本节介绍一下客户端如何配置,客户端配置没有服务端那么复杂...
客户端Tomcat配置
-
首先确认证书文件已经拷贝到Tomcat的目录下,我们新建两个客户端的web应用,分别命名为Client1,Client2,在页面上稍作处理用于区分即可。
[注意] 我们使用两个Tomcat,一个模拟服务器,一个模拟客户端。如果哦使用同一个Tomcat请注意区分端口!
-
打开server.xml,在<server></server>中配置如下:
<Service name="Client1"><Connector port="6111" maxHttpHeaderSize="8891"maxThreads="150" minSpareThreads="25" maxSpareThreads="75"enableLookups="false" redirectPort="8443" acceptCount="100"connectionTimeout="20000" disableUploadTimeout="true" URIEncoding="GBK" /> <Engine name="Client1" defaultHost="Client1"><Realm className="org.apache.catalina.realm.UserDatabaseRealm"resourceName="UserDatabase"/><Host name="Client1" appBase="E:\Deployment\Client1\"unpackWARs="true" autoDeploy="true"xmlValidation="false" xmlNamespaceAware="false"></Host></Engine></Service>
以上配置表示为Client1指定端口号为6111,部署到E:\Deployment\Client1\目录下。为Client2选择不同的端口号做同样的配置,完成后进行部署。
[注意]部署时我们采用如下步骤:
![CAS单点登录配置:[4]客户端配置](http://b.hiphotos.baidu.com/exp/w=500/sign=007416c4818ba61edfeec82f713497cc/ac6eddc451da81cb889a93c35166d016092431bb.jpg)
-
部署成功:同时E:\Deployment\Client1\下会多出部署的文件
![CAS单点登录配置:[4]客户端配置](http://h.hiphotos.baidu.com/exp/w=500/sign=ab8c7be18eb1cb133e693c13ed5456da/bba1cd11728b47102636edc2c0cec3fdfc0323a6.jpg)
END
Web.xml配置
-
将如下配置拷贝到web.xml中,并修改加黑倾斜处
<filter><filter-name>CAS Single Sign Out Filter</filter-name><filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class></filter><filter-mapping><filter-name>CAS Single Sign Out Filter</filter-name><url-pattern>/*</url-pattern></filter-mapping><listener><listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class></listener><!--Single Sign on --><filter><filter-name>CAS Authentication Filter</filter-name><filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class><!--The following address is CAS server address, using default port 443 --><init-param><param-name>casServerLoginUrl</param-name> <param-value>https://fighting.com/cas/login</param-value></init-param><init-param><param-name>renew</param-name><param-value>false</param-value></init-param><init-param><param-name>gateway</param-name><param-value>false</param-value></init-param><!-- Client application address --><init-param><param-name>serverName</param-name><param-value>http://fighting.com:6111</param-value></init-param></filter><!--Ticket Validation --><filter><filter-name>CAS Validation Filter</filter-name><filter-class>org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</filter-class><init-param> <param-name>redirectAfterValidation</param-name> <param-value>true</param-value> </init-param><init-param><param-name>casServerUrlPrefix</param-name> <param-value>https://fighting.com/cas</param-value></init-param><init-param><param-name>serverName</param-name><param-value>http://fighting.com:6111</param-value></init-param><init-param><param-name>useSession</param-name><param-value>true</param-value></init-param><init-param><param-name>redirectAfterValidation</param-name><param-value>true</param-value></init-param></filter><filter><filter-name>CAS HttpServletRequest WrapperFilter</filter-name><filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class></filter><filter><filter-name>CAS Assertion Thread Local Filter</filter-name><filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class></filter><filter-mapping><filter-name>CAS Authentication Filter</filter-name><url-pattern>/*</url-pattern></filter-mapping><filter-mapping><filter-name>CAS Validation Filter</filter-name><url-pattern>/*</url-pattern></filter-mapping><filter-mapping><filter-name>CAS HttpServletRequest WrapperFilter</filter-name><url-pattern>/*</url-pattern></filter-mapping><filter-mapping><filter-name>CAS Assertion Thread Local Filter</filter-name><url-pattern>/*</url-pattern></filter-mapping>
-
客户端配置就这么简单,如果运行时报如下错误,
请将cas-client-core-3.2.0.jar、commons-logging-1.1.jar复制到tomcat的lib中
![CAS单点登录配置:[4]客户端配置](http://c.hiphotos.baidu.com/exp/w=500/sign=e5f76799da33c895a67e987be1127397/4bed2e738bd4b31c6dd284b584d6277f9f2ff8d6.jpg)
END