CAS 5.3.2 integration OAUTH2.0

Language 2020-01-21 11:04:57 views: null

CAS 5.3.2 integration OAUTH2.0

  1. War package constructed based cas-overlay-template-5.3, an increase in pom.xml:
		<dependency>
			<groupId>org.apereo.cas</groupId>
			<artifactId>cas-server-support-oauth-webflow</artifactId>
			<version>${cas.version}</version>
		</dependency>

2. The directory execute mvn clean package build war packages.
3. In the C: \ Windows \ System32 \ drivers \ etc \ hosts to add the following configuration:

127.0.0.1 cas.demo.org
  1. In the WEB-INF \ classes \ application.properties add the following configuration:
cas.server.name=https://cas.demo.org:8443
cas.server.prefix=https://cas.demo.org:8443/cas
cas.tgc.secure=false
cas.serviceRegistry.initFromJson=true

4. Integrated SSO be accessed with HTTPS, the certificate and the domain name must match, the CN generates the certificate must match the current domain name (the test error found unable to find valid certification path to requested target, and therefore must be trusted certificate may be Ali cloud free to apply for a digital certificate).

cd %JAVA_HOME%\bin
keytool -genkey -alias cas -keyalg RSA -keysize 2048 -keypass 123456 -storepass 123456 -keystore C:\demo.keystore -dname "CN=*.demo.org,OU=casexample.com,O=casexample,L=casexample,ST=casexample,C=CN" -deststoretype pkcs12

5. The certificate demo.keystore copied to tomcat conf directory, and the certificate tomcat configuration.

	<Connector
           protocol="org.apache.coyote.http11.Http11NioProtocol"
           port="8443" maxThreads="200"
           scheme="https" secure="true" SSLEnabled="true"
           clientAuth="false" sslProtocol="TLS"
           keystoreFile="conf/demo.keystore" keystorePass="jpsoft"/>

6. New service-auth-all-10000003.json the WEB-INF \ classes \ services (note need to be able to match the subsequent serviceId redirect_uri):

{
  "@class" : "org.apereo.cas.support.oauth.services.OAuthRegisteredService",
  "clientId": "helloworld",
  "clientSecret": "123456",
  "bypassApprovalPrompt": false,
  "generateRefreshToken": false,
  "serviceId" : "^(http|https|imaps)://.*",
  "name" : "My OAuth service ",
  "id" : 10000003,
  "attributeReleasePolicy" : {
    "@class" : "org.apereo.cas.services.ReturnAllAttributeReleasePolicy"
  }
}

7. Start tomcat, in the browser access:
acquiring code:
https://cas.demo.org:8443/cas/oauth2.0/authorize?response_type=code&client_id=helloworld&redirect_uri=http://www.baidu.com

获取accessToken:
https://cas.demo.org:8443/cas/oauth2.0/accessToken?grant_type=authorization_code&client_id=helloworld&client_secret=123456&code=OC-2-3M6BedCz7TLIz0rpJUm-uLzPoFBbPOO0&redirect_uri=http://www.baidu.com
access_token=AT-1-ty4OH9pVHfZJPvcG7foejTPIFyepmxP1&expires_in=28800

Get Profile:
https://cas.demo.org:8443/cas/oauth2.0/profile?access_token=AT-1-ty4OH9pVHfZJPvcG7foejTPIFyepmxP1

tomatozq
Published 38 original articles · won praise 4 · Views 190,000 +
Private letter concerns

Guess you like

Origin blog.csdn.net/tomatozq/article/details/104054498
Recommended
TIOBE May list: Fortran “resurrected” into Top 10
GCC 14.1 released
Ranking
B. Little Girl and Game【1300 / 回文字符串 博弈论】
CIKERS Shane 20190613
"Javascript advanced programming" study notes - the constructor and prototype
beeline hiveserver2 start
springboot - Automatically backup mysql data every day
Data Storage Full Solution--Detailed Persistence Technology
Detailed Explanation of Spring Web MVC DispatcherServlet—Official Original
TCP / IP protocol layers structure and function
Command type literal pos: unknown; Fallback type literal pos: unknown] with root cause
Design of multifunctional curtain controller with indoor anti-theft alarm
Daily
More
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)

Code World

© 2018 codetd.com