Shulou(Shulou.com)06/02 Report--

The author of CAS project is Apereo, an open source and free authentication server. The source code has been hosted on github. The latest version is 5.2.0 GitHub. Some versions of cas project have corresponding Installation Requirements. You can check the relationship between cas project and jdk version:

I am now in the computer environment: jdk1.7.0_75,gradle4.3.1, so I downloaded the cas4.2.1 version (address: https://github.com/apereo/cas/releases/tag/v4.2.1) and started to build it.

1. Generate cas.war with source code

After decompressing, enter the\ cas-4.2.1\ directory from cmd and execute the command:

Gradle build

(the latest version of cas5.2.0 was downloaded at that time, and an error was reported after executing the command: Could not download gradle-lint-plugin.jar (com.netflix.nebula:gradle-lint-plugin:8.3.1). This may be due to the incorrect version of jdk. The company network does not support downloading jdk1.8., without digging into it, just change it to cas4.2.1.)

An error was reported after executing the order:

Could not resolve nl.eveoh:gradle-aspectj:1.6

The jar package cannot be downloaded (cmd enters the\ cas-4.2.1\ cas-server-webapp directory and executes the command: gradle build, the same error). It is not because the network is bad, there is no such package in the warehouse (including central warehouse and ali cloud), and the warehouse address written in the project source code does not have this path. Search shows that this jar package is also referenced in an open source project. The warehouse address is matched with:

Https://maven.eveoh.nl/content/repositories/releases

Again, there is no such path. After searching, this jar package is an open source project on github. You can download it and package it by yourself. Source code address:

Https://github.com/eveoh/gradle-aspectj

The latest version is gradle-aspectj-2.1. Select the tag tag from branch:master, select version 1.6, and then download the source code. After local decompression, go to the root directory of the source code from cmd and execute the command package: gradle build. The desired jar package will be generated under build/libs:

Then send the generated jar package to the local maven warehouse (I put the jar package under disk D, which is the following command. If the jar package is not under disk D, you need to modify the jar path behind-Dfile), command:

Mvn install:install-file-Dfile=D:\ gradle-aspectj-1.6.jar-DgroupId=nl.eveoh-DartifactId=gradle-aspectj-Dversion=1.6-Dpackaging=jar

Successful entry, the first build in the cas root directory, will build all the projects, the execution time is too long, this time I directly jump to the cas folder under the path of the cas-server-webapp subproject to execute gradle build, will be faster

The war package is generated under the cas-server-webapp\ build\ libs folder, and the war package to this cas-server is generated successfully.

2. Jdk generates certificates (if the java environment variable is configured, it can be in any directory, if there is no need for the bin directory under jdk)

There are also some detours here, some people may have questions like me, say a little more, that is, what is the suffix of generating certificates? There are three steps to write keytool to generate a certificate. One is in xxx.keystore format, the other is xxx.jks, and the other has no suffix. Except for jks, both of them have been tried. I don't know what's wrong with the operation. In the end, either tomcat can't start (prompts keystore format error) or browser access can't be started successfully (certificates are denied by trusted browsers, Firefox and IE have tried) Finally, choose jks to run successfully.

The cmd window executes the command:

Keytool-genkey-alias cascer-keyalg RSA-keypass 123456-keystore cascer.jks-storepass 123456

Fill in the domain name in the form of your name, and you can fill in the rest at will.

Generate the certificate name: cascer.jks in the current directory

Export the cer certificate:

Keytool-export-file cascer.cer-alias cascer-keystore cascer.jks-storepass 123456

Importing the cer certificate into jdk is trusted:

Keytool-import-trustcacerts-alias cascer-file cascer.cer-keystore "D:\ xxx\ jdk7\ jre\ lib\ security\ cacerts"-storepass 123456

You need to modify the cacerts file path.

3. Tomcat configuration and deployment

First, rename the cas-serverxxx.war generated in the first step to cas.war, and put the war file in the webapps folder under tomcat

Then put the cascer.jks file generated in the second step into the conf folder under the tomcat directory

Finally configure the conf/server.xml file

Tomcat7 configuration: search for https, and there is only one place in the file. Release the comment and add the following attributes (if not, forget what it was like in the first place after you change it):

SSLEnabled= "true"

Scheme= "https"

Secure= "true"

ClientAuth= "false"

SslProtocol= "TLS"

KeystoreFile= "conf/cascer.jks"

KeystorePass= "123456"

Protocol= "org.apache.coyote.http11.Http11NioProtocol" (this default value is not nio,tomcat8, which is already in this mode by default, but can be changed or not)

There is no https in tomcat8, you can find it by searching port= "8443". Add the SSLHostConfig tag, but don't study this for the time being. Comment this out and configure it in accordance with the configuration in tomcat7.

After the configuration is completed, launch tomcat, browser access: https://localhost:8443/cas, tomcat7 and tomcat8 can all be accessed successfully

Enter the default user name: casuser, password: Mellon, login should be successful.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.