东辉)
- 学习笔记 Flex和Java整合中如何进行配置
- CAS解决单点登录SSO
- Liferay SSO CAS 集成
- Single SignOn - Integrating Liferay With CAS Server
- Liferay 5.1.1 安装与整合CAS
- Apache Shiro with CAS SSO Server学习笔记
- Yale CAS SSO + JForum-2.1.8 + Tomcat 5.5 的整合步骤