1.准备两个个全新的tomcat8,用来作为sso单点登录的客户端,如下:
2.修改server.xml文件(因为考虑到端口冲突,所以将里面的端口全部改掉)
需要源码 点击这里
其中apache-tomcat-client1-8082的端口改成了8082
其中apache-tomcat-client2-8083的端口改成了8083
apache-tomcat-client1-8082添加:
1 2 3 |
<host name= "sso1.jeesz.cn" appbase= "webapps" unpackwars= "true" autodeploy= "true" >
apache-tomcat-client1- 8083 添加:
<host name= "sso2.jeesz.cn" appbase= "webapps" unpackwars= "true" autodeploy= "true" ></host name= "sso2.jeesz.cn" appbase= "webapps" ></host name= "sso1.jeesz.cn" appbase= "webapps" >
|
3.创建两个web工程,sso1,sso2,配置web.xml文件如下(这里只以sso1为例,sso2的配置可以在项目中查看):
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 |
<listener>
<listener- class >org.jasig.cas.client.session.SingleSignOutHttpSessionListener</listener- class >
</listener>
<filter>
<filter-name>CAS Single Sign Out Filter</filter-name>
<filter- class >org.jasig.cas.client.session.SingleSignOutFilter</filter- class >
</filter>
<filter-mapping>
<filter-name>CAS Single Sign Out Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>CAS Filter</filter-name>
<filter- class >org.jasig.cas.client.authentication.AuthenticationFilter</filter- class >
<init-param>
<param-name>casServerLoginUrl</param-name>
<param-value>https: //jeesz.cn:8443/cas/login</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>http: //sso1.jeesz.cn:8082</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CAS Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>CAS Validation Filter</filter-name>
<filter- class >
org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</filter- class >
<init-param>
<param-name>casServerUrlPrefix</param-name>
<param-value>https: //jeesz.cn:8443/cas</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>http: //sso1.jeesz.cn:8082</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CAS Validation Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<filter- class >
org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter- class >
</filter>
<filter-mapping>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>CAS Assertion Thread Local Filter</filter-name>
<filter- class >org.jasig.cas.client.util.AssertionThreadLocalFilter</filter- class >
</filter>
<filter-mapping>
<filter-name>CAS Assertion Thread Local Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
|
注意标红色的区域
4.将sso1、sso2两个项目分别打成war包导入到两个tomcat中,分别启动运行,
此时访问:http://sso1.jeesz.cn:8082/sso1会出现一个异常,我们截图用来记录错误
这个错误很明显,我们需要配置当前容器支持http,找到cas项目下的HTTPSandIMAPS-10000001.json文件,路径为:\WEB-INF\classes\services,里面增加http协议支持。
5.重启sso的服务端,再次访问http://sso1.jeesz.cn:8082/sso1(成功跳转)
6.其中sso2的客户端,访问http://sso2.jeesz.cn:8083/sso2(成功跳转)
7.反复用默认账号测试登录登出,访问sso1,sso2应用,可以确认只需要登录一次