Jboss AS7 + CAS - 适用于所有应用

时间:2015-06-24 06:39:57

标签: jboss single-sign-on cas

我已经部署并运行了Jboss AS7和CAS。

此外,我还部署了测试应用程序" Hello World"我需要将其与CAS集成。我的意思是我想通过CAS请求登录以访问此应用程序。

所以,在此之后,我需要将其配置为以下工作:我将拥有更多应用程序,并希望能够通过CAS登录我的应用程序之一,然后,即使我更改了应用程序,它也是如此会记住我的。

有人可以告诉我该怎么做?

这是我的web.xml:

    <web-app id="simple" version="2.4">
    <welcome-file-list>
        <welcome-file>hello.html</welcome-file>
    </welcome-file-list>
</web-app>

<security-constraint>
        <web-resource-collection>
            <web-resource-name>All resources</web-resource-name>
            <description>Protects all resources</description>
            <url-pattern>/*</url-pattern>
        </web-resource-collection>
        <auth-constraint>
            <role-name>*</role-name>
        </auth-constraint>
    </security-constraint>

    <listener>
        <listener-class>org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener-class>
    </listener>

    <filter>
        <filter-name>CAS Single Sign Out Filter</filter-name>
        <filter-class>org.jasig.cas.client.session.SingleSignOutFilter</filter-class>
  </filter>

  <filter>
        <filter-name>CAS Authentication Filter</filter-name>
        <filter-class>
              org.jasig.cas.client.authentication.Saml11AuthenticationFilter</filter-class>
        <init-param>
              <param-name>casServerLoginUrl</param-name>
              <param-value>https://127.0.0.1:8443/cas/login</param-value>
        </init-param>
        <init-param>
        <param-name>serverName</param-name>
        <param-value>http://127.0.0.1</param-value>
    </init-param>
  </filter>

  <filter>
        <filter-name>CAS Validation Filter</filter-name>
        <filter-class>org.jasig.cas.client.validation.Saml11TicketValidationFilter</filter-class>
        <init-param>
              <param-name>casServerUrlPrefix</param-name>
              <param-value>https://127.0.0.1:8443/cas</param-value>
        </init-param>
        <init-param>
              <param-name>serverName</param-name>
              <param-value>https://127.0.0.1:8443/cas</param-value>
        </init-param>
        <init-param>
              <param-name>redirectAfterValidation</param-name>
              <param-value>true</param-value>
        </init-param>
        <init-param>
              <param-name>tolerance</param-name>
              <param-value>1000</param-value>
        </init-param>
  </filter>

  <filter>
        <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
        <filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class>
  </filter>

  <filter>
        <filter-name>CAS Assertion Thread Local Filter</filter-name>
        <filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class>
  </filter>

  <filter-mapping>
        <filter-name>CAS Single Sign Out Filter</filter-name>
        <url-pattern>/*</url-pattern>
  </filter-mapping>

  <filter-mapping>
        <filter-name>CAS Authentication Filter</filter-name>
        <url-pattern>/*</url-pattern>
  </filter-mapping>

  <filter-mapping>
        <filter-name>CAS Validation Filter</filter-name>
        <url-pattern>/*</url-pattern>
  </filter-mapping>

  <filter-mapping>
        <filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
        <url-pattern>/*</url-pattern>
  </filter-mapping>

  <filter-mapping>
    <filter-name>CAS Assertion Thread Local Filter</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>

更新:执行完您的指示后,我在尝试部署时收到此错误:

12:17:21,765 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-7) MSC00001: Failed to start service jboss.deployment.unit."test.war".INSTALL: org.jboss.msc.service.StartException in service jboss.deployment.unit."test.war".INSTALL: Failed to process phase INSTALL of deployment "test.war"
        at org.jboss.as.server.deployment.DeploymentUnitPhaseService.start(DeploymentUnitPhaseService.java:119) [jboss-as-server-7.1.1.Final.jar:7.1.1.Final]
        at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1811) [jboss-msc-1.0.2.GA.jar:1.0.2.GA]
        at org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1746) [jboss-msc-1.0.2.GA.jar:1.0.2.GA]
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) [rt.jar:1.7.0_65]
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) [rt.jar:1.7.0_65]
        at java.lang.Thread.run(Thread.java:745) [rt.jar:1.7.0_65]
Caused by: org.jboss.as.server.deployment.DeploymentUnitProcessingException: JBAS018096: Error instantiating container component: authenticator.CasAuthenticator
        at org.jboss.as.web.deployment.WarDeploymentProcessor.getInstance(WarDeploymentProcessor.java:386)
        at org.jboss.as.web.deployment.WarDeploymentProcessor.processDeployment(WarDeploymentProcessor.java:210)
        at org.jboss.as.web.deployment.WarDeploymentProcessor.deploy(WarDeploymentProcessor.java:114)
        at org.jboss.as.server.deployment.DeploymentUnitPhaseService.start(DeploymentUnitPhaseService.java:113) [jboss-as-server-7.1.1.Final.jar:7.1.1.Final]
        ... 5 more
Caused by: java.lang.ClassNotFoundException: authenticator.CasAuthenticator from [Module "deployment.test.war:main" from Service Module Loader]
        at org.jboss.modules.ModuleClassLoader.findClass(ModuleClassLoader.java:190) [jboss-modules.jar:1.1.1.GA]
        at org.jboss.modules.ConcurrentClassLoader.performLoadClassUnchecked(ConcurrentClassLoader.java:468) [jboss-modules.jar:1.1.1.GA]
        at org.jboss.modules.ConcurrentClassLoader.performLoadClassChecked(ConcurrentClassLoader.java:456) [jboss-modules.jar:1.1.1.GA]
        at org.jboss.modules.ConcurrentClassLoader.performLoadClass(ConcurrentClassLoader.java:398) [jboss-modules.jar:1.1.1.GA]
        at org.jboss.modules.ConcurrentClassLoader.loadClass(ConcurrentClassLoader.java:120) [jboss-modules.jar:1.1.1.GA]
        at org.jboss.as.web.deployment.WarDeploymentProcessor.getInstance(WarDeploymentProcessor.java:378)
        ... 8 more

12:17:21,770 INFO  [org.jboss.as.server] (HttpManagementService-threads - 16) JBAS015870: Deploy of deployment "test.war" was rolled back with failure message {"JBAS014671: Failed services" => {"jboss.deployment.unit.\"test.war\".INSTALL" => "org.jboss.msc.service.StartException in service jboss.deployment.unit.\"test.war\".INSTALL: Failed to process phase INSTALL of deployment \"test.war\""}}
12:17:21,771 INFO  [org.jboss.as.controller] (HttpManagementService-threads - 16) JBAS014774: Service status report
JBAS014777:   Services which failed to start:      service jboss.deployment.unit."test.war".INSTALL: org.jboss.msc.service.StartException in service jboss.deployment.unit."test.war".INSTALL: Failed to process phase INSTALL of deployment "test.war"

12:17:21,775 INFO  [org.jboss.as.server.deployment] (MSC service thread 1-9) JBAS015877: Stopped deployment test.war in 3ms

2 个答案:

答案 0 :(得分:1)

在standalone.xml中定义您的登录模块:

<subsystem xmlns="urn:jboss:domain:security:1.2">
        <security-domain name="cas" cache-type="default">
            <authentication>
                <login-module code="authenticator.CasLoginModule" flag="required" module="jasig">
                    <module-option name="ticketValidatorClass" value="org.jasig.cas.client.validation.Saml11TicketValidator"/>
                    <module-option name="casServerUrlPrefix" value="https://localhost:8443/cas"/>
                    <module-option name="roleGroupName" value="Roles"/>
                    <module-option name="defaultRoles" value="FOOBAR"/>
                    <module-option name="roleAttributeNames" value="Roles"/>
                </login-module>
            </authentication>
        </security-domain>

您已经在web.xml中定义了CAS安全过滤器,这就足够了,应该可以使用。

您是否在应用和服务器或CAS之间使用CAS协议?您的Jasig是否配置为使用SAML 1.1。默认情况下,jasig将使用CAS。

如果您的配置已经有效,您应该能够进行SSO。您是否创建了第二个helloworld来测试它?

对于其他应用程序中的重新身份验证,您将重定向到已知道用户已通过身份验证的CAS服务器。最后,他将再次将他重定向到应用程序并提供CAS票证。

答案 1 :(得分:1)

尝试这个https://github.com/serac/java-cas-client-test&amp;检查差异,如果只是为了你好世界的建议......

相关问题
最新问题