Shulou(Shulou.com)06/01 Report--

This article mainly introduces "what is Shiro integrated CAS certification processing method". In daily operation, I believe many people have doubts about what Shiro integrated CAS certification processing method is. Xiaobian consulted various materials and sorted out simple and easy operation methods. I hope to help you answer the doubts of "Shiro integrated CAS certification processing method"! Next, please follow the small series to learn together!

2. Specific content

2.1 Introduction to Shiro and CAS Integration

Shiro must be the most popular authorization management framework now, but it is no longer the most traditional Shiro processing, because the processing at this time involves CAS to implement the operation part of authentication, so for Shiro, it still needs to implement authentication and authorization detection, but this time authentication should be completed by CAS.

In the real development process, it is impossible for clients to access CAS servers directly.

1. You need to import the server-side certificate in the JDK of the local windows system:

Premise: JAVA_HOME environment attributes have been configured correctly:

·The path to the server-side certificate: D:\server.cer;

·Authentication authorization library: E:\ProgramFiles\Java\jdk1.8.0_74\jre\lib\security\cacerts;

keytool-import-aliasserver-filed:\server.cer-keystore"%JAVA_HOME%\jre\lib\security\cacerts"-storepasschangeit

·List all local keystores:

keytool-list-keystore"%JAVA_HOME%\jre\lib\security\cacerts"-storepasschangeit

Search if there is a server (alias);2. You need to modify the CAS configuration file to support http protocol access:

·Modify files:

vim/usr/local/tomcat/webapps/cas/WEB-INF/classes/services/HTTPSandIMAPS-10000001.json;

2. You need to modify the CAS configuration file to support http protocol access:

·Modify file: vim/usr/local/tomcat/webapps/cas/WEB-INF/classes/services/HTTPSandIMAPS-1000001.json;

"serviceId":"^(http|https|imaps)://.* ",

then http protocol access paths will be supported at this time.

2.2 Implementation of CasRealm

If you want to use CAS as the entire authentication process in your project, you first need to import a development package:

·Modify pom.xml file to add shiro and cas integration processing package:

2, modify the database script, now has been integrated together, then the current data table should contain roles, permissions and other information.

At this time, all query contents will be handed over to CAS, and Shiro is only responsible for obtaining role and permission data.

Example: Define a MemberCasRealm program class that inherits from the CasRealm parent class

At this point, it is found that only the user authentication part of the Realm used has changed, while the role and permission operations are still read directly through the business layer as before.

2.3、

environment configuration

1. The IP address of the database currently in use is: 192.168.122.204, so you should first modify the database.properties file and modify the MySQL path:

db.driver=org.gjt.mm.mysql.Driver db.url=jdbc:mysql://192.168.122.204:3306/shirodb db.user=root db.password=mysqladmin db.maxPoolSize=1db.maxIdleTime=1db.minPoolSize=1db.initialPoolSize=1

2. Modify the current Realm usage type (applicationContext.xml file):

6. All accesses appear in the form of domain names, so you need to modify the hosts file and add domain names:

127.0.0.1shiro.com

·authenticated access path: http://shiro.com/shirodemo/shiro-cas;

has member role shiro:hasRole>

Background will appear role and permission information query prompt information.

At this point, the study of "What is the Shiro integration CAS certification method" is over, and I hope to solve everyone's doubts. Theory and practice can better match to help everyone learn, go and try it! If you want to continue learning more relevant knowledge, please continue to pay attention to the website, Xiaobian will continue to strive to bring more practical articles for everyone!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.