使用docker快速搭建CAS服务端
使用docker快速搭建CAS服务端
- 拉取镜像
docker pull apereo/cas
- 启动容器
docker run --name cas -p 8443:8443 -p 8442:8080 apereo/cas /bin/sh /cas-overlay/bin/run-cas.sh
经过漫长的等待,你会发现此时cas会报错,提示没有ssl证书,不要慌继续往下做
_ ____ _____ ____ _____ ___ ____ _ ____
/ \ | _ \| ____| _ \| ____/ _ \ / ___| / \ / ___|
/ _ \ | |_) | _| | |_) | _|| | | | | | / _ \ \___ \
/ ___ \| __/| |___| _ <| |__| |_| | | |___ / ___ \ ___) |
/_/ \_\_| |_____|_| \_\_____\___/ \____/_/ \_\____/
CAS Version: 6.3.0-SNAPSHOT
CAS Branch: master
CAS Commit Id: d21b774224b1a9d115cdb0e2ffb936fdec10194a
CAS Build Date/Time: 2020-11-16T17:48:44Z
Spring Boot Version: 2.3.6.RELEASE
Spring Version: 5.2.11.RELEASE
Java Home: /opt/java/openjdk
Java Vendor: AdoptOpenJDK
Java Version: 11.0.9
JVM Free Memory: 146 MB
JVM Maximum Memory: 2 GB
JVM Total Memory: 400 MB
JCE Installed: Yes
OS Architecture: amd64
OS Name: Linux
OS Version: 4.19.128-microsoft-standard
OS Date/Time: 2020-11-20T03:12:54.666232
OS Temp Directory: /tmp
------------------------------------------------------------
Apache Tomcat Version: Apache Tomcat/9.0.39
------------------------------------------------------------
2020-11-20 03:12:54,711 INFO [org.apereo.cas.configuration.DefaultCasConfigurationPropertiesSourceLocator] -
2020-11-20 03:12:54,894 INFO [org.apereo.cas.web.CasWebApplication] -
2020-11-20 03:12:58,961 INFO [org.apereo.cas.configuration.CasConfigurationPropertiesValidator] -
2020-11-20 03:13:02,686 WARN [org.hibernate.validator.internal.properties.javabean.JavaBeanExecutable] -
2020-11-20 03:13:06,271 WARN [org.apereo.cas.config.support.authentication.AcceptUsersAuthenticationEventExecutionPlanConfiguration] - <>
2020-11-20 03:13:06,271 WARN [org.apereo.cas.config.support.authentication.AcceptUsersAuthenticationEventExecutionPlanConfiguration] - <
____ _____ ___ ____ _
/ ___|_ _/ _ \| _ \| |
\___ \ | || | | | |_) | |
___) || || |_| | __/|_|
|____/ |_| \___/|_| (_)
CAS is configured to accept a static list of credentials for authentication. While this is generally useful for demo purposes, it is STRONGLY recommended that you DISABLE this authentication method by setting 'cas.authn.accept.enabled=false' and switch to a mode that is more suitable for production.>
2020-11-20 03:13:06,271 WARN [org.apereo.cas.config.support.authentication.AcceptUsersAuthenticationEventExecutionPlanConfiguration] - <>
2020-11-20 03:13:08,104 INFO [org.springframework.boot.autoconfigure.security.servlet.UserDetailsServiceAutoConfiguration] - <
Using generated security password: 126431d0-f2de-4da6-9adb-4061030adc02
>
2020-11-20 03:13:08,288 INFO [org.springframework.security.web.DefaultSecurityFilterChain] -
2020-11-20 03:13:08,288 INFO [org.springframework.security.web.DefaultSecurityFilterChain] -
2020-11-20 03:13:08,288 INFO [org.springframework.security.web.DefaultSecurityFilterChain] -
2020-11-20 03:13:08,289 INFO [org.springframework.security.web.DefaultSecurityFilterChain] -
2020-11-20 03:13:08,289 INFO [org.springframework.security.web.DefaultSecurityFilterChain] -
2020-11-20 03:13:08,289 INFO [org.springframework.security.web.DefaultSecurityFilterChain] -
2020-11-20 03:13:08,289 INFO [org.springframework.security.web.DefaultSecurityFilterChain] -
2020-11-20 03:13:08,289 INFO [org.springframework.security.web.DefaultSecurityFilterChain] -
2020-11-20 03:13:08,385 INFO [org.springframework.security.web.access.channel.ChannelProcessingFilter] -
2020-11-20 03:13:08,412 INFO [org.springframework.security.web.DefaultSecurityFilterChain] -
2020-11-20 03:13:08,900 WARN [org.apereo.cas.web.CasWebApplicationContext] -
Exception in thread "main" java.lang.reflect.InvocationTargetException
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.base/java.lang.reflect.Method.invoke(Unknown Source)
at org.springframework.boot.loader.MainMethodRunner.run(MainMethodRunner.java:49)
at org.springframework.boot.loader.Launcher.launch(Launcher.java:107)
at org.springframework.boot.loader.Launcher.launch(Launcher.java:58)
at org.springframework.boot.loader.WarLauncher.main(WarLauncher.java:59)
Caused by: org.springframework.context.ApplicationContextException: Failed to start bean 'webServerStartStop'; nested exception is org.springframework.boot.web.server.WebServerException: Unable to start embedded Tomcat server
at org.springframework.context.support.DefaultLifecycleProcessor.doStart(DefaultLifecycleProcessor.java:185)
at org.springframework.context.support.DefaultLifecycleProcessor.access$200(DefaultLifecycleProcessor.java:53)
at org.springframework.context.support.DefaultLifecycleProcessor$LifecycleGroup.start(DefaultLifecycleProcessor.java:360)
at org.springframework.context.support.DefaultLifecycleProcessor.startBeans(DefaultLifecycleProcessor.java:158)
at org.springframework.context.support.DefaultLifecycleProcessor.onRefresh(DefaultLifecycleProcessor.java:122)
at org.springframework.context.support.AbstractApplicationContext.finishRefresh(AbstractApplicationContext.java:895)
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:554)
at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.refresh(ServletWebServerApplicationContext.java:143)
at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:758)
at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:750)
at org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:405)
at org.springframework.boot.SpringApplication.run(SpringApplication.java:315)
at org.springframework.boot.builder.SpringApplicationBuilder.run(SpringApplicationBuilder.java:140)
at org.apereo.cas.web.CasWebApplication.main(CasWebApplication.java:84)
... 8 more
Caused by: org.springframework.boot.web.server.WebServerException: Unable to start embedded Tomcat server
at org.springframework.boot.web.embedded.tomcat.TomcatWebServer.start(TomcatWebServer.java:229)
at org.springframework.boot.web.servlet.context.WebServerStartStopLifecycle.start(WebServerStartStopLifecycle.java:43)
at org.springframework.context.support.DefaultLifecycleProcessor.doStart(DefaultLifecycleProcessor.java:182)
... 21 more
Caused by: java.lang.IllegalArgumentException: standardService.connector.startFailed
at org.apache.catalina.core.StandardService.addConnector(StandardService.java:231)
at org.springframework.boot.web.embedded.tomcat.TomcatWebServer.addPreviouslyRemovedConnectors(TomcatWebServer.java:282)
at org.springframework.boot.web.embedded.tomcat.TomcatWebServer.start(TomcatWebServer.java:213)
... 23 more
Caused by: org.apache.catalina.LifecycleException: Protocol handler start failed
at org.apache.catalina.connector.Connector.startInternal(Connector.java:1067)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
at org.apache.catalina.core.StandardService.addConnector(StandardService.java:227)
... 25 more
Caused by: java.lang.IllegalArgumentException: /etc/cas/thekeystore (No such file or directory)
at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:99)
at org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:71)
at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:216)
at org.apache.tomcat.util.net.AbstractEndpoint.bindWithCleanup(AbstractEndpoint.java:1141)
at org.apache.tomcat.util.net.AbstractEndpoint.start(AbstractEndpoint.java:1227)
at org.apache.coyote.AbstractProtocol.start(AbstractProtocol.java:592)
at org.apache.catalina.connector.Connector.startInternal(Connector.java:1064)
... 27 more
Caused by: java.io.FileNotFoundException: /etc/cas/thekeystore (No such file or directory)
at java.base/java.io.FileInputStream.open0(Native Method)
at java.base/java.io.FileInputStream.open(Unknown Source)
at java.base/java.io.FileInputStream.(Unknown Source)
at java.base/java.io.FileInputStream.(Unknown Source)
at java.base/sun.net.www.protocol.file.FileURLConnection.connect(Unknown Source)
at java.base/sun.net.www.protocol.file.FileURLConnection.getInputStream(Unknown Source)
at org.apache.catalina.startup.CatalinaBaseConfigurationSource.getResource(CatalinaBaseConfigurationSource.java:121)
at org.apache.tomcat.util.net.SSLUtilBase.getStore(SSLUtilBase.java:197)
at org.apache.tomcat.util.net.SSLHostConfigCertificate.getCertificateKeystore(SSLHostConfigCertificate.java:207)
at org.apache.tomcat.util.net.SSLUtilBase.getKeyManagers(SSLUtilBase.java:282)
at org.apache.tomcat.util.net.SSLUtilBase.createSSLContext(SSLUtilBase.java:246)
at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:97)
... 33 more
- 生成ssl证书
sudo keytool -genkeypair -alias cas -keyalg RSA -keypass changeit -storepass changeit -keystore server.keystore -dname "CN=cas,OU=cas,OU=cas,C=cas" -ext SAN="dns:localhost,ip:127.0.0.1"
- 将ssl证书复制到容器内
docker cp server.keystore cas:/etc/cas/thekeystore
- 配置完毕,重启容器
docker restart cas
- 大功告成
访问地址:https://127.0.0.1:8443/cas/login
初始用户名:casuser
初始密码:Mellon