全部。我尝试根据https://dacurry-tns.github.io/deploying-apereo-cas的指南构建CAS服务器。构建完CAS环境后,我在同一服务器上使用Apache2服务器创建了一个试用应用程序。
在试用阶段,我的客户端应用程序出现问题:
未经授权
此服务器无法验证您是否有权访问 要求的文件。您提供的凭据不正确(例如, 密码错误),或者您的浏览器不了解如何提供 所需的凭据。
位于cas.sentrasoft.com端口443的Apache / 2.4.18(Ubuntu)服务器
登录后出现此问题。cas的以下配置:
etc / cas / config / cas.properties
cas.server.name: https://cas.domain.com:8443
cas.server.prefix: https://cas.domain.com:8443/cas
cas.adminPagesSecurity.ip=127\.0\.0\.1
cas.tgc.secure: true
cas.tgc.crypto.signing.key: xxxxxxxx
cas.tgc.crypto.encryption.key: xxxxxxxxxxxxxxxx
cas.webflow.crypto.signing.key: xxxxxxxxxxxxxxxxxxxxxxxxx
cas.webflow.crypto.encryption.key: xxxxxxxxxxxxxxxxxxxxxx
cas.serviceRegistry.initFromJson: true
cas.serviceRegistry.json.location: file:/etc/cas/services
logging.config: file:/etc/cas/config/log4j2.xml
etc / cas / services / HTTPSandIMAPSwildcard-1503925297.json
{
/*
* Wildcard service definition that applies to any https or imaps url.
* Do not use this definition in a production environment.
*/
"@class" : "org.apereo.cas.services.RegexRegisteredService",
"serviceId" : "^(https|imaps)://.*",
"name" : "HTTPS and IMAPS wildcard",
"id" : 1503925297,
"evaluationOrder" : 99999
}
apache站点虚拟主机配置
<VirtualHost *:443>
ServerName cas.domain.com
ServerAdmin admin@domain.com
<Directory "/var/www/html">
<IfModule mod_auth_cas.c>
AuthType CAS
</IfModule>
# Options Indexes FollowSymLinks
# AllowOverride All
# Require all granted
Require valid-user
</Directory>
<IfModule mod_auth_cas.c>
CASLoginUrl https://cas.domain.com:8443/cas/login
CASValidateUrl https://cas.domain.com:8443/cas/serviceValidate
CASCookiePath /var/cache/apache2/mod_auth_cas/
CASCertificatePath /etc/pki/tls/certs/cas.crt
CASSSOEnabled On
CASDebug On
</IfModule>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLCertificateFile /etc/pki/tls/certs/cas.crt
SSLCertificateKeyFile /etc/pki/tls/private/cas.key
</VirtualHost>
谁能帮助解决未经授权的问题?谢谢。