1.编辑CAS下的deployerConfigContext.xml,注释其中的SimpleTestUsernamePasswordAuthenticationHandler验证Handler,添加以下代码:
<property name="authenticationHandlers"> <list> <bean class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler" p:httpClient-ref="httpClient" /> <bean class="org.jasig.cas.adaptors.ldap.FastBindLdapAuthenticationHandler" > <property name="filter" value="%u" /> <property name="contextSource" ref="contextSource" /> <property name="ignorePartialResultException" value="yes" /> </bean> </list> </property>
<bean id="contextSource" class="org.springframework.ldap.core.support.LdapContextSource"> <property name="pooled" value="false"/> <property name="url" value="ldap://172.16.5.1:389" /> <property name="userDn" value="userDn"/> <property name="password" value="password"/> <property name="baseEnvironmentProperties"> <map> <entry key="com.sun.jndi.ldap.connect.timeout" value="3000" /> <entry key="com.sun.jndi.ldap.read.timeout" value="3000" /> <entry key="java.naming.security.authentication" value="simple" /> </map> </property> </bean>
2.为了支持LDAP认证方式,需拷贝以下几个jar包到cas/WEB-INF/lib/ 目录下:
cas-server-support-ldap-3.5.2.jar
spring-ldap-core-1.3.1.RELEASE.jar
spring-ldap-core-tiger-1.3.1.RELEASE.jar