CAS取消https认证的方式
最近,在做CAS单点登陆的一个模块,由于公司的产品太多,各个系统都要部署,在开发中Https的证书的部署比较麻烦,所以,打算把CAS的Https去掉。具体的修改如下
1.修改cas-servlet.xml
<bean id="warnCookieGenerator" /><bean id="ticketGrantingTicketCookieGenerator" />
把上面连个bean中的p:cookieSecure="true "修改为p:cookieSecure="false"
2.修改deployerConfigContext.xml
<bean />
添加p:requireSecurep="httpClient"
3.修改casclient的客户端
修改客户端的https验证
(1).edu.yale.its.tp.cas.client.filter.edu.yale.its.tp.cas.client.filter
if (! casValidate.startsWith("https://")){ throw new ServletException("validateUrl must start with https://, its current value is [" + casValidate + "]"); }if (casServiceUrl != null){ if (! (casServiceUrl.startsWith("https://")|| (casServiceUrl.startsWith("http://") ))){ throw new ServletException("service URL must start with http:// or https://; its current value is [" + casServiceUrl + "]"); } }把这两段内容注释掉
(2).修改edu.yale.its.tp.cas.util.SecureURL
if (!u.getProtocol().equals("https")){ // IOException may not be the best exception we could throw here // since the problem is with the URL argument we were passed, not // IO. -awp9 log.error("retrieve(" + url + ") on an illegal URL since protocol was not https.");throw new IOException("only 'https' URLs are valid for this method"); }把这段内容注释掉
javax.servlet.ServletException: Authentication was technically successful but rejected as a matter of policy. [[edu.yale.its.tp.cas.client.CASReceipt userName=[asflex] casValidateUrl=[http://asflex:8080/cas/serviceValidate] proxyCallbackUrl=[null] pgtIou=[null] casValidateUrl=[http://asflex:8080/cas/serviceValidate] proxyList=[[]]]]异常,是不是还要改哪个地方? 4 楼 lean1252 2009-08-05 改过以后,抛出
javax.servlet.ServletException: Authentication was technically successful but rejected as a matter of policy. [[edu.yale.its.tp.cas.client.CASReceipt userName=[asflex] casValidateUrl=[http://asflex:8080/cas/serviceValidate] proxyCallbackUrl=[null] pgtIou=[null] casValidateUrl=[http://asflex:8080/cas/serviceValidate] proxyList=[[]]]]
异常,是不是还要改哪个地方? 5 楼 frederick_hai 2010-09-19 请问各位是否了解 在cas3版本如何将https换成http