CAS5.X 集群配置 初版

基础版

cas-overlay  pom.xml

<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd ">
    <modelVersion>4.0.0</modelVersion>
    <groupId>org.apereo.cas</groupId>
    <artifactId>cas-overlay</artifactId>
    <packaging>war</packaging>
    <version>1.0</version>
  
<dependencies>
        <dependency>
            <groupId>mysql</groupId>
            <artifactId>mysql-connector-java</artifactId>
            <version>${mysql.driver.version}</version>
            <scope>runtime</scope>
        </dependency>

         <dependency>
            <groupId>org.apereo.cas</groupId>
            <artifactId>cas-server-webapp-tomcat</artifactId>
            <version>${cas.version}</version>
            <type>war</type>
            <scope>runtime</scope>
        </dependency>
        
        <dependency>
            <groupId>org.apereo.cas</groupId>
            <artifactId>cas-server-support-jdbc</artifactId>
            <version>${cas.version}</version>
        </dependency>
        
        <dependency>
            <groupId>org.apereo.cas</groupId>
            <artifactId>cas-server-support-oauth-webflow</artifactId>
            <version>${cas.version}</version>
        </dependency>
        
        <dependency>
            <groupId>org.apereo.cas</groupId>
            <artifactId>cas-server-support-redis-ticket-registry</artifactId>
            <version>${cas.version}</version>
        </dependency>
        
        <dependency>
          <groupId>org.apereo.cas</groupId>
          <artifactId>cas-server-webapp-session-redis</artifactId>
          <version>${cas.version}</version>
        </dependency>
        
        <dependency>
            <groupId>com.thetransactioncompany</groupId>
            <artifactId>java-property-utils</artifactId>
            <version>1.9.1</version>
        </dependency>
    
        <dependency>
            <groupId>com.thetransactioncompany</groupId>
            <artifactId>cors-filter</artifactId>
            <version>2.5</version>
        </dependency>
        
        <dependency>
            <groupId>javax.servlet</groupId>
            <artifactId>javax.servlet-api</artifactId>
            <version>3.0.1</version>
            <scope>provided</scope>
        </dependency>
        <dependency>
            <groupId>javax.servlet.jsp</groupId>
            <artifactId>jsp-api</artifactId>
            <version>2.1</version>
            <scope>provided</scope>
        </dependency>
        <dependency>
            <groupId>javax.servlet</groupId>
            <artifactId>jstl</artifactId>
            <version>1.2</version>
        </dependency>

    </dependencies>

    <properties>
        <cas.version>5.1.1</cas.version>
        <springboot.version>1.4.2.RELEASE</springboot.version>
        <maven.compiler.source>1.8</maven.compiler.source>
        <maven.compiler.target>1.8</maven.compiler.target>
        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
        <mysql.driver.version>6.0.6</mysql.driver.version>
    </properties>

    <build>
        <plugins>
            <plugin>
                <groupId>com.rimerosolutions.maven.plugins</groupId>
                <artifactId>wrapper-maven-plugin</artifactId>
                <version>0.0.4</version>
                <configuration>
                    <verifyDownload>true</verifyDownload>
                    <checksumAlgorithm>MD5</checksumAlgorithm>
                </configuration>
            </plugin>
            <plugin>
                <groupId>org.springframework.boot</groupId>
                <artifactId>spring-boot-maven-plugin</artifactId>
                <version>${springboot.version}</version>
                <configuration>
                    <mainClass>org.springframework.boot.loader.WarLauncher</mainClass>
                    <addResources>true</addResources>
                </configuration>
            </plugin>
            <plugin>
                <groupId>org.apache.maven.plugins</groupId>
                <artifactId>maven-war-plugin</artifactId>
                <version>2.6</version>
                <configuration>
                    <warName>cas</warName>
                    <failOnMissingWebXml>false</failOnMissingWebXml>
                    <recompressZippedFiles>false</recompressZippedFiles>
                    <archive>
                        <compress>false</compress>
                        <manifestFile>${project.build.directory}/war/work/org.apereo.cas/cas-server-webapp-tomcat/META-INF/MANIFEST.MF
                        </manifestFile>
                    </archive>
                    <overlays>
                        <overlay>
                            <groupId>org.apereo.cas</groupId>
                            <artifactId>cas-server-webapp-tomcat</artifactId>
                        </overlay>
                    </overlays>
                </configuration>
            </plugin>
            <plugin>
                <groupId>org.apache.maven.plugins</groupId>
                <artifactId>maven-compiler-plugin</artifactId>
                <version>3.3</version>
            </plugin>
        </plugins>
        <finalName>cas</finalName>
    </build>

    <repositories>
         <repository>
            <id>public</id>
            <name>Public Repositories</name>
            <url>http://192.168.1.21:8083/nexus/content/groups/public</url>
    
            <snapshots>
                <enabled>true</enabled>
            </snapshots>
            <releases>
                <enabled>true</enabled>
            </releases>
        </repository>
        
        <repository>
            <id>sonatype-releases</id>
            <url>http://oss.sonatype.org/content/repositories/releases/</url>
            <snapshots>
                <enabled>false</enabled>
            </snapshots>
            <releases>
                <enabled>true</enabled>
            </releases>
        </repository>
        <repository>
            <id>sonatype-snapshots</id>
            <url>https://oss.sonatype.org/content/repositories/snapshots/</url>
            <snapshots>
                <enabled>true</enabled>
            </snapshots>
            <releases>
                <enabled>false</enabled>
            </releases>
        </repository>
        <repository>
            <id>shibboleth-releases</id>
            <url>https://build.shibboleth.net/nexus/content/repositories/releases</url>
        </repository>
        <repository>
            <id>spring-milestones</id>
            <url>https://repo.spring.io/milestone</url>
        </repository>
    </repositories>

    <profiles>
        <profile>
            <activation>
                <activeByDefault>false</activeByDefault>
            </activation>
            <id>pgp</id>
            <build>
                <plugins>
                    <plugin>
                        <groupId>com.github.s4u.plugins</groupId>
                        <artifactId>pgpverify-maven-plugin</artifactId>
                        <version>1.1.0</version>
                        <executions>
                            <execution>
                                <goals>
                                    <goal>check</goal>
                                </goals>
                            </execution>
                        </executions>
                        <configuration>
                            <pgpKeyServer>hkp://pool.sks-keyservers.net</pgpKeyServer>
                            <pgpKeysCachePath>${settings.localRepository}/pgpkeys-cache</pgpKeysCachePath>
                            <scope>test</scope>
                            <verifyPomFiles>true</verifyPomFiles>
                            <failNoSignature>false</failNoSignature>
                        </configuration>
                    </plugin>
                </plugins>
            </build>
        </profile>
    </profiles>
</project>

 

配置文件 

application.properties

##
# CAS Server Context Configuration
#
server.context-path=/cas
server.port=80

cas.server.name=http://192.168.20.119:80
cas.server.prefix=http://192.168.20.119:80/cas
cas.host.name=tusheng.cnblogs.com

server.ssl.key-store=file:/etc/cas/thekeystore
server.ssl.key-store-password=changeit
server.ssl.key-password=changeit
# server.ssl.ciphers=
# server.ssl.client-auth=
# server.ssl.enabled=
# server.ssl.key-alias=
# server.ssl.key-store-provider=
# server.ssl.key-store-type=
# server.ssl.protocol=
# server.ssl.trust-store=
# server.ssl.trust-store-password=
# server.ssl.trust-store-provider=
# server.ssl.trust-store-type=

server.max-http-header-size=2097152
server.use-forward-headers=true
server.connection-timeout=20000
server.error.include-stacktrace=ALWAYS

server.tomcat.max-http-post-size=2097152
server.tomcat.basedir=build/tomcat
server.tomcat.accesslog.enabled=true
server.tomcat.accesslog.pattern=%t %a "%r" %s (%D ms)
server.tomcat.accesslog.suffix=.log
server.tomcat.max-threads=10
server.tomcat.port-header=X-Forwarded-Port
server.tomcat.protocol-header=X-Forwarded-Proto
server.tomcat.protocol-header-https-value=https
server.tomcat.remote-ip-header=X-FORWARDED-FOR
server.tomcat.uri-encoding=UTF-8
   
spring.http.encoding.charset=UTF-8
spring.http.encoding.enabled=true
spring.http.encoding.force=true

##
# CAS Cloud Bus Configuration
#
spring.cloud.bus.enabled=false
# spring.cloud.bus.refresh.enabled=true
# spring.cloud.bus.env.enabled=true
# spring.cloud.bus.destination=CasCloudBus
# spring.cloud.bus.ack.enabled=true

endpoints.enabled=false
endpoints.sensitive=true

endpoints.restart.enabled=false
endpoints.shutdown.enabled=false

management.security.enabled=true
management.security.roles=ACTUATOR,ADMIN
management.security.sessions=if_required
management.context-path=/status
management.add-application-context-header=false

security.basic.authorize-mode=role
security.basic.enabled=false
security.basic.path=/cas/status/**

##
# CAS Web Application Session Configuration
#
server.session.timeout=300
server.session.cookie.http-only=true
server.session.tracking-modes=COOKIE

##
# CAS Thymeleaf View Configuration
#
spring.thymeleaf.encoding=UTF-8
spring.thymeleaf.cache=true
spring.thymeleaf.mode=HTML
##
# CAS Log4j Configuration
#
# logging.config=file:/etc/cas/log4j2.xml
server.context-parameters.isLog4jAutoInitializationDisabled=true

##
# CAS AspectJ Configuration
#
spring.aop.auto=true
spring.aop.proxy-target-class=true

##
# CAS Authentication Credentials
#
#cas.authn.accept.users=casuser::Mellon

#############jdbc authentication##################
cas.authn.jdbc.query[0].sql=SELECT password,salt FROM sys_user WHERE login_name=?
cas.authn.jdbc.query[0].healthQuery=SELECT 1
cas.authn.jdbc.query[0].isolateInternalQueries=false
cas.authn.jdbc.query[0].url=jdbc:mysql://192.168.20.119:3306/cas-local?useUnicode=true&useSSL=false&characterEncoding=utf-8&serverTimezone=GMT%2B8
cas.authn.jdbc.query[0].failFast=true
cas.authn.jdbc.query[0].isolationLevelName=ISOLATION_READ_COMMITTED
cas.authn.jdbc.query[0].dialect=org.hibernate.dialect.MySQLDialect
cas.authn.jdbc.query[0].leakThreshold=10
cas.authn.jdbc.query[0].propagationBehaviorName=PROPAGATION_REQUIRED
cas.authn.jdbc.query[0].batchSize=1
cas.authn.jdbc.query[0].user=root
cas.authn.jdbc.query[0].ddlAuto=validate
cas.authn.jdbc.query[0].maxAgeDays=180
cas.authn.jdbc.query[0].password=tusheng
cas.authn.jdbc.query[0].autocommit=false
cas.authn.jdbc.query[0].driverClass=com.mysql.cj.jdbc.Driver
cas.authn.jdbc.query[0].idleTimeout=5000
cas.authn.jdbc.query[0].credentialCriteria=

cas.authn.jdbc.query[0].pool.minSize=10
cas.authn.jdbc.query[0].pool.maxSize=100
#密码字段
cas.authn.jdbc.query[0].fieldPassword=password
cas.authn.jdbc.query[0].fieldExpired=
cas.authn.jdbc.query[0].fieldDisabled=
#cas.authn.jdbc.query[0].principalAttributeList=sn,cn:commonName,givenName

cas.authn.jdbc.query[0].passwordEncoder.type=DEFAULT
#加密方式
cas.authn.jdbc.query[0].passwordEncoder.encodingAlgorithm=MD5


# cas.authn.attributeRepository.jdbc[0].attributes.test_name=test_name
# cas.authn.attributeRepository.jdbc[0].attributes.salt=salt
# cas.authn.attributeRepository.jdbc[0].attributes.cn=commonName
# cas.authn.attributeRepository.jdbc[0].attributes.affiliation=groupMembership

cas.authn.attributeRepository.jdbc[0].singleRow=true
# cas.authn.attributeRepository.jdbc[0].order=0
cas.authn.attributeRepository.jdbc[0].requireAllAttributes=true
cas.authn.attributeRepository.jdbc[0].caseCanonicalization=LOWER
cas.authn.attributeRepository.jdbc[0].queryType=OR

# Used only when there is a mapping of many rows to one user
# cas.authn.attributeRepository.jdbc[0].columnMappings.columnAttrName1=columnAttrValue1
# cas.authn.attributeRepository.jdbc[0].columnMappings.columnAttrName2=columnAttrValue2
# cas.authn.attributeRepository.jdbc[0].columnMappings.columnAttrName3=columnAttrValue3

cas.authn.attributeRepository.jdbc[0].sql=SELECT * FROM sys_user WHERE {0}
cas.authn.attributeRepository.jdbc[0].username=login_name
cas.authn.attributeRepository.jdbc[0].healthQuery=SELECT 1
# cas.authn.attributeRepository.jdbc[0].isolateInternalQueries=false
cas.authn.attributeRepository.jdbc[0].url=jdbc:mysql://192.168.20.119:3306/cas-local?useUnicode=true&useSSL=false&characterEncoding=utf-8&serverTimezone=GMT%2B8
# cas.authn.attributeRepository.jdbc[0].failFast=true
# cas.authn.attributeRepository.jdbc[0].isolationLevelName=ISOLATION_READ_COMMITTED
cas.authn.attributeRepository.jdbc[0].dialect=org.hibernate.dialect.MySQLDialect
# cas.authn.attributeRepository.jdbc[0].leakThreshold=10
# cas.authn.attributeRepository.jdbc[0].propagationBehaviorName=PROPAGATION_REQUIRED
# cas.authn.attributeRepository.jdbc[0].batchSize=1
cas.authn.attributeRepository.jdbc[0].user=root
cas.authn.attributeRepository.jdbc[0].ddlAuto=validate
cas.authn.attributeRepository.jdbc[0].password=tusheng
# cas.authn.attributeRepository.jdbc[0].autocommit=false
cas.authn.attributeRepository.jdbc[0].driverClass=com.mysql.cj.jdbc.Driver
# cas.authn.attributeRepository.jdbc[0].idleTimeout=5000
# cas.authn.attributeRepository.jdbc[0].pool.suspension=false
# cas.authn.attributeRepository.jdbc[0].pool.minSize=6
# cas.authn.attributeRepository.jdbc[0].pool.maxSize=18
# cas.authn.attributeRepository.jdbc[0].pool.maxWait=2000
# cas.authn.attributeRepository.jdbc[0].dataSourceName=
# cas.authn.attributeRepository.jdbc[0].dataSourceProxy=false

cas.authn.attributeRepository.defaultAttributesToRelease=test_name,salt

#tgc的生存周期,-1 永不过期
cas.tgc.maxAge=-1 #默认为true,使用https,如果只需要http,修改为false即可 cas.tgc.secure=false #随便搞的一串数字 个数必须超过 256/8/2=16 # The encryption secret key. By default, must be a octet string of size 256. cas.tgc.encryptionKey=nXL-DN7Xbt3HsY_Wwp9zVAUP-r4sFkZOIfAstCfpCXI #随便搞的一串数字 个数必须超过 512/8/2=32 # The signing secret key. By default, must be a octet string of size 512 cas.tgc.signingKey=tushengN7Xbt3HsY_Wwp9zVAUP-r4sFkZOIfAstCfpCXItushengN7Xbt3HsY_Wwp9zVAUP-r4sFkZOIfAstCfpCXI cas.tgc.cipherEnabled=true #cas.googleRecaptcha.verifyUrl=
https://www.google.com/recaptcha/api/siteverify #cas.googleRecaptcha.siteKey=123456 #cas.googleRecaptcha.secret=111111 # Redis server host. cas.ticket.registry.redis.host=192.168.20.186 # #Database index used by the connection factory. cas.ticket.registry.redis.database=0 # ## Redis server port. cas.ticket.registry.redis.port=6379 # ## Login password of the redis server. cas.ticket.registry.redis.password=lucheng # ## Connection timeout in milliseconds cas.ticket.registry.redis.timeout=30 # ## cas.ticket.registry.redis.pool.max-active=20 # # Max number of "idle" connections in the pool. Use a negative value to indicate an unlimited number of idle connections. cas.ticket.registry.redis.pool.maxIdle=8 # # Target for the minimum number of idle connections to maintain in the pool. This setting only has an effect if it is positive. cas.ticket.registry.redis.pool.minIdle=0 # # Max number of connections that can be allocated by the pool at a given time. Use a negative value for no limit. cas.ticket.registry.redis.pool.maxActive=8 # # Maximum amount of time (in milliseconds) a connection allocation should block # before throwing an exception when the pool is exhausted. Use a negative value to block indefinitely. cas.ticket.registry.redis.pool.maxWait=-1 cas.ticket.registry.redis.crypto.signing.key= cas.ticket.registry.redis.crypto.signing.keySize=512 cas.ticket.registry.redis.crypto.encryption.key= cas.ticket.registry.redis.crypto.encryption.keySize=16 cas.ticket.registry.redis.crypto.alg=AES cas.webflow.autoconfigure=true cas.webflow.alwaysPauseRedirect=false cas.webflow.refresh=true cas.webflow.redirectSameState=false cas.webflow.session.lockTimeout=30 cas.webflow.session.compress=false cas.webflow.session.maxConversations=5 cas.webflow.session.storage=true # Manage session storage via Redis spring.session.store-type=redis spring.redis.host=192.168.20.186 spring.redis.password=tusheng spring.redis.port=6379 #cas.webflow.signing.key=tusheng #cas.webflow.signing.keySize=512 #cas.webflow.encryption.keySize=16 #cas.webflow.encryption.key= #cas.webflow.alg=AES

 

posted @ 2017-07-27 15:03  图生  阅读(2840)  评论(0编辑  收藏  举报