声明:这只是个人见解,不代表官方。
这是摘自源码里的配置文件:
<?xml version="1.0" encoding="ISO-8859-1"?>
<web-app xmlns="http://java.sun.com/xml/ns/j2ee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
version="2.4">
<display-name>Central Authentication System (CAS) ${project.version}</display-name>
<!-- spring 的一些配置文件 -->
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/spring-configuration/*.xml
/WEB-INF/deployerConfigContext.xml
</param-value>
</context-param>
<!--
- Location of the Log4J config file, for initialization and refresh checks.
- Applied by Log4jConfigListener.
-->
<context-param>
<param-name>log4jConfigLocation</param-name>
<param-value>classpath:log4j.xml</param-value>
</context-param>
<context-param>
<param-name>log4jExposeWebAppRoot</param-name>
<param-value>false</param-value>
</context-param>
<!--
Specify that the log4j configuration should be reloaded periodically
to pick up changes
-->
<context-param>
<param-name>log4jRefreshInterval</param-name>
<param-value>60000</param-value>
</context-param>
<!-- 这个过滤器主要是将客户端的和服务端的IP存放到一个本地线程变量里 -->
<filter>
<filter-name>CAS Client Info Logging Filter</filter-name>
<filter-class>com.github.inspektr.common.web.ClientInfoThreadLocalFilter</filter-class>
</filter>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter>
<filter-name>characterEncodingFilter</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>characterEncodingFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/services/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS Client Info Logging Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!--
- Configures Log4J for this web app.
- As this context specifies a context-param "log4jConfigLocation", its file path
- is used to load the Log4J configuration, including periodic refresh checks.
-
- Would fall back to default Log4J initialization (non-refreshing) if no special
- context-params are given.
-
- Exports a "web app root key", i.e. a system property that specifies the root
- directory of this web app, for usage in log file paths.
- This web app specifies "cas.root" (see log4j.properties file).
-->
<!-- Leave the listener commented-out if using JBoss -->
<listener>
<listener-class>
org.springframework.web.util.Log4jConfigListener
</listener-class>
</listener>
<!--
- Loads the CAS ApplicationContext.
- The deployer choice here is how to handle Throwables thrown by Spring's
- ContextLoaderListener. The Spring ContextLoaderListener will throw an exception when the
- application context cannot be loaded, say because the bean XML files are not valid XML or do not
- refer to real classes and properties or because a bean configured via Spring throws an exception
- at construction, property setting, or on an afterPropertiesSet() lifecycle method.
-
- If you'd like these errors to be fatal and prevent the CAS servlet context from loading at all,
- use org.springframework.web.context.ContextLoaderListener.
-
- If you'd like these errors to result in all requests for CAS getting a "CAS is Unavailable" response,
- use org.jasig.cas.web.init.SafeContextLoaderListener
-->
<listener>
<listener-class>
org.jasig.cas.web.init.SafeContextLoaderListener
</listener-class>
</listener>
<!--
- This is the Spring dispatcher servlet which delegates all requests to the
- Spring WebMVC controllers as configured in cas-servlet.xml.
-
- The choice made above about how to handle a broken ApplicationContext at
- context initialization applies here as well, since this servlet is load-on-startup.
-
- If you'd like these errors to be fatal and prevent the CAS servlet from loading at all,
- use org.springframework.web.servlet.DispatcherServlet.
-
- If you'd like these errors to result in all requests for CAS getting a "CAS is Unavailable" response,
- use org.jasig.cas.web.init.SafeDispatcherServlet
-->
<servlet>
<servlet-name>cas</servlet-name>
<servlet-class>
org.jasig.cas.web.init.SafeDispatcherServlet
</servlet-class>
<init-param>
<param-name>publishContext</param-name>
<param-value>false</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/login</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/logout</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/validate</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/serviceValidate</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/samlValidate</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/proxy</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/proxyValidate</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/CentralAuthenticationService</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/services/add.html</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/services/viewStatistics.html</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/services/logout.html</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/services/loggedOut.html</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/services/manage.html</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/services/edit.html</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/openid/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/services/deleteRegisteredService.html</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/authorizationFailure.html</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>cas</servlet-name>
<url-pattern>/403.html</url-pattern>
</servlet-mapping>
<servlet>
<servlet-name>cas checked</servlet-name>
<servlet-class>com.more.cas.web.service.CASCheckedFilter</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>cas checked</servlet-name>
<url-pattern>/checked</url-pattern>
</servlet-mapping>
<session-config>
<!-- Default to 5 minute session timeouts -->
<session-timeout>5</session-timeout>
</session-config>
<error-page>
<exception-type>org.springframework.context.ApplicationContextException</exception-type>
<location>/WEB-INF/view/jsp/brokenContext.jsp</location>
</error-page>
<error-page>
<error-code>500</error-code>
<location>/WEB-INF/view/jsp/errors.jsp</location>
</error-page>
<error-page>
<error-code>404</error-code>
<location>/</location>
</error-page>
<error-page>
<error-code>403</error-code>
<location>/403.html</location>
</error-page>
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
</web-app>
其中由Filter(2个),Servlet(1)个,Listener(2个)组成。
com.github.inspektr.common.web.ClientInfoThreadLocalFilter 主要是把客户端和服务端的IP地址获得之后存放到一个本地线程变里。
org.springframework.web.filter.DelegatingFilterProxy 这个我就不做介绍了,用过Spring Security的人应该都清楚。
org.springframework.web.util.Log4jConfigListener 这个Log4j的监听器。
org.jasig.cas.web.init.SafeContextLoaderListener 这个监听器,主要是在Servlet上下文有异常的时候进行异常统一处理。
org.jasig.cas.web.init.SafeDispatcherServlet 这个Servlet主要是进行转发,将接收到的请求转交给webflow来处理。
分享到:
相关推荐
1. `cas-server-webapp`: 这是CAS服务器的核心Web应用,包含了服务器的运行时环境和配置。 2. `deploy`: 可能包含部署到应用服务器(如Tomcat)的必要文件。 3. `docs`: 包含了文档,可能包括用户指南、API参考等。 ...
10.CAS-redisCluster集群存储ticket(相应redis必须配置成cluster集群) 11.CAS-加密存储ticket 12.CAS-实习动态验证码 13.CAS-实习自定义登录 14.CAS-实现自定义返回用户登录信息 15.CAS-页面缓存记住我 ----------...
`cas-server-服务端源码.zip`提供的正是CAS服务端的源代码,特别是老版本4.2.27。 CAS的核心工作流程如下: 1. **认证过程**:当用户尝试访问受CAS保护的应用时,会被重定向到CAS服务器进行身份验证。如果用户尚未...
### 在web.xml中引入其他XML配置文件的步骤 在Java Web开发中,`web.xml`作为Web应用程序的核心配置文件,负责定义应用级别的配置信息。为了提高代码的可维护性和复用性,有时需要将一部分配置内容提取到独立的XML...
"cas-server-3.4.2.1-release" 是一个特定版本的 CAS(Central Authentication Service)服务器软件包。CAS 是一个开源的身份验证框架,主要用于实现单一登录(Single Sign-On, SSO)服务,广泛应用于教育、研究和...
总之,"cas-overlay-template-6.1 服务端代码"提供了部署和配置CAS 6.1X Server的基础,而集成MySQL数据源则是确保服务正常运行的关键步骤。理解这些概念并熟练操作,将使你在IT安全和身份验证领域更进一步。
cas-client-core-3.3.3.jar放到客户端lib文件夹下就ok
单点登录 sso cas带超详细文档,包含(cas-server-webapp-4.0.0.war、c3p0-0.9.1.2.jar、cas-client-core-3.3.3.jar、cas-server-support-jdbc-4.0.0.jar、cas-server-webapp-support-4.0.0.jar、commons-logging-...
"cas-server-3.3.3-release.zip"是CAS服务器的一个具体版本,用于部署和运行CAS服务,提供对多个应用系统的统一身份验证。 一、CAS简介 CAS是一种基于令牌的认证协议,用户只需要在第一次访问应用时进行身份验证,...
赠送jar包:shiro-cas-1.2.3.jar; 赠送原API文档:shiro-cas-1.2.3-javadoc.jar; 赠送源代码:shiro-cas-1.2.3-sources.jar; 赠送Maven依赖信息文件:shiro-cas-1.2.3.pom; 包含翻译后的API文档:shiro-cas-...
可用 cas-client-core-3.1.10.jar
CAS 客户端的安装通常涉及将相关的JAR文件添加到项目的类路径中,并配置相应的服务器端XML配置文件,如 `cas-client-support-spring.xml` 或者 `web.xml`。3.1.12版本可能会提供更简洁的配置选项和更好的兼容性,以...
cas-client-core-3.2.1
cas-client-core-3.4.1.jar
cas-server-webapp-6.1.x.war Yelu大学研发的CAS(Central Authentication Server) , 单点登录服务器 , 将war包放置到tomcat/webapp中即可运行
1. **cas-client-support-spring.jar**:这是针对Spring框架的CAS客户端支持库,用于在Spring应用上下文中配置CAS。 2. **cas-client-core.jar**:CAS客户端的核心库,包含了处理票证验证和与CAS服务器交互所需的...
cas-server-jdbc-3.0.5-rc2.jar
cas-server-webapp-tomcat-5.3.16.war maven依赖包
cas-0.15-1.el6.1.noarch.rpm是centos工具包。