CAS对接华为云SAML,作为idp断言提供者(也称身份提供商)

基于cas-overlay-template(https://github.com/apereo/cas-overlay-template)5.3分支代码

1、新增maven依赖

<dependency>
    <groupId>org.apereo.cas</groupId>
    <artifactId>cas-server-support-saml-idp</artifactId>
    <version>${cas.version}</version>
</dependency>

2、在src/main/resources/services目录下新增SAML-10000004.json,内容如下:

{
  "@class" : "org.apereo.cas.support.saml.services.SamlRegisteredService",
  "serviceId" : ".+",
  "name" : "SAMLService",
  "id" : 10000004,
  "evaluationOrder" : 10,
  "metadataLocation" : "https://auth.huaweicloud.com/authui/saml/metadata.xml"
}

3、新增application.yml,内容如下:

cas:
  tgc:
    secure: false
  serviceRegistry:
    initFromJson: true
  server:
    name: http://172.16.101.103:8080
    prefix: ${cas.server.name}/cas
  authn:
    saml-idp:
      entityId: GeoStack
      scope: "*"
      metadata:
        location: file:/etc/cas/saml

cas.server.name自行修改为CAS部署的IP和端口号,创建/etc/cas/saml目录

然后mvn clean package打包成war包

 

参考:https://apereo.github.io/cas/5.3.x/installation/Configuring-SAML2-Authentication.html

posted @ 2020-09-09 12:11  Nihaorz  阅读(1695)  评论(0编辑  收藏  举报