Yale CAS without SSL/HTTPS

懒呀~~~
懒得生成证书呀~~~

假设对CAS有一定了解

---------我要隔开我要隔开---------

CAS Server(3.3.1):

Server就轻松点,修改配置文件的行了,熟悉spring的人,简直就是吃生菜,不熟悉spring也可以吃生菜

配置文件: $WebRoot/WEB-INF/sprint-configuration/ticketGrantingTicketCookieGenerator.xml


<bean id="ticketGrantingTicketCookieGenerator" 
      class="org.jasig.cas.web.support.CookieRetrievingCookieGenerator"
		p:cookieSecure="true" <!-- 就是这东西在作怪,改成false就OK了 -->
		p:cookieMaxAge="-1" <!-- 这个不讨论 -->
		p:cookieName="CASTGC" <!-- 这个也不讨论 -->
		p:cookiePath="/cas" <!-- 这个有等于没有,为什么?看下面 -->
/>

package org.jasig.cas.web.flow;
.
.
public final class InitialFlowSetupAction extends AbstractAction {
    .
    .
    protected Event doExecute(final RequestContext context) throws Exception {
        final HttpServletRequest request = WebUtils.getHttpServletRequest(context);
        if (!this.pathPopulated) {
            final String contextPath = context.getExternalContext().getContextPath();
            final String cookiePath = StringUtils.hasText(contextPath) ? contextPath : "/";
            logger.info("Setting path for cookies to: "
                + cookiePath);
            this.warnCookieGenerator.setCookiePath(cookiePath);
            this.ticketGrantingTicketCookieGenerator.setCookiePath(cookiePath);
            this.pathPopulated = true;
        }
        .
        .
    }
.
.
}


---------我要隔开我要隔开---------

CAS Client(2.0.11):

Client就稍微麻烦一点点,修改source code,吃生菜不够吃,还有菠菜吃

package edu.yale.its.tp.cas.util;
.
.
// 唉~类名叫“SecureURL ”,这样子一搞,成了“UnsecureURL ”
public class SecureURL {
.
.
	public static String retrieve(String url) throws IOException {
            .
            .
                // 狠心点,把这两行注释掉
                if (!u.getProtocol().equals("https"))
                    throw new IOException("only 'https' URLs are valid for this method");
            .
            .
	}
}

rebuild吧... ...

---------我要隔开我要隔开---------

CAS Client(3.1.3):

这个版本无需改动

你可能感兴趣的:(spring,Web,xml)